An effective and successful risk management process requires involvement from the entire program team as well as outside experts in the field of risk management. The DoD Risk Management Guide lists the following characteristics of a successful risk management program:
1. Feasible, stable, and well-understood user requirements, supported by leadership / stakeholders, and integrated with program decisions;
2. A close partnership with users, industry, and other stakeholders;
3. A planned risk management process integral to the acquisition process, especially to the technical planning (SEP and TEMP) processes, and other program related partnerships;
4. Continuous, event-driven technical reviews to help define a program that satisfies theuser's needs within acceptable risk;
5. Identified risks and completed risk analyses;
6. Developed, resourced, and implemented risk mitigation plans; Acquisition and support strategies consistent with risk level and risk mitigation plans;
7. Established thresholds and criteria for proactively implementing defined risk handling plans;
8. Continuous and iterative assessment of risks;
9. The risk analysis function independent from the PM;
10. A defined set of success criteria for performance, schedule, and cost elements; and
11. A formally documented risk management process.
