Difference between Prompt List and Risk Categorization | PMP

prompt list risk categorization

Yad Senapathy, PMP October 16, 2023

The identification and management of risks play a crucial role in project success in project management. Two essential tools used in this process are Prompt Lists and Risk Categorization. While they both aid in recognizing potential threats and opportunities, they serve different purposes and offer distinct benefits. In this blog, we will delve into the differences between Prompt Lists and Risk Categorization, exploring their definitions, applications, and how they contribute to effective risk management in projects.This will definitely teach you how to become a good project manager.

Changes to Risk Identification

The PMBOK 7th edition has undergone significant changes in the Information Gathering section. Notably, "Information Gathering" has been renamed "Data Gathering," and certain techniques have been reorganized into new categories. "Root cause analysis" has been moved to the newly formed "Data Analysis" category, and "assumptions analysis" has been combined with "constraint analysis."

Additionally, "checklist analysis" has been demoted and now falls under "Data Gathering." "SWOT analysis" (Strengths, Weaknesses, Opportunities, Threats) and "document analysis" have also received demotions and now reside under "Data Analysis".

"Diagramming techniques" has been relegated to a reference in the Definition section at the back of the PMBOK, and the "influence diagram" chart has been completely removed.

One of the most significant changes pertains to the "Delphi Technique." Previously an important tool, it is no longer referenced in the Index, which could be seen as a departure from its former prominence in the project management world.

The PMBOK 7th edition has expanded significantly, as evidenced by the 29-page Index and 31-page Alphabetical Glossary. Despite some consolidation and streamlining efforts, new "Tools and Techniques" have been introduced, such as "Interpersonal and Team Skills," "Prompt Lists," and "Meetings."

"PESTLE," "TECOP," and "VUCA" are examples provided under "Prompt Lists." While the explanations for these specific examples are limited within the PMBOK, external sources suggest that "Pestle" refers to political, economic, social, technological, legal, and environmental factors. "TECOP" stands for technical, economical, commercial, organizational, and political factors, with significant overlap with "Pestle." "VUCA" encompasses volatility, uncertainty, complexity, and ambiguity, originating from the U.S. Army War College's attempt to describe the post-cold war multilateral world.

The changes in the Information Gathering section of the PMBOK 7th edition reflect an effort to streamline and reorganize certain techniques. While some adjustments may seem like change for the sake of it, the groupings appear to be more logical, enhancing the overall usability of the guide for project management professionals

pmp certification boot camp

Understanding Prompt Lists

Definition and Purpose

A Prompt List, also known as a Risk Identification Checklist, is a structured inventory of potential risks that project managers and stakeholders can refer to when initiating a project. It serves as a memory aid, ensuring that critical risks are not overlooked during the risk identification process.

Prompt Lists are typically compiled based on historical data, lessons learned from previous projects, industry best practices, and expert knowledge.The purpose of a Prompt List is to facilitate a systematic and comprehensive approach to risk identification.

By providing a well-organized list of risk categories and corresponding risk items, project teams can brainstorm potential risks in a more focused and organized manner. This helps in reducing the likelihood of missing critical risks that might otherwise go unnoticed in the early stages of a project.This helps to establish a successful project management plan.


A typical Prompt List contains a comprehensive set of risk categories and corresponding risk items. These categories encompass various aspects of a project, including technical, environmental, financial, schedule, and organizational factors. Each risk item is described concisely and includes relevant details such as risk triggers, potential impacts, and recommended risk responses.

The composition of a Prompt List may vary depending on the project's industry, complexity, and unique characteristics. For example, in an IT project, risk categories might include data security, software compatibility, and vendor reliability, while a construction project might have risk categories related to weather conditions, material availability, and regulatory compliance.


When initiating a project, project managers and teams can utilize the Prompt List to systematically identify potential risks. By going through each risk category and item, they can consider how each aspect of the project might be vulnerable to certain risks. This aids in developing a holistic risk register, which is essential for subsequent risk analysis and response planning.

The application of a Prompt List is not limited to the early stages of a project. Throughout the project lifecycle, the Prompt List can be revisited and updated as new risks emerge or existing risks evolve. This iterative approach ensures that the risk management process remains dynamic and responsive to changing project conditions.

Exploring Risk Categorization

Definition and Purpose

Risk Categorization involves the process of grouping identified risks based on their shared characteristics or attributes. The purpose of categorization is to simplify the risk management process by grouping similar risks together, which allows for a more streamlined approach to risk analysis and response planning.

