2. Introduction
Active Risk Manager (ARM) eliminatesrisk information silos and improves data consistency and accuracy
across all projects. You will have visibilityof risks that threaten project delivery across your entire portfolio
before they become delayed.You will avoid surprises by getting real-time visibilityintoemerging concerns
and help the organization to mobilize its resources in priority order.
Portfolio Risk management
Portfolio Risk management at Samsung aims to identifysignificant risk factors, prepare for them and
manage them in an optimal way so that the company’s objectives are achieved. Comprehensive risk
management serves to manage the company’s risk and not just individual risk factors.
Responsibilities
The principlesof Samsung risk management are
approved by the company’s Board of Directors. The
Board monitors the implementation of risk
management and assesses the efficiencyof the
methods employed.The President and CEO is
responsible for the organisation and implementation
of risk management.
Identification, assessment and
reporting of risks
The risk management process is defined in
Samsung’s Integrated Management System. As part
of the annual strategy process, risks are assessed at
the Group and division levels, in units outside
Finland as well as within centralized functions defined as being critical. In each responsibility area, the
executive management assesses its strategic, financial, operational and damage-related risk factors. RJIO
evaluates risks using a risk matrix, thereby also assigning monetary values to risks.
Contingency plans are prepared for significant risks. Responsibilityfor the risk management measures is
assigned to the relevant parties. The most significant risks identifiedand preparations for them are reported
to the President and CEO and the Board of Directors.
3. Risks associated with EPC Industry
No. Item description
Weight
of item
Need to risk
management*
Score
1 Projectriskmanagementstrategicplanning 0.16 9 1.44
2 Projectlife cycle statues 0.14 10 1.4
3 Projectoverall structure 0.06 5 0.3
4 Projectimplementationmethod 0.16 9 1.44
5 Projectcontract and paymentmethod 0.18 10 1.8
6 Contractorsand consultants 0.14 4 0.56
7 Projectat the portfoliolevel of organization,
ministry,country,region
0.1 3 0.3
8 Desiredlevel of riskmanagement 0.06 7 0.42
Sum 1 7.66
*(1-10) number 10 means strong need to risk management and number 1 means no need
Score 0-2.5 2.5-5.0 5-7.5 7.5-10
Needtothe risk
managementand
riskanalysis
Withoutanyneedto
the riskmanagement
Risk
managementat
the overall level
of the project
Riskmanagement
alongwith
allocatinganexpert
Establishingrisk
managementteam,
evaluatingdetails
and
developrisk
procedure
Risk Analysis
Components of Risk
Customer
Needs
Market Risk
Technology
Risk
Regulatory
Policies
Human
Resources
ProjectRisk H (↑) M (→) M (→) M (→) H (↑)
Planningrisk L (↓) M (→) H (↑) L (↓) M (→)
Development&Procurement
stage risk
L (↓) L (↓) L (↓) L (↓) M (→)
Implementation/Design&
Constructionstage risk
L (↓) L (↓) M (→) H (↑) H (↑)
Operatingrisk L (↓) M (→) H (↑) M (→) H (↑)
Demandrisk H (↑) H (↑) L (↓) L (↓) L (↓)
Residual value risk L (↓) H (↑) H (↑) M (→) L (↓)
Financial risk L (↓) M (→) M (→) L (↓) L (↓)
Legal risk M (→) M (→) L (↓) H (↑) M (→)
Works risk L (↓) M (→) H (↑) H (↑) H (↑)
Organisational risk L (↓) H (↑) L (↓) L (↓) M (→)
Reputational risk H (↑) H (↑) L (↓) L (↓) M (→)