Project Risk Management : Assessment of Risk

Sources

Goutam Dutta
Indian Institute of Management
Ahmedabad 380015
India
goutam@iimahd.ernet.in
 Many
interactions
C
O
M
P
L
E
X Few
I Interactions
T
Y

2
Variations Foreseeable Unknown
Events Unknowns
 Many
interactions
C
O
M Planning
P (with buffers to
L accommodate
E Variations )
X Few CPM
I Interactions PERT
T
Y

3
Variations Foreseeable Unknown
Events Unknowns
 Many
interactions
C
O
M Planning Project Risk
P (with buffers to Management
L accommodate Decision tree
E Variations ) Simulations
X Few CPM Risk registers
I Interactions PERT
T CCPM
Y

4
Variations Foreseeable Unknown
Events Unknowns
Outline
• What is Project Risk ?
• What were Project Risk in JVSL ?

5
Outline
• What is Project Risk ?
• Stakeholder’s Analysis
• Techniques for Analyzing Project Risk
• Qualitative Risk Management

6
What is Project Risk ?
• The term risk is used in many ways in everyday language and
in various specialist disciplines.
• Project Risk is an uncertain event or condition that if it occurs
has positive or negative effect on Project’s Objective

• (Ref : PMBOK, 4th Edition)

7
 MANAGING RISK IN PROJECTS

• How sources of risk in projects are identified

• How risks are assessed or measured in term of likelihood,
impact & consequences
• Appropriate ways of dealing with risk
• Risk=f (likelihood (or probability), impact (consequences))

8
 Risk=f(p,c)
Risk=f(p,c,q)

9
Risk=f(p,c,q,d)
f=function
p=probability
c=consequence
q=frequency
d=ease of detection
Approaches in Project Risk
Management
• Project Management Institute (PMI)
• Association for Project Management , UK (1997) PRAM Guide
• As/NZS 4630 Risk Management Standards association of
Australia
• IEC 62198 (2001) Project Risk Management Applications
Guidelines
• Office of Government Commerce (OGC) UK (2002)
Management of Risk
• Treasury Board of Canada (2001) integrated Risk Management
Framework

10
11
 Alignment of simplified (macrophase) portrayals of the SHAMPU
(Shape, Harness, And Manage Project Uncertainty) process
the basic nine phase middle level (five phase) simplest (three phase)
SHAMPU process portrayal portrayal
define the project clarify the basis of shape the project strategy
analysis
focus the process

identify the issues execute the qualitative

analysis
structure the issues
clarify ownership
estimate variability execute the quantitative
analysis
evaluate implications

harness the plans harness the plans harness the plans

12
manage implementation manage implementation manage implementation
 Table Approximate alignment of SHAMPU and the PMBOK (Project
Management Book Of Knowledge) Guide
nine phases PMBOK Guide phases (major
processes)
define the project Risk Management Planning
focus the process
Risk identification
identify the issues Qualitative Risk Analysis
structure the issues Quantitative Risk Analysis
clarify ownership
estimate variability
evaluate implications Risk Response Planning

harness the plans

manage implementation Risk Monitoring and Control 13
 (All Figures in Rs Lakhs)
Expected
Min Max Cost Risk Cost
Project A 24000 28000 26000 1154.70

Project C 25000 27000 26000 577.35

Project D 24000 26000 25000 577.35

Project B 23500 26500 25000 866.03

Project E 23500 26000 24750 721.69

14
Project Risk Management Objective
• Enhance the capability of the organization
• Extend the organization’s overall risk management process to
Projects and Apply them in a consistent way
• Enhance the management of the process across the organization
and obtain better project outcome in terms of schedule ,cost ,
operations performance , by reducing risks and capturing
opportunities

15
16
17
 Project Risk Management
• Stake holder’s Analysis
• Project Risk Identification
• Project Risk Assessment
• Project Risk response Planning

18
What is the response to uncertainty ?

19
 Risk Attitudes

20
©Understanding and managing Risk attitude by D.Hillson &Ruth Murray-Webster .
Initial Risk attitude in a situation

21
.
©Understanding and managing Risk attitude by D.Hillson &Ruth Murray-Webster
Situational risk Attitude

22
©Understanding and managing Risk attitude by D.Hillson &Ruth Murray-Webster .
• Who are the stakeholders in a Government Project Function ?

23
 Stakeholders
end users
employees public interest groups

contractors
local government

competitors project affected community

regulatory agencies
financial institutions 24

project team
 Stakeholders in a Procurement Project for a Government Agency

Government Agency Executive Management

Agency Business Units in Procurement Process
Agency Users

Government and their Ministers National Government

Portfolio Ministers
State and local Government

Other Government Departments Central Funding Agencies

Finance provider Financial Institutions and Their Depositors

Industry Suppliers Capability

Communities Local Business who benefit directly 25

Local Business who benefit indirectly
Local Communities and neighbours of a project site
• Who are the stakeholders in Private Industry Project ?

