Risk at Program and Portfolio Level
Risks can also be identified at program and/or portfolio level that need to be cascaded downwards to project level. What is suggested for risk management in risk-mature organisations is that risk management responsibility is managed at program level, and that risk management meetings are held at this level where project Product Owners and the Portfolio Product Owner attend and contribute.
The output from such a meeting would be an updated Portfolio and Program Risk Register, which would include a column that indicates which projects are affected by the risk. This would eliminate the redundancy of having each project team running their own risk management meetings and keeping their own risk registers.
The team member who raised the incident could also be invited to the meeting and participate in the assessment and mitigation activities, based on the premise that someone who recognised a risk is the most likely person to describe a mitigation for it. The disadvantage to moving the risk management to program level is that the Scrum team do not get the exposure to managing risk that they would get if each team runs risk management meetings. They would, however, have more time to develop product, which is their first priority.
Recommended Further Reading
The following materials may assist you in order to get the most out of this course: