Real-time risk information is going to be the information gathered during the monitoring of project work activities for triggers (or signs that a risk is imminent). If you have successfully created a risk management plan this would include risk analysis inclusive of noting triggers associated with each risk. By doing so, you are able to not only identify when a risk is imminent but also do so with clear data as those areas have been monitored steadily throughout the project. It is important as soon as a trigger is noted to notify stakeholders, project team members, and most importantly the individual responsible for the risk. The individual responsible for the risk can then enact the risk plan in place to minimize the impact to the work activity and the project overall.

Informing or posting the risk results is similar to the use of lessons learned. During the risk event the activities impacted will continue to be monitored. This information should be analyzed and reported out to stakeholders, project staff, and customers as applicable. Additionally, the risk response should be analyzed for success similar to the lessons learned method.

An example: My last project was a "new car" build for Amtrak. The risk of vendor material delays was identified in the beginning of the project and constantly monitored. As we say the delivery schedule begin to slip, we immediately began to implement our risk response plan. The potential of the previously identified risk and the status throughout the risk event was communicated weekly between the manufacturer, project manager, and customer representative. Additionally, this information was communicated to executive management within the manufacturer and the customer on a monthly bases via the in-person program meeting. Upon closure of the risk event, all data sets were delivered and documented to all affected parties. This information was reviewed by the project team and executive management and used to adjust risk responses that were planned for similar risks.

Who should be accountable for prioritizing the risks and should there be an approval for the prioritized risks? Please explain your perspective.