Effective project risk management is critical in environments where both micro-level and macro-level risks are present. Traditional models often focus on micro-level risks, neglecting broader macroeconomic uncertainties such as geopolitical instability and supply chain disruptions. This research introduces a two-stage stochastic programming model designed to optimize the selection of Risk Response Actions (RRAs) under uncertainty while addressing both types of risk. The model incorporates “here-and-now” decisions at the planning stage and “wait-and-see” decisions as uncertainties unfold, enabling adaptive risk management throughout the project lifecycle. To solve the model efficiently, we employ an evolutionary algorithm combined with Sample Average Approximation (SAA) to handle the computational complexity of multiple scenarios. The model is applied to a real-world case study involving the integration of IoT and ERP systems in a smart factory in Iran, a project characterized by significant macroeconomic and geopolitical risks. Our key contribution lies in providing a comprehensive risk response strategy selection model that simultaneously addresses micro- and macro-level risks while incorporating strategic flexibility through outsourcing decisions. The results demonstrate that our model outperforms traditional deterministic models, offering enhanced resilience against macro-level risks and improved project performance under uncertainty. These findings provide valuable insights for project managers aiming to increase resilience and adaptability in volatile environments. By integrating both internal and external risk factors, our model offers a robust tool for managing complex projects, enhancing decision-making and project outcomes in uncertain conditions