Risk
Management
Project risk management addresses the uncertain events or
conditions that, if they occur, have negative or positive effects on the
project objectives. A risk event may have one or more causes and one or more
effects. Primarily the effects would be on the major vectors of the triple
constraints: scope, cost and schedule. The effects also extend to cover corporate
image and reputation, safety, environmental issues and the future operability
of the project’s product.
Risk management seeks to protect the project, in fulfilling
its objectives in an environment outside its control, by developing proactive
and reactive action plans (see figure 1.0).
Figure 1.0 Risk
Management Environment
Risk management encompasses identifying, analyzing,
responding to, and controlling project risks. It aim to minimize the
consequences of negative and adverse events and maximize the results of
positive events.
The process of determining an acceptable level of negative
risk during the pursuit of a project, and managing these during project
implementation, is necessary to successfully accomplish project objectives.
Risk management must be pursued as an integral part of the project management
process. Risks are managed in a concerted effort by the project manager and the
project core team members.
Project by definition, are performed in the future, and as a
corollary project risks have their origins in the uncertainty and the current
levels of the unknowns of the undertaking.
The expected duration of a project presents different time
windows of uncertainty, ranging from low and manageable to high and totally
speculative. The project manager has to establish an appropriate risk analysis
and plan frequency, which correspond to the project’s time frame. The longer
the expected duration of the project, the more frequent the cycles of the risk
management process.
Assumptions are closely related to uncertainties and unknowns,
and clearly play a major role in risk management. They are by definition
virtual facts on which plans are made. They have to validate for realism. If
too many exist, then the project manager must pause the risk management process
to determine if further analysis, where possible, is not required to convert
assumptions into real facts.
Risk events may be under the control and influence of the
project manager, or they may depend on external factors and be outside of
control. Additionally, risk events very in their characteristics. They can be:
- Recurring, as they can occur at any time during the project, for example, illness or forced stoppage of any resource.
- Unique, in that they can only exist at a prescribed time window of the project, for example, bad weather in the rainy seasons.
- Interdependent, causing a cascading effect, for example the defect of a provider’s product may cause delays in installation, which may lead to penalties for late delivery.
The origin of risk events can be internal or external.
Internal risk events may be controlled or influenced by the
project team using resource assignments and cost or schedule estimates. For
examples of the internal risk, organized by category, include the following:
|
Technology
|
New or untested technology
Availability of technical expertise
Customization (design modifications)
|
|
Schedule
|
Resource
availability
Schedule
constraints
Dependencies
|
|
Financial
|
Funding or budget
Estimate accuracy
|
|
Legal
|
Patent
right
|
|
|
Data right
|
External risk events are those beyond the control or
influence of the project team, such as customer decisions, market shifts, and
governing body actions. For example of external risk, organized by category,
include the following:
|
Unpredictable
|
Regulatory changes
Natural Hazard
|
|
|
|
|
Predictable
but uncertainty
|
Market changes
Inflation
|
Terminology
1. Risk
events
A risk is the occurrence of a
particular set of circumstances and is composed of three basic components which
are (1) a definable event-threat or opportunity (2)Probability of occurrence
(3) Consequence (impact) of occurrence.
2. Uncertainty
Uncertainty is a representation of
the possible range of values associated with either (1) a future outcome or (2)
the lack of knowledge of an existing state. Uncertainty can be expressed as a
deterministic quantitative value, a qualitative value or a probability
distribution.
3. Threat
and Opportunities
Threats are risk events that, should
they occur, will cause negative effects to the project’s objectives. These are
defined during the identification step of the project risk management process.
Measures need to be taken to increase their probability and or impact.
4. Probability
Probability is the likelihood that a
risk event will occur. This can be expressed qualitatively using an ordinal
scale which are high, medium or low or using a cardinal scale as a single value
or as a percentage.
5. Impact
The impact is the effect and or consequence on
the project if the risk event should occur. This can be expressed qualitatively
using an ordinal scale which are high, medium or low. Quantitatively in
monetary terms or descriptive of the consequences that can be subsequently
estimated and valued in monetary terms.
No comments:
Post a Comment