📖 How to use Risk — field-by-field instructions
▼
Risk generates a structured project risk register using PRINCE2 and PMI frameworks — including a probability/impact-scored table, top critical risks with immediate actions, a risk matrix, and strategic recommendations. The example below is pre-filled for the ING Bank ERP Migration project in the Build/Development phase.
Your role
Your role determines the framing of risks. A Project Manager gets operational and stakeholder risks. A Solution Architect gets more technical risks. Always select your actual role.
Project / client
Include both the client and the project name. This is used throughout the register to make risks specific and credible — e.g. ING Bank — ERP Migration.
Project type
Determines the default risk categories. ERP Implementation triggers data migration, integration and change management risks. Cloud Migration triggers security, downtime and rollback risks. Match to your actual project type.
Phase
Critical. Risks differ dramatically by phase. Go-live / cutover produces different risks than Planning. Set this to your current phase for the most relevant register.
Contract type
Fixed-price contracts amplify scope and financial risks significantly. T&M contracts have different exposure. This context affects risk scoring throughout the register.
Description
Describe the project: scope, team size, timeline, go-live date, key integrations. The more detail here, the more specific and actionable the register. This is the most important free-text field.
Known concerns
Add any risks, issues, or dependencies you already know about. These will be included and expanded in the register. You can also add political sensitivities or contract constraints here.
💡 Best results tip: Fill in both Description and Known Concerns in detail. Generic inputs produce generic risks. A detailed description produces a register that reads like it was written by someone who has been on your project for months.
Understanding the output tabs:
📋 Risk register — full scored table with all risks and mitigations.
🔴 Top risks — deep analysis of the 3 highest-scoring risks with immediate actions.
📊 Risk matrix — visual probability × impact grid.
💡 Recommendations — strategic actions for the project team.
ProQuenta Risk
Know your risks before they know you.
Complete risk register with mitigations, owners and priority scores.
✦ Example — ING Bank ERP Migration
1. Your role
2. Project context
Project / Client
Project Type
Phase
Contract Type
3. Description
Known Concerns
4. Output language
5. Supporting documents (optional)
HIGH RISK
High-risk project with 3 critical findings requiring immediate action this week.
10 risks identified
5.4
Overall
9
Top score
3
Critical
Top Risks
R02
R01
R05
📌 Example output.
| ID | Category | Risk | Prob. | Imp. | Score | Mitigation |
|---|---|---|---|---|---|---|
| R01 | technical | Data migration integrity failure. Legacy data stream corruption could compromise go-live data quality and trigger rollback. | H | H | 9 | Complete full data validation on all 3 streams by end of sprint. Obtain written sign-off before UAT entry. |
| R02 | financial | CR-007 approval blocked by steering committee. Delayed approval of €85K change request puts Q4 go-live on critical path. | H | H | 9 | Present written cost-benefit analysis to CFO before this week’s steering committee. Escalate if not approved by Friday. |
| R03 | regulatory | AFM sign-off delayed past go-live window. Regulatory sign-off scheduled 2 weeks before go-live leaves zero buffer for remediation. | M | H | 6 | Request AFM interim confirmation now. Identify minimum compliance evidence needed to proceed under conditional approval. |
| R04 | scope | Scope creep from undocumented requirements. Business units continue requesting additional reports and configurations outside agreed scope. | H | M | 6 | Implement formal change request process immediately. No additional work without signed CR from programme director. |
| R05 | technical | Integration failure at go-live cutover. 12 system integrations not all tested under production load conditions. | M | H | 6 | Schedule load testing for all integrations in UAT environment by week 3. Prioritise payment and reporting integrations. |
| R06 | resources | Key consultant unavailability during cutover. Two critical data migration specialists have competing commitments during go-live week. | M | M | 4 | Confirm all critical team availability for go-live window by this Friday. Identify backup resources now. |
