PMI’s Draft Standard for Risk Management in Portfolios, Programs, and Projects is absolute rubbish

For about a second I was excited about the new PMI’s Draft Standard for Risk Management in Portfolios, Programs, and Projects. After all, so much has been published about good risk management in projects and written by David Hollmann

I was both amazed at the overall maturity of risk analysis in project management, compared to corporate risk managers who still shuffle risk registers once a quarter and excited to see what largest association like PMI can come up with.

Well, PMI sure delivered! Draft Standard for Risk Management in Portfolios, Programs, and Projects is absolute rubbish. What a waste of 40+ pages.

According to the authors, this is what risk management should look like.



Forget integrating into project decision making, forget proper schedule and budget modeling, forget cognitive biases, none of that exists in PMI’s world. This draft standard is not about integrating risk management into project activities and decision making, quite the opposite, it’s about creating a separate artificial standalone process designed by risk managers for risk managers. Zero business value guaranteed and millions lost in additional costs for projects worldwide.

I started commenting on the official website but soon stopped after page 15 after losing all respect for the authors. Not to even mention plagiarism, a few things were clearly “borrowed” from ISO31000, the definition of risk for one. Obviously and I wish they borrowed more instead of the nonsense they created. But imagine how surprised I was when ISO31000 was NOT referenced in the bibliography.

The deadline now closed for public comments. Did you see the draft? What was your opinion about it?

RISK-ACADEMY offers online courses


Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!


ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.


Advanced Risk Governance

This course gives guidance, motivation, critical information, and practical case studies to move beyond traditional risk governance, helping ensure risk management is not a stand-alone process but a change driver for business.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.