2. Introduction
A project risk is an uncertain event that may or may not occur during a project. If it
occurs it has a positive or negative effect on a project objective.
The notion of project risk involves two concepts:
I. The likelihood that some problematic event will occur.
II. The impact of the event if it does occur.
3. Types of Project Risk
A. External risk:
Mainly outside the control of the project manager and in most case the organization.
Examples:
Market risks- include competition, foreign exchange, internal rate risk
Government regulatory changes
Disaster such as flood, fire, earthquake, or other natural disaster
Risk associated with labor strikes, and civil unrest
Communication system and security sensor failures
B. Cost Risk:
Directly or indirectly under project manager’s control
Cost risk usually arise due to poor cost estimation, accuracy and scope creep
Examples:
Cost overruns by project team or subcontractors, vendors, and consultants
Poor estimation or errors that result in unforeseen costs
Overrun of budget and schedule
4. Project Risk
Schedule Risk
Can cause project failure by missing or delaying a market opportunity for a product or service
the risk that activities will take longer than expected
Slippages in schedule typically increase cost, delay the receipt of project benefits
Schedule risk are caused by:
Inaccurate estimation, resulting in errors
Increased effort to solve technical, operational, and external problems
Resource shortfalls, including staffing delays, insufficient resources
Unplanned resource assignment- loss of staff due to other higher priority projects
D. Technology risk
Failure to meet system target functionality or performance expectations
It is the risk that project will fail to produce results consistent with project specifications
Examples:
Problems with immature technology
Use of wrong tools
Software that is untested or fails to work properly
5. Project Risk
E. Operational Risk
Characterized by an inability to implement large scale change effectively
This risk can result in failure to realize the intend or expected benefit of the project
Causes of operational risk:
Inadequate resolution of priorities or conflicts
Failure to design authority to key people
Insufficient communication or lack of communication plan
Size of transactions volume- too great or too small
Poor implementation
6. Risk Analysis
Risk Analysis is the process that helps in identification of potential threats that
could affect the success of a business or project.
It includes means to measure, mitigate and control risks effectively.
It is an essential tool when the work involves threats and risks.
7. Methods of Risk Analysis
Two methods
i. Qualitative Approach
ii. Quantitative approach
8. Qualitative Approach
It uses the probability of occurrence and
consequences of occurrence scales
together with a risk mapping matrix to
convert the values to risk levels.
It is the application of methods for
ranking the identified risk according to
their potential effect on project objective.
9. Quantitative Approach
Quantitative risk analysis analyzes numerically the effect a project risk has on a
project objective.
It uses the technique such as expected value, decision tree analysis, payoff
matrices, modeling and simulation.
It determines best management decision when conditions or outcomes are
uncertain.
10. Analysis of major source of Risk
• Insufficient skilled staff
• Inaccurate cost and schedule estimates
• Design errors and omissions
• Change in project scope and requirements
• Inadequately defined roles and responsibilities
• New technology
11. Source of Risk
Insufficient skilled staff
- Manager must ensure sufficient skilled staffs as lack of skilled staff causes
various problems in future,
- It effects project during implementation phase and its effect is inefficiency
Inaccurate cost and schedule estimates
- This source results from ineffective project planning at early stage, if project cost
and schedule are not effectively planned then the project goes in wrong direction,
- Its effects are poor coordination, ineffective use of resources, delay of project and
increased project cost.
12. Source of Risk
Design errors and omissions
- There might be some intentional or unintentional omissions or errors to implement
the project, and due to complexity of project and tight time frame a project team
might misunderstand due to ineffective communication
- Examples: deficiency design document, improperly sized equipment , design
calculation errors.
Change in project scope and requirements
- As project progresses, the scope and requirements may change due to change in
user requirement and technical feasibility,
- Its impacts are inefficiency, disruption, delay and increased cost
13. Source of Risk
Inadequately defined roles and responsibilities
- This source of risk is most common in projects of Nepal because of project
management structure and ambiguous roles and responsibilities
- It causes project inefficiency, disruption and delay.
New technology
- It often plays an important role in project risk analysis , since it might force
project members to change the strategy of project or revise the technology used,
- Its impact in a project is significantly increased project time and cost
14. Risk management
Risk management is an important practice that helps to identify, evaluate, track, and
mitigate the risks present in the business environment. The process involves:
Risk management
planning
Identifying the
risk
Analysis of risk
Prioritization of
risk
Solution
implementation
Risk
monitoring
Qualitative risk
Quantitative risk
15. Risk management planning
It is the process of deciding how to plan and execute risk management activities for a
project.
Objectives:
• Establish basis for evaluating risk
• Ensure risk management effort is proportionate to both risk and importance of
project
• Provide enough resources for risk management activities
16. Risk management Plan(RMP)
It is the document prepared after the risk management planning meeting.
It involves:
Methodology
Roles and responsibility
Timing
Budgeting
Risk categories and risk breakdown structure
Risk probability and impacts
Revised stakeholder’s risk tolerances
Reporting format
Tracking
17. Risk Identification
It is the process of identifying the risk with the involvement of various participants of
project.
The participants can be project team, risk management team, subject matter experts,
customers and users.
It is an iterative process and its objectives are:
To determine the risks that may affect the project
To document their characteristics in Risk Register
18. Risk response planning
Risk response planning addresses the matter of how to deal with risk.
Risk response planning is the process of developing options and determining
actions to enhance opportunities and reduce threats to the project`s objectives.
It includes the identification and assignment of individuals or parties to take
responsibility for each agreed risk response.
Objective of risk response planning
Develop options and determine action to enhance opportunities and minimize
threats to project objectives.
Assign responsibility to individuals or parties for each risk response.
19. Risk response strategies
i. Strategies for negative risk (threats)
ii. Strategies for positive risk (opportunity
20. Strategies for positive risk (opportunity)
a). Exploit the opportunity
Ensure that the risk event happens by eliminating the uncertainty.
Examples;- assign qualified personnel, provide better quality etc.
b). Share the risk
Allocate ownership to a third party who has who has better chance of achieving the
required results.
Examples;- partnerships, joint ventures, rewards etc.
c). Enhance
Improve chances for the event to happen so the opportunity becomes more certain.
Increase the likelihood of occurrence of impact of the event.
d). Accept the risk
Active acceptance;- developing a contingency plan to execute should a risk occur.
Passive acceptance;- it requires no action. The project team will deal with the risk as it
occurs.
21. Strategies for negative risk( threats)
a). Risk avoidance
Process to avoid risk by changing the project plan to eliminate risk.
Examples:- add resources , improve communication, avoid unfamiliar sub-contractor etc.
b). Risk transfer
Transfer the risk to the third party who will carry the risk impact and ownership of the risk
response.
Examples;- transfer or risk liability to sub-contractors, performance bonds, warranties etc.
c). Risk mitigation
Aims at reducing the probability/impact of a risk to within an acceptable threshold .
Examples;- adopting less complex process, adding resource, conducting more engineering
test and inspections etc.
d). Risk acceptance
Acceptance indicates a decision not to make any changes to the project plan to deal with a
risk or that a suitable risk strategy.
22. Risk monitoring and control
Monitoring identified and residual risk, identifying new risks, executing risk
response plan and evaluating their effectiveness throughout project life cycle.
Purpose of risk monitoring
The purpose is to determine if :
Risk response have been implemented as planned.
Risk response actions are as effective as expected.
Project assumptions are still valid.
Risk exposure has changed from its prior state, with analysis of trends.
Proper policies and procedures are followed.
New risks have occurred that were not previously identified.
23. Methods of risk monitoring and control
a). Risk reassessment
Reviews project risk at project team meetings.
Major reviews are made at major milestones.
Risk rating and prioritization may change during the project life cycle.
b). Risk audits
Examine and document the effectiveness of the risk response planning in controlling risk and the
effectiveness of the risk owner.
c). Variance and trend analysis
Used for monitoring overall project cost and schedule performance against baseline plan.
Significant deviations indicates that updated risk identification and analysis should be performed.
d). Reserve analysis
As execution progresses, some risk events may happen with positive or negative impact on cost or schedule
contingency reserves. Reserve analysis compares available reserves with amount of risk remaining at the time
and determines whether reserves are sufficient.
e). Status meeting
Risk management can be addressed regularly by including the subject in project meeting.
24. Benefits of Risk Management
Protects project investments
Early warning
Saves time and money
Decreases the impact of negative events
Achieve project objectives
25. Conclusion
While we can never predict the future with certainty, we can apply risk
management process to predict the uncertainties in the projects and
minimize the impact of these uncertainties.
Risk management not only helps in avoiding crisis situations but also aids in
remembering and learning from past mistakes. This improves the chance of
successful project completion and reduces the consequences of those risks.
Risk management is a constant learning process to be able to constantly
improve our practices to increase our process efficiency.