VERTEX has Experts that Talk the Talk and Walk the Walk.

Unlike others, VERTEX provides forensic consulting alongside traditional AEC services which allows for a 360 degree view of your project.

VERTEX Services


Need an expert for your case?

Our forensics experts work alongside AEC specialists which enhances our skills and bolsters the credibility of our expert consultants.

Find an Expert


VERTEX delivers innovative solutions on complex projects globally.

Since 1995, VERTEX has completed over 90,000 projects.

View Portfolio


VERTEX believes in a Lifetime of Learning philosophy.

Stay current with our industry experts as they share their insights and knowledge on the built environment.

View Insights

Grow Your Career

Join Our Team

VERTEX is looking for talented individuals to join a highly technical team of forensic consultants, design engineers, construction managers, and environmental scientists.

Learn More

Contact Us

Have a question or want to speak with a technical professional?

VERTEX is a multi-discipline firm with global coverage. Our international network of resources enables us to provide multi-national clients with the most qualified local professionals who understand the culture, language, and regulatory framework.

Call Us: 888.298.5162

Call Us

Call us at 888.298.5162.

VERTEX Blog, How to Develop a Risk Mitigation Plan

How to Develop a Risk Mitigation Plan

September 9, 2020

Risk assessments are a key component to help mitigate risks. Once one understands the key risks in a project, policies and procedures can be developed and the risk can be monitored. Such risk control measures can apply to different types of projects including environmental, construction quality control, and health & safety.

Risk Assessment Framework


Prior to the start of any project, it is recommended that the risks be examined and assessed based on consultation with experts, review of relevant conditions and risk appetite of the key stakeholders. The following chart (taken from ISO 30001:2009) shows the relationship between risk appetite, risk assessment and risk treatment:

Risk Assessment

The first part of the risk treatment is to understand the stakeholder’s risk appetite. This is a function of several factors, such as socio-cultural, relationships with clients, and drivers that have an effect on the objectives of the organization. Once these drivers are understood, the risk identification process can be undertaken.

The Project Management Institute (PMI) states in the Project Management Book of Knowledge (PMBOK) defines risk management as “the process of defining how to conduct risk management activities for a project” (Section 11.1). The act of risk management is broken down into three parts:

  • Risk identification – the determination of incidents that may affect the outcome of a project, (both positive and negative)
  • Risk Analysis – the determination of risk, based on the quantitative measure of an incident’s severity and frequency
  • Risk Evaluation – the prioritization of high-risk activities to minimize the detrimental effects on a project

This data is summarized in a risk register. High-risk activities are then subjected to risk treatments.

Risk Treatment

Risk treatment is the act of controlling the frequency of an incident to help reduce the overall effects of risk on a project. The primary intention is that as the incident frequency is reduced, the overall effects on a project are mitigated.

Risk treatment is based on ANSI Z10, specifically:


The ‘plan’ phase is a direct result of the conclusions of the risk assessment phase of project management. Once a series of high-risk activities have been identified, separate plans are developed, based on local and federal regulations or best practices, as determined by national bodies, such as ANSI, ASTM, ASSE, NFPA, etc.

The plans are based around a hierarchy of controls:

Each type of control is implemented to help prevent the frequency of an incident from coming to fruition. The results of these series of plans are used to develop policies and procedures. The process also lays out the requirements for the use of engineering measures such as specialty equipment, administrative (policies and procedures, training), and personal protective equipment to help prevent risks from occurring.


As the project progresses, the personnel involved use the training they have received and reference the policies & procedures to help mitigate the risks from occurring.


During the ‘do’ phase, trained personnel will observe the personnel and operations to confirm they conform to the policies/procedures, local & federal regulations, and best practices.

Risks are being monitored to confirm they do not occur, or occur within an expected manner (i.e. failure rates of components, health and safety incident rates, release rates of chemicals of special concern, etc.).


If it has been determined that an aspect of the program does not mitigate or help mitigate the risks (i.e. are occurring at a higher rate than expected), the program should be re-evaluated. Additional policies/procedures, training, and/or monitoring are implemented to help reduce the overall risks.

Job Safety Analysis

The Takeaway

While all projects have inherent risks, they can be mitigated with an effective plan that is designed by competent personnel following the framework of ANSI Z10 and ISO 31000. We cannot rule out all risks but we can control the known risks in an effective manner.

To learn more about VERTEX’s Services or to speak with a Risk Control Expert, call 888.298.5162 or submit an inquiry.


Author: Steven Marcassoli

Back to Insights