Risk tolerance in PRINCE2 7 refers to the permissible level of deviation from expected outcomes that stakeholders are willing to accept before escalation is required. It establishes the boundaries within which the project team can manage risks autonomously and defines when senior management interve…Risk tolerance in PRINCE2 7 refers to the permissible level of deviation from expected outcomes that stakeholders are willing to accept before escalation is required. It establishes the boundaries within which the project team can manage risks autonomously and defines when senior management intervention becomes necessary.
Risk tolerance is closely linked to risk appetite, which represents the overall amount of risk an organization is prepared to accept in pursuit of its objectives. While risk appetite sets the broader strategic context, risk tolerance provides specific, measurable thresholds for individual risks or categories of risks within a project.
In PRINCE2 7, risk tolerances are typically established during project initiation and documented in the Risk Management Approach. These tolerances can be expressed in various ways, including financial limits, time constraints, quality parameters, or scope boundaries. For example, a project might have a cost risk tolerance of plus or minus ten percent of the approved budget.
The Project Board sets risk tolerances for the Project Manager, who then operates within these defined limits. When a risk threatens to exceed its tolerance threshold, the Project Manager must escalate the situation through an exception report, allowing the Project Board to make informed decisions about how to proceed.
Effective risk tolerance management ensures appropriate governance by clarifying decision-making authority at different organizational levels. It prevents both over-escalation of minor issues and under-escalation of significant threats. The tolerances should be realistic, clearly communicated, and regularly reviewed as project circumstances evolve.
Risk tolerance also supports the management by exception principle in PRINCE2, enabling efficient project governance where senior management only becomes involved when matters fall outside agreed parameters. This approach optimizes resource utilization while maintaining appropriate oversight and control throughout the project lifecycle.
Risk Tolerance in PRINCE2 Foundation v7
What is Risk Tolerance?
Risk tolerance defines the acceptable level of risk exposure that a project, programme, or organization is willing to accept. It establishes boundaries within which the Project Manager can operate before needing to escalate issues to the Project Board. Risk tolerance is typically expressed as measurable thresholds related to time, cost, scope, quality, or benefits.
Why is Risk Tolerance Important?
Risk tolerance is crucial for several reasons:
• Enables delegated authority: It allows the Project Manager to handle risks within agreed limits, promoting efficient decision-making • Provides clear escalation triggers: When tolerances are exceeded or threatened, it signals when the Project Board must be informed • Supports management by exception: A core PRINCE2 principle where managers only need to intervene when tolerances are forecast to be exceeded • Aligns project risks with organizational appetite: Ensures project-level risk-taking is consistent with corporate and programme risk appetite
How Risk Tolerance Works
Risk tolerance operates through a hierarchical structure:
1. Corporate/Programme level: Sets overall risk appetite for the organization 2. Project Board level: Defines project risk tolerance in the Project Initiation Documentation 3. Stage level: Project Board sets stage-specific tolerances for the Project Manager 4. Work Package level: Project Manager may set tolerances for Team Managers
Risk tolerances are documented and communicated through: • The Risk Management Approach • Stage Plans • Work Package descriptions
Examples of Risk Tolerance
• Cost tolerance: Project may exceed budget by up to 5% • Schedule tolerance: Stage may overrun by a maximum of 2 weeks • Quality tolerance: Defect rate must remain below 3% • Scope tolerance: Up to 2 minor requirements may be descoped
Exam Tips: Answering Questions on Risk Tolerance
1. Remember the hierarchy: Risk tolerance flows down from corporate/programme through project to stage to work package level
2. Link to management by exception: Questions often connect risk tolerance to escalation and the management by exception principle
3. Know who sets tolerances: The Project Board sets project and stage tolerances; the Project Manager sets work package tolerances
4. Distinguish from risk appetite: Risk appetite is the organization's overall attitude to risk; risk tolerance is the specific measurable threshold
5. Recognize escalation triggers: When a risk threatens to breach tolerance, this must be escalated via an Exception Report
6. Connect to the Risk practice: Risk tolerance is part of the broader Risk practice and supports effective risk management
7. Look for keywords: Questions containing terms like threshold, boundary, acceptable level, escalation, or management by exception often relate to risk tolerance
8. Remember documentation: Risk tolerances should be clearly documented and communicated at the start of each stage