Risk Management Plan
Risk Management Plan
Risk Management Plan
Y, N, F, O Comments
NA
DOCUMENT STANDARDS COMPLIANCE
1 Have standards/guidelines been identified to
define the work product?
2 Does the work product format conform to
the specified standard/guideline (i.e.,
Template)?
3 Has the project submitted any request for
deviations or waivers to the defined work
product?
4 Have the following areas been addressed
completely?
4a Approval authority?
4b Revision approval?
4c Revision control?
TECHNICAL REFERENCE
5 Have acceptance criteria been established
for the work product?
6 Are references to policies, directives,
procedures, standards, and terminology
provided?
RISK MANAGEMENT PLAN CONTENTS - INTRODUCTION
7 Does the plan have a clearly defined
purpose and scope?
8 Does the plan specify the project risk
objectives and policy toward risk?
9 Does the plan provide project assumptions
and constraints as they relate to the
continuous risk management (CRM)
process?
10 Does the plan provide an overview of the
CRM process and information flow?
11 Is the CRM process described in relation to
other project management and systems
engineering activities?
For more information, please visit the NASA GSFC Software Assurance Website, at http://sw-
assurance.gsfc.nasa.gov.
Software Quality Risk Management Plan (RMP) Document Checklist
Y, N, F, O Comments
NA
ORGANIZATION
12 Are roles and responsibilities defined for
program, project, customer, and
provider/supplier key personnel?
13 Has a CRM training approach been
documented for ensuring training of key
personnel?
PROCESS DETAILS
14 Are process details provided for each CRM
phase (i.e., risk identification, analysis,
planning, tracking, and controlling)?
15 Does the process define a continuous
assessment for project risks?
16 Have risk parameters been defined for
analyzing and categorizing risks?
17 Are CRM procedures, methods, and tools
identified and defined?
18 Is a reporting process defined for internal
project communication?
19 Is a reporting process defined for
communication external to the project (e.g.,
program level, GPMC, Headquarters)?
DOCUMENTATION OF RISKS
20 Has a defined format been developed for the
project Risk List?
21 Does the plan define the configuration
control/change process for risks and the
project Risk List?
22 Does the plan describe how the Risk List
will be used?
23 Does the plan identify an access approach
by team members to the Risk List?
24 Does the plan include an initial set of
identified risks and action plans for each?
APPROVAL PROCESS
25 Has the plan been approved by the Project
Manager?
For more information, please visit the NASA GSFC Software Assurance Website, at http://sw-
assurance.gsfc.nasa.gov.
Software Quality Risk Management Plan (RMP) Document Checklist
Y, N, F, O Comments
NA
26 Does the Office of Mission Success
Director (Code 170) concur with the plan
(i.e., does the approval cycle include his/her
concurrence)?
27 Was the Risk Management Plan approved
no later than the mid-point of the planned
formulation period and prior to any mid-
formulation review gates?
INFORMATION - COMPLETE AND CONSISTENT
28 Is the document complete?
29 Does the level of detail provided reflect a
comprehensive Continuous Risk
Management (CRM) approach?
30 Is the document currently baselined?
REFERENCE ITEMS/DOCUMENTS
GPR 7120.4, RISK MANAGEMENT
CMMI VERSION 1.1, GUIDELINES FOR RISK MANAGEMENT (RSKM)
For more information, please visit the NASA GSFC Software Assurance Website, at http://sw-
assurance.gsfc.nasa.gov.
Software Quality Risk Management Plan (RMP) Document Checklist
For more information, please visit the NASA GSFC Software Assurance Website, at http://sw-
assurance.gsfc.nasa.gov.