RAID Logs: What are they and why do they matter?

When project managers mention RAID, they’re not talking about pest control. Instead, RAID is an acronym beloved by project managers and delivery teams everywhere.

RAID stands for Risks, Assumptions, Issues, and Decisions and it's a cornerstone of effective project management.

In my experience managing various projects and establishing PMO best practices, I’ve noticed that risks and issues are often discussed but not always documented. Ironically, this lack of documentation is a risk in itself. Without proper records, crucial details can get lost in the chaos of a project’s lifecycle. Sometimes, we acknowledge a risk exists but miss the opportunity to plan how to avoid or mitigate it.

What is a RAID Log?

A RAID log is a vital part of a successful project's documentation. It's a structured template that allows a project manager to organize the following information:

Risks

Risks are defined as potential obstacles that may arise in the future, but don't necessarily have to occur.

They require planning and a mitigation strategy - How can we avoid them? For example, a project deadline might be tighter than usual:

• Risk: The deadline does not allow for the full project lifecycle to occur.
• Impact: Reducing the timeline means some steps may be rushed, increasing the chance of errors.
• Likelihood: High - this will definitely happen.
• Mitigation: The project team agrees to streamline steps 2, 3, and 4, ensuring elements reach the client sooner and reducing end-of-timeline complications.

Assumptions

Assumptions are often seen in a Statement of Work but should be carried through the project. These are things believed to be true but not yet confirmed. If they turn out to be false, the scope or budget may no longer apply.

Common examples of assumptions include the availability of key resources or the stability of third-party systems. Early verification of these assumptions through stakeholder discussions and preliminary research can help prevent future disruptions.

Issues

Issues are challenges that are already present. Unlike risks, there’s no time for a mitigation plan; they need immediate solutions.

Decisions (or Dependencies)

This section can document either Decisions or Dependencies, though I typically default to decisions. It records anything that could change the project’s trajectory, which is crucial because decisions can counteract each other and significantly impact the project.

Why do they matter?

RAID logs are a consistent tool that helps us ensure a successful project.

With RAID logs, we're able to:

• Be more proactive as a project team
• Demonstrate expertise to clients
• Plan for potential changes, both negative and positive
• Monitor and control projects thoroughly
• Protect the budget as much as possible

For instance, being proactive helped a past project avoid a major risk by identifying and addressing it early. Demonstrating expertise through RAID logs has impressed clients, leading to repeat business. By planning for changes, we can maintain project stability and control, protecting our budgets from unforeseen expenses.

If we don’t consider the project holistically, we risk stifling our success. Not only this, but success on one project helps us better prepare and scope future work.

Best Practices

Below, I've listed some of my favorite "best practices" or things to keep in mind when creating and maintaining a RAID log.

Create a template that's easy to reuse

What helps adoption? Ease. Having a consistent template that's applicable for all project types will ensure more people feel comfortable with the RAID log being the norm.

Leverage templates that already exist within your chosen project management platform if you need ideas.

Make the RAID log a normal part of your internal and client-facing meetings

During weekly internal status meetings, review the risks and issues list with the team to update and add new items. Keeping the entire project team aware and responsible for risks ensures greater success. A brief agenda for these meetings can help efficiently review and update the RAID log without consuming too much time.

Establish the difference between "internal" items and "client-friendly" items

Some risks, like resourcing concerns, are internal. Differentiating between these and risks that need to be escalated to the client helps keep the client focused and informed about relevant risks during status meetings. Handling sensitive internal risks carefully while maintaining transparency with clients about relevant issues is key.

Delegate ownership

Assign an owner for each item in the RAID log. While the project manager monitors it, the owner is responsible for mitigation and decisions, which ensures accountability. Criteria for selecting an owner include their authority, expertise, and availability to address the item effectively.

At the end of the day, risks, issues, assumptions, and decisions/dependencies are guaranteed in a project. With guarantee comes the opportunity to establish process. And what do we love? Process!