| R07 | stakeholder | User adoption resistance from legacy system users. End users have been using legacy SAP for 15+ years and are resistant to change. | H | L | 3 | Accelerate change management and hands-on training sessions. Appoint super-users in each business unit as advocates. |
| R08 | external | Vendor delivery delay on custom module. Third-party vendor responsible for custom tax reporting module has not confirmed delivery date. | M | M | 4 | Issue formal written deadline notice to vendor this week. Engage legal if no confirmed delivery date by Thursday. |
| R09 | technical | Performance degradation under full production load. System has not been tested with full ING user base simultaneously. | L | H | 3 | Complete end-to-end performance test with 120% of projected user load before UAT sign-off. |
| R10 | financial | Parallel run costs exceed budget. Extended parallel running of legacy and new system could add €200K/month to project costs. | L | M | 2 | Define maximum parallel run duration in steering committee and agree hard cutover date. No extensions without formal approval. |
R01— Score 9Data migration integrity failure
Two legacy data streams contain structural integrity issues that were not identified during pre-sales. If data migration fails at go-live, the project must roll back — adding a minimum of 4 weeks and €200K+ in additional costs. This risk is on the critical path: UAT cannot begin until data validation is signed off. The project is currently at risk precisely because this remediation is not yet complete.
⚡ Immediate action this week
Complete full data validation on both affected streams and obtain written sign-off from the data migration lead before the end of the sprint. Do not proceed to UAT without this sign-off.
R02— Score 9CR-007 approval blocked by steering committee
CR-007 covers €85K of additional data cleansing work that is on the critical path to go-live. Without approval this week, the Q4 go-live date cannot be maintained. The CFO requires written cost-benefit justification before signing — this document does not yet exist. Every week of delay adds approximately €200K in parallel-run cost to the project total.
⚡ Immediate action this week
Prepare a one-page written cost-benefit analysis for CR-007 showing the €85K approval cost vs. the €200K/month delay cost. Present to Pieter Hendriks (CFO) before the steering committee meeting this week.
R03— Score 6AFM sign-off delayed past go-live window
AFM regulatory sign-off is scheduled 2 weeks before go-live. This leaves no buffer: a single AFM query or remediation requirement could push go-live past Q4. ING Bank cannot legally go live with the new financial reporting system without this approval. The DNB pre-audit passed cleanly, which is encouraging — but AFM has different requirements and the timeline is tight.
⚡ Immediate action this week
Contact the AFM liaison immediately to request an interim confirmation of the review schedule. Ask whether a conditional go-live approval process is available if minor remediation is required.
Risk matrix — Probability × Impact
Probability
Low Impact
Medium Impact
High Impact
HIGH
R07
R04
R01R02
MED
R06R08
R03R05
LOW
R10
R09
Resolve the data migration risk before entering UATDo not enter UAT with unvalidated data streams. A failed UAT due to data quality issues is more costly and politically damaging than a short delay to complete validation now. Sign-off on data quality is the prerequisite for everything else.
Treat CR-007 as a leadership decision, not a technical oneThe steering committee’s hesitation on CR-007 is a governance challenge, not a budget challenge. Present it to Sandra and Pieter as a risk management decision: approving €85K now protects against €200K/month in delay exposure. Frame, do not request.
Pull the AFM timeline forward immediatelyThe 2-week buffer before go-live is dangerously thin. Contact your AFM liaison this week to understand if there is any flexibility in the review schedule or whether conditional go-live is a legal option. Do not wait for the scheduled sign-off date to discover a problem.
Enforce scope freeze with a formal change request processWith 3 months to go-live, scope creep is the most controllable risk on this list. Implement a formal CR process signed by the programme director for all new requests. Every undocumented addition is a financial and timeline risk on a fixed-price contract.
Confirm go-live team availability this weekResource gaps during cutover are entirely preventable. Confirm availability of all critical team members for go-live week before the end of this sprint — not in the week before go-live. Identify backups for the two data migration specialists now.