26
 Stakeholders in a Procurement Project for a Private Sector Agency

Senior Management Major Shareholders

The Board
Business Units with an interest in the Project Sponsoring Business Units (users)
Engineering function
Maintenance Functions
Other users
Administrative and Support Functions
Staff Operators
Maintenance persons
Industry Contractors
Suppliers and service providers
Commercial counter parts Purchasers and users of Products
Shippers
Regulators Construction and Building Approval regulators
Occupational Health and safety regulators
Environmental Protection agencies
27
Community Public and local area
Wider Community outside local area
Project References

Stakeholder Key Issues and Objectives

Compiler Date Reviewer Date

28
Project References

Stakeholder Key Issues and Objectives

Compiler Date Reviewer Date

29
 Table - Criteria and measure for a small-scale project (case example)
Criteria Notes Measures
Cost The installation and testing must be completed Budget $$, plus 30 hours of internal
within allocated budgets management time

Disruption The disruption to current operations must be
minimized
Functionality The new equipment should have comparable
functionality and operator interfaces
Quality The operators and the user agency require
reliable equipment
Timing The products must be delivered and
commissioned by the specified date to meet the
purchaser’s business obligations
Training All staff must be trained on the new equipment
Lost processing time less than 40
terminal hours
New equipment to pass standard
Benchmark Tests 1 (100%) and 2
(98%)
Down time less than 5 minutes per
month over the first six months’
operation
Phase 1 equipment commissioned by 7
April; phase 2 by 14 May; system test
completed by 21 May
All operator conversion training
completed by 3 April

30
Tools and Techniques for
Identifying project risk
1. Brainstorming
2. Examination of local or overseas experience with similar
activities and projects and Post-completion project report and
post-completion audit
3. Checklist
4. Interviews and focus group discussion
5. Scenario analysis
6. Delphi
7. Surveys and questionnaire
8. Work breakdown structure analysis
31
Brainstorming process – list of
participants
• The project manager and the project team;
• Project sponsors and site representatives;
• Discipline engineers;
• Experts with specific knowledge in particular areas of concern, where
there may be insufficient expertise in the project team;
• Commercial specialists;
• Health, safety and environmental specialists;
• People with experience in similar previous or current projects
• Users of the project outcomes;
• Key stakeholders who need to be confident in the project and the project
management process before approvals are granted.

32
Brainstorming
1. Facilitator
2. Team Members
3. Process of brainstorming

33
Brainstorming Process
• The risk element is identified by someone familiar with it, so that
everyone understands what is being considered.
• The team spends a few moments thinking about the possible risks
and noting them on rough paper.
• The member most familiar with the element writes the initial risk list
on the whiteboard, without comments from the other participants.
• The other participants then make their contributions to the list.
Typically, the list may double in size in this step. No judgements
should be made up to this point.
• The team reviews the list, classifying and grouping similar risks
where appropriate, and adding new ones as ideas are generated.
The list can then be simplified if necessary. The aim is usually to
generate a list of about ten risks for each item, although this will
vary widely depending on the element being considered.
• At the end of this process, the idea is to get about 10 risk sources. 34
Experience with similar
projects
• Whenever available, the risk assessment from previous
projects may be an ideal guide. However, information from
previous projects have their own limitations.
• Care must be taken that undue emphasis is not placed on
unusual events that have a high profile for participants
because of their personal involvement.

35
Checklists
• Lists of factors that can affect the risk in a project
• Specify levels of risk thought to be associated with risk source
(Risk Checklists)

36
Risk Checklist 1

• RISK SOURCES • RISK LEVEL

Status of
implementation plan
• 1) No plan required • 1)None
• 2) Standard plan, • 2)Low
existing, complete
• 3)Plan being prepared • 3)Medium
• 4) plan not started • 4)High 37
Risk Check List 2
• Number of interfaces • Risk Level
between modules

