TABLE OF CONTENTS.<br />INTRODUCTION TO PROJECT RISK MANAGEMENTRELEVANCE OF PROJECT RISK MANAGEMENTPROJECT RISK MANAGEMENT PROCESSESEFFECTIVE & PRACTICAL PROJECT RISK MANAGEMENTBENEFITS OF PROJECT RISK MANAGEMENT10 GOLDEN RULES OF PROJECT RISK MANAGEMENTEFFECTS OF NEGLECT / POOR PROJECT RISK MANAGEMENTCONCLUSIONREFERENCESBIBLIOGRAPHY<br /> <br />INTROUCTION TO PROJECT RISK MANAGEMENT.<br />A recent investigation into the recent rise in failed projects, financial meltdown and the deadly environmental hazards occurring globally have proved that non-inclusion of risk management in the planning and entire stage of the project, poor and total neglect of project risk management practices and overlooking minor risks account for majority of them.While experts have stated that a proper and strong project risk management process can reduce project problems by as much as 75 – 90%, combining it with concrete project management plans, defining a proper scope, managing change and communication, a good project risk management helps in reducing and eliminating surprises and unexpected project risks. A good project risk management process can also help with resolving problems when they occur.<br />To have a better understanding, ability to structure, implement and execute a good project risk management practice; we need to understand the processes involved in “PROJECT RISK MANAGEMENT” properly. <br />WHAT IS PROJECT RISK MANAGEMENT?Project risk management according to the project management body of knowledge book, chapter 11, Pg. 111, it is a term that encompasses and involves all processes concerned with identification, analyzing and response to project risk. It also consists of maximizing the results of likely positive events and minimization of the impacts of negative events.Also according to Vicki Wrona, a project management professional, before we begin a project risk management process, we must have a justified knowledge of major key definitions. Project risks according to the Project management institute perspective are “at their core, unknown events”. These events are often positive or negative. This makes “RISK”, neutral though most time is spent on tackling negative project risks (threats) rather than the positive (opportunities).<br />PROCESSES INVOLVED IN PROJECT RISK MANAGEMENT.A proper project risk management includes the following four processes: -<br /><ul><li>Risk identification
These processes are often implemented with different names though they all arrive and achieve the same goal. Also they are often renamed and combined as stated below: -Risk identification and quantification are often treated as a single process and the resultant process is called “risk analysis” or risk assessment. Risk response development is also often referred to as “” risk response planning and risk response development often referred to as “risk management”.
Whether they are referred to individually or collectively, they usually maintain their requirements, tools and output. A proper analysis of these processes is stated below.
RISK IDENTIFICATION: - involves the identification and determination of the possible risks that are more likely to affect the project and properly documenting the properties and effect of each one. This process is not a “once in a project” affair. It is meant to be carried out regularly as long as the project is being carried out. It should also include both internal (activities that can be controlled or influenced by the project team such as cost estimation) and external (risks beyond the project team’s control such as business laws or government action) risk. Risk identification could be achieved by either identifying “causes and effects” (events likely to occur and what will be the result) or “effects and causes” (outcomes to be avoided or appreciated and method of occurrence).
For proper risk identification, the following inputs, tools / techniques and output are required: -
INPUTSTOOLS & TECHNIQUES OUTPUTSProduct descriptionChecklistsSources of riskOther planning outputs (work breakdown structure), staff plan etc.FlowchartsPotential risk eventsHistorical informationinterviewsRisk symptomsCost and time estimationInput to other processes
RISK QUANTIFICATION: - this step involves evaluation of the risks identified in the first step and risk interactions to assess the range of possible project outcomes. Its primary aim is to determine which risks need response. It is complicated and affected by a number of factors but is not limited to them. They include: -
Threats and opportunities can interact in unforeseen ways such as regular delays could cause consideration of a new strategy thereby reducing total project duration.
A single risk could trigger multiple effects such as: - a late delivery of a vital part of the project could result in penalty (fines and payments), over run cost, delay in schedule and often a poor quality product.
Reduced cost may favor a stakeholder at the expense of the other. (opportunity for one, loss for the other).
Mathematical principles used may create a false impression and negatively affect reliability and precision.
For proper risk quantification, the following inputs, tools / techniques and output are required: -</li></ul> INPUTSTOOLS & TECHNIQUESOUTPUTSStake holder risk toleranceExpected monetary valueOpportunities to pursue(threats needing response)Risk sourcesStatistical sumsOpportunities to ignore(threats to accept)Potential risk eventsSimulationCost estimateDecision treesTime estimateProfessional judgment<br />RISK RESPONSE DEVELOPMENT.<br />This step in the project risk management activities involves clearly defining enhanced steps to utilize opportunities and respond to threats. Threat response usually fall into one of three categories:-<br /><ul><li>Avoidance which has to do with eliminating a threat by eliminating the cause. All risks cannot be eliminated but certain ones can often be eliminated.
Mitigation which deals with reducing the expected cost of a risk event by reducing the occurrence probability, buying insurance and using proven technology.
Acceptance which deals with acknowledging the occurrence of a risk and developing a plan to tackle the risk in cases when it occurs.
For proper risk response development, the following inputs, tools / techniques and output are required: -</li></ul>INPUTSTOOLS & TECHNIQUESOUTPUTOpportunities to pursue(threats to respond to)ProcurementRisk management planOpportunities to ignore(threats to accept)Contingency planInput to other processesBack up plansContingency planInsuranceReserves<br /> <br />RISK RESPONSE CONTROL.<br />This step involves execution of the developed risk management plan in response to the risk events during the course of the project. Whenever there are changes made to the project, the first three risk management processes (identification, quantification and response) are repeated. It is a good practice to bear in mind that even the most comprehensive and thoughtfully structured analysis cannot point out all risks and likelihood of occurrence correctly. This makes the project risk management processes an activity to be repeated often.<br /><ul><li>For proper risk response control, the following inputs, tools / techniques and output are required: -
After a clear definition of all the activities project risk management entails, it is best to have a “step-by-step” approach for proper execution of all involved activities as a (PROJECT RISK MANAGEMENT).
PROJECT RISK MANAGEMENT PROCESS.Vicky Wrona again outlined a possible “7 step” outline as a project risk management process. They are: - Step 1: - this step states that everyone involved in the project planning process should list at least 10 possible risk items. This also helps tackle assumption because some risks that are believed to be known are often neglected and they end up occurring. Scope creep is a perfect example because even with a perfect management process, it could still arise and cause problems. It is best to tackle it rather than ignore it. Step 2:- involves collection of all the listed risks and compiling them into a single list (master list) with duplicates removed.Step 3: - assessment of the probability and impact of the risks outlined in the master list is the third step. This can be achieved by giving each risk a rating (numerically) or otherwise in order of vulnerability (low, medium, high). Detectability is also important because risks that are not detected or hard to detect e.g. scope creep are even more risky. tep 4: - </li></ul> <br />