Standard : Risk Burndown Rate

Description

Risk Burndown Rate measures how quickly known risks in the product or portfolio are being mitigated over time. It provides visibility into whether teams are paying down risk deliberately.

How to Use

What to Measure

• Total number or severity-weighted score of open risks.
• Track over time to measure decline.

Formula

Risk Burndown Rate = (Risk Exposure at Start − Risk Exposure at End) ÷ Time Period

Example: Risk score 100 → 60 over a quarter → 40% burndown.

Instrumentation Tips

• Maintain a portfolio-level risk register.
• Categorise risks (technical, market, operational).
• Score risks consistently (impact × likelihood).

Why It Matters

• Resilience: Reduces likelihood of major failures or delays.
• Strategic readiness: Prepares portfolio for future challenges.
• Transparency: Helps leadership prioritise risk mitigation work.

Best Practices

• Review risk register in quarterly portfolio meetings.
• Prioritise high-impact, high-likelihood risks first.
• Track mitigation actions to completion.

Common Pitfalls

• Stale risk registers not updated after mitigations.
• Focusing only on delivery risks, ignoring market/strategic ones.
• Treating risk burndown as side work instead of core planning.

Signals of Success

• Downward trend in overall risk exposure.
• Fewer unplanned incidents impacting delivery.
• Risks are retired rather than repeatedly deferred.

Related Measures

• [[Investment Allocation Ratio]]
• [[Escaped Defect Rate]]
• [[System Reliability Metrics]]