• 1) Less than 5 • 1)None

• 2) 5-10 • 2)low
• 3) 11- 20 • 3)medium
• 4) More than 20 • 4) High

38
Risk Check List 3

• Percentage of system • Risk Level

components
requiring tests

1) 0-1 None
2)2-10 Low
3)11-30 Medium
4) over 30 High
39
Work Breakdown Structure
1. Risk can be identified through analysis of the work
breakdown structure.
2. Every work package is scrutinized for technical hurdles
and potential problems with management, customers,
suppliers, and equipment and resource availability.
3. Within each work package, processes or end-items are
assessed for internal risks in terms of, e.g., complexity,
maturity, quality, and concurrency or dependency.
4. Each work package is also assessed for external risks,
such as the risk associated with relying on a
subcontractor to perform and manage a work package.
40
Delphi Technique
• The Delphi method (pronounced DEL-fy) is a structured communication
technique, originally developed as a systematic, interactive
forecasting method which relies on a panel of experts.[1]
• In the standard version, the experts answer questionnaires in two or
more rounds. After each round, a facilitator provides an anonymous
summary of the experts’ forecasts from the previous round as well as the
reasons they provided for their judgments. Thus, experts are encouraged
to revise their earlier answers in light of the replies of other members of
their panel. It is believed that during this process the range of the
answers will decrease and the group will converge towards the "correct"
answer. Finally, the process is stopped after a pre-defined stop criterion
(e.g. number of rounds, achievement of consensus, stability of results)
and the mean or median scores of the final rounds determine the
results.[2]
• http://en.wikipedia.org/wiki/Delphi_methodRef :

41
Scenario Analysis
• It is based on the decision theory where you
identify a decision node and event node and draw a
decision tree

• You make several event node and alternate node to

represent alternatives. You also compute the pay
off in the form of expected monetary value to the
organization

42
Alternatives

Project A

Project B

43
Event Nodes
Circles to represent uncertainty

44
Cause and effect Diagram
Also known as Ishikawa diagram
it is an useful tool in quality analysis

45
Ref : sysanal.pbworks.com/f/Cause-and-Effect+Diagram.ppt (next five slides)
46
How do I do it? (continued)
• 3. Draw fishbone diagram
• Place the effect at the head of the “fish”
• Include the 6 recommended categories shown below
People Method Machine

Problem
or Issue

Material Environment Measurement System

47
48
Focused Group Discussion

• A focus group is a form of qualitative research in

which a group of people are asked about their
perceptions, opinions, beliefs and attitudes towards
a product, service, concept, advertisement, idea, or
packaging.[1] Questions are asked in an interactive
group setting where participants are free to talk with
other group members.
• (Ref: http://en.wikipedia.org/wiki/Focus_group)
49
 Questionnaire and Survey’s

A questionnaire is a research instrument consisting of a series of questions and other

prompts for the purpose of gathering information from respondents.

Although they are often designed for statistical analysis of the responses, this is not
always the case. The questionnaire was invented by Sir Francis Galton.[

Questionnaires have advantages over some other types of surveys in that they are
cheap, do not require as much effort from the questioner as verbal or telephone
surveys, and often have standardized answers that make it simple to compile data.
However, such standardized answers may frustrate users.

Questionnaires are also sharply limited by the fact that respondents must be able to
read the questions and respond to them. Thus, for some demographic groups
conducting a survey by questionnaire may not be practical.

As a type of survey, questionnaires also have many of the same problems relating to
50
question construction and wording that exist in other types of opinion polls.

Ref: http://en.wikipedia.org/
Risk Identification
• Risk of failure
• Risk of opportunity

51
Risk Identification
• Acceptable risk depends on the risk tolerance of project
stakeholders & managers
• Risk of failure implies that a project might fall short of
schedule , budget or technical goals by large margin
• Risk of opportunity which are events that could lead to reward
, saving or benefit.

52
 Can you identify risks that could lead
to project failure ANYTIME?

53
Identify the risk and Opportunity!!!

54
High risk in projects typically stem
from
• Using an unusual approach
• Attempting to further technology
• Training for new tasks or applying new skills
• Developing & testing of new equipment, system or procedures

56
Sources Of Risk
• Internal Risk
• External risk

Any factor with an uncertain probability of occurring that can

influence the outcome of a project is considered a risk source.

57
Internal risk
a) Market Risk
b) Technical Risk

The most difficult part of risk

identification is discovering things
you don’t already know
58
Sources of market risk includes

• Incompletely or inadequately defined market or

customer needs & requirements
• Failure to identify changing needs & requirements
• Failure to identify introduced products by
competitors

59
Technical Risk
• Risk of not meeting time, cost, or performance requirements
due to technical problems with the end item or project
activities.
• One approach to expressing technical risk is to rate the risk of
project end item or primary process as being high, medium or
low according to following features:

60
 Perform Qualitative Risk Analysis
 Is the process of prioritizing risks for further analysis or action
by assessing and combining their probability of occurrence
and impact.

