Most federal government proposals include a discussion of risk management. To be selected for the contract, you must demonstrate an understanding of the proposed contract, the risks associated with your approach/solutions, and how you will mitigate potential or perceived risks. Developing a well-thought-out Risk Management approach is essential to a thorough technical approach and is a skill every Proposal Manager can master.
Often, the risk management section is an afterthought, and not part of the critical capture and solutioning process. Use a team approach to develop risk strategies and incorporate various points of view so you can develop winning, comprehensive risk strategies.
To develop a Risk Management Plan that your government evaluators love, your team must understand Risk Management and the terminology. According to the ISO 31000:20098 Risk Management Principles and Guidelines, these are current definitions used in a Risk Management Plan.
Risk – Effect of uncertainty on objectives.
Effect – Deviation from the expected.
Uncertainty – State, even partial, of deficiency of information related to understanding or knowledge of an event, its consequence, or likelihood.
Event – Occurrence or change of a particular set of circumstances and can have several causes.
Cause – That which gives rise to any action, phenomenon or condition.
Consequence – Outcome of an event affecting objectives. This element of the risk statement is important because it highlights why one should care about the risk. It is crucial that this is relevant, plausible and, ideally, quantified to give this element meaning in real terms, be specific.
Likelihood – Chance of something happening; risk is a combination of potential events and consequences along with the associated likelihood of occurrence. In the example, 'something' refers to the combination of potential events and consequences.
Some RFPs request identification and mitigation of associated risks within each technical approach section, while others stipulate one single Risk Management section for the entire proposal. Either way that it is presented, it is a best practice to identify the risks in each technical and management section of your proposal, and have technical experts in each discipline validate the potential risks and corresponding mitigation strategies.
Risk statements and mitigation strategies should go through the same scrutiny as the rest of your proposal, and be reviewed by those who have experience and understanding of the technical and management functions and how to identify, assess, and manage the risk process. Addressing risks in each proposal section ensures that you do not skip a section and it forces you to look as each proposal section, or PWS element, as an individual element. After a Red Team Review, risks may be compiled into a Risk Management Section, if required by the RFP. If not stipulated by the RFP, it is always a good practice to identify risks as part of your technical approach. This gives evaluators a complete picture of that proposal or PWS element.
Present your risks in accordance with the risk management guidance provided by the agency that issued the RFP. If you are submitting a proposal to the US Army, use the US Army Risk Management Guide, and use their terminology, which includes the words probability and severity. When submitting a proposal to NASA, their risk terminology uses likelihood (probability) and consequence (severity).
The right proposal graphics can help you create a winning RFP response. A Risk Management Plan presents a lot of technical information that must be easy to read and understand. Strategic graphics can present detailed information quickly and memorably. For federal government contractors, most risks are identified and presented in the form of an IF/THEN statement: IF [Event], THEN [Consequence/s], as shown in the exhibit below. Determine an initial likelihood/probability and consequence/severity score in accordance with the agency definitions. Then determine a mitigated or final likelihood/probability and consequence/severity. Use the appropriate agency color rating system to determine colors for initial and mitigated risks.
The Risk Management Plan shows that you understand risks and how to mitigate or accept them. Ideally, you are able to mitigate all risks to be in the green sections of the Risk Matrix, but this is not necessary. This visual depiction of your risks makes it easy for evaluators to understand and score.
Encourage your team to look beyond the obvious when identifying risks. Be very specific in your risks and consider multiple causes and effects. If you have a risk of employee retention, consider all the factors – tight labor market, retirement of personnel, in-sourcing of personnel to government positions, or others – and develop a mitigation strategy for each one.
Your risk management section should definitely not be an afterthought. The critical solutioning process that leads you to identify these risks can support the features, benefits, innovations, and discriminators of your offering. Once you identify potential problem areas, you can immediately begin the solution process.
Download our Proposal Management Toolkit, which includes risk management graphics, a team overview graphic, proposal management plan, technical approach format, contractor past performance examples, and other useful tools. It will help you proactively develop a better Risk Management Plan so you are on your way to Win More Business!
Risk Management graphic from Nick Youngson CC BY-SA 3.0 Alpha Stock Images