Organizations have to plan on migrating to quantum-resilient cryptographic measures, also known as PQC. However, this is a difficult task, and to the best of our knowledge, there is no generalized approach to manage such a complex migration for cryptography used in IT systems that explicitly integrates into organizations’ steering mechanisms and control systems. We present PMMP, a risk-based process for managing the migration of organizations from classic cryptography to PQC and establishing crypto-agility. Having completed the initial design phase, as well as a theoretical evaluation, we now intend to promote PMMP. Practitioners are encouraged to join the effort in order to enable a comprehensive practical evaluation and further development.