HKSM

Systematically grouping identified risks by where they come from (e.g., via an RBS), what part of the project they could impact (e.g., via the WBS), or another meaningful grouping such as project phase, to reveal which areas carry the greatest exposure to uncertainty.

Key Points

• Organizes risks by source (RBS), affected work/deliverables (WBS), phase, or other taxonomy to expose hotspots.
• Directs attention, ownership, and responses to categories with the highest concentration of risk.
• Defined in the risk management plan and applied consistently across the risk register.
• Supports reporting with heat maps, Pareto by category, and trend analysis over time.

Example

After risk identification, the team tags each risk with RBS (technical, external, organizational), WBS element (Subsystem 1.2, Procurement Package P-03), and project phase (design, build, test). A category report shows most threats cluster in supplier-related items and the test phase, so the manager assigns a supplier risk owner and strengthens test contingency plans.

PMP Example Question

A project manager wants to find which parts of the project face the most uncertainty. What should they do first?

1. Perform risk categorization using RBS/WBS or phase labels to group identified risks.
2. Calculate contingency reserves using a quantitative schedule risk analysis.
3. Apply a probability-impact matrix to rank individual risks only.
4. Escalate all external risks to the program manager.

Correct Answer: A — Group risks into categories by source or affected area

Explanation: Risk categorization organizes risks by source, WBS element, or phase to highlight hotspots and guide targeted responses.