This is the third edition of what is widely regarded as being the most academically sound book on the project risk management process. The first edition was published in 1997 and the second in 2003. This edition is a significant rewrite, so even if you have earlier copies, I would consider buying this one as well.
As a warning, project professionals who have become familiar with commonly used techniques such as risk registers prioritised using Probability-Impact Matrices (PIMs) may be in for a shock. In this edition the authors spell out, with good reason, why they think PIMs should be scrapped. They also emphasise the importance of treating the process from the perspective of uncertainty (i.e. lack of certainty), whereas common practice is more often rooted in a simpler treatment of risks and opportunities as potential events. Finally, as with previous editions, they recommend the use of an iterative multi-pass process through which new insights and responses are developed iteratively using a combination of top-down and bottom up thinking. Although some these ideas might seem alien in some quarters, they can be the key to transforming your process capability by making it applicable to the earlier more strategic phases of a project and unlocking a treasure chest of techniques that can be selected and applied as appropriate.
Incredibly difficult to read. Writers obviously understand the topic deeply and have lots of valuable experience, but completely fail to formulate their ideas to a comprehensible form. It's not that writers are academic, I can very well read, and really appreciate (structured) academic text, but this book is simply 500 pages of raw braindump.
The core idea behind this book, if I was able to somehow grasp it, was intuitive and easy to accept. A PM should view the whole scene through questions like: - what do I need to know - what do I know / not know at the moment - what do I need to do to get more information, and how do I do that economically - how certain can I be of the information I already have - the missing and uncertain information: what variability can that imply to my project objectives
I hope other writers take this important topic and write a better book.
Like most people, I think project 'risk management' should concern all important decisions on projects, not just those concerning 'responses' to 'risks'. I also think project 'risk management' should cover the whole lifecycle of projects, not just kick off once the project has been designed. I also think it is wrong to restrict project 'risk management' to just events that either happen or not, or to restrict it to just well understood alternative outcomes for which a lot of past experience is available.
Consequently, this book is right up my street.
This is, effectively, a new book. It's big too, with every possible issue discussed in depth. It's not the sort of book I'm likely to read all the way through. More likely I'll come back to it from time to time, when I want ideas.