The goal of Risk Categorization is to enhance risk prioritization and resource allocation. By organizing risks into logical categories, project teams can focus their attention on specific areas of concern and allocate resources effectively to address the most critical risks first.

Categorization Criteria

Risk Categorization criteria can vary based on the project's nature and complexity. Common criteria include the source of risk (e.g., technical, external, internal), the project phase in which the risk might occur, the potential impact on project objectives (e.g., scope, cost, schedule), and the stakeholder or department responsible for managing the risk.

For example, in a construction project, risks could be categorized based on the different phases of construction, such as design, procurement, and execution. On the other hand, in a software development project, risks might be categorized based on the different components of the software, such as database, user interface, and integration.

Benefits of Risk Categorization

Categorizing risks offers several benefits. It helps project teams focus on specific risk areas, preventing them from feeling overwhelmed by an extensive list of risks. Instead of dealing with risks individually, the team can approach risks grouped under the same category with a cohesive and targeted strategy.

It also facilitates the identification of common patterns or trends across projects, enabling the development of standardized risk response strategies. Lessons learned from previous projects can be applied to similar risk categories, promoting efficiency and consistency in risk management practices.

Risk categorization aids in resource allocation, ensuring that appropriate attention and resources are directed towards addressing the most critical risks. This is especially important in projects with limited resources, as it helps project managers prioritize risk response efforts for maximum impact on project success.

Distinguishing between Prompt Lists and Risk Categorization

Purpose and Timing

The primary distinction between Prompt Lists and Risk Categorization lies in their purpose and timing. A Prompt List is utilized during the initial stages of a project to prompt brainstorming and ensure comprehensive risk identification. It serves as a starting point for risk identification, guiding project teams to consider various aspects of the project that might be susceptible to risks.

On the other hand, Risk Categorization comes into play after risk identification, during the risk analysis phase, where risks are grouped based on shared attributes. The purpose of Risk Categorization is to organize identified risks into meaningful groups, enabling better prioritization and focused risk response planning.

Level of Detail

Prompt Lists are detailed inventories, providing specific risk items and their triggers, whereas Risk Categorization is a more high-level exercise, grouping risks based on broader characteristics. This distinction helps in managing the complexity of risk analysis and response planning.

While Prompt Lists are valuable for capturing specific risk scenarios, Risk Categorization offers a more holistic view, allowing project managers and stakeholders to understand the overall risk landscape in a more structured and organized manner.

Complementary Approach

It is important to note that Prompt Lists and Risk Categorization are not mutually exclusive; rather, they complement each other. A well-constructed Prompt List can serve as a basis for effective Risk Categorization. By employing a Prompt List during risk identification, the subsequent categorization process becomes more structured and efficient.

Furthermore, the insights gained from Risk Categorization can be fed back into the Prompt List, enriching it with new risk categories and items that might not have been considered initially. This iterative approach to risk management ensures that the risk identification and response planning processes remain dynamic and adaptive throughout the project lifecycle.


Prompt Lists and Risk Categorization are essential tools in the project manager's arsenal for effective risk management. While Prompt Lists facilitate comprehensive risk identification, Risk Categorization streamlines the subsequent risk analysis and response planning process. By leveraging both these techniques, project teams can enhance their ability to anticipate and mitigate potential risks, ultimately increasing the likelihood of project success.

Through the strategic application of these risk management tools, project managers can instill confidence in stakeholders and project teams by demonstrating a proactive approach to identifying, analyzing, and addressing risks. By minimizing the impact of potential threats and capitalizing on opportunities, projects are better positioned to achieve their objectives on time, within budget, and with the desired level of quality.

pmp 35 contact hoursSatisfies 35 contact hours

Corporate Head Quarters
Project Management Training Institute
4835 LBJ Freeway, Suite 220
Dallas, TX 75244-6004

Contact Us
Customer Service: (734) 786-0104
Sales (Toll Free): (866) 540-3126
Fax: (248) 809-4060
Email: [email protected]
Office Hours: Mon-Fri 8AM - 5PM (CST)

'PMI', 'PMP', 'CAPM', 'OPM3', 'PMI-ACP', 'Project Management Professional', 'Certified Associate in Project Management', and 'PMBOK' are trade marks of Project Management Institute, Inc. The PMI Registered Education Provider logo is a registered mark of the Project Management Institute, Inc. | Premier PMI Authorized Training Provider (ATP)

Project Management Training Institute, PMTI, PMT Institute are registered as trademarks of Olympus Services, LLC in the State of Michigan.

© 2024 Project Management Training Institute – Terms & Policies – This site is protected by reCAPTCHA and the Google Privacy Policy & Terms of Service apply.