Академический Документы
Профессиональный Документы
Культура Документы
Introduction
Risk management plays an important part within project management. Inadequate risk
management could have an impact whether the project will succeed or fail. To get an idea of
what risk management is, what it means and how to use it as a tool for success, everybody can
ask himself or herself the question:
What is a risk?
This easy question already shows that risk can be rather difficult to define as expectations are
focused on the future and therefore a lot of uncertainties could come into play. Additionally,
these uncertainties could result in an outcome that is either more positive or more negative than
expected. So it might be better to start with a definition of uncertainties:
Uncertainties = Threats + Opportunities
Project risk is an uncertain event that can have a positiveor a negative impacton the result
If a project risk materializes and has a negative impact on the project, it is called “Threat”
to the project e.g.
Unproven technology impacting project schedule
Loosing critical resource from project.
if an uncertain event has a positive impact on the project, it is called “opportunities”. E.g.
Emergence of new tool to increase productivity
New resource replacing the lost resource is a better one!
P a g e 1 | 15 Collected By Abdifatah Supparka
Not all risks are bad, however most of them are perceived as “Threat” to success
Categories of Risk
The Project Management Institute categorizes risks as follows:
External–unpredictable: Government regulations, natural hazards, and acts of God
External–predictable: Cost of money, borrowing rates, raw material availability .
The external risks are outside of the project manager's control but may affect the direction of the
project.
Internal (nontechnical): Labor stoppages, cash flow problems, safety issues, health and benefit
plans.The internal risks may be within the control of the project manager and present uncertainty
that may affect the project.
Technical: Changes in technology, changes in state of the art, design issues,
operations/maintenance issues. Technical risks relate to the utilization of technology and the
impact it has on the direction of the project.
Legal: Licenses, patent rights, lawsuits, subcontractor performance, contractual failure
To identify risk issues, evaluators should break down program elements to a level where they can
perform valid assessments. The information necessary to do this varies according to the phase of
theprogram. During the early phases, requirement and scope documents, and acquisition plans
may be theonly program-specific data available. They should be evaluated to identify issues that
may have adverse
Consequences.
Project Risk Management
-it refers identification, analysis, assessment, control and avoidance , removal or reduction of
unacceptable risks.
Project Risk Management includes the processes of conducting risk management planning,
identification, analysis, response planning and monitoring and control on a project.
The objectives of Project Risk Management are to increase the probability and impact of
positive events, and decrease the probability and impact of
negative events in the project.
To be successful, an organization should be committed to address risk management proactively
and consistently throughout the project.
Project Risk could exist at the moment a project is initiated. Moving forward on a project
without a proactive focus on risk management is likely to lead to more problems arising from
unmanaged threats.
Risk Management's General Concepts
Project risk is an uncertain event or condition that, if it occurs, has a positive or negative
effect on one or more project objectives such as scope, schedule, cost, & quality.
A risk may have one or more causes and, if it occurs, it may have one or more impacts.
A cause may be a given or potential requirement, assumption, constraint, or condition
that creates the possibility of negative or positive outcomes.
The objectives of project risk management are to increase the likelihood and impact of
positive events, and decrease the likelihood and impact of negative events in the project.
The Project risk has its origins in the uncertainty present in all projects,
-Known risks are those that have been identified and analyzed, making it possible to plan
responses for those risks.
-Risks & Contingency Reserve–Known Risks that cannot be managed proactively, should be
assigned a contingency reserve. [Known –Unknowns]
-Risks & Management Reserve-Unknown Risks cannot be managed proactively and therefore
may be assigned a management reserve. [Unknown –Unknowns]
-An issue-A negative project risk that has occurred is considered an issue.
Effective management of risk helps you to manage innovation and improve performance by
contributing to:
It is important that a risk management strategy is established early in a project and that risk is
continually addressed throughout the project life cycle. Risk management includes several related
actions involving risk: Plan Risks Management, Identify Risks, Perform Qualitative Risk Analysis,
Perform Quantitative Risk Analysis , Plan Risk Responses and monitor &Control Risks
Plan Risk Management:The process of defining how to conduct risk management activities
for a project.
It ensures that the degree, type, and visibility of risk management are commensurate with both
the risks and the importance of the project to the organization.
To ensure support and perform an effective Risk Management Process over the project life cycle
it is vital to obtaining the agreement and support of all stakeholders.
1.The project management plan -Provides baseline or current state of risk-affected areas
including scope, schedule, and cost.
–All approved subsidiary management plans and baselines should be taken into consideration in
order to make the risk management plan consistent with them.
2.Project Charter -Provide various inputs such as high-level risks, high-level project
descriptions, and high-level requirements.
3.Stakeholder Register -Contains all details related to the project’s stakeholders, provides an
overview of their roles.
4.Enterprise Environmental Factors -Include, but are not limited to, risk attitudes, thresholds,
and tolerances that describe the degree of risk that an organization will withstand.
5.Organizational Process Assets -Risk categories, Common definitions of concepts and terms,
Risk statement formats, Standard templates, Roles and responsibilities, Authority levels for
decision making, and Lessons learned.
1. Analytical Techniques -To understand and define the overall risk management context of the
project.
–Risk management context is a combination of stakeholder risk attitudes and the strategic risk
exposure of a given project based on the overall project context. Ex. A stakeholder risk profile
P a g e 5 | 15 Collected By Abdifatah Supparka
analysis may be performed to grade and qualify the project stakeholder risk appetite and
tolerance. Other techniques, such as the use of strategic risk scoring sheets, are used to provide a
high-level assessment of the risk exposure of the project based on the overall project context.
–Depending on these assessments, the project team can allocate appropriate resources and focus
on the risk management activities.
2. Expert Judgment -To ensure a comprehensive establishment of the risk management plan.
Ex. Senior management, Project stakeholders, Subject matter experts (SMEs).
3. Meetings -Project teams hold planning meetings to develop the risk management plan.
–High-level plans for conducting the risk management activities are defined in these meetings.
–Risk management cost elements and schedule activities should be developed for inclusion in the
project budget and schedule, respectively.
–Risk contingency reserve application approaches may be established or reviewed.
–Risk management responsibilities should be assigned.
–General organizational templates for risk categories and definitions of terms such as levels of
risk, probability by type of risk, impact by type of objectives, and the probability and impact
matrix will be tailored to the specific project.
–The outputs of these activities are summarized in the risk management plan.
Risk Management Plan -Describes how risk management activities will be structured and
performed. Includes,
–Methodology -Defines the approaches, tools, and data sources that will be used to perform risk
management on the project.
–Budgeting -Estimates funds needed, based on assigned resources, for inclusion in the cost
baseline and establishes protocols for application of contingency and management reserves.
–Timing -Defines when and how often the risk management processes will be performed
throughout the project life cycle, establishes protocols for application of schedule contingency
reserves, and establishes risk management activities for inclusion in the project schedule.
Identify Risks
The process of determining which risks may affect the project and documenting their characteristics.
P a g e 6 | 15 Collected By Abdifatah Supparka
It provides the knowledge and ability for the project team to anticipate the Risk's events through
documentation.
Identify RisksInputs
9.Activity Duration Estimates -Identifying risks related to the time allowances for the activities
or project as a whole.
10.Stakeholder Register -To ensure that key stakeholders, especially the stakeholder, sponsor,
and customer are interviewed or otherwise participate during the Identify Risks process.
11.Project Documents -Project charter, Project schedule, Schedule network diagrams, Issue log,
Quality checklist...
12.Procurement Documents -The complexity and the level of detail of the procurement
documents should be consistent with the value of, and risks associated with, planned
procurement.
Documentation Reviews -The quality of the plans, as well as consistency between those plans
and the project requirements and assumptions, may be indicators of risk in the project.
2.Information Gathering Techniques -
1.Brainstorming.
-The goal of brainstorming is to obtain a comprehensive list of project risks.
-The project team usually performs brainstorming, often with a multidisciplinary set of experts
who are not part of the team.
-Ideas about project risk are generated under the leadership of a facilitator, either in a traditional
free-form brainstorm session or structured mass interviewing techniques.
-Categories of risk, such as in a risk breakdown structure, can be used as a framework.
-Risks are then identified and categorized by type of risk and their definitions are refined.
2.Delphi technique. A way to reach a consensus of experts.
-Project risk experts participate in this technique anonymously.
-A facilitator uses a questionnaire to solicit ideas about the important project risks.
-The responses are summarized and are then recirculated to the experts for further comment.
-Consensus may be reached in a few rounds of this process.
-The Delphi technique helps reduce bias in the dataand keeps any one person from
havingundue influence on the outcome.
3.Checklist Analysis
–Risk identification checklists are developed based on historical information and knowledge that
has been accumulated from previous similar projects and from other sources of information.
–The lowest level of the RBS can also be used as a risk checklist.
–Care should be taken to ensure the checklist is not used to avoid the effort of proper risk
identification.
–The checklist should be reviewed during project closure to incorporate new lessons learned and
improve it for use on future projects.
4.SWOT Analysis -This technique examines the project from each of the strengths, weaknesses,
opportunities, and threats (SWOT) perspectives to increase the breadth of identified risks by
including internally generated risks.
Identify RisksOutputs
P a g e 8 | 15 Collected By Abdifatah Supparka
1.Risk Register -
The preparation of the risk register begins in the Identify Risks process with the following
information, and then becomes available to other project management and risk management
processes:
2.List of identified risks.
1.The identified risks are described in as much detail as is reasonable.
2.In addition to the list of identified risks, the root causes of those risks may become more
evident.
3.List of potential responses.
-Potential responses to a risk may sometimes be identified during the Identify Risks process.
These responses, if identified in this process, should be used as inputs to the Plan Risk Responses
process.
1.Risk Data Quality Assessment -Is a technique to evaluate the degree to which the data about
risks is useful for risk management.
2.Risk Categorization -Risks to the project can be categorized by,
1.Sources of risk (e.g., Using the RBS),
In some qualitative analyses, the assessment of risk urgency is combined with the risk ranking
that is determined from the probability and impact matrix to give a final risk severity rating.
4.Expert Judgment.
It produces quantitative risk information to support decision making in order to reduce project
uncertainty.
1.Interviewing techniques -Draw on experience and historical data to quantify the probability
and impact of risks on project objectives. Ex. Three-point estimates (PERT)
2.Probability distributions -Continuous probability distributions -Used extensively in
modeling and simulation, represent the uncertainty in values such as durations of schedule
activities and costs of project components. It can be used to represent uncertain events, such as
the outcome of a test or a possible scenario in a decision tree.
2.Quantitative Risk Analysis and Modeling Techniques -Use both event-oriented and project-
oriented analysis approaches, including:
I. Sensitivity analysis -Sensitivity analysis helps to determine which risks have the most
potential impact on the project.
3.Expert Judgment -The ideally using experts with relevant, recent experience is required to
identify potential cost and schedule impacts, to evaluate probability, and to define inputs such as
probability distributions into the tools.
-Expert judgment also comes into play in the interpretation of the data and identify the
weaknesses of the tools as well as their strengths.
Perform Quantitative Risk AnalysisOutputs
II. Probability of achieving cost and time objectives. Ex. The likelihood of achieving
the cost estimate of US$41 million is about 12%.
P a g e 11 | 15 Collected By Abdifatah Supparka
III. Prioritized list of quantified risks-This list includes those risks that pose the greatest
threat or present the greatest opportunity to the project.
Plan Risk Responses
The process of developing options and actions to enhance opportunities &to reduce threats to
project objectives.
It addresses the risks by their priority, inserting resources and activities into the budget, schedule
and project management plan as needed.
It follows the Perform Quantitative Risk Analysis process (if used).
The risk manager should establish standard routines for monitoring and control to ensure that all
identified actions are mitigated with regards to action responsibility and deadline.
One of the most common approaches to monitoring risks is the use of a risk register
External–unpredictable
External–predictable
Internal (nontechnical)
Technical
Legal
Risk management:it refers identification, analysis, assessment, control and avoidance , removal
or reduction of unacceptable risks.
Risk management process
•Risk management Planning
The process of deciding how to conduct risk management activities for a project. ( Methodology,
Roles and Responsibilities, Budgeting, Timing, Scoring , Reporting and Tracking)
•Risk identification
The process of determining which risks may affect the project and documenting their
characteristics. (Stakeholder, The format of the risk statements)
•Qualitative Risk Analysis
The process of prioritizing risks for further analyses or action by assessing and combining their
Probability of occurrence and impact.
Quantitative Risk Analysis
The process of numerically analyzingthe effect of identified risks on overall project objective.
•Risk response planning
The process of developing options and actions to enhance opportunities and reduce threats to
project objectives.
The process of implementing risk response plans, tracking identified risk, monitoring residual
risks, identifying new risks, revaluating risk process effectiveness throughout the project.
References:
INTRODUCTION TO PROJECT MANAGEMENT Virtual University of Pakistan
Project managementBookboon.com
P a g e 14 | 15 Collected By Abdifatah Supparka
Project Risk Management Pankaj Sharma - Mobile No -919810996356
***************thanks ****************”