• Risk register
• Risk management plan

Outputs
• Risk register updates
Inputs

• Project scope statement

• Organizational process assets

•Risk probability and impact assessment

•Probability and impact matrix
•Risk data quality assessment
•Risk categorization
•Risk urgency assessment
•Expert judgment
61
Tools & Techniques
Qualitative Risk Analysis
Basic priority-setting matrix (2X2)
Consequence
Likelihood Low High
High Medium risk High risk
Low Low risk Medium risk

62
 More detailed priority-setting matrix
(5x5)

Consequences 
Likelihood Insignifican Minor Moderat Major Catastrophic
t e
Almost Medium Medium High High High
certain
Likely Low Medium Medium High High
Possible Low Medium Medium Medium High
Unlikely Low Low Medium Medium High
Rare Low Low Low Medium Medium
63
 Consequence scale for a repetitive procurement
Rating Consequence description
A Catastrophic Extreme event, potential for large financial costs or
delays, or damage to the organization’s reputation
B Major Critical event, potential for major costs or delays, or
inappropriate products
C Moderate Large impact, but can be managed with effort using
standard procedures
D Minor Impact minor with routine management procedures
E Insignificant Impact may be safely ignored

64
Ratings Likelihood description
The potential for problems to occur and lead to the assessed consequences
Category Frequency Probability Explanation
A Almost Very high, may occur at least several Over 0.8 A similar outcome has arisen
certain times per year several times per year in the
same location, operation or
activity

B Likely High, may arise about once per year 0.5-0.8 A similar outcome has arisen
several times per year in this
organization

C Possible Possible, may arise at least once in a 0.1-0.5 A similar outcome has arisen at
1-10-year period some time previously in this
organization

D Unlikely Not impossible, likely to occur during 0.02-0.1 A similar outcome has arisen at
the next 10 to 40 years some time previously in a
similar organization

E Rare Very low, very unlikely during the Less than 0.02 A similar outcome has arisen in
next 40 years the world-wide industry, but65
not in this organization
 Extended Likelihood Ratings
Lev Descripto Description Frequency Probability
el r
A Almost Very high, may occur at least once 1 per year 0.8-1
certain per year
B Likely Likely to arise at least once in a 1- 1 per 5 years 0.2-0.8
5 year period
C Possible Possible, may arise at least once 1 per 10 0.1-0.2
in a 1-10-year period years
D Unlikely Not impossible, could occur at 1 per 25 0.04-0.1
some time during the life of the years
facility
E Very May occur only in exceptional 1 per 100 0.01-0.04
Unlikely circumstances years
F Rare 1 per 1000 0.001-0.01
66
years
G Very rare 1 per 10,000 0.0001-
years 0.001
Analysis of Opportunity and Risk

67
68
69
 Combined Opportunity and Risk Analysis matrix

Negative consequences Positive consequences

Catastrophic

Insignificant

Insignificant

Outstanding
Moderate

Moderate
Minor

Minor
Major

Major
-A -B -C -D -E Likelihood +E +D +C +B +A
-E -E -H -H -M A M H H E E

Almost certain
-E -H -H -M -M B M M H H E

Likely
-E -H -H -M -L C L M H H E

Possible
-H -M -M -L -L D L L M M H

Unlikely
-H -M -M -L -L E L L M M H

Rare
70
 Table Approximate alignment of SHAMPU and the PMBOK (Project
Management Book Of Knowledge) Guide
nine phases PMBOK Guide phases (major
processes)
define the project Risk Management Planning
focus the process
Risk identification
identify the issues Qualitative Risk Analysis
structure the issues Quantitative Risk Analysis
clarify ownership
estimate variability
evaluate implications Risk Response Planning

harness the plans

manage implementation Risk Monitoring and Control
71
72
Semi Quantitative Risk assesment
Assessment
• We take the example of IT Project Management

• We discuss the project with respect to the

following
• Maturity
• Complexity
• Integration
• Commercial risk management
• Cost Increase
73
 Table : Maturity Factors
Measure Hardware Maturity Software maturity
0.1 Rare Existing Existing
0.3 Unlikely Minor redesign Minor redesign, modification to
computer software
configuration items (CSCI) and
software patches
0.5 Possible Major Changes possible; Major changes feasible;
New line replacement and Significant changes to CSCIs.
changes in secondary
structures
0.7 Likely Technology available, New CSCI within the software
substantial design effort is environments
required
0.8 Highly likely State of the art: Some New CSCI outside the software
research complete environments

