Risk Closure Criteria


A risk may not necessarily last the entire life span of the project with which it is associated. Often a risk is a temporary phenomenon that is brought under control, one way or another, and can then be forgotten. This is known as closing a risk.


Closing a risk too soon can be dangerous, because it may not have been brought fully under control. Allowing a risk that has been brought under control to remain open is a waste of management effort, and can distract management attention away from more important problems.


Closure Criteria are the set of conditions that must be satisfied before a risk can be considered to be closed.


While closure criteria are optional, developing them for a risk helps to ensure that the risk is neither closed too soon nor left open unnecessarily.


Guidelines for Closure Criteria

1.   Keep the criteria as short and simple as possible

2.   If possible, use a specific event that can be independently verified,

       e.g. Formal acceptance of the deliverable by the client

3.   If there is more than one closure criterion, state whether these are either/or criteria, or whether all of them must be satisfied.

4.   Avoid subjective terms such as acceptable or adequate ('this risk can be closed when acceptable performance has been demonstrated'), because such terms are open to interpretation.

5.   Avoid referring to your risk response actions as closure criteria ('this risk can be closed when the associated response actions have been completed') because actions often breed further issues and unknowns.

6.   If you have difficulty in deciding what the closure criteria should be, try working backwards in time, e.g.

      i)      Would the risk still exist if the project was completed and all invoices paid?

      ii)     Would the risk still exist if the item in question had passed its acceptance tests?

      iii)    Would the risk still exist if the design had been approved - and so on.