Understanding RAID: Risk, Assumptions, Issues, Dependencies
The RAID framework is a structured method for managing four critical elements of project and programme delivery: Risks, Assumptions, Issues, and Dependencies. It provides clarity, ensures accountability, and helps teams make better-informed decisions.
1. Risks
- Definition: Potential events or situations that could have a negative impact if they occur.
- Examples: Security vulnerabilities, delays in a key deliverable, or new regulatory requirements.
- Management: Identify, assess probability and impact, assign ownership, and track mitigation plans.
2. Assumptions
- Definition: Conditions accepted as true without immediate proof, which could affect outcomes if invalid.
- Examples: Assuming vendor APIs remain stable, or that team capacity will remain constant.
- Management: Document clearly, validate over time, and review when circumstances change.
3. Issues
- Definition: Problems that are currently happening and require action.
- Examples: A failed system integration, lack of stakeholder alignment, or missed deadlines.
- Management: Prioritise, assign ownership, and track to resolution.
4. Dependencies
- Definition: External or internal factors that a project relies on to succeed.
- Examples: Delivery from another team, infrastructure readiness, or third-party service availability.
- Management: Map dependencies early, identify owners, and monitor progress continuously.
Why RAID Matters
- Brings transparency and accountability across the organisation.
- Provides a structured approach to track what can go wrong, what is assumed, what is already broken, and what relies on others.
- Enables better forecasting, communication, and decision-making.
Practical Application
Many teams use a RAID log (often a simple spreadsheet or integrated project management tool) to document, monitor, and review these elements regularly. This ensures visibility and alignment across stakeholders, and creates a single source of truth for project health.