0.9 Almost Other more substantial New CSCI within the software
74
Certain maturity risk environments
 Table : Complexity factors
Measure Hardware Maturity Software maturity
0.1 Rare Simple or existing design Simple or existing
design
0.3 Unlikely Minor increase in Minor increase in
complexity complexity
0.5 Possible Moderate increase in Moderate increase in
Complexity Complexity
0.7 Likely Significant increase in Significant increase in
complexity complexity
0.8 Highly likely Extremely complex new Highly complex new
design design, very large
database, complex
database executive
0.9 Almost Other more substantial Other more
Certain Complexity risk substantial 75
Complexity risk
 Table : Integration and Interfacing factors
Measure Integration and Interfacing Dependency
0.1 Rare None required Independent of existing system,
facility and associate contractor
0.3 Unlikely Minor Integration and Interfacing Schedule dependent on existing
required system schedule, facility and
associate contractor
0.5 Possible Major Integration and Interfacing Performance dependent on
required, but done before EXISTING system schedule, facility
and associate contractor
0.7 Likely Major Integration and Interfacing Schedule dependent on NEW
required, but never done before system schedule, facility and
associate contractor
0.8 Highly likely Major Integration and Interfacing Performance dependent on NEW
required, R&D effort is required system schedule, facility and
associate contractor
0.9 Almost Other more substantial integration and Other more substantial
Certain integration and Interfacing Risk dependency risk
76
 Table : Commercial Risk and Management Process Factors
Measure Commercial Risk Management Process
0.1 Rare No subcontracting Existing Management Process
adequate
0.3 Unlikely Minor subcontracting of non Minor modifications needed
critical items to existing management
systems and procedures
0.5 Possible Minor subcontracting of Major modifications needed
critical items to existing management
systems and procedures
0.7 Likely Significant subcontracting Sophisticated management
accredited to subcontractor, system required
not single source
0.8 Highly Single source accredited New or complex management
likely supplier of critical elements system required to be
77
developed
0.9 Almost Other more substantial Other more substantial
Certain commercial risk Process l risk
 Table : Cost Increase, Schedule Delay and Performance Degradation
Measure Cost factor Schedule factor Performance factor
0.1 Insignificant Budget estimates not Negligible impact, slight Minimal or
exceeded, some transfer schedule change unimportant
of money compensated by performance impact
available schedule slack

0.3 Low Project Cost estimates Minor slip in schedule Small reduction in
exceed budget by 1-5% less than 1 month performance
0.5 Moderate Project Cost estimates Small slip in schedule Some reduction in
exceed budget by 5-10% less than 1-3 month performance
0.7 Very high Project Cost estimates Project schedule slip Significant reduction
exceed budget by 10-20% from 3 to 6 months. in performance
0.9 Catastrophic Project Cost estimates Large Project schedule Key performance
exceed budget by more slip, key milestones not criteria not achieved
than 20% achieved

78
79
Simplifying the Risk Management
Process
• A simple risk Management Process may classify all the risk as
• Type 1 (Low to Medium) ,
• Type 2 (medium to high ) or
• Type 3 (high)
• High risk requires that a risk co ordinator may be appointed

80
 Project Risk Characteristics
Type 1 Type 2 Type 3
Perceived Low to Medium Medium to High High
Level of Risk
Contract Value < 150000 $ < 5 million Over 5 million
Time Frame 3 months <12 months Over 12 months
Scope Simple to moderate Moderate to Complex
Complex
Potential Impact on Little or no Quality or Potential for some Potential for
Project Quality and Production Impact quality or production significant quality or
Production impact production impact
Potential Health, Little or No HSE Potential for Some Potential for
safety and impact HSE Impact significant HSE
Environmental impact
(HSE)Impact
Potential Commercial Little or no Potential for some Potential for
Impact Commercial impact Commercial Impact significant
Commercial impact
Number of Parties Few Several Many
Commercial Structure Standard Terms of Standard Terms but Unique Contract 81
engagement amended by special Conditions
conditions
Case Example : Single point
Mooring
• This case example concerns the tender evaluation in which a very
simple consideration of risks was a primary determinant of preferred
tender for the overhaul of single point mooring (SPM) . In particular, it
demonstrates that quick risk review can provide an useful information
without a large effort and this can add significant value to business
decision
• The single point mooring is device in loading crude oil onto tankers.
There are many SPM designs varying in size and complexity according to
oil volume requirements for tanker loading, the depth of water and
weather. A single point mooring system consists of
• A floating steel structure , moored to the sea bed
• Under-buoy hose connections to on shore oil tanks
• Connections to floating flexible hoses for tanker loading
• Pumps, valves, measuring devices and control system on and insider the
SPM structure

• (Ref Dale Copers et al, 2005) 82

Single Point Mooring System

Current oil tanker day rates dictate that

product transfer operations, between tankers
and storage facilities via single point mooring
buoys, be carried out as quickly and safely as
possible within a given weather window.

