The project risk maturity model--assessment of the U.K. MoD's top 30 acquisition projects
Risk management maturity models (RMMM) enable organizations to gauge the development and evolution of their risk management practices. This paper examines the results of a risk management capability assessment performed for the United Kingdom's (UK) Ministry of Defence's (MoD) Defence Procurement Agency (DPA). In doing so, it outlines the assessment's two purposes: To show how RMMM measurements can identify and monitor risk management improvements; to report findings on common risk management weakness. It also overviews the assessment initiative's purpose and history and describes the PMMM used--developed by David Hillson (1997)--to perform this assessment, a PMMM that was used to evaluate the risk management performance of the DPA's integrated project teams (IPTs). It then details the assessment's four-phase methodology, listing each phase's evaluation criteria and key findings. It also describes the three process weaknesses in the risk management approach used by most of the IPTs.