In finance, a 

portfolio is an appropriate mix or collection of investments held by an institution or an

individual.

Holding a portfolio is a part of an investment and risk-limiting strategy called diversification. By owning

several assets, certain types of risk (in particular specific risk) can be reduced. The assets in the
portfolio could include Bank accounts; stocks, bonds, options, warrants, gold certificates, real
estate, futures contracts, production facilities, or any other item that is expected to retain its value.

In building up an investment portfolio a financial institution will typically conduct its own investment
analysis, whilst a private individual may make use of the services of a financial advisor or a financial
institution which offers portfolio management services.

Management
Portfolio management involves deciding what assets to include in the portfolio, given the goals of
the portfolio owner and changing economic conditions. Selection involves deciding what assets to
purchase, how many to purchase, when to purchase them, and what assets to divest. These
decisions always involve some sort of performance measurement, most typically expected return on
the portfolio, and the risk associated with this return (i.e. the standard deviation of the return).
Typically the expected return from portfolios of different asset bundles are compared.

The unique goals and circumstances of the investor must also be considered. Some investors are
more risk averse than others.

Mutual funds have developed particular techniques to optimize their portfolio holdings. See fund
management for details.

[edit]Portfolio formation
Many strategies have been developed to form a portfolio.

 equally-weighted portfolio
 capitalization-weighted portfolio
 price-weighted portfolio
 optimal portfolio (for which the Sharpe ratio is highest)
[edit]Models

Some of the financial models used in the process of Valuation, stock selection, and management of
portfolios include:

 Maximizing return, given an acceptable level of risk

 Modern portfolio theory—a model proposed by Harry Markowitz among others
 The single-index model of portfolio variance
 Capital asset pricing model
 Arbitrage pricing theory
 The Jensen Index
 The Treynor Index
 The Sharpe Diagonal (or Index) model
 Value at risk model
[edit]Returns

There are many different methods for calculating portfolio returns. A traditional method has been
using quarterly or monthly money-weighted returns. A money-weighted return calculated over a period
such as a month or a quarter assumes that the rate of return over that period is constant. As portfolio
returns actually fluctuate daily, money-weighted returns may only provide an approximation to a
portfolio’s actual return. These errors happen because of cashflows during the measurement period.
The size of the errors depends on three variables: the size of the cashflows, the timing of the
cashflows within the measurement period, and the volatility of the portfolio [1].

A more accurate method for calculating portfolio returns is to use the true time-weighted method. This
entails revaluing the portfolio on every date where a cashflow takes place (perhaps even every day),
and then compounding together the daily returns.

[edit]Attribution

Performance Attribution explains the active performance (i.e. the benchmark-relative performance) of

a portfolio. For example, a particular portfolio might be benchmarked against the S&P 500 index. If the
benchmark return over some period was 5%, and the portfolio return was 8%, this would leave an
active return of 3% to be explained. This 3% active return represents the component of the portfolio's
return that was generated by the investment manager (rather than by the benchmark).

There are different models for performance attribution, corresponding to different investment
processes. For example, one simple model explains the active return in "bottom-up" terms, as the
result of stock selection only. On the other hand, sector attribution explains the active return in terms
of both sector bets (for example, an overweight position in Materials, and an underweight position in
Financials), and also stock selection within each sector (for example, choosing to hold more of the
portfolio in one bank than another).

An altogether different paradigm for performance attribution is based on using factor models, such as
the Fama-French three-factor model.
Portfolio manager

A ' team of analysts and researchers, and are ultimately responsible for establishing an
investment strategy, selecting appropriate investments and allocating each investment properly for
a fund- or asset-management vehicle.

Portfolio managers are presented with investment ideas from internal buy-side analysts and sell-side
analysts from investment banks. It is their job to sift through the relevant information and use their
judgment to buy and sell securities. Throughout each day, they read reports, talk to company
managers and monitor industry and economic trends looking for the right company and time to invest
the portfolio's capital.

Portfolio managers make decisions about investment mix and policy, matching investments to
objectives, asset allocation for individuals and institutions, and balancing risk against. performance.

Portfolio management is about strengths, weaknesses, opportunities and threats in the choice of debt
vs. equity, domestic vs. international, growth vs. safety, and other tradeoffs encountered in the
attempt to maximize return at a given appetite for risk.

In the case of mutual and exchange-traded funds (ETFs), there are two forms of portfolio
management: passive and active. Passive management simply tracks a market index, commonly
referred to as indexing or index investing. Active management involves a single manager, co-
managers, or a team of managers who attempt to beat the market return by actively managing a
fund's portfolio through investment decisions based on research and decisions on individual
holdings. Closed-end funds are generally actively managed.

That's what warren buffet says about investing in the market..."The basic ideas of investing are to look
at stocks as business, use the market's fluctuations to your advantage, and seek a margin of
safety"....

Portfolio Management
The act or practice of making investment decisions in order to make the largest possible return.
Portfolio management takes two basic forms: active and passive. Active management involves using
technical, fundamental, or some other analysis to make trades on a fairly regular basis. For example,
one may sell stock A in order to buy stock B. Then, a few days or weeks later, one may sell stock B to
buy bond C. Passive management, on the other hand, involves buying an index, an exchange-traded
fund, or some other investment vehicle with securities the investor does not directly choose. For
example, one may buy an exchange-traded fund that holds all the stocks on the S&P 500. See
also: Asset management, Investment adviser.
Portfolio Management is used to select a portfolio of new product development projects to achieve th
following goals:

 Maximize the profitability or value of the portfolio

 Provide balance
 Support the strategy of the enterprise

Portfolio Management is the responsibility of the senior management team of an organization or

business unit. This team, which might be called the Product Committee, meets regularly to manage
the product pipeline and make decisions about the product portfolio. Often, this is the same group that
conducts the stage-gate reviews in the organization.

A logical starting point is to create a product strategy - markets, customers, products, strategy
approach, competitive emphasis, etc. The second step is to understand the budget or resources
available to balance the portfolio against. Third, each project must be assessed for profitability
(rewards), investment requirements (resources), risks, and other appropriate factors.

The weighting of the goals in making decisions about products varies from company. But
organizations must balance these goals: risk vs. profitability, new products vs. improvements, strategy
fit vs. reward, market vs. product line, long-term vs. short-term. Several types of techniques have
been used to support the portfolio management process:

 Heuristic models
 Scoring techniques
 Visual or mapping techniques

The earliest Portfolio Management techniques optimized projects' profitability or financial returns
using heuristic or mathematical models. However, this approach paid little attention to balance or
aligning the portfolio to the organization's strategy. Scoring techniques weight and score criteria to
take into account investment requirements, profitability, risk and strategic alignment. The shortcoming
with this approach can be an over emphasis on financial measures and an inability to optimize the mix
of projects. Mapping techniques use graphical presentation to visualize a portfolio's balance. These
are typically presented in the form of a two-dimensional graph that shows the trade-off's or balance
between two factors such as risks vs. profitability, marketplace fit vs. product line coverage, financial
return vs. probability of success, etc.
The chart shown above provides a graphical view of the project portfolio risk-reward balance. It is
used to assure balance in the portfolio of projects - neither too risky or conservative and appropriate
levels of reward for the risk involved. The horizontal axis is Net Present Value, the vertical axis is
Probability of Success. The size of the bubble is proportional to the total revenue generated over the
lifetime sales of the product.

While this visual presentation is useful, it can't prioritize projects. Therefore, some mix of these
techniques is appropriate to support the Portfolio Management Process. This mix is often dependent
upon the priority of the goals.

Our recommended approach is to start with the overall business plan that should define the planned
level of R&:D investment, resources (e.g., headcount, etc.), and related sales expected from new
products. With multiple business units, product lines or types of development, we recommend a
strategic allocation process based on the business plan. This strategic allocation should apportion the
planned R&D investment into business units, product lines, markets, geographic areas, etc. It may
also breakdown the R&D investment into types of development, e.g., technology development,
platform development, new products, and upgrades/enhancements/line extensions, etc.

Once this is done, then a portfolio listing can be developed including the relevant portfolio data. We
favor use of the development productivity index (DPI) or scores from the scoring method. The
development productivity index is calculated as follows: (Net Present Value x Probability of Success) /
Development Cost Remaining. It factors the NPV by the probability of both technical and commercial
success. By dividing this result by the development cost remaining, it places more weight on projects
nearer completion and with lower uncommitted costs. The scoring method uses a set of criertia
(potentially different for each stage of the project) as a basis for scoring or evaluating each project. An
example of this scoring method is shown with the worksheet below.
Weighting factors can be set for each criteria. The evaluators on a Product Committee score projects
(1 to 10, where 10 is best). The worksheet computes the average scores and applies the weighting
factors to compute the overall score. The maximum weighted score for a project is 100.

This portfolio list can then be ranked by either the development priority index or the score. An
example of the portfolio list is shown below and the second illustration shows the category summary
for the scoring method.
Once the organization has its prioritized list of projects, it then needs to determine where the cutoff is
based on the business plan and the planned level of investment of the resources avaialable. This
subset of the high priority projects then needs to be further analyzed and checked. The first step is to
check that the prioritized list reflects the planned breakdown of projects based on the strategic
allocation of the business plan. Pie charts such as the one below can be used for this purpose.
Other factors can also be checked using bubble charts. For example, the risk-reward balance is
commonly checked using the bubble chart shown earlier. A final check is to analyze product and
technology roadmaps for project relationships. For example, if a lower priority platform project was
omitted from the protfolio priority list, the subsequent higher priority projects that depend on that
platform or platform technology would be impossible to execute unless that platform project were
included in the portfolio priority list. An example of a roadmap is shown below.

This overall portfolio management process is shown in the following diagram.

Finally, this balanced portfolio that has been developed is checked against the business plan as
shown below to see if the plan goals have been achieved - projects within the planned R&D
investment and resource levels and sales that have met the goals.
With the significant investments required to develop new products and the risks involved, Portfolio
Management is becoming an increasingly important tool to make strategic decisions about product
development and the investment of company resources. In many companies, current year revenues
are increasingly based on new products developed in the last one to three years. Therefore, these
portfolio decisions are the basis of a company's profitability and even its continued existence over the
next several years.

Portfolio Management may refer to:

 Investment management, handled by a portfolio manager

 IT portfolio management
 Project management
 Project portfolio management
Investment management is the professional management of various securities (shares, bonds and
other securities) and assets (e.g., real estate) in order to meet specified investment goals for the
benefit of the investors. Investors may be institutions (insurance companies, pension funds,
corporations etc.) or private investors (both directly via investment contracts and more commonly
via collective investment schemes e.g. mutual funds or exchange-traded funds).

The term asset management is often used to refer to the investment management of collective
investments, (not necessarily) while the more generic fund management may refer to all forms of
institutional investment as well as investment management for private investors. Investment
managers who specialize in advisory or discretionary management on behalf of (normally wealthy)
private investors may often refer to their services as wealth management or portfolio management
often within the context of so-called "private banking".

The provision of 'investment management services' includes elements of financial statement analysis,
asset selection, stock selection, plan implementation and ongoing monitoring of investments.
Investment management is a large and important global industry in its own right responsible for
caretaking of trillions of yuan, dollars, euro, pounds and yen. Coming under the remit of financial
services many of the world's largest companies are at least in part investment managers and employ
millions of staff and create billions in revenue.

Fund manager (or investment adviser in the United States) refers to both a firm that provides
investment management services and an individual who directs fund management decisions.

Industry scope
The business of investment management has several facets, including the employment of
professional fund managers, research (of individual assets and asset classes), dealing, settlement,
marketing, internal auditing, and the preparation of reports for clients. The largest financial fund
managers are firms that exhibit all the complexity their size demands. Apart from the people who bring
in the money (marketers) and the people who direct investment (the fund managers), there are
compliance staff (to ensure accord with legislative and regulatory constraints), internal auditors of
various kinds (to examine internal systems and controls), financial controllers (to account for the
institutions' own money and costs), computer experts, and "back office" employees (to track and
record transactions and fund valuations for up to thousands of clients per institution).

[edit]Key problems of running such businesses

Key problems include:

 revenue is directly linked to market valuations, so a major fall in asset prices causes a
precipitous decline in revenues relative to costs;
 above-average fund performance is difficult to sustain, and clients may not be patient during
times of poor performance;
 successful fund managers are expensive and may be headhunted by competitors;
 above-average fund performance appears to be dependent on the unique skills of the fund
manager; however, clients are loath to stake their investments on the ability of a few individuals-
they would rather see firm-wide success, attributable to a single philosophy and internal
discipline;
 analysts who generate above-average returns often become sufficiently wealthy that they
avoid corporate employment in favor of managing their personal portfolios.
[edit]Representing the owners of shares
Institutions often control huge shareholdings. In most cases they are acting as fiduciary agents rather
than principals (direct owners). The owners of shares theoretically have great power to alter the
companies they own via the voting rights the shares carry and the consequent ability to pressure
managements, and if necessary out-vote them at annual and other meetings.

In practice, the ultimate owners of shares often do not exercise the power they collectively hold
(because the owners are many, each with small holdings); financial institutions (as agents) sometimes
do. There is a general belief that shareholders - in this case, the institutions acting as agents—could
and should exercise more active influence over the companies in which they hold shares (e.g., to hold
managers to account, to ensure Boards effective functioning). Such action would add a pressure
group to those (the regulators and the Board) overseeing management.

However there is the problem of how the institution should exercise this power. One way is for the
institution to decide, the other is for the institution to poll its beneficiaries. Assuming that the institution
polls, should it then: (i) Vote the entire holding as directed by the majority of votes cast? (ii) Split the
vote (where this is allowed) according to the proportions of the vote? (iii) Or respect the abstainers
and only vote the respondents' holdings?

The price signals generated by large active managers holding or not holding the stock may contribute
to management change. For example, this is the case when a large active manager sells his position
in a company, leading to (possibly) a decline in the stock price, but more importantly a loss of
confidence by the markets in the management of the company, thus precipitating changes in the
management team.

Some institutions have been more vocal and active in pursuing such matters; for instance, some firms
believe that there are investment advantages to accumulating substantial minority shareholdings (i.e.
10% or more) and putting pressure on management to implement significant changes in the business.
In some cases, institutions with minority holdings work together to force management change.
Perhaps more frequent is the sustained pressure that large institutions bring to bear on management
teams through persuasive discourse and PR. On the other hand, some of the largest investment
managers—such as BlackRock and Vanguard—advocate simply owning every company, reducing
the incentive to influence management teams. A reason for this last strategy is that the investment
manager prefers a closer, more open and honest relationship with a company's management team
than would exist if they exercised control; allowing them to make a better investment decision.

The national context in which shareholder representation considerations are set is variable and
important. The USA is a litigious society and shareholders use the law as a lever to pressure
management teams. In Japan it is traditional for shareholders to be low in the 'pecking order,' which
often allows management and labor to ignore the rights of the ultimate owners. Whereas US firms
generally cater to shareholders, Japanese businesses generally exhibit a stakeholder mentality, in
which they seek consensus amongst all interested parties (against a background of strong unions and
labour legislation).

[edit]Size of the global fund management industry

Conventional assets under management of the global fund management industry fell 19% in 2008, to
$61.6 trillion. Pension assets accounted for $24.0 trillion of the total, with $18.9 trillion invested in
mutual funds and $18.7 trillion in insurance funds. Together with alternative assets (sovereign wealth
funds, hedge funds, private equity funds and exchange traded funds) and funds of wealthy individuals,
assets of the global fund management industry totalled around $90 trillion at the end of 2008, a fall of
17% on the previous year. The decline in 2008 followed five successive years of growth during which
assets under management more than doubled. Falls on equity markets, poor investment performance,
reduced inflow of new funds, and investor redemptions, all contributed to the fall in assets in 2008.
The decline reported in US dollars was also exacerbated by the strengthening of the US dollar during
the particular year.

The US remained by far the biggest source of funds, accounting for over a half of conventional assets
under management in 2008 or over $30 trillion. The UK was the second largest centre in the world
and by far the largest in Europe with around 9% of the global total. [1]

[edit]Philosophy, process and people

The 3-P's (Philosophy, Process and People) are often used to describe the reasons why the manager
is able to produce above average results.

 Philosophy refers to the over-arching beliefs of the investment organization. For example: (i)
Does the manager buy growth or value shares (and why)? (ii) Do they believe in market timing
(and on what evidence)? (iii) Do they rely on external research or do they employ a team of
researchers? It is helpful if any and all of such fundamental beliefs are supported by proof-
statements.
 Process refers to the way in which the overall philosophy is implemented. For example: (i)
Which universe of assets is explored before particular assets are chosen as suitable
investments? (ii) How does the manager decide what to buy and when? (iii) How does the
 manager decide what to sell and when? (iv) Who takes the decisions and are they taken by
committee? (v) What controls are in place to ensure that a rogue fund (one very different from
others and from what is intended) cannot arise?
 People refers to the staff, especially the fund managers. The questions are, Who are they?
How are they selected? How old are they? Who reports to whom? How deep is the team (and do
all the members understand the philosophy and process they are supposed to be using)? And
most important of all, How long has the team been working together? This last question is vital
because whatever performance record was presented at the outset of the relationship with the
client may or may not relate to (have been produced by) a team that is still in place. If the team
has changed greatly (high staff turnover or changes to the team), then arguably the performance
record is completely unrelated to the existing team (of fund managers).
[edit]Investment managers and portfolio structures
At the heart of the investment management industry are the managers who invest and divest client
investments.

A certified company investment advisor should conduct an assessment of each client's individual
needs and risk profile. The advisor then recommends appropriate investments.

[edit]Asset allocation
The different asset class definitions are widely debated, but four common divisions
are stocks, bonds, real-estate and commodities. The exercise of allocating funds among these assets
(and among individual securities within each asset class) is what investment management firms are
paid for. Asset classes exhibit different market dynamics, and different interaction effects; thus, the
allocation of money among asset classes will have a significant effect on the performance of the fund.
Some research suggests that allocation among asset classes has more predictive power than the
choice of individual holdings in determining portfolio return. Arguably, the skill of a successful
investment manager resides in constructing the asset allocation, and separately the individual
holdings, so as to outperform certain benchmarks (e.g., the peer group of competing funds, bond and
stock indices)...

[edit]Long-term returns
It is important to look at the evidence on the long-term returns to different assets, and to holding
period returns (the returns that accrue on average over different lengths of investment). For example,
over very long holding periods (eg. 10+ years) in most countries, equities have generated higher
returns than bonds, and bonds have generated higher returns than cash. According to financial
theory, this is because equities are riskier (more volatile) than bonds which are themselves more risky
than cash.

[edit]Diversification
Against the background of the asset allocation, fund managers consider the degree
of diversification that makes sense for a given client (given its risk preferences) and construct a list of
planned holdings accordingly. The list will indicate what percentage of the fund should be invested in
each particular stock or bond. The theory of portfolio diversification was originated by Markowitz (and
many others) and effective diversification requires management of the correlation between the asset
returns and the liability returns, issues internal to the portfolio (individual holdings volatility), and cross-
correlations between the returns.

[edit]Investment styles
There are a range of different styles of fund management that the institution can implement. For
example, growth, value, market neutral, small capitalisation, indexed, etc. Each of these approaches
has its distinctive features, adherents and, in any particular financial environment, distinctive risk
characteristics. For example, there is evidence that growth styles (buying rapidly growing earnings)
are especially effective when the companies able to generate such growth are scarce; conversely,
when such growth is plentiful, then there is evidence that value styles tend to outperform the indices
particularly successfully.

[edit]Performance measurement
Fund performance is the acid test of fund management, and in the institutional context accurate
measurement is a necessity. For that purpose, institutions measure the performance of each fund
(and usually for internal purposes components of each fund) under their management, and
performance is also measured by external firms that specialize in performance measurement. The
leading performance measurement firms (e.g. Frank Russell in the USA or BI-SAM [1] in Europe)
compile aggregate industry data, e.g., showing how funds in general performed against given indices
and peer groups over various time periods.

In a typical case (let us say an equity fund), then the calculation would be made (as far as the client is
concerned) every quarter and would show a percentage change compared with the prior quarter (e.g.,
+4.6% total return in US dollars). This figure would be compared with other similar funds managed
within the institution (for purposes of monitoring internal controls), with performance data for peer
group funds, and with relevant indices (where available) or tailor-made performance benchmarks
where appropriate. The specialist performance measurement firms calculate quartile and decile data
and close attention would be paid to the (percentile) ranking of any fund.

Generally speaking, it is probably appropriate for an investment firm to persuade its clients to assess
performance over longer periods (e.g., 3 to 5 years) to smooth out very short term fluctuations in
performance and the influence of the business cycle. This can be difficult however and, industry wide,
there is a serious preoccupation with short-term numbers and the effect on the relationship with
clients (and resultant business risks for the institutions).
An enduring problem is whether to measure before-tax or after-tax performance. After-tax
measurement represents the benefit to the investor, but investors' tax positions may vary. Before-tax
measurement can be misleading, especially in regimens that tax realised capital gains (and not
unrealised). It is thus possible that successful active managers (measured before tax) may produce
miserable after-tax results. One possible solution is to report the after-tax position of some standard
taxpayer.

[edit]Risk-adjusted performance measurement

Performance measurement should not be reduced to the evaluation of fund returns alone, but must
also integrate other fund elements that would be of interest to investors, such as the measure of risk
taken. Several other aspects are also part of performance measurement: evaluating if managers have
succeeded in reaching their objective, i.e. if their return was sufficiently high to reward the risks taken;
how they compare to their peers; and finally whether the portfolio management results were due to
luck or the manager’s skill. The need to answer all these questions has led to the development of
more sophisticated performance measures, many of which originate in modern portfolio theory.

Modern portfolio theory established the quantitative link that exists between portfolio risk and return.
The Capital Asset Pricing Model (CAPM) developed by Sharpe (1964) highlighted the notion of
rewarding risk and produced the first performance indicators, be they risk-adjusted ratios (Sharpe
ratio, information ratio) or differential returns compared to benchmarks (alphas). The Sharpe ratio is
the simplest and best known performance measure. It measures the return of a portfolio in excess of
the risk-free rate, compared to the total risk of the portfolio. This measure is said to be absolute, as it
does not refer to any benchmark, avoiding drawbacks related to a poor choice of benchmark.
Meanwhile, it does not allow the separation of the performance of the market in which the portfolio is
invested from that of the manager. The information ratio is a more general form of the Sharpe ratio in
which the risk-free asset is replaced by a benchmark portfolio. This measure is relative, as it
evaluates portfolio performance in reference to a benchmark, making the result strongly dependent on
this benchmark choice.

Portfolio alpha is obtained by measuring the difference between the return of the portfolio and that of
a benchmark portfolio. This measure appears to be the only reliable performance measure to evaluate
active management. In fact, we have to distinguish between normal returns, provided by the fair
reward for portfolio exposure to different risks, and obtained through passive management, from
abnormal performance (or outperformance) due to the manager’s skill, whether through market timing
or stock picking. The first component is related to allocation and style investment choices, which may
not be under the sole control of the manager, and depends on the economic context, while the second
component is an evaluation of the success of the manager’s decisions. Only the latter, measured by
alpha, allows the evaluation of the manager’s true performance.

Portfolio normal return may be evaluated using factor models. The first model, proposed by Jensen
(1968), relies on the CAPM and explains portfolio normal returns with the market index as the only
factor. It quickly becomes clear, however, that one factor is not enough to explain the returns and that
other factors have to be considered. Multi-factor models were developed as an alternative to
the CAPM, allowing a better description of portfolio risks and an accurate evaluation of managers’
performance. For example, Fama and French (1993) have highlighted two important factors that
characterise a company's risk in addition to market risk. These factors are the book-to-market ratio
and the company's size as measured by its market capitalisation. Fama and French therefore
proposed three-factor model to describe portfolio normal returns (Fama-French three-factor model).
Carhart (1997) proposed to add momentum as a fourth factor to allow the persistence of the returns to
be taken into account. Also of interest for performance measurement is Sharpe’s (1992) style analysis
model, in which factors are style indices. This model allows a custom benchmark for each portfolio to
be developed, using the linear combination of style indices that best replicate portfolio style allocation,
and leads to an accurate evaluation of portfolio alpha.

[edit]Education or certification
Increasingly, international business schools are incorporating the subject into their course outlines
and some have formulated the title of 'Investment Management' or 'Asset Management' conferred as
specialist bachelors degrees (e.g. Cass Business School, London). Due to global cross-recognition
agreements with the 2 major accrediting agencies AACSB and ACBSPwhich accredit over 560 of the
best business school programs, the Certification of MFP Master Financial Planner Professional from
the American Academy of Financial Management is available to AACSB and ACBSP business school
graduates with finance or financial services-related concentrations. For people with aspirations to
become an investment manager, further education may be needed beyond a bachelors in business,
finance, or economics. A graduate degree or an investment qualification such as the Chartered
Financial Analystdesignation (CFA) or the Certified Financial Markets Practitioner (CFMP) Exam by
the Management Laboratory may help in having a career in investment management. [citation needed]

There is no evidence that any particular qualification enhances the most desirable characteristic of an
investment manager, that is the ability to select investments that result in an above average (risk
weighted) long-term performance[citation needed]. The industry has a tradition of seeking out, employing
and generously rewarding such people without reference to any formal qualifications [citation needed].

IT portfolio management is the application of systematic management to large classes of items

managed by enterprise Information Technology (IT) capabilities. Examples of IT portfolios would be
planned initiatives, projects, and ongoing IT services (such as application support). The promise of IT
portfolio management is the quantification of previously mysterious IT efforts, enabling measurement
and objective evaluation of investment scenarios.
Overview
Debates exist on the best way to measure value of IT investment. As pointed out by Jeffery and
Leliveld (2004) [1], companies have spent billions of dollars on IT investments and yet the headlines of
mis-spent money are not uncommon. Nicholas Carr (2003) has caused significant controversy in IT
industry and academia by positioning IT as an expense similar to utilities such as electricity.

IT portfolio management started with a project-centric bias, but is evolving to include steady-state
portfolio entries such as application maintenance and support in portfolios is that IT budgets tend not
to track these efforts at a sufficient level of granularity for effective financial tracking. [2]

The concept is analogous to financial portfolio management, but there are significant differences. IT
investments are not liquid, like stocks and bonds (although investment portfolios may also include
illiquid assets), and are measured using both financial and non-financial yardsticks (for example,
a balanced scorecard approach); a purely financial view is not sufficient.

Financial portfolio assets typically have consistent measurement information (enabling accurate and
objective comparisons), and this is at the base of the concept’s usefulness in application to IT.
However, achieving such universality of measurement is going to take considerable effort in the IT
industry. (See Val IT.)

IT Portfolio management is distinct from IT financial management in that it has an explicitly directive,
strategic goal in determining what to continue investing in versus what to divest from.

At its most mature, IT Portfolio management is accomplished through the creation of Three portfolios:

 Application Portfolio - Management of this portfolio focuses on comparing spending on

established systems based upon their relative value to the organization. The comparison can be
based upon the level of contribution in terms of IT investment’s profitability. Additionally, this
comparison can also be based upon the non-tangible factors such as organizations’ level of
experience with a certain technology, users’ familiarity with the applications and infrastructure,
and external forces such as emergence of new technologies and obsolescence of old ones.
 Infrastructure Portfolio - This For an organization's information technology, infrastructure
management (IM) is the management of essential operation components, such as policies,
processes, equipment, data, human resources, and external contacts, for overall effectiveness.
Infrastructure management is sometimes divided into categories of systems management,
network management, and storage management. The ability of organizations to exploit IT
infrastructure, operations and management sourcing/service solutions not only depends on the
availability, cost and effectiveness of applications and services, but also with coming to terms with
solution providers, and managing the entire sourcing process. In the rush to reduce costs,
increase IT quality and increase competitiveness by way of selective IT sourcing and services,
many organizations do not consider the management side of the equation. The predictable result
of this neglect is overpayment, cost overruns, unmet expectations and outright failure.
 Project Portfolio - This type of portfolio management specially address the issues with
spending on the development of innovative capabilities in terms of potential ROI and reducing
investment overlaps in situations where reorganization or acquisition occurs. The management
 issues with the second type of portfolio management can be judged in terms of data cleanliness,
maintenance savings, suitability of resulting solution and the relative value of new investments to
replace these projects.

Information Technology portfolio management as a systematic discipline is more applicable to larger

IT organizations; in smaller organizations its concerns might be generalized into IT planning and
governance as a whole.

[edit]Benefits of using IT portfolio management

Jeffery and Leliveld (2004) have listed several benefits of applying IT portfolio management approach
for IT investments. They argue that agility of portfolio management is its biggest advantage over
investment approaches and methods. Other benefits include central oversight of budget, risk
management, strategic alignment of IT investments, demand and investment management along with
standardization of investment procedure, rules and plans.

[edit]Implementing IT portfolio management

Jeffery and Leliveld (2004) have pointed out a number of hurdles and success factors that CIOs might
face while attempting to implement IT portfolio management approach. To overcome these hurdles,
simple methods such as proposed by Pisello (2001) can be used.

-Plan-
- -
- -
build retire
- -
- -
Maintain

Other implementation methods include (1) risk profile analysis (figure out what needs to be
measured and what risks are associated with it), (2) Decide on the Diversification of projects,
infrastructure and technologies (it is an important tool that IT portfolio management provides to judge
the level of investments on the basis of how investments should be made in various elements of the
portfolio), (3) Continuous Alignment with business goals (highest levels of organizations should
have a buy-in in the portfolio) and (4) Continuous Improvement (lessons learned and investment
adjustments).

Maizlash and Handler (2007)[3] provide a proven step-by-step methodology for applying IT portfolio
management that has eight stages. In today's past-paced world, waterfall approaches to delivering
anything are proving to less and less effective. Nonetheless, the eight stages are:

1. Developing an IT portfolio management game plan

2. Planning the IT portfolio
 3. Creating the IT portfolio
4. Assessing the IT portfolio
5. Balancing the IT portfolio
6. Communicating the IT portfolio
7. Developing and evolving IT portfolio governance and organization
8. Assessing IT portfolio management process execution

There is no single best way to implement IT portfolio approach and therefore variety of approaches
can applied. Obviously the methods are not set in stone and will need altering depending upon the
individual circumstances of different organizations.

[edit]IT portfolio management vs. balanced scorecard

The biggest advantage of IT portfolio management is the agility of the investment adjustments. While
balanced scorecards also emphasize the use of vision and strategy in any investment decision,
oversight and control of operation budgets is not the goal. IT portfolio management allows
organizations to adjust the investments based upon the feedback mechanism built into the IT portfolio
management.

[edit]History

The first mention of the portfolio concept as related to IT was from Richard Nolan in 1973:
“investments in developing computer applications can be thought of as a portfolio of computer
applications.” [4]

Further mention is found in Gibson and Nolan's Managing the Four Stages of EDP Growth in 1973 [5].
Gibson and Nolan proposed that IT advances in observable stages driven by four "growth processes"
of which the Applications Portfolio was key. Their concepts were operationalized at Nolan, Norton &
Co. with measures of application coverage of business functions, applications functional and technical
qualities, applications age and spending.

McFarlan [6] proposed a different portfolio management approach to IT assets and investments.

Further contributions have been made by Weill and Broadbent, [7], Aitken,[8] Kaplan, [2]and Benson,
Bugnitz, and Walton[9]. The ITIL version 2 Business Perspective[10] and Application
Management[11] volumes and the ITIL v3 Service Strategy volume also cover it in depth.

Various vendors have offerings explicitly branded as "IT Portfolio Management" solutions.

ISACA's Val IT framework is perhaps the first attempt at standardization of IT portfolio management

principles.

In peer-reviewed research, Christopher Verhoef has found that IT portfolios statistically behave more
akin to biological populations than financial portfolios. [12] Verhoef was general chair of the first
convening of the new IEEE conference, "IEEE Equity," March 2007, which focuses on "quantitative
methods for measuring, predicting, and understanding the relationship between IT and value."[1]

[edit]McFarlan's IT portfolio matrix

High
^
|----------------------------------------------------------
-----|
|strategic | Turnaround |
Impact |----------------------------------------------------------
-----|
of IS/IT |Critical to achieving |May be critical to
|
applications |future business strategy. |achieving future |
on future | (Developer) |business success |
industry | | (Entrepreneur) |
competitiveness |Central Planning | |
| |Leading Edge/Free Market |
|----------------------------------------------------------
-----|
|Critical to existing business |Valuable but not
critical |
|operations |to success |
| (Controller) | (Caretaker) |
| | |
|Monopoly | Scarce Resource |
|_______________________________ |
_______________________________|
|Factory | Support
|
|
<---------------------------------------------------------------Low
High

Value to the business of existing applications.

Project management is the discipline of planning, organizing, securing and managing resources to

bring about the successful completion of specific engineering project goals and objectives. It is
sometimes conflated with program management, however technically it is actually a higher level
construction: a group of related and somehow interdependent engineering projects. A project is a
temporary endeavor, having a defined beginning and end (usually constrained by date, but can be by
funding or deliverables),[1] undertaken to meet unique goals and objectives,[2] usually to bring about
beneficial change or added value. The temporary nature of projects stands in contrast to business as
usual (or operations),[3] which are repetitive, permanent or semi-permanent functional work to produce
products or services. In practice, the management of these two systems is often found to be quite
different, and as such requires the development of distinct technical skills and the adoption of
separate management.

The primary challenge of project management is to achieve all of the engineering project goals [4] and
objectives while honoring the preconceived project constraints. [5] Typical constraints are scope, time,
and budget.[1] The secondary—and more ambitious—challenge is to optimize the allocation and
integration of inputs necessary to meet pre-defined objectives.

History

Roman Soldiers Building a Fortress, Trajan's Column 113 AD

Project management has been practiced since early civilization. Until 1900 civil engineering projects
were generally managed by creativearchitects and engineers themselves, among those for
example Vitruvius (1st century BC), Christopher Wren (1632–1723) , Thomas Telford(1757–1834)
and Isambard Kingdom Brunel (1806–1859).[6] It was in the 1950s that organizations started to
systematically apply project management tools and techniques to complex engineering projects. [7]

Henry Gantt (1861-1919), the father of planning and control techniques.

As a discipline, Project Management developed from several fields of application including

civil construction,engineering, and heavy defense activity.[8] Two forefathers of project management
are Henry Gantt, called the father of planning and control techniques, [9] who is famous for his use of
the Gantt chart as a project management tool; and Henri Fayol for his creation of the 5 management
functions which form the foundation of the body of knowledge associated with project and program
management.[10] Both Gantt and Fayol were students of Frederick Winslow Taylor's theories
of scientific management. His work is the forerunner to modern project management tools
including work breakdown structure (WBS) and resource allocation.

The 1950s marked the beginning of the modern Project Management era where core engineering
fields come together working as one. Project management became recognized as a distinct discipline
arising from the management discipline with engineering model. [11] In the United States, prior to the
1950s, projects were managed on an ad hoc basis using mostly Gantt Charts, and informal
techniques and tools. At that time, two mathematical project-scheduling models were developed. The
"Critical Path Method" (CPM) was developed as a joint venture between DuPont
Corporation and Remington Rand Corporation for managing plant maintenance projects. And the
"Program Evaluation and Review Technique" or PERT, was developed by Booz-Allen & Hamilton as
part of the United States Navy's (in conjunction with the Lockheed Corporation) Polaris
missile submarine program;[12] These mathematical techniques quickly spread into many private
enterprises.

PERT network chart for a seven-month project with five milestones

At the same time, as project-scheduling models were being developed, technology for project cost
estimating, cost management, and engineering economics was evolving, with pioneering work by
Hans Lang and others. In 1956, the American Association of Cost Engineers (now AACE
International; the Association for the Advancement of Cost Engineering) was formed by early
practitioners of project management and the associated specialties of planning and scheduling, cost
estimating, and cost/schedule control (project control). AACE continued its pioneering work and in
2006 released the first integrated process for portfolio, program and project management (Total Cost
Management Framework).

The International Project Management Association (IPMA) was founded in Europe in 1967,[13] as a

federation of several national project management associations. IPMA maintains its federal structure
today and now includes member associations on every continent except Antarctica. IPMA offers a
Four Level Certification program based on the IPMA Competence Baseline (ICB). [14] The ICB covers
technical competences, contextual competences, and behavioral competences.
In 1969, the Project Management Institute (PMI) was formed in the USA.[15] PMI publishes A Guide to
the Project Management Body of Knowledge (PMBOK Guide), which describes project management
practices that are common to "most projects, most of the time." PMI also offers multiple certifications.

The American Academy of Project Management (AAPM) International Board of Standards 1996 was

the first to institute post-graduate certifications such as the MPM Master Project Manager, PME
Project Management E-Business, CEC Certified-Ecommerce Consultant, and CIPM Certified
International Project Manager. The AAPM also issues the post-graduate standards body of knowledge
for executives.

[edit]Approaches

There are a number of approaches to managing project activities including agile, interactive,

incremental, and phased approaches.

Regardless of the methodology employed, careful consideration must be given to the overall project
objectives, timeline, and cost, as well as the roles and responsibilities of all participants and
stakeholders.

[edit]The traditional approach

A traditional phased approach identifies a sequence of steps to be completed. In the "traditional
approach", we can distinguish 5 components of a project (4 stages plus control) in the development of
a project:

Typical development phases of a engineering project

 Project initiation stage;

 Project planning and design stage;
 Project execution and construction stage;
 Project monitoring and controlling systems;
 Project completion.

Not all the projects will visit every stage as projects can be terminated before they reach completion.
Some projects do not follow a structured planning and/or monitoring stages. Some projects will go
through steps 2, 3 and 4 multiple times.

Many industries use variations on these project stages. For example, when working on a brick and
mortar design and construction, projects will typically progress through stages like Pre-Planning,
Conceptual Design, Schematic Design, Design Development, Construction Drawings (or Contract
Documents), and Construction Administration. In software development, this approach is often known
as the waterfall model,[16] i.e., one series of tasks after another in linear sequence. In software
development many organizations have adapted the Rational Unified Process (RUP) to fit this
methodology, although RUP does not require or explicitly recommend this practice. Waterfall
development works well for small, well defined projects, but often fails in larger projects of undefined
and ambiguous nature. The Cone of Uncertainty explains some of this as the planning made on the
initial phase of the project suffers from a high degree of uncertainty. This becomes especially true as
software development is often the realization of a new or novel product. In projects
where requirements have not been finalized and can change, requirements management is used to
develop an accurate and complete definition of the behavior of software that can serve as the basis
for software development.[17] While the terms may differ from industry to industry, the actual stages
typically follow common steps to problem solving — "defining the problem, weighing options, choosing
a path, implementation and evaluation."

[edit]Critical Chain Project Management

Critical Chain Project Management (CCPM) is a method of planning and managing projects that puts
more emphasis on the resources (physical and human) needed in order to execute project tasks. The
most complex part involves engineering professionals of different fields (Civil, Electrical, Mechanical
etc) working together. It is an application of the Theory of Constraints (TOC) to projects. The goal is to
increase the rate of throughput (or completion rates) of projects in an organization. Applying the first
three of the five focusing steps of TOC, the system constraint for all projects is identified as are the
resources. To exploit the constraint, tasks on the critical chain are given priority over all other
activities. Finally, projects are planned and managed to ensure that the resources are ready when the
critical chain tasks must start, subordinating all other resources to the critical chain.

Regardless of project type, the project plan should undergo Resource Leveling, and the longest
sequence of resource-constrained tasks should be identified as the critical chain. In multi-project
environments, resource leveling should be performed across projects. However, it is often enough to
identify (or simply select) a single "drum" resource—a resource that acts as a constraint across
projects—and stagger projects based on the availability of that single resource.
Planning and feedback loops inExtreme Programming (XP) with the time frames of the multiple loops.

[edit]Extreme Project Management

In critical studies of Project Management, it has been noted that several of these
fundamentally PERT-based models are not well suited for the multi-project company environment of
today.[citation needed] Most of them are aimed at very large-scale, one-time, non-routine projects, and
nowadays all kinds of management are expressed in terms of projects.

Using complex models for "projects" (or rather "tasks") spanning a few weeks has been proven to
cause unnecessary costs and low maneuverability in several cases[citation needed]. Instead, project
management experts try to identify different "lightweight" models, such as Agile Project
Managementmethods including Extreme Programming for software development
and Scrum techniques.

The generalization of Extreme Programming to other kinds of projects is extreme project

management, which may be used in combination with theprocess modeling and management
principles of human interaction management.

[edit]Event chain methodology

Event chain methodology is another method that complements critical path method and critical
chain project management methodologies.

Event chain methodology is an uncertainty modeling and schedule network analysis technique that is
focused on identifying and managing events and event chains that affect project schedules. Event
chain methodology helps to mitigate the negative impact of psychological heuristics and biases, as
well as to allow for easy modeling of uncertainties in the project schedules. Event chain methodology
is based on the following principles.

 Probabilistic moment of risk: An activity (task) in most real life processes is not a
continuous uniform process. Tasks are affected by external events, which can occur at some
point in the middle of the task.
 Event chains: Events can cause other events, which will create event chains. These event
chains can significantly affect the course of the project. Quantitative analysis is used to determine
a cumulative effect of these event chains on the project schedule.
 Critical events or event chains: The single events or the event chains that have the most
potential to affect the projects are the “critical events” or “critical chains of events.” They can be
determined by the analysis.
 Project tracking with events: Even if a project is partially completed and data about the
project duration, cost, and events occurred is available, it is still possible to refine information
about future potential events and helps to forecast future project performance.
 Event chain visualization: Events and event chains can be visualized using event chain
diagrams on a Gantt chart.
[edit]PRINCE2

The PRINCE2 process model

PRINCE2 is a structured approach to project management, released in 1996 as a generic project

management method.[18] It combined the original PROMPT methodology (which evolved into the
PRINCE methodology) with IBM's MITP (managing the implementation of the total project)
methodology. PRINCE2 provides a method for managing projects within a clearly defined framework.
PRINCE2 describes procedures to coordinate people and activities in a project, how to design and
supervise the project, and what to do if the project has to be adjusted if it does not develop as
planned.

In the method, each process is specified with its key inputs and outputs and with specific goals and
activities to be carried out. This allows for automatic control of any deviations from the plan. Divided
into manageable stages, the method enables an efficient control of resources. On the basis of close
monitoring, the project can be carried out in a controlled and organized way.

PRINCE2 provides a common language for all participants in the project. The various management
roles and responsibilities involved in a project are fully described and are adaptable to suit the
complexity of the project and skills of the organization.

[edit]Process-based management

Capability Maturity Model, predecessor of theCMMI Model

Also furthering the concept of project control is the incorporation of process-based management. This
area has been driven by the use of Maturity models such as the CMMI (Capability Maturity Model
Integration) and ISO/IEC15504 (SPICE - Software Process Improvement and Capability Estimation).

Agile Project Management approaches based on the principles of human interaction management are

founded on a process view of human collaboration. This contrasts sharply with the traditional
approach. In the agile software development or flexible product developmentapproach, the project is
seen as a series of relatively small tasks conceived and executed as the situation demands in an
adaptive manner, rather than as a completely pre-planned process.

[edit]Processes

This section relies largely or entirely upon a single source. Please help improve this
articleby introducing appropriate citations to additional sources. (August 2010)

Traditionally, project management includes a number of elements: four to five process groups, and a
control system. Regardless of the methodology or terminology used, the same basic project
management processes will be used.

The project development stages[19]

Major process groups generally include:

 Initiation
 Planning or development
 Production or execution
 Monitoring and controlling
 Closing

In project environments with a significant exploratory element (e.g., Research and development),

these stages may be supplemented with decision points (go/no go decisions) at which the project's
continuation is debated and decided. An example is the Stage-Gate model.

[edit]Initiation
Initiating Process Group Processes[19]

The initiation processes determine the nature and scope of the project. If this stage is not performed
well, it is unlikely that the project will be successful in meeting the business’ needs. The key project
controls needed here are an understanding of the business environment and making sure that all
necessary controls are incorporated into the project. Any deficiencies should be reported and a
recommendation should be made to fix them.

The initiation stage should include a plan that encompasses the following areas:

 Analyzing the business needs/requirements in measurable goals

 Reviewing of the current operations
 Financial analysis of the costs and benefits including a budget
 Stakeholder analysis, including users, and support personnel for the project
 Project charter including costs, tasks, deliverables, and schedule
[edit]Planning and design

Planning Process Group Activities[19]

After the initiation stage, the project is planned to an appropriate level of detail. The main purpose is
to plan time, cost and resources adequately to estimate the work needed and to effectively manage
risk during project execution. As with the Initiation process group, a failure to adequately plan greatly
reduces the project's chances of successfully accomplishing its goals.

Project planning generally consists of

 determining how to plan (e.g. by level of detail or rolling wave);

 developing the scope statement;
 selecting the planning team;
 identifying deliverables and creating the work breakdown structure;
 identifying the activities needed to complete those deliverables and networking the activities
in their logical sequence;
 estimating the resource requirements for the activities;
 estimating time and cost for activities;[20]
 developing the schedule;
 developing the budget;
 risk planning;
 gaining formal approval to begin work.

Additional processes, such as planning for communications and for scope management, identifying
roles and responsibilities, determining what to purchase for the project and holding a kick-off meeting
are also generally advisable.

For new product development projects, conceptual design of the operation of the final product may be
performed concurrent with the project planning activities, and may help to inform the planning team
when identifying deliverables and planning activities.

[edit]Executing

Executing Process Group Processes[19]

Executing consists of the processes used to complete the work defined in the project management
plan to accomplish the project's requirements. Execution process involves coordinating people and
resources, as well as integrating and performing the activities of the project in accordance with the
project management plan. The deliverables are produced as outputs from the processes performed
as defined in the project management plan.

[edit]Monitoring and controlling

Monitoring and controlling consists of those processes performed to observe project execution so that
potential problems can be identified in a timely manner and corrective action can be taken, when
necessary, to control the execution of the project. The key benefit is that project performance is
observed and measured regularly to identify variances from the project management plan.
Monitoring and Controlling Process Group Processes[19]

Monitoring and Controlling includes:

 Measuring the ongoing project activities ('where we are');

 Monitoring the project variables (cost, effort, scope, etc.) against the project management
plan and the project performance baseline (where we should be);
 Identify corrective actions to address issues and risks properly (How can we get on track
again);
 Influencing the factors that could circumvent integrated change control so only approved
changes are implemented

In multi-phase projects, the monitoring and controlling process also provides feedback between
project phases, in order to implement corrective or preventive actions to bring the project into
compliance with the project management plan.

Project Maintenance is an ongoing process, and it includes:

 Continuing support of end users

 Correction of errors
 Updates of the software over time

Monitoring and Controlling cycle

In this stage, auditors should pay attention to how effectively and quickly user problems are resolved.

Over the course of any construction project, the work scope may change. Change is a normal and
expected part of the construction process. Changes can be the result of necessary design
modifications, differing site conditions, material availability, contractor-requested changes, value
engineering and impacts from third parties, to name a few. Beyond executing the change in the field,
the change normally needs to be documented to show what was actually constructed. This is referred
to as Change Management. Hence, the owner usually requires a final record to show all changes or,
more specifically, any change that modifies the tangible portions of the finished work. The record is
made on the contract documents – usually, but not necessarily limited to, the design drawings. The
end product of this effort is what the industry terms as-built drawings, or more simply, “as built.” The
requirement for providing them is a norm in construction contracts.

When changes are introduced to the project, the viability of the project has to be re-assessed. It is
important not to lose sight of the initial goals and targets of the projects. When the changes
accumulate, the forecasted result may not justify the original proposed investment in the project.

[edit]Closing

Closing Process Group Processes.[19]

Closing includes the formal acceptance of the project and the ending thereof. Administrative activities
include the archiving of the files and documenting lessons learned.

This phase consists of:

 Project close: Finalize all activities across all of the process groups to formally close the
project or a project phase
 Contract closure: Complete and settle each contract (including the resolution of any open
items) and close each contract applicable to the project or project phase.
[edit]Project control systems
Project control is that element of a project that keeps it on-track, on-time and within budget. Project
control begins early in the project with planning and ends late in the project with post-implementation
review, having a thorough involvement of each step in the process. Each project should be assessed
for the appropriate level of control needed: too much control is too time consuming, too little control is
very risky. If project control is not implemented correctly, the cost to the business should be clarified in
terms of errors, fixes, and additional auditfees.

Control systems are needed for cost, risk, quality, communication, time, change, procurement, and
human resources. In addition, auditors should consider how important the projects are to the financial
statements, how reliant the stakeholders are on controls, and how many controls exist. Auditors
should review the development process and procedures for how they are implemented. The process
of development and the quality of the final product may also be assessed if needed or requested. A
business may want the auditing firm to be involved throughout the process to catch problems earlier
on so that they can be fixed more easily. An auditor can serve as a controls consultant as part of the
development team or as an independent auditor as part of an audit.

Businesses sometimes use formal systems development processes. These help assure that systems
are developed successfully. A formal process is more effective in creating strong controls, and
auditors should review this process to confirm that it is well designed and is followed in practice. A
good formal systems development plan outlines:

 A strategy to align development with the organization’s broader objectives

 Standards for new systems
 Project management policies for timing and budgeting
 Procedures describing the process
 Evaluation of quality of change
[edit]Topics

[edit]Project managers
A project manager is a professional in the field of project management. Project managers can have
the responsibility of the planning, execution, and closing of any project, typically relating
to construction industry, engineering, architecture, computing, or telecommunications. Many other
fields in the production engineering and design engineering and heavy industrial also have project
managers.

A project manager is the person accountable for accomplishing the stated project objectives. Key
project management responsibilities include creating clear and attainable project objectives, building
the project requirements, and managing the triple constraint for projects, which is cost, time, and
scope.

A project manager is often a client representative and has to determine and implement the exact
needs of the client, based on knowledge of the firm they are representing. The ability to adapt to the
various internal procedures of the contracting party, and to form close links with the nominated
representatives, is essential in ensuring that the key issues of cost, time, quality and above all, client
satisfaction, can be realized.

[edit]Project Management Triangle

The Project Management Triangle.

Like any human undertaking, projects need to be performed and delivered under certain constraints.
Traditionally, these constraints have been listed as "scope," "time," and "cost". [1] These are also
referred to as the "Project Management Triangle", where each side represents a constraint. One side
of the triangle cannot be changed without affecting the others. A further refinement of the constraints
separates product "quality" or "performance" from scope, and turns quality into a fourth constraint.

The time constraint refers to the amount of time available to complete a project. The cost constraint
refers to the budgeted amount available for the project. The scope constraint refers to what must be
done to produce the project's end result. These three constraints are often competing constraints:
increased scope typically means increased time and increased cost, a tight time constraint could
mean increased costs and reduced scope, and a tight budget could mean increased time and reduced
scope.

The discipline of Project Management is about providing the tools and techniques that enable the
project team (not just the project manager) to organize their work to meet these constraints.

[edit]Work Breakdown Structure

Example of a Work breakdown structureapplied in a NASA reporting structure.[21]

The Work Breakdown Structure (WBS) is a tree structure, which shows a subdivision of effort required
to achieve an objective; for example a program, project, and contract. The WBS may
be hardware, product, service, or process oriented.

A WBS can be developed by starting with the end objective and successively subdividing it into
manageable components in terms of size, duration, and responsibility (e.g., systems, subsystems,
components, tasks, subtasks, and work packages), which include all steps necessary to achieve the
objective.[17]

The Work Breakdown Structure provides a common framework for the natural development of the
overall planning and control of a contract and is the basis for dividing work into definable increments
from which the statement of work can be developed and technical, schedule, cost, and labor hour
reporting can be established.[21]

[edit]Project Management Framework

Example of an IT Project Management Framework.[19]

The Program (Investment) Life Cycle integrates the project management and system development life
cycles with the activities directly associated with system deployment and operation. By design, system
operation management and related activities occur after the project is complete and are not
documented within this guide.[19]

For example, see figure, in the US United States Department of Veterans Affairs (VA) the program
management life cycle is depicted and describe in the overall VA IT Project Management Framework
to address the integration of OMB Exhibit 300 project (investment) management activities and the
overall project budgeting process. The VA IT Project Management Framework diagram illustrates
Milestone 4 which occurs following the deployment of a system and the closing of the project. The
project closing phase activities at the VA continues through system deployment and into system
operation for the purpose of illustrating and describing the system activities the VA considers part of
the project. The figure illustrates the actions and associated artifacts of the VA IT Project and Program
Management process.[19]

[edit]International standards
There have been several attempts to develop Project Management standards, such as:

 Capability Maturity Model from the Software Engineering Institute.

 GAPPS, Global Alliance for Project Performance Standards- an open source standard
describing COMPETENCIES for project and program managers.
 A Guide to the Project Management Body of Knowledge
 HERMES method, Swiss general project management method, selected for use in
Luxembourg and international organizations.
 The ISO standards ISO 9000, a family of standards for quality management systems, and
the ISO 10006:2003, for Quality management systems and guidelines for quality management in
projects.
 PRINCE2, PRojects IN Controlled Environments.
 Team Software Process (TSP) from the Software Engineering Institute.
 Total Cost Management Framework, AACE International's Methodology for Integrated
Portfolio, Program and Project Management)
 V-Model, an original systems development method.
 The Logical framework approach, which is popular in international development
organizations.
 IAPPM, The International Association of Project & Program Management, guide to Project
Auditing and Rescuing Troubled Projects.
[edit]Project portfolio management
An increasing number of organizations are using, what is referred to as, project portfolio
management (PPM) as a means of selecting the right projects and then using project management
techniques[22] as the means for delivering the outcomes in the form of benefits to the performing
private or not-for-profit organization.

Project management methods are used 'to do projects right' and the methods used in PPM are used
'to do the right projects'. In effect PPM is becoming the method of choice for selection and prioritising
among resource inter-related projects in many industries and sectors. [citation needed]

Project Portfolio Management (PPM) is a term used by project managers and project

management (PM) organizations to describe methods for analyzing and collectively managing a group
of current or proposed projects based on numerous key characteristics. The fundamental objective of
PPM is to determine the optimal mix and sequencing of proposed projects to best achieve the
organization's overall goals - typically expressed in terms of hard economic measures, business
strategy goals, or technical strategy goals - while honoring constraints imposed by management or
external real-world factors. Typical attributes of projects being analyzed in a PPM process include
each project's total expected cost, consumption of scarce resources (human or otherwise) expected
timeline and schedule of investment, expected nature, magnitude and timing of benefits to be
realized, and relationship or inter-dependencies with other projects in the portfolio.

The key challenge to implementing an effective PPM process is typically securing the mandate to do
so. Many organizations are culturally inured to an informal method of making project investment
decisions, which can be compared to political processes observable in the U.S. legislature. [citation
needed]
 However this approach to making project investment decisions has led many organizations to
unsatisfactory results, and created demand for a more methodical and transparent decision making
process. That demand has in turn created a commercial marketplace for tools and systems which
facilitate such a process.

Some commercial vendors of PPM software emphasize their products' ability to treat projects as part
of an overall investment portfolio. PPM advocates see it as a shift away from one-off, ad hoc
approaches to project investment decision making. Most PPM tools and methods attempt to establish
a set of values, techniques and technologies that enable visibility, standardization, measurement and
process improvement. PPM tools attempt to enable organizations to manage the continuous flow of
projects from concept to completion.

Treating a set of projects as a portfolio would be, in most cases, an improvement on the ad hoc, one-
off analysis of individual project proposals. The relationship between PPM techniques and existing
investment analysis methods is a matter of debate. While many are represented as "rigorous" and
"quantitative", few PPM tools attempt to incorporate established financial portfolio optimization
methods like modern portfolio theory or Applied Information Economics, which have been applied to
project portfolios, including even non-financial issues. [1][2][3][4]

Controversy over the "investment discipline" of PPM

Developers of PPM tools see their solutions as borrowing from the financial investment world.
However, other than using the word "portfolio", few can point to any specific portfolio optimization
methods implemented in their tools.

A project can be viewed as a composite of resource investments such as skilled labour and
associated salaries, IT hardware and software, and the opportunity cost of deferring other project
work. As project resources are constrained, business management can derive greatest value by
allocating these resources towards project work that is objectively and relatively determined to meet
business objectives more so than other project opportunities. Thus, the decision to invest in a project
can be made based upon criteria that measures the relative benefits (eg. supporting business
objectives) and its relative costs and risks to the organization.

In principle, PPM attempts to address issues of resource allocation, e.g., money, time, people,
capacity, etc. In order for it to truly borrow concepts from the financial investment world, the portfolio
of projects and hence the PPM movement should be grounded in some financial objective such as
increasing shareholder value, top line growth, etc. Equally important, risks must be computed in a
statistically, actuarially meaningful sense. Optimizing resources and projects without these in mind
fails to consider the most important resource any organization has and which is easily understood by
people throughout the organization whether they be IT, finance, marketing, etc and that resource is
money.

While being tied largely to IT and fairly synonymous with IT portfolio management, PPM is ultimately a
subset of corporate portfolio management and should be exportable/utilized by any group selecting
and managing discretionary projects.[citation needed] However, most PPM methods and tools opt for various
subjective weighted scoring methods, not quantitatively rigorous methods based on options
theory, modern portfolio theory, Applied Information Economics or operations research.

Beyond the project investment decision, PPM aims to support ongoing measurement of the project
portfolio so each project can be monitored for its relative contribution to business goals. If a project is
either performing below expectations (cost overruns, benefit erosion) or is no longer highly aligned to
business objectives (which change with natural market and statutory evolution), management can
choose to decommit from a project and redirect its resources elsewhere. This analysis, done
periodically, will "refresh" the portfolio to better align with current states and needs.

Historically, many organizations were criticized for focusing on "doing the wrong things well." PPM
attempts to focus on a fundamental question: "Should we be doing this project or this portfolio of
projects at all?" One litmus test for PPM success is to ask "Have you ever canceled a project that was
on time and on budget?" With a true PPM approach in place, it is much more likely that the answer is
"yes." As goals change so should the portfolio mix of what projects are funded or not funded no matter
where they are in their individual lifecycles. Making these portfolio level business investment decisions
allows the organization to free up resources, even those on what were before considered "successful"
projects, to then work on what is really important to the organization.

[edit]Optimizing for payoff

One method PPM tools or consultants might use is the use of decision trees with decision nodes that
allow for multiple options and optimize against a constraint. The organization in the following example
has options for 7 projects but the portfolio budget is limited to $10,000,000. The selection made are
the projects 1, 3, 6 and 7 with a total investment of $7,740,000 - the optimum under these conditions.
The portfolio's payoff is $2,710,000.
Presumably, all other combinations of projects would either exceed the budget or yield a lower payoff.
However, this is an extremely simplified representation of risk and is unlikely to be realistic. Risk is
usually a major differentiator among projects but it is difficult to quantify risk in a statistically and
actuarially meaningful manner (with probability theory, Monte Carlo Method, statistical analysis, etc.).
This places limits on the deterministic nature of the results of a tool such as a decision tree (as
predicted by modern portfolio theory).

[edit]Resource allocation
Resource allocation is a critical component of PPM. Once it is determined that one or many projects
meet defined objectives, the available resources of an organization must be evaluated for its ability to
meet project demand (aka as a demand "pipeline" discussed below). Effective resource allocation
typically requires an understanding of existing labor or funding resource commitments (in either
business operations or other projects) as well as the skills available in the resource pool. Project
investment should only be made in projects where the necessary resources are available during a
specified period of time.
Resources may be subject to physical constraints. For example, IT hardware may not be readily
available to support technology changes associated with ideal implementation timeframe for a project.
Thus, a holistic understanding of all project resources and their availability must be conjoined with the
decision to make initial investment or else projects may encounter substantial risk during their lifecycle
when unplanned resource constraints arise to delay achieving project objectives.

Beyond the project investment decision, PPM involves ongoing analysis of the project portfolio so
each investment can be monitored for its relative contribution to business goals versus other portfolio
investments. If a project is either performing below expectations (cost overruns, benefit erosion) or is
no longer aligned to business objectives (which change with natural market and statutory evolution),
management can choose to decommit from a project to stem further investment and redirect
resources towards other projects that better fit business objectives. This analysis can typically be
performed on a periodic basis (eg. quarterly or semi-annually) to "refresh" the portfolio for optimal
business performance. In this way both new and existing projects are continually monitored for their
contributions to overall portfolio health. If PPM is applied in this manner, management can more
clearly and transparently demonstrate its effectiveness to its shareholders or owners.

Implementing PPM at the enterprise level faces a challenge in gaining enterprise support because
investment decision criteria and weights must be agreed to by the key stakeholders of the
organization, each of whom may be incentivised to meet specific goals that may not necessarily align
with those of the entire organization. But if enterprise business objectives can be manifested in and
aligned with the objectives of its distinct business unit sub-organizations, portfolio criteria agreement
can be achieved more easily. (Assadourian 2005)

From a requirements management perspective Project Portfolio Management can be viewed as the

upper-most level of business requirements management in the company, seeking to understand the
business requirements of the company and what portfolio of projects should be undertaken to achieve
them. It is through portfolio management that each individual project should receive its allotted
business requirements (Denney 2005).

[edit]Pipeline management
In addition to managing the mix of projects in a company, Project Portfolio Management must also
determine whether (and how) a set of projects in the portfolio can be executed by a company in a
specified time, given finite development resources in the company. This is called pipeline
management. Fundamental to pipeline management is the ability to measure the planned allocation of
development resources according to some strategic plan. To do this, a company must be able to
estimate the effort planned for each project in the portfolio, and then roll the results up by one or more
strategic project types e.g., effort planned for research projects. (Cooper et al. 1998); (Denney 2005)
discusses project portfolio and pipeline management in the context of use case driven development.

[edit]Organizational applicability
The complexity of PPM and other approaches to IT projects (e.g., treating them as a capital
investment) may render them not suitable for smaller or younger organizations. An obvious reason for
this is that a few IT projects doesn't make for much of a portfolio selection. Other reasons include the
cost of doing PPM—the data collection, the analysis, the documentation, the education, and the
change to decision-making processes.

Modern portfolio theory

From Wikipedia, the free encyclopedia

Modern portfolio theory (MPT) is a theory of investment which attempts to maximize portfolio

expected return for a given amount of portfolio risk, or equivalently minimize risk for a given level of
expected return, by carefully choosing the proportions of various assets. Although MPT is widely used in
practice in the financial industry and several of its creators won a Nobel prize for the theory, in recent years
the basic assumptions of MPT have been widely challenged by fields such as behavioral economics.

MPT is a mathematical formulation of the concept of diversification in investing, with the aim of selecting a
collection of investment assets that has collectively lower risk than any individual asset. That this is
possible can be seen intuitively because different types of assets often change in value in opposite ways.
For example, when prices in the stock market fall, prices in the bond market often increase, and vice
versa[citation needed]. A collection of both types of assets can therefore have lower overall risk than either
individually. But diversification lowers risk even if assets' returns are not negatively correlated—indeed,
even if they are positively correlated.

More technically, MPT models an asset's return as a normally distributed (or more generally as
an elliptically distributed random variable), defines risk as the standard deviation of return, and models a
portfolio as a weighted combination of assets so that the return of a portfolio is the weighted combination of
the assets' returns. By combining different assets whose returns are not perfectly positively correlated,
MPT seeks to reduce the total variance of the portfolio return. MPT also assumes that investors
are rational and markets are efficient.

MPT was developed in the 1950s through the early 1970s and was considered an important advance in the
mathematical modeling of finance. Since then, many theoretical and practicalcriticisms have been leveled
against it. These include the fact that financial returns do not follow a Gaussian distribution or indeed any
symmetric distribution, and that correlations between asset classes are not fixed but can vary depending on
external events (especially in crises). Further, there is growing evidence that investors are not rational and
markets are notefficient.[1][2]
Concept
The fundamental concept behind MPT is that the assets in an investment portfolio cannot be
selected individually, each on their own merits. Rather, it is important to consider how each asset
changes in price relative to how every other asset in the portfolio changes in price.

Investing is a tradeoff between risk and expected return. In general, assets with higher expected

returns are riskier. For a given amount of risk, MPT describes how to select a portfolio with the
highest possible expected return. Or, for a given expected return, MPT explains how to select a
portfolio with the lowest possible risk (the targeted expected return cannot be more than the
highest-returning available security, of course, unless negative holdings of assets are possible.) [3]

MPT is therefore a form of diversification. Under certain assumptions and for

specific quantitative definitions of risk and return, MPT explains how to find the best possible
diversification strategy.

[edit]History

Harry Markowitz introduced MPT in a 1952 article[4] and a 1959 book.[5] See also[3].

[edit]Mathematical model

In some sense the mathematical derivation below is MPT, although the basic concepts behind the
model have also been very influential.[3]

This section develops the "classic" MPT model. There have been many extensions since.

[edit]Risk and expected return

MPT assumes that investors are risk averse, meaning that given two portfolios that offer the same
expected return, investors will prefer the less risky one. Thus, an investor will take on increased risk
only if compensated by higher expected returns. Conversely, an investor who wants higher expected
returns must accept more risk. The exact trade-off will be the same for all investors, but different
investors will evaluate the trade-off differently based on individual risk aversion characteristics. The
implication is that a rational investor will not invest in a portfolio if a second portfolio exists with a
more favorable risk-expected return profile – i.e., if for that level of risk an alternative portfolio
exists which has better expected returns.

Note that the theory uses standard deviation of return as a proxy for risk. There are problems with
this, however; see criticism.

Under the model:

 Portfolio return is the proportion-weighted combination of the constituent assets' returns.

 Portfolio volatility is a function of the correlations ρij of the component assets, for all asset
pairs (i, j).

In general:

 Expected return:
where Rp is the return on the portfolio, Ri is the return on asset i and wi is the weighting of
component asset i (that is, the share of asset i in the portfolio).

 Portfolio return variance:

where ρij is the correlation coefficient between the returns on assets i and j. Alternatively the

expression can be written as:

where ρij = 1 for i=j.

 Portfolio return volatility (standard deviation):

For a two asset portfolio:

 Portfolio
return: 

 Portfolio variance: 

For a three asset portfolio:

 Portfolio return: 

 Portfolio
variance: 

[edit]Diversification

An investor can reduce portfolio risk simply by holding combinations of instruments which are not
perfectly positively correlated (correlation coefficient  )). In other words, investors
can reduce their exposure to individual asset risk by holding a diversified portfolio of assets.
Diversification may allow for the same portfolio expected return with reduced risk.
If all the asset pairs have correlations of 0—they are perfectly uncorrelated—the portfolio's return
variance is the sum over all assets of the square of the fraction held in the asset times the asset's
return variance (and the portfolio standard deviation is the square root of this sum).

[edit]The efficient frontier with no risk-free asset

Efficient Frontier. The hyperbola is sometimes referred to as the 'Markowitz Bullet', and is the
efficient frontier if no risk-free asset is available.

As shown in this graph, every possible combination of the risky assets, without including any
holdings of the risk-free asset, can be plotted in risk-expected return space, and the collection of all
such possible portfolios defines a region in this space. The left boundary of this region is a hyperbola,
[6]
 and the upper edge of this region is the efficient frontier in the absence of a risk-free asset
(sometimes called "the Markowitz bullet"). Combinations along this upper edge represent portfolios
(including no holdings of the risk-free asset) for which there is lowest risk for a given level of
expected return. Equivalently, a portfolio lying on the efficient frontier represents the combination
offering the best possible expected return for given risk level.

Matrices are preferred for calculations of the efficient frontier. In matrix form, for a given "risk
tolerance"  , the efficient frontier is found by minimizing the following expression:

wTΣw − q * RTw

where

 w is a vector of portfolio weights and

∑ wi = 1.

 (The weights can be negative, which means investors can short a security.);

 Σ is the covariance matrix for the returns on the assets in the portfolio;

   is a "risk tolerance" factor, where 0 results in the portfolio with minimal risk and   
results in the portfolio infinitely far out the frontier with both expected return and risk
unbounded; and

 R is a vector of expected returns.

 wTΣw is the variance of portfolio return.

 RTw is the expected return on the portfolio.

The above optimization finds the point on the frontier at which the inverse of the slope of the
frontier would be q if portfolio return variance instead of standard deviation were plotted
horizontally. The frontier in its entirely is parametric on q.

Many software packages, including Microsoft Excel, MATLAB, Mathematica and R,

provide optimization routines suitable for the above problem.

An alternative approach to specifying the efficient frontier is to do so parametrically on expected

portfolio return RTw. This version of the problem requires that we minimize

wTΣw

subject to

RTw = μ

for parameter μ. This problem is easily solved using a Lagrange multiplier.

[edit]The two mutual fund theorem

One key result of the above analysis is the two mutual fund theorem.[6] This theorem states that any
portfolio on the efficient frontier can be generated by holding a combination of any two given
portfolios on the frontier; the latter two given portfolios are the "mutual funds" in the theorem's
name. So in the absence of a risk-free asset, an investor can achieve any desired efficient portfolio
even if all that is accessible is a pair of efficient mutual funds. If the location of the desired portfolio
on the frontier is between the locations of the two mutual funds, both mutual funds will be held in
positive quantities. If the desired portfolio is outside the range spanned by the two mutual funds,
then one of the mutual funds must be sold short (held in negative quantity) while the size of the
investment in the other mutual fund must be greater than the amount available for investment (the
excess being funded by the borrowing from the other fund).

[edit]The risk-free asset and the capital allocation line

Main article:  Capital allocation line

The risk-free asset is the (hypothetical) asset which pays a risk-free rate. In practice, short-term
government securities (such as US treasury bills) are used as a risk-free asset, because they pay a
fixed rate of interest and have exceptionally low default risk. The risk-free asset has zero variance in
returns (hence is risk-free); it is also uncorrelated with any other asset (by definition, since its
variance is zero). As a result, when it is combined with any other asset, or portfolio of assets, the
change in return is linearly related to the change in risk as the proportions in the combination vary.

When a risk-free asset is introduced, the half-line shown in the figure is the new efficient frontier. It
is tangent to the hyperbola at the pure risky portfolio with the highest Sharpe ratio. Its horizontal
intercept represents a portfolio with 100% of holdings in the risk-free asset; the tangency with the
hyperbola represents a portfolio with no risk-free holdings and 100% of assets held in the portfolio
occurring at the tangency point; points between those points are portfolios containing positive
amounts of both the risky tangency portfolio and the risk-free asset; and points on the half-line
beyond the tangency point are leveraged portfolios involving negative holdings of the risk-free asset
(the latter has been sold short—in other words, the investor has borrowed at the risk-free rate) and
an amount invested in the tangency portfolio equal to more the 100% of the investor's initial capital.
This efficient half-line is called the capital allocation line (CAL), and its formula can be shown to be

In this formula P is the sub-portfolio of risky assets at the tangency with the Markowitz bullet, F is
the risk-free asset, and C is a combination of portfolios P and F.

By the diagram, the introduction of the risk-free asset as a possible component of the portfolio has
improved the range of risk-expected return combinations available, because everywhere except at
the tangency portfolio the half-line gives a higher expected return than the hyperbola does at every
possible risk level. The fact that all points on the linear efficient locus can be achieved by a
combination of holdings of the risk-free asset and the tangency portfolio is known as the one mutual
fund theorem,[6] where the mutual fund referred to is the tangency portfolio.

[edit]Asset pricing using MPT

The above analysis describes optimal behavior of an individual investor. Asset pricing theory builds
on this analysis in the following way. Since everyone holds the risky assets in identical proportions to
each other—namely in the proportions given by the tangency portfolio—in market equilibrium the
risky assets' prices, and therefore their expected returns, will adjust so that the ratios in the tangecy
portfolio are the same as the ratios in which the risky assets are supplied to the market. Thus relative
supplies will equal relative demands. MPT derives the required expected return for a correctly priced
asset in this context.

[edit]Systematic risk and specific risk

Specific risk is the risk associated with individual assets - within a portfolio these risks can be reduced
through diversification (specific risks "cancel out"). Specific risk is also called diversifiable, unique,
unsystematic, or idiosyncratic risk. Systematic risk (a.k.a. portfolio risk or market risk) refers to the
risk common to all securities - except for selling short as noted below, systematic risk cannot be
diversified away (within one market). Within the market portfolio, asset specific risk will be
diversified away to the extent possible. Systematic risk is therefore equated with the risk (standard
deviation) of the market portfolio.
Since a security will be purchased only if it improves the risk-expected return characteristics of the
market portfolio, the relevant measure of the risk of a security is the risk it adds to the market
portfolio, and not its risk in isolation. In this context, the volatility of the asset, and its correlation
with the market portfolio, are historically observed and are therefore given. (There are several
approaches to asset pricing that attempt to price assets by modelling the stochastic properties of the
moments of assets' returns - these are broadly referred to as conditional asset pricing models.)

Systematic risks within one market can be managed through a strategy of using both long and short
positions within one portfolio, creating a "market neutral" portfolio.

[edit]Capital asset pricing model

Main article:  Capital Asset Pricing Model

The asset return depends on the amount paid for the asset today. The price paid must ensure that
the market portfolio's risk / return characteristics improve when the asset is added to it.
The CAPM is a model which derives the theoretical required expected return (i.e., discount rate) for
an asset in a market, given the risk-free rate available to investors and the risk of the market as a
whole. The CAPM is usually expressed:

 β, Beta, is the measure of asset sensitivity to a movement in the overall market; Beta is
usually found via regression on historical data. Betas exceeding one signify more than
average "riskiness" in the sense of the asset's contribution to overall portfolio risk; betas
below one indicate a lower than average risk contribution.

  is the market premium, the expected excess return of the market
portfolio's expected return over the risk-free rate.

This equation can be statistically estimated using the following regression equation:

where αi is called the asset's alpha , βi is the asset's beta coefficient and SCL is the Securities
Characteristics Line.

Once an asset's expected return, E(Ri), is calculated using CAPM, the future cash flows of the asset
can be discounted to their present value using this rate to establish the correct price for the asset. A
riskier stock will have a higher beta and will be discounted at a higher rate; less sensitive stocks will
have lower betas and be discounted at a lower rate. In theory, an asset is correctly priced when its
observed price is the same as its value calculated using the CAPM derived discount rate. If the
observed price is higher than the valuation, then the asset is overvalued; it is undervalued for a too
low price.
(1) The incremental impact on risk and expected return when an additional risky asset, a, is added to
the market portfolio, m, follows from the formulae for a two-asset portfolio. These results are used
to derive the asset-appropriate discount rate.

Market portfolio's risk = 

Hence, risk added to portfolio = 

but since the weight of the asset will be relatively low, 

i.e. additional risk = 

Market portfolio's expected return = 

Hence additional expected return = 

(2) If an asset, a, is correctly priced, the improvement in its risk-to-expected return ratio achieved by
adding it to the market portfolio, m, will at least match the gains of spending that money on an
increased stake in the market portfolio. The assumption is that the investor will purchase the asset

with funds borrowed at the risk-free rate,Rf; this is rational if  .

Thus: 

i.e. : 

i.e. : 

 is the “beta”, β -- the covariance between the asset's return and the market's
return divided by the variance of the market return— i.e. the sensitivity of the asset price to
movement in the market portfolio's value.

[edit]Criticism

Despite its theoretical importance, some people question whether MPT is an ideal investing strategy,
because its model of financial markets does not match the real world in many ways.

[edit]Assumptions

The mathematical framework of MPT makes many assumptions about investors and markets. Some
are explicit in the equations, such as the use of Normal distributions to model returns. Others are
implicit, such as the neglect of taxes and transaction fees. None of these assumptions are entirely
true, and each of them compromises MPT to some degree.
 Asset returns are (jointly) normally distributed random variables. In fact, it is frequently
observed that returns in equity and other markets are not normally distributed. Large swings
(3 to 6 standard deviations from the mean) occur in the market far more frequently than the
normal distribution assumption would predict. [7] While the model can also be justified by
assuming any return distribution which is jointly elliptical[8][9], all the joint elliptical
distributions are symmetrical whereas asset returns empirically are not.

 Correlations between assets are fixed and constant forever. Correlations depend on

systemic relationships between the underlying assets, and change when these relationships
change. Examples include one country declaring war on another, or a general market crash.
During times of financial crisis all assets tend to become positively correlated, because they
all move (down) together. In other words, MPT breaks down precisely when investors are
most in need of protection from risk.

 All investors aim to maximize economic utility (in other words, to make as much money as
possible, regardless of any other considerations). This is a key assumption of the efficient
market hypothesis, upon which MPT relies.

 All investors are rational and risk-averse. This is another assumption of the efficient market

hypothesis, but we now know from behavioral economics that market participants are
not rational. It does not allow for "herd behavior" or investors who will accept lower returns
for higher risk. Casino gamblers clearly pay for risk, and it is possible that some stock traders
will pay for risk as well.

 All investors have access to the same information at the same time. This also comes from
the efficient market hypothesis. In fact, real markets contain information asymmetry,insider
trading, and those who are simply better informed than others.

 Investors have an accurate conception of possible returns, i.e., the probability beliefs of
investors match the true distribution of returns. A different possibility is that investors'
expectations are biased, causing market prices to be informationally inefficient. This
possibility is studied in the field of behavioral finance, which uses psychological assumptions
to provide alternatives to the CAPM such as the overconfidence-based asset pricing model
of Kent Daniel, David Hirshleifer, and Avanidhar Subrahmanyam (2001). [10]

 There are no taxes or transaction costs. Real financial products are subject both to taxes
and transaction costs (such as broker fees), and taking these into account will alter the
composition of the optimum portfolio. These assumptions can be relaxed with more
complicated versions of the model.[citation needed]

 All investors are price takers, i.e., their actions do not influence prices. In reality,
sufficiently large sales or purchases of individual assets can shift market prices for that asset
and others (via cross-elasticity of demand.) An investor may not even be able to assemble
the theoretically optimal portfolio if the market moves too much while they are buying the
required securities.

 Any investor can lend and borrow an unlimited amount at the risk free rate of interest. In
reality, every investor has a credit limit.
  All securities can be divided into parcels of any size. In reality, fractional shares usually
cannot be bought or sold, and some assets have minimum orders sizes.

More complex versions of MPT can take into account a more sophisticated model of the world (such
as one with non-normal distributions and taxes) but all mathematical models of finance still rely on
many unrealistic premises.

[edit]MPT does not really model the market

The risk, return, and correlation measures used by MPT are based on expected values, which means
that they are mathematical statements about the future (the expected value of returns is explicit in
the above equations, and implicit in the definitions of variance and covariance.) In practice investors
must substitute predictions based on historical measurements of asset return and volatility for these
values in the equations. Very often such expected values fail to take account of new circumstances
which did not exist when the historical data were generated.

More fundamentally, investors are stuck with estimating key parameters from past market data
because MPT attempts to model risk in terms of the likelihood of losses, but says nothing about why
those losses might occur. The risk measurements used are probabilistic in nature, not structural. This
is a major difference as compared to many engineering approaches torisk management.

Options theory and MPT have at least one important conceptual difference from the probabilistic
risk assessment done by nuclear power [plants]. A PRA is what economists would call a structural
model. The components of a system and their relationships are modeled in Monte Carlo simulations.
If valve X fails, it causes a loss of back pressure on pump Y, causing a drop in flow to vessel Z, and so
on.

But in the Black-Scholes equation and MPT, there is no attempt to explain an underlying structure to

price changes. Various outcomes are simply given probabilities. And, unlike the PRA, if there is no
history of a particular system-level event like a liquidity crisis, there is no way to compute the odds
of it. If nuclear engineers ran risk management this way, they would never be able to compute the
odds of a meltdown at a particular plant until several similar events occurred in the same reactor
design.

—Douglas W. Hubbard, 'The Failure of Risk Management', p. 67, John Wiley & Sons, 2009. ISBN 978-
0-470-38795-5

Essentially, the mathematics of MPT view the markets as a collection of dice. By examining past
market data we can develop hypotheses about how the dice are weighted, but this isn't helpful if the
markets are actually dependent upon a much bigger and more complicated chaotic system -- the
world. For this reason, accurate structural models of real financial markets are unlikely to be
forthcoming because they would essentially be structural models of the entire world. Nonetheless
there is growing awareness of the concept of systemic risk in financial markets, which should lead to
more sophisticated market models.

Mathematical risk measurements are also useful only to the degree that they reflect investors' true
concerns -- there is no point minimizing a variable that nobody cares about in practice. MPT uses the
mathematical concept of variance to quantify risk, and this might be justified under the assumption
of elliptically distributed returns such as normally distributed returns, but for general
return distributions other risk measures (like coherent risk measures) might better reflect investors'
true preferences.

In particular, variance is a symmetric measure that counts abnormally high returns as just as risky as
abnormally low returns. Some would argue that, in reality, investors are only concerned about
losses, and do not care about the dispersion or tightness of above-average returns. According to this
view, our intuitive concept of risk is fundamentally asymmetric in nature.

MPT does not account for the social, environmental, strategic, or personal dimensions of investment
decisions. It only attempts to maximize risk-adjusted returns, without regard to other consequences.
In a narrow sense, its complete reliance on asset prices makes it vulnerable to all the
standard market failures such as those arising from information asymmetry,externalities, and public
goods. It also rewards corporate fraud and dishonest accounting. More broadly, a firm may have
strategic or social goals that shape its investment decisions, and an individual investor might have
personal goals. In either case, information other than historical returns is relevant.

See also socially-responsible investing, fundamental analysis.

[edit]Extensions

Since MPT's introduction in 1952, many attempts have been made to improve the model, especially
by using more realistic assumptions.

Post-modern portfolio theory extends MPT by adopting non-normally distributed, asymmetric

measures of risk. This helps with some of these problems, but not others.

Black-Litterman model optimization is an extension of unconstrained Markowitz optimization which

incorporates relative and absolute `views' on inputs of risk and returns.

[edit]Other Applications

[edit]Applications to project portfolios and other "non-financial" assets

Some experts apply MPT to portfolios of projects and other assets besides financial instruments.
[11]
 When MPT is applied outside of traditional financial portfolios, some differences between the
different types of portfolios must be considered.

1. The assets in financial portfolios are, for practical purposes, continuously divisible while
portfolios of projects like new software development are "lumpy". For example, while we
can compute that the optimal portfolio position for 3 stocks is, say, 44%, 35%, 21%, the
optimal position for an IT portfolio may not allow us to simply change the amount spent on a
project. IT projects might be all or nothing or, at least, have logical units that cannot be
separated. A portfolio optimization method would have to take the discrete nature of some
IT projects into account.

2. The assets of financial portfolios are liquid can be assessed or re-assessed at any point in
time while opportunities for new projects may be limited and may appear in limited
windows of time and projects that have already been initiated cannot be abandoned
 without the loss of the sunk costs (i.e., there is little or no recovery/salvage value of a half-
complete IT project).

Neither of these necessarily eliminate the possibility of using MPT and such portfolios. They simply
indicate the need to run the optimization with an additional set of mathematically-expressed
constraints that would not normally apply to financial portfolios.

Furthermore, some of the simplest elements of Modern Portfolio Theory are applicable to virtually
any kind of portfolio. The concept of capturing the risk tolerance of an investor by documenting how
much risk is acceptable for a given return could be and is applied to a variety of decision analysis
problems. MPT, however, uses historical variance as a measure of risk and portfolios of assets like IT
projects don't usually have an "historical variance" for a new piece of software. In this case, the MPT
investment boundary can be expressed in more general terms like "chance of an ROI less than cost
of capital" or "chance of losing more than half of the investment". When risk is put in terms of
uncertainty about forecasts and possible losses then the concept is transferable to various types of
investment.[11]

[edit]Application to other disciplines

In the 1970s, concepts from Modern Portfolio Theory found their way into the field of regional
science. In a series of seminal works, Michael Conroy modeled the labor force in the economy using
portfolio-theoretic methods to examine growth and variability in the labor force. This was followed
by a long literature on the relationship between economic growth and volatility. [12]

More recently, modern portfolio theory has been used to model the self-concept in social
psychology. When the self attributes comprising the self-concept constitute a well-diversified
portfolio, then psychological outcomes at the level of the individual such as mood and self-esteem
should be more stable than when the self-concept is undiversified. This prediction has been
confirmed in studies involving human subjects. [13]

Recently, modern portfolio theory has been applied to modelling the uncertainty and correlation
between documents in information retrieval. Given a query, the aim is to maximize the overall
relevance of a ranked list of documents and at the same time minimize the overall uncertainty of the
ranked list [1].

[edit]Comparison with arbitrage pricing theory

The SML and CAPM are often contrasted with the arbitrage pricing theory (APT), which holds that
the expected return of a financial asset can be modeled as a linear function of variousmacro-
economic factors, where sensitivity to changes in each factor is represented by a factor specific beta
coefficient.

The APT is less restrictive in its assumptions: it allows for an explanatory (as opposed to statistical)
model of asset returns, and assumes that each investor will hold a unique portfolio with its own
particular array of betas, as opposed to the identical "market portfolio". Unlike the CAPM, the APT,
however, does not itself reveal the identity of its priced factors - the number and nature of these
factors is likely to change over time and between economies.
Performance Attribution or Investment Performance Attribution is a set of techniques that
performance analysts use to explain why a portfolio's performance differed from the benchmark. This
difference between the portfolio return and the benchmark return is known as the active return. The
active return is the component of a portfolio's performance that arises from the fact that the portfolio is
actively managed.

Different kinds of performance attribution provide different ways of explaining the active return.

Simple example
Consider a portfolio whose benchmark consists of 30% cash and 70% equities. The following table
provides a consistent set of weights and returns for this example.
Portfolio Benchmark Portfolio Benchmark Asset Stock Total
Sector Interaction
Weight Weight Return Return Allocation Selection Active
Equities 90% 70% 5.00% 3.00% 0.12% 1.40% 0.40% 1.92%
Cash 10% 30% 1.00% 1.00% 0.28% 0.00% 0.00% 0.28%
Total 100% 100% 4.60% 2.40% 0.40% 1.40% 0.40% 2.20%

The portfolio performance was 4.60%, compared with a benchmark return of 2.40%. This leaves an
active return of 2.20%. The task of performance attribution is to explain the decisions that the portfolio
manager took to generate this 2.20% of value added.

Under the most common paradigm for performance attribution, there are two different kinds of
decision that the portfolio manager can make in an attempt to produce added value:

1. Asset Allocation: the manager might choose to allocate 90% of the assets into equities
(leaving only 10% for cash), on the belief that equities will produce a higher return than cash.
2. Stock Selection: Especially within the equities sector, the manager may try to hold securities
that will give a higher return than the overall equity benchmark. In the example, the securities
selected by the equities manager produced an overall return of 5%, when the benchmark
return for equities was only 3%.

The attribution analysis dissects the value added into three components:

 Asset allocation is the value added by under-weighting cash (0.28%), and over-weighting
equities (0.12%). The total value added by asset allocation was 0.40%.
 Stock selection is the value added by decisions within each sector of the portfolio. In this
case, the superior stock selection in the equity sector added 1.40% to the portfolio's return.
 Interaction captures the value added that is not attributable solely to the asset allocation and
stock selection decisions. In this particular case, there was 0.40% of value added from the
combination that the portfolio was overweight equities, and the equities sector also outperfomed
its benchmark.
The three attribution terms (asset allocation, stock selection, and interaction) sum exactly to the active
return without the need for any "fudge factors".

[edit]History

In 1972, A Working Group of the Society of Investment Analysts (UK) published a paper about
analysing the performance of investment portfolios. This paper introduced the key concept in
performance attribution, that active performance can be analysed by comparing the returns of
different notional portfolios. In particular, if one examines the performance of a portfolio that holds
each sector at the active weight, while earning a passive return within each sector, one can measure
exactly the amount of value that is added by asset allocation decisions.

The 1972 paper introduced the key elements of modern performance attribution: notional portfolios,
asset allocation, and stock selection. The paper presents this analytic paradigm as an extension of
previously known concepts. Since it was not an academic publication, it did not claim novelty, even
though the approach introduced was new and novel. An excerpt from the paper reads:

The working group recommend that the notional fund concept be extended to cover the whole fund,
i.e. fixed interest, equity and cash investments and by using appropriate indices the actual fund is
compared with a notional fund chosen such that the proportions in the different investment sectors
follow those laid down by the trustees.

The 1972 paper is improperly ignored by many of the standard texts on performance attribution (for
example Spaulding 2003).

It is commonly believed that Gary P. Brinson's Brinson et al. 1985 introduced the idea of using

notional portfolios to attribute investment performance. For this reason, many of the standard texts
(e.g.Spaulding 2003)improperly make no acknowledgement of the 1972 paper, while devoting copious
numbers of pages to "Brinson Fachler attribution" (pp. 177-180.) and "Brinson Hood Beebower
attribution" (pp. 29-51).

[edit]Geometric attribution
The most common approach to performance attribution (found in sources such as Brinson et
al. 1985 and Carino 1999) can be described as "arithmetic attribution". It is arithmetic in the sense that
it describes the difference between the portfolio return and the benchmark return. For example, if the
portfolio return was 21%, and the benchmark return was 10%, arithmetic attribution would explain
11% of value added.

In Europe and the UK, another approach (known as geometric attribution) has been common. If the
portfolio return was 21% while the benchmark return was 10%, geometric attribution would explain an
active return of 10%. The reasoning behind this is that 10% of active return, when compounded with
10% of benchmark performance, produces a total portfolio return of 21%.
Adherents of the geometric approach consider it to be highly intuitive. See, for example, Bacon
(2002). However, not everybody agrees on this.

One advantage of doing attribution in geometric form is that the attribution results translate
consistently from one currency to another. It is plausible that this explains the popularity of geometric
approaches in Europe. This is discussed further in the external link by Davies (undated).

Risk management is the identification, assessment, and prioritization of risks (defined in ISO

31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated
and economical application of resources to minimize, monitor, and control the probability and/or
impact of unfortunate events[1] or to maximize the realization of opportunities. Risks can come from
uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes
and disasters as well as deliberate attacks from an adversary. Several risk management standards
have been developed including the Project Management Institute, the National Institute of Science
and Technology, actuarial societies, and ISO standards.[2][3] Methods, definitions and goals vary widely
according to whether the risk management method is in the context of project management,
security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health
and safety.

The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing
the negative effect of the risk, and accepting some or all of the consequences of a particular risk.

Certain aspects of many of the risk management standards have come under criticism for having no
measurable improvement on risk even though the confidence in estimates and decisions increase. [1]

Introduction
This section provides an introduction to the principles of risk management. The vocabulary of risk
management is defined in ISO Guide 73, "Risk management. Vocabulary." [2]

In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss
and the greatest probability of occurring are handled first, and risks with lower probability of
occurrence and lower loss are handled in descending order. In practice the process can be very
difficult, and balancing between risks with a high probability of occurrence but lower loss versus a risk
with high loss but lower probability of occurrence can often be mishandled.

Intangible risk management identifies a new type of a risk that has a 100% probability of occurring but
is ignored by the organization due to a lack of identification ability. For example, when deficient
knowledge is applied to a situation, a knowledge risk materializes. Relationship risk appears when
ineffective collaboration occurs. Process-engagement risk may be an issue when ineffective
operational procedures are applied. These risks directly reduce the productivity of knowledge workers,
decrease cost effectiveness, profitability, service, quality, reputation, brand value, and earnings
quality. Intangible risk management allows risk management to create immediate value from the
identification and reduction of risks that reduce productivity.

Risk management also faces difficulties in allocating resources. This is the idea of opportunity cost.
Resources spent on risk management could have been spent on more profitable activities. Again,
ideal risk management minimizes spending and minimizes the negative effects of risks.

[edit]Method

For the most part, these methods consist of the following elements, performed, more or less, in the
following order.

1. identify, characterize, and assess threats

2. assess the vulnerability of critical assets to specific threats
3. determine the risk (i.e. the expected consequences of specific types of attacks on specific
assets)
4. identify ways to reduce those risks
5. prioritize risk reduction measures based on a strategy
[edit]Principles of risk management
The International Organization for Standardization (ISO) identifies the following principles of risk
management:[4]

Risk management should:

 create value
 be an integral part of organizational processes
 be part of decision making
 explicitly address uncertainty
 be systematic and structured
 be based on the best available information
 be tailored
 take into account human factors
 be transparent and inclusive
 be dynamic, iterative and responsive to change
 be capable of continual improvement and enhancement
[edit]Process

According to the standard ISO 31000 "Risk management -- Principles and guidelines on

implementation,"[3] the process of risk management consists of several steps as follows:

[edit]Establishing the context

Establishing the context involves:

1. Identification of risk in a selected domain of interest

2. Planning the remainder of the process.
3. Mapping out the following:
 the social scope of risk management
 the identity and objectives of stakeholders
 the basis upon which risks will be evaluated, constraints.
4. Defining a framework for the activity and an agenda for identification.
5. Developing an analysis of risks involved in the process.
6. Mitigation or Solution of risks using available technological, human and organizational
resources.
[edit]Identification

After establishing the context, the next step in the process of managing risk is to identify potential
risks. Risks are about events that, when triggered, cause problems. Hence, risk identification can start
with the source of problems, or with the problem itself.

 Source analysis[citation needed] Risk sources may be internal or external to the system that is the
target of risk management.

Examples of risk sources are: stakeholders of a project, employees of a company or the weather over
an airport.

 Problem analysis[citation needed] Risks are related to identified threats. For example: the threat of
losing money, the threat of abuse of privacy information or the threat of accidents and casualties.
The threats may exist with various entities, most important with shareholders, customers and
legislative bodies such as the government.

When either source or problem is known, the events that a source may trigger or the events that can
lead to a problem can be investigated. For example: stakeholders withdrawing during a project may
endanger funding of the project; privacy information may be stolen by employees even within a closed
network; lightning striking a Boeing 747 during takeoff may make all people onboard immediate
casualties.

The chosen method of identifying risks may depend on culture, industry practice and compliance. The
identification methods are formed by templates or the development of templates for identifying source,
problem or event. Common risk identification methods are:

 Objectives-based risk identification[citation needed] Organizations and project teams have

objectives. Any event that may endanger achieving an objective partly or completely is identified
as risk.
 Scenario-based risk identification In scenario analysis different scenarios are created. The
scenarios may be the alternative ways to achieve an objective, or an analysis of the interaction of
forces in, for example, a market or battle. Any event that triggers an undesired scenario
alternative is identified as risk - see Futures Studies for methodology used byFuturists.
 Taxonomy-based risk identification The taxonomy in taxonomy-based risk identification is
a breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a
questionnaire is compiled. The answers to the questions reveal risks. [5]
 Common-risk checking In several industries, lists with known risks are available. Each risk
in the list can be checked for application to a particular situation. [6]
 Risk charting[7] This method combines the above approaches by listing resources at risk,
Threats to those resources Modifying Factors which may increase or decrease the risk and
Consequences it is wished to avoid. Creating a matrix under these headings enables a variety of
approaches. One can begin with resources and consider the threats they are exposed to and the
consequences of each. Alternatively one can start with the threats and examine which resources
they would affect, or one can begin with the consequences and determine which combination of
threats and resources would be involved to bring them about.
[edit]Assessment

Once risks have been identified, they must then be assessed as to their potential severity of loss and
to the probability of occurrence. These quantities can be either simple to measure, in the case of the
value of a lost building, or impossible to know for sure in the case of the probability of an unlikely
event occurring. Therefore, in the assessment process it is critical to make the best educated guesses
possible in order to properly prioritize the implementation of the risk management plan.

The fundamental difficulty in risk assessment is determining the rate of occurrence since statistical
information is not available on all kinds of past incidents. Furthermore, evaluating the severity of the
consequences (impact) is often quite difficult for immaterial assets. Asset valuation is another
question that needs to be addressed. Thus, best educated opinions and available statistics are the
primary sources of information. Nevertheless, risk assessment should produce such information for
the management of the organization that the primary risks are easy to understand and that the risk
management decisions may be prioritized. Thus, there have been several theories and attempts to
quantify risks. Numerous different risk formulae exist, but perhaps the most widely accepted formula
for risk quantification is:

Rate of occurrence multiplied by the impact of the event equals risk

[edit]Composite Risk Index

The above formula can also be re-written in terms of a Composite Risk Index, as follows:

Composite Risk Index = Impact of Risk event x Probability of Occurrence

The impact of the risk event is assessed on a scale of 0 to 5, where 0 and 5 represent the minimum
and maximum possible impact of an occurrence of a risk (usually in terms of financial losses).

The probability of occurrence is likewise assessed on a scale from 0 to 5, where 0 represents a zero
probability of the risk event actually occurring while 5 represents a 100% probability of occurrence.

The Composite Index thus can take values ranging from 0 through 25, and this range is usually
arbitrarily divided into three sub-ranges. The overall risk assessment is then Low, Medium or High,
depending on the sub-range containing the calculated value of the Composite Index. For instance, the
three sub-ranges could be defined as 0 to 8, 9 to 16 and 17 to 25.

Note that the probability of risk occurrence is difficult to estimate since the past data on frequencies
are not readily available, as mentioned above.

Likewise, the impact of the risk is not easy to estimate since it is often difficult to estimate the potential
financial loss in the event of risk occurrence.

Further, both the above factors can change in magnitude depending on the adequacy of risk
avoidance and prevention measures taken and due to changes in the external business environment.
Hence it is absolutely necessary to periodically re-assess risks and intensify/relax mitigation
measures as necessary.

[edit]Risk Options
This section needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may
be challenged and removed. (August 2010)

Risk mitigation measures are usually formulated according to one or more of the following major risk
options, which are:

1. Design a new business process with adequate built-in risk control and containment measures from
the start.

2. Periodically re-assess risks that are accepted in ongoing processes as a normal feature of business
operations and modify mitigation measures.

3. Transfer risks to an external agency (e.g. an insurance company)

4. Avoid risks altogether (e.g. by closing down a particular high-risk business area)

Later research[citation needed] has shown that the financial benefits of risk management are less dependent
on the formula used but are more dependent on the frequency and how risk assessment is performed.

In business it is imperative to be able to present the findings of risk assessments in financial terms.
Robert Courtney Jr. (IBM, 1970) proposed a formula for presenting risks in financial terms. [8] The
Courtney formula was accepted as the official risk analysis method for the US governmental
agencies. The formula proposes calculation of ALE (annualised loss expectancy) and compares the
expected loss value to the security control implementation costs (cost-benefit analysis).

[edit]Potential risk treatments

Once risks have been identified and assessed, all techniques to manage the risk fall into one or more
of these four major categories:[9]

 Avoidance (eliminate, withdraw from or not become involved)

 Reduction (optimise - mitigate)
 Sharing (transfer - outsource or insure)
 Retention (accept and budget)

Ideal use of these strategies may not be possible. Some of them may involve trade-offs that are not
acceptable to the organization or person making the risk management decisions. Another source,
from the US Department of Defense, Defense Acquisition University, calls these categories ACAT, for
Avoid, Control, Accept, or Transfer. This use of the ACAT acronym is reminiscent of another ACAT
(for Acquisition Category) used in US Defense industry procurements, in which Risk Management
figures prominently in decision making and planning.
[edit]Risk avoidance

This includes not performing an activity that could carry risk. An example would be not buying
a property or business in order to not take on the legal liability that comes with it. Another would be
not flying in order not to take the risk that the airplane were to be hijacked. Avoidance may seem the
answer to all risks, but avoiding risks also means losing out on the potential gain that accepting
(retaining) the risk may have allowed. Not entering a business to avoid the risk of loss also avoids the
possibility of earning profits.
[edit]Hazard Prevention
Main article:  Hazard prevention

Hazard prevention refers to the prevention of risks in an emergency. The first and most effective stage
of hazard prevention is the elimination of hazards. If this takes too long, is too costly, or is otherwise
impractical, the second stage is mitigation.
[edit]Risk reduction

Risk reduction or "optimisation" involves reducing the severity of the loss or the likelihood of the loss
from occurring. For example, sprinklers are designed to put out a fire to reduce the risk of loss by fire.
This method may cause a greater loss by water damage and therefore may not be suitable. Halon fire
suppression systems may mitigate that risk, but the cost may be prohibitive as a strategy.

Acknowledging that risks can be positive or negative, optimising risks means finding a balance
between negative risk and the benefit of the operation or activity; and between risk reduction and
effort applied. By an offshore drilling contractor effectively applying HSE Management in its
organisation, it can optimise risk to achieve levels of residual risk that are tolerable. [10]

Modern software development methodologies reduce risk by developing and delivering software
incrementally. Early methodologies suffered from the fact that they only delivered software in the final
phase of development; any problems encountered in earlier phases meant costly rework and often
jeopardized the whole project. By developing in iterations, software projects can limit effort wasted to
a single iteration.

Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability
at managing or reducing risks.[11] For example, a company may outsource only its software
development, the manufacturing of hard goods, or customer support needs to another company, while
handling the business management itself. This way, the company can concentrate more on business
development without having to worry as much about the manufacturing process, managing the
development team, or finding a physical location for a call center.
[edit]Risk sharing

Briefly defined as "sharing with another party the burden of loss or the benefit of gain, from a risk, and
the measures to reduce a risk."

The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can
transfer a risk to a third party through insurance or outsourcing. In practice if the insurance company
or contractor go bankrupt or end up in court, the original risk is likely to still revert to the first party. As
such in the terminology of practitioners and scholars alike, the purchase of an insurance contract is
often described as a "transfer of risk." However, technically speaking, the buyer of the contract
generally retains legal responsibility for the losses "transferred", meaning that insurance may be
described more accurately as a post-event compensatory mechanism. For example, a personal
injuries insurance policy does not transfer the risk of a car accident to the insurance company. The
risk still lies with the policy holder namely the person who has been in the accident. The insurance
policy simply provides that if an accident (the event) occurs involving the policy holder then some
compensation may be payable to the policy holder that is commensurate to the suffering/damage.

Some ways of managing risk fall into multiple categories. Risk retention pools are technically retaining
the risk for the group, but spreading it over the whole group involves transfer among individual
members of the group. This is different from traditional insurance, in that no premium is exchanged
between members of the group up front, but instead losses are assessed to all members of the group.
[edit]Risk retention

Involves accepting the loss, or benefit of gain, from a risk when it occurs. True self insurance falls in
this category. Risk retention is a viable strategy for small risks where the cost of insuring against the
risk would be greater over time than the total losses sustained. All risks that are not avoided or
transferred are retained by default. This includes risks that are so large or catastrophic that they either
cannot be insured against or the premiums would be infeasible. War is an example since most
property and risks are not insured against war, so the loss attributed by war is retained by the insured.
Also any amounts of potential loss (risk) over the amount insured is retained risk. This may also be
acceptable if the chance of a very large loss is small or if the cost to insure for greater coverage
amounts is so great it would hinder the goals of the organization too much.

[edit]Create a risk management plan

Select appropriate controls or countermeasures to measure each risk. Risk mitigation needs to be
approved by the appropriate level of management. For instance, a risk concerning the image of the
organization should have top management decision behind it whereas IT management would have
the authority to decide on computer virus risks.

The risk management plan should propose applicable and effective security controls for managing the
risks. For example, an observed high risk of computer viruses could be mitigated by acquiring and
implementing antivirus software. A good risk management plan should contain a schedule for control
implementation and responsible persons for those actions.

According to ISO/IEC 27001, the stage immediately after completion of the risk assessment phase
consists of preparing a Risk Treatment Plan, which should document the decisions about how each of
the identified risks should be handled. Mitigation of risks often means selection of security controls,
which should be documented in a Statement of Applicability, which identifies which particular control
objectives and controls from the standard have been selected, and why.

[edit]Implementation

Implementation follows all of the planned methods for mitigating the effect of the risks. Purchase
insurance policies for the risks that have been decided to be transferred to an insurer, avoid all risks
that can be avoided without sacrificing the entity's goals, reduce others, and retain the rest.

[edit]Review and evaluation of the plan

Initial risk management plans will never be perfect. Practice, experience, and actual loss results will
necessitate changes in the plan and contribute information to allow possible different decisions to be
made in dealing with the risks being faced.

Risk analysis results and management plans should be updated periodically. There are two primary
reasons for this:

1. to evaluate whether the previously selected security controls are still applicable and effective,
and
2. to evaluate the possible risk level changes in the business environment. For example,
information risks are a good example of rapidly changing business environment.
[edit]Limitations
If risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that
are not likely to occur. Spending too much time assessing and managing unlikely risks can divert
resources that could be used more profitably. Unlikely events do occur but if the risk is unlikely
enough to occur it may be better to simply retain the risk and deal with the result if the loss does in
fact occur. Qualitative risk assessment is subjective and lacks consistency. The primary justification
for a formal risk assessment process is legal and bureaucratic.

Prioritizing the risk management processes too highly could keep an organization from ever
completing a project or even getting started. This is especially true if other work is suspended until the
risk management process is considered complete.

It is also important to keep in mind the distinction between risk and uncertainty. Risk can be measured
by impacts x probability.

[edit]Areas of risk management

As applied to corporate finance, risk management is the technique for measuring, monitoring and
controlling the financial or operational risk on a firm's balance sheet. See value at risk.

The Basel II framework breaks risks into market risk (price risk), credit risk and operational risk and
also specifies methods for calculating capital requirements for each of these components.

[edit]Enterprise risk management

Main article:  Enterprise Risk Management

In enterprise risk management, a risk is defined as a possible event or circumstance that can have
negative influences on the enterprise in question. Its impact can be on the very existence, the
resources (human and capital), the products and services, or the customers of the enterprise, as well
as external impacts on society, markets, or the environment. In a financial institution, enterprise risk
management is normally thought of as the combination of credit risk, interest rate risk or asset liability
management, market risk, and operational risk.

In the more general case, every probable risk can have a pre-formulated plan to deal with its possible
consequences (to ensure contingency if the risk becomes a liability).

From the information above and the average cost per employee over time, or cost accrual ratio, a
project manager can estimate:

 the cost associated with the risk if it arises, estimated by multiplying employee costs per unit
time by the estimated time lost (cost impact, C where C = cost accrual ratio * S).
 the probable increase in time associated with a risk (schedule variance due to risk, Rs where
Rs = P * S):
  Sorting on this value puts the highest risks to the schedule first. This is intended to
cause the greatest risks to the project to be attempted first so that risk is minimized as quickly
as possible.
 This is slightly misleading as schedule variances with a large P and small S and vice
versa are not equivalent. (The risk of the RMS Titanic sinking vs. the passengers' meals
being served at slightly the wrong time).
 the probable increase in cost associated with a risk (cost variance due to risk, Rc where Rc =
P*C = P*CAR*S = P*S*CAR)
 sorting on this value puts the highest risks to the budget first.
 see concerns about schedule variance as this is a function of it, as illustrated in the
equation above.

Risk in a project or process can be due either to Special Cause Variation or Common Cause

Variation and requires appropriate treatment. That is to re-iterate the concern about extremal cases
not being equivalent in the list immediately above.

[edit]Risk management activities as applied to project management

In project management, risk management includes the following activities:

 Planning how risk will be managed in the particular project. Plan should include risk
management tasks, responsibilities, activities and budget.
 Assigning a risk officer - a team member other than a project manager who is responsible for
foreseeing potential project problems. Typical characteristic of risk officer is a healthy skepticism.
 Maintaining live project risk database. Each risk should have the following attributes: opening
date, title, short description, probability and importance. Optionally a risk may have an assigned
person responsible for its resolution and a date by which the risk must be resolved.
 Creating anonymous risk reporting channel. Each team member should have possibility to
report risk that he/she foresees in the project.
 Preparing mitigation plans for risks that are chosen to be mitigated. The purpose of the
mitigation plan is to describe how this particular risk will be handled – what, when, by who and
how will it be done to avoid it or minimize consequences if it becomes a liability.
 Summarizing planned and faced risks, effectiveness of mitigation activities, and effort spent
for the risk management.
[edit]Risk management for megaprojects
Megaprojects (sometimes also called "major programs") are extremely large-scale investment
projects, typically costing more than US$1 billion per project. Megaprojects include bridges, tunnels,
highways, railways, airports, seaports, power plants, dams, wastewater projects, coastal flood
protection schemes, oil and natural gas extraction projects, public buildings, information technology
systems, aerospace projects, and defence systems. Megaprojects have been shown to be particularly
risky in terms of finance, safety, and social and environmental impacts. Risk management is therefore
particularly pertinent for megaprojects and special methods and special education have been
developed for such risk management.[12] [13]

[edit]Risk management techniques in petroleum and natural gas

For the offshore oil and gas industry, operational risk management is regulated by the safety
case regime in many countries. Hazard identification and risk assessment tools and techniques are
described in the international standard ISO 17776:2000, and organisations such as the IADC
(International Association of Drilling Contractors) publish guidelines for HSE Case development which
are based on the ISO standard. Further, diagrammatic representations of hazardous events are often
expected by governmental regulators as part of risk management in safety case submissions; these
are known as bow-tie diagrams. The technique is also used by organisations and regulators in
mining, aviation, health, defence, industrial and finance. [14]

[edit]Risk management and business continuity

Risk management is simply a practice of systematically selecting cost effective approaches for
minimising the effect of threat realization to the organization. All risks can never be fully avoided or
mitigated simply because of financial and practical limitations. Therefore all organizations have to
accept some level of residual risks.

Whereas risk management tends to be preemptive, business continuity planning (BCP) was invented

to deal with the consequences of realised residual risks. The necessity to have BCP in place arises
because even very unlikely events will occur if given enough time. Risk management and BCP are
often mistakenly seen as rivals or overlapping practices. In fact these processes are so tightly tied
together that such separation seems artificial. For example, the risk management process creates
important inputs for the BCP (assets, impact assessments, cost estimates etc.). Risk management
also proposes applicable controls for the observed risks. Therefore, risk management covers several
areas that are vital for the BCP process. However, the BCP process goes beyond risk management's
preemptive approach and assumes that the disaster will happen at some point.

[edit]Risk communication
Risk communication is a complex cross-disciplinary academic field. Problems for risk communicators
involve how to reach the intended audience, to make the risk comprehensible and relatable to other
risks, how to pay appropriate respect to the audience's values related to the risk, how to predict the
audience's response to the communication, etc. A main goal of risk communication is to improve
collective and individual decision making. Risk communication is somewhat related to crisis
communication.

[edit]Bow tie diagrams

A popular solution to the quest to communicate risks and their treatments effectively is to use bow
tie diagrams. These have been effective, for example, in a public forum to model perceived risks and
communicate precautions, during the planning stage of offshore oil and gas facilities in Scotland.
Equally, the technique is used for HAZID (Hazard Identification) workshops of all types, and results in
a high level of engagement. For this reason (amongst others) an increasing number of government
regulators for major hazard facilities (MHFs), offshore oil & gas, aviation, etc. welcome safety case
submissions which use diagrammatic representation of risks at their core.

Communication advantages of bow tie diagrams: [14]

 Visual illustration of the hazard, its causes, consequences, controls, and how controls fail.
 The bow tie diagram can be readily understood at all personnel levels.
 "A picture paints a thousand words."
[edit]Seven cardinal rules for the practice of risk communication
(as first expressed by the U.S. Environmental Protection Agency and several of the field's founders [15])

 Accept and involve the public/other consumers as legitimate partners.

 Plan carefully and evaluate your efforts with a focus on your strengths, weaknesses,
opportunities, and threats.
 Listen to the public's specific concerns.
 Be honest, frank, and open.
 Coordinate and collaborate with other credible sources.
 Meet the needs of the media.
 Speak clearly and with compassion.

Styles of investment strategy

Fundamentals
Main article:  Fundamental analysis

Investing in real assets is generally accepted as one of the best ways to achieve real investment
growth over time. However, the methods used to make investments are manifold and often split
people into opposing camps. Assuming that it is accepted that a number of different holdings are
selected to spread risk then the logical progression is to ask by what method are holdings selected?
At this point when considering Bonds or shares or any other easily definable market then two camps
are formed: those who believe that it is impossible to know which stocks will do well and those who
believe it is possible to predict which stocks will perform better than others. If you believe it is possible
to select the stock which will do well you will actively manage your investment buying and selling upon
whichever principles you decide. If you believe it is not possible to predict performance you will
purchase your stock upon whichever criteria you feel is appropriate and hold those investments
accordingly.