Three Tips to Identify Project and Program Risks

What you presented are not tips but are significant activities for risk identification and management. With the resulting information a risk management plan is created. A risk management plan is used and developed throughout the project or program and development life cycle. Risk identification and management must continue from the beginning, and throughout, the project or program.

And yes, a number of identified roles must be involved. With the list of roles you provided, I include several other roles that, depending on the type of project or program, are involved or participate in the identification and management of risks:

The Project/Program Manager
Business Subject Matter Experts
Subcontractor/vendor representative
Configuration management
Infrastructure/network
Technical Writing Support (an overlooked role but technical writers have a relationship/perspective established by their interaction with, and interviewing, users while creating user manuals, etc.)
The appropriate roles would participate, as required, in the particular activity /process to identify possible/potential risks.

Three Tips to Identify Project and Program Risks
Three tips (perspectives) to identify/uncover risks for IT projects and programs.
Identify possible risks based on:
1. The technology being developed and introduced to the organization and user community, impact on the organization, other processes (or systems and their interfaces) and people
2. The project or program scope, its approved budget(s), the project plan and schedules, resources (manpower, money, equipment, etc), procurement and subcontractors/vendors
3. The System/Software Development Life Cycle (SDLC) i.e., requirements identification and analysis, Architecture/Detail Design, Development, System Test, Delivery/Deployment)