83

Ref : http://www.mitchamindustries.com
 Summary of Tenders

Features Tender A Tender B

Quoted Price Less than US $ 500,000 Less than US $ 500,000 *
(inclusive of owner’s
cost)
Planned Schedule 35 days 45 days
durations
Mobilizations 30 days 60 days
Experience Worked with client before Never worked with client
on SPM overhaul over a before , but had
period of 12 years undertaken the similar
projects with other
clients
Lifting Process Dry Rock Cranes

Three quotations were submitted, but one was rejected a pre qualification
84
stage
*Tender B was marginally cheaper (0.5%) than tender A
 Benefits of selecting Tender A
Benefit Implications
Duration of the With the stand buy buoy and its restricted flow rates, loading is
work shorter by expected to take 29 hours. Demurrage is payable if loading extends
10 days beyond 30 hours. Delays are unlikely with careful management of
loading operations

However, if there is a delay it will be costly for the owner. The extended
use of a stand-by buoy increases this risk.
Faster This provides more flexibility and better planning with less risk to
mobilization loading schedule
More More experienced personnel will do a better job. This is particularly
Experienced important when refurbishing some of the control equipment in the SPM,
personnel which requires careful handing

More experienced personnel is likely to generate fewer contract

variations and speed of rectification of latent defects
Long history with This is likely to provide a better project and commercial outcomes, due
client to god working relationship between the companies

Dry Rock instead Tender A will use a dry rock for overhaul, while Tender B will use a crane.
of cranes Dry rock will impose less structural stress on the buoy, providing better 85
life extension
Ref : (Dale Coopers et al, 2005)
Risk Matrix
Pls give the no. of residual risks in the appropriate boxes

Probability
A -Most Likely
1.00>P>0.75

B -Likely
0.75>P>0.50

C -Occasional
0.50>P>0.25

D -Unlikely
0.25>P>0.10

E -Remote
0.10>P>0.00

Severity V IV Minor III II Major I

Insign 0.25>S>0.5 Signif 1.0<S<2.0 Catas
ificant icant trophi
S<0.25 0.5<S<1.0 c
S>2.0

Critical
Severity: As a % age of Project Value
High
86
Medium
Low
 Example risk summary sheet for a simplified risk assessment process
Key elements and issues No. Risks Controls C L Initial Agreed Actions and
priority priority responsibility
Regulatory regime
Business objectives
Commercial
Political and community
Contractual and legal
Safety
Industrial relations and
human resources
Capital requirements
Resources
Timing and schedule
Technical and performance
Customers
Suppliers
Infrastructure
Assets
Monitoring and
management systems
Finance and administration 87
Others
...

Scenario
1. Natural disaster
2. Accidental digging into the
pipeline
3. Purposeful attempt to tap into
the pipeline to obtain water
4. Pipeline failure due to poor
installation and testing
Pipeline failure scenarios
Description
A landslip or earthquake that breaks the pipeline across its full
diameter. The water would generate a mudslide that impacts on the
village, kills many people, destroys many homes and received national
and possibly international press coverage.
A large leak due to mechanical impact. The water would generate a
mudslide that impacts on the village, kills many people, destroys
many homes and receives national and possibly international press
coverage.
The effect would be a hole in the pipeline (estimated as a 25-50 mm
hole near the top of the pipe) and the likely death of the person
tapping into the pipe. The lead would have to continue for an hour or
more to cause any flooding damage, but it would be very obvious (a
fountain). There would be no other fatalities.
A failure when the pipeline is fully pressurized with water, with a
break in the worst case up to the full diameter of the pipe. This would
cause a flood and mudslide into the village with the potential for
multiple fatalities.
88
 Contributing factors to pipeline failure
Scenario Contributing factors
1. Natural Earthquakes have occurred in the region, but none have involved faulting and shear
disaster forces capable of breaking a pipeline.
A major earthquake of this magnitude would cause a great deal of damage of which the
pipeline rupture would be a relatively minor part.
The frequency of this was estimated as less than once per 1,000 years, a very rare event.

2. Accidental The only excavators in the village belong to contractors, most of whom have a working
damage relationship with the company and are therefore highly likely to know of the line.
There will be a maintenance access road beside the line. It will be used for regular
inspections.
There will be signage along the route indicating the pipeline location.
The villagers do and will know of the existence of the line.
The local authority has a strict permitting system for the kind of work that might dig
into the line. The process would involve consideration of the pipeline.
A second pipeline may be installed in the future, and this would most likely run in the
same easement. It is conceivable that the installation contractor for the new line could
accidentally dig into the operating water line.

3. Wilful It is most unlikely that an attempt would be made to tap the pipeline in the open above
damage the village. It is more likely to occur in a concealed location, such as in the valley and
therefore with a lower risk of a significant impact on the village. 89

4. Poor Poor pipeline installation and testing procedures without precautions would contribute
installation to this.
 Pipeline scenario risk assessment
Scenario Consequences Likelihoo Level of
d risk
1. Natural Catastrophic (multiple Rare Medium
disaster fatalities and large scale
damage)
2. Accidental Catastrophic (multiple Unlikely High
damage fatalities and large scale
damage)
3. Wilful damage Major (single fatality and Possible High
significant damage)
4. Poor Catastrophic (multiple Unlikely High
installation fatalities and large scale
damage)

90
 Consequence scale for the water pipeline
Rating Potential impact on the criteria

A Catastrophic Most criteria may not be achieved, several

severely affected, includes multiple fatalities
B Major Most criteria threatened, one severely affected,
includes a single fatality
C Moderate Some criteria affected, considerable effort to
rectify, includes severe injury
D Minor Remedied, with some effort the criteria can be
achieved, includes injuries requiring treatment

91
E Insignificant Very small impact, rectified by normal processes,
includes very minor injuries
 Likelihood rating for the water pipeline
Rating Interpretation
A Almost Very high probability of occurrence, could occur
certain several times during a year

B Likely High probability, may arise once in a one to two

year period

C Possible Possible, reasonable probability that it may arise

during a five to ten year period

D Unlikely Plausible, but could occur during the next ten to

twenty years

E Rare Very low likelihood, but not impossible, unlikely

92
during the next ten years
93
94
95
RISK CONSEQUENCES
Risk consequence is function of risk likelihood & risk impact
Two ways to express risk consequence
• Numerical rating
RCR=CLF+CIF-CLF*(CIF)
• Expected value
Risk consequence= Impact * Likelihood

96
Expected Cost Computation

Basic Cost Estimate

(1-p)
(BCE)

Basic Cost Estimate + Corrective

p Cost
(BCE+CC)

Expected Cost = (1-p) BCE + p (BCE+CC)

= BCE + p*CC 97
Expected Time Computation

Basic Time Estimate (BTE)

(1-p)

Basic Time Estimate + Corrective

p
Time
(BTE+CT)

Expected Cost = (1-p) BTE + p (BTE+CT)

= BTE + p*CT 98
PERT
• The PERT method was intended by it’s originator
to account for risk in project scheduling .
• It is a way to warn managers of the need to
compensate for the consequence of a risk on
project duration
• The PERT method provides a way for measuring
the consequence of risk on project completion
times

99
Risk Priority
• Projects are subject to numerous risks yet only a few are
important enough to merit attention.
• Once the risk consequences for a project have been
computed, they are rank- ordered & those with moderate to
high consequence are given a second look

100
Drawback with specifying risk priority
using expected value of risk consequence
(likelihood* impact)

Low likelihood risks are sometimes ignored even when they may have
potentially severe, even catastrophic impact
For eg. The nuclear meltdown at Chernobyl was a result of six errors
in human action, the likelihood of which was very small, but they
did happen.

101
Contd:
Result
• Several dozen deaths
• Several hundred hospitalizations
• 135,000 evacuations
• Long term Impact, an estimated 5,000 to 24,000 additional
cancer deaths in the former Soviet Union and more
throughout Europe and Asia.

102
Lesson
Any risk with severe impact should be carefully considered, no matter
how small the likelihood

103
Risk Response Planning
• Transfer the risk
• Avoid risk
• Reduce risk
• Contingency planning
• Accept risk

104
Transfer The Risk
Risk can be transferred partly or fully from the customer to
contractor or vice versa, using contractual, incentives,
warranties or penalties attached to project performance, cost
schedule measures

105
Transfer the Risk
• Impossible to entirely transfer risk
• Transfer of risk is usually a transfer of authority
• Transfer of one kind of risk usually means inheriting another
kind of risk

106
Avoid Risk

Risk can be avoided by

• Altering original project concept (eliminating
risky activities, minimizing system complexity,
reducing end-item quality requirements)
• Changing contractors
• Incorporating redundancies & safety
procedures & so on.
It is better to reduce risk at acceptable level rather
than completely avoid risk
107
Reduce Risk
• Employ the best technical team
• Base decision on models &
simulations of key technical
parameter
• Use mature, computer-aided system
engineering tools
• Use parallel development on high-risk
tasks 108
Contd:
Contd:

• Provide the technical team with adequate incentives for success

• Hire outside specialists for critical review & assessment of work
• Perform extensive tests & evaluations
• Minimize system complexity
• Use design margins

109
How can you minimize system complexity?

110
Contingency Planning
In contingency planning you
• Identify the risks, anticipate whatever might happen
• Prepare a detailed plan of action to cope with it
• Multiple contingency plans can be developed based upon
“What if” analyses of possible outcomes for multiple risk

111
Contingency Action
• Post-hoc remedial action to compensate for the risk impact
• Action taken in parallel to the original plan
• Preventive risk symptoms to mitigate the risk impact

112
Accept [Do Nothing]

This response would not be chosen for risks where the impacts
or consequences are potentially severe

113
RISK MANAGEMENT
PRINCIPLES

114
 Risk management plan

Create a risk management plan

• Specifies ways to identify all major project risks
• Then create a risk profile for each identified risk.
• The plan should specify the person responsible
for managing risks as well as methods for
allocating time & funds from risk reserve

115
Risk Profile
The risk profile for each risk include
• Likelihood
• Cost & schedule impact
• Contingencies to be invoked
• Specify the earliest visible symptoms that indicate the risk
materializing
• High-risk areas should be visible & have lots of eyes watching
closely
• Contingency plans should be kept up –to-date & reflect project
progress & emerging risks

116
 Risk officer

• A Risk officer should be appointed whose principle responsibility

is risk management.
• The risk officer should not be the same person as project
manager because the role involves matters of psychology &
politics

117
 Risk reserve

• The budget & schedule should include a calculated

risk reserve, which is a buffer of money, time &
other resources for dealing with risks as they
materialize.
• The risk reserve is used at project manager’s
discretion to cover risks not specifically detailed in
risk profile.
• The size of risk reserve should be estimated
carefully because a reserve that is too large can
actually increase the time & cost of project. 118
 Continuous Monitoring

• Risks must be continuously monitored & risk management plan

updated to account for emerging or potential risks.
• The project manager must be alert to emerging problems from
unknown hazards.
• Even known risks may take a long time before they begin to
produce problems, so they need to be carefully monitored

119
Communication channels
• Establish communication channels within the project team to
ensure that bad news quickly gets to project manager.

120
 Project Documentation
Specify procedures to ensure accurate
comprehensive project documentation
• Documentation includes proposals , detailed
project plans, change requests, summary reports,
& post completion summaries.
• In general, the better the documentation of past
projects, the more information available for
planning future , similar projects ,estimating
necessary time & resources & identifying possible
risks & associated outcomes.
121
Expect the Unexpected
• Risk management might lead to believe that everything that
could possibly go wrong has been anticipated and covered.
• Although its true that most risks can be covered in risk
planning, it is rare that all of them can.
• Thus it better to expect the unexpected for coping with risk
than preparing extensive plans and believing that the
unexpected has been eliminated.

122
Risk management Caveats

123
Risk Management Caveats
• Risk management itself can create risks
• Misunderstanding or misapplication of concepts
associated with risk management can stymie a
project and actually leave the project personnel
worse prepared to deal with emerging problems
• Project managers and supporters might be
emboldened to take risks they might not take
otherwise

124
Contd:
Contd:

Risk management Caveats

• Inputs in risk analysis are subjective, after all, a likelihood
indicates what MIGHT happen rather than what WILL
happen.
• Underestimating the risk likelihood or impact can make
consequences seem insignificant leading people to take
dangerous steps which they would not have taken otherwise.
• Eliminating risks stifles innovation

125
Appropriate risk management approach
particularly for development projects is not to try
to avoid or eliminate risk altogether but to
accommodate and mitigate risk by reducing the
cost of failure.

126
Risk Analysis Methods
• Expected values
• Decision tree
• Uncertainty & payoff table
• Simulation

127
A project has eight work packages,and for each
baseline cost estimate(BCE),risk likelihood,and
corrective cost have been estimated.What is the
expected project completion cost(EC)?

128
 PROJECT NETWORK ACCOUNTING FOR
RISK TIME

What is the Basic Time Estimate?

6
ASSEMBLY
& TEST
8
4 PURCHASE
PURCHASE V & DELIVERY
DELIVERY Y 1 1
SYSTE M USER
M TEST TEST
J
6 W X
SYSTEM L
DESIGN Q
2 8
SOFTWARE PURCHASE
SPECIFICATION &DELIVERY 129
 PROJECT NETWORK ACCOUNTING FOR
RISK TIME

BTE= Time on Critical path - JMVYWX- 26

weeks
6
ASSEMBLY
& TEST
8
4 PURCHASE
PURCHASE V & DELIVERY
DELIVERY Y 1 1
SYSTE M USER
M TEST TEST
J
6 W X
SYSTEM L
DESIGN Q
2 8
SOFTWARE PURCHASE
SPECIFICATION &DELIVERY 130
 PROJECT NETWORK ACCOUNTING FOR RISK
TIME

ET= BTE+ (Corrected Time)*(Likelihood)= 27.9

6.2 ASSEMBLY
& TEST 4.3 PURCHASE
& DELIVERY
4.3 V 1.3
PURCHASE USER
Y 1.3
DELIVERY TEST
SYSTEM
m
M
TEST X
J W

6.2
SYSTEM
DESIGN
L
Q
2.3
SOFTWARE 8.1
SPECIFICATION PURCHASE
&DELIVERY
131
 EC=BCE+[CORRECTