Most planning teams conduct some form of risk identification. They hold a risk workshop, brainstorm potential issues, score them by likelihood and impact, and populate a register. The process feels thorough. The register has items. The team has spent time on risk. The problem is not the time spent. It is the framing. A risk workshop asks: “What could go wrong?” A pre-mortem asks: “The project has failed. What were the most likely reasons?” The difference is not semantic. It produces materially different outputs. The workshop framing generates risks that feel safe to name. The pre-mortem framing generates risks that feel necessary to name. The distinction between “safe” and “necessary” is where the invisible risks live.
Why Framing Changes the Output
Risk workshops operate within normal organizational dynamics. People name risks they are comfortable discussing. Technical risks are easy to raise because they feel objective. Resource risks are acceptable because they imply the team needs more support. Timeline risks are manageable because they suggest the team is being realistic. The risks that are harder to raise: the executive sponsor does not have the organizational authority the program assumes. Two workstream leads have a history of conflict that will identify during integration. The technology team is already committed to another initiative and will not have the capacity the program plan requires. A key vendor has a track record of missed deadlines that nobody wants to document. These risks are not technical. They are organizational and political. They require someone to name a reality that others may not want acknowledged. In a risk workshop, naming these realities feels like dissent or disloyalty. The pre-mortem changes the psychology. By starting from the premise that the program has failed, the exercise reframes risk identification from speculation to analysis. The team is not predicting failure. They are diagnosing it. This shift gives people permission to name the uncomfortable realities because the context demands it. Why pre-mortems change the conversation explains the psychological mechanism in detail: the pre-mortem creates prospective hindsight, which research has shown increases the ability to identify reasons for future outcomes by 30% compared to standard risk identification.
What the Pre-Mortem Surfaces That the Workshop Misses
Two categories of risk consistently appear in pre-mortems that do not appear in traditional risk workshops, with a third emerging from the interaction between them. Political risks. Risks related to organizational dynamics, stakeholder opposition, and authority disputes. These are the risks that involve naming specific people or specific organizational patterns. A pre-mortem produces statements like: “We failed because the regional VPs never fully committed to the consolidation, and the program did not have a mechanism for identifying their resistance until it manifested as non-cooperation during execution.” A risk workshop produces: “Stakeholder buy-in risk: medium.” Structural risks. Risks related to how the program is organized, governed, or resourced. These are the risks that imply the current plan has a design flaw. A pre-mortem produces: “We failed because the integration testing phase assumed both workstreams would deliver on time, but neither had contractual handoff commitments, and neither knew what the other was delivering until integration day.” A risk workshop might not surface this at all because it implies the architecture has a gap. Compound risks. Risks that emerge from the interaction of multiple individual factors. A pre-mortem encourages narrative thinking: tell the story of how the program failed. Stories naturally incorporate causal chains: “The resource constraint led to compressed testing, which led to undetected defects, which led to a failed deployment, which led to a three-week rollback.” Risk workshops generate isolated line items. Pre-mortems generate failure narratives. The risk nobody put on the register documents risks that appeared in pre-mortems but would not have identified in standard risk workshops. The consistent pattern: the risks that matter most are the ones that require the most organizational courage to name.
How to Run a Pre-Mortem That Actually Works
The pre-mortem’s effectiveness depends on facilitation quality. A few design decisions determine whether the exercise produces genuine failure modes or polite generalities. The senior leader goes first. The most senior person in the room names a genuine, specific failure mode before anyone else speaks. This sets the norm. If the senior leader names a real concern, others follow. If the senior leader offers a softball, the room calibrates to that level of candor. Individual writing before group discussion. Each participant writes their failure modes independently before sharing. This prevents groupthink. The first person to speak in a group discussion sets the reference point. Individual writing ensures that each person’s diagnosis is uninfluenced by others. Specificity is enforced. The facilitator does not accept vague failure modes. “We failed because of poor communication” is sent back: “Between whom? About what? When did the communication failure become visible?” The push for specificity transforms a platitude into an actionable risk. The output: five to ten high-priority failure modes, each stated with enough specificity to design a mitigation. The failure modes are then transferred to the risk register with owners, dispositions, and mitigation plans. Making the invisible visible connects to the broader principle: the value of structured identifying processes is in making knowable information known.
The Gap in Practice
Programs that score medium on the Risk Landscape pillar typically have a risk register but lack a pre-mortem. They have identified risks but have not created the conditions for the hardest risks to be named. The register contains technical, resource, and timeline risks. It does not contain the political, structural, and compound risks that the pre-mortem is designed to identify. The practical consequence: the program enters execution with a register that captures the easy risks and misses the hard ones. The easy risks are managed. The hard risks materialize during execution, producing the organizational surprises and structural failures that planning should have anticipated. Programs that failed with good plans documents this pattern repeatedly. The programs had risk registers. They did not have the risks that mattered most.
What “Complete” Looks Like
A pre-mortem is complete when it passes two tests:
- The discomfort test. At least one failure mode in the output would be uncomfortable to present to the executive sponsor because it names an organizational reality the program needs to design around. If every failure mode is comfortable, the exercise did not push far enough.
- The specificity test. Every failure mode can be translated into a mitigation action. If a failure mode is too vague to mitigate, it needs further decomposition.
The question is whether your next risk identification process will create the psychological safety required for genuine candor: or whether your team will populate a register with comfortable risks while the uncomfortable ones wait to identify during execution.
Go Deeper: The Risk Landscape
This article covers one dimension of the Risk Landscape, the fourth of nine artifacts in the Planning & Roadmapping method. The Risk Landscape answers the board question: “What could break this?” Explore the full Risk Landscape →
Keep Reading
New to the Risk Landscape? Start with the foundations:
Ready to benchmark your work against best-in-class? See what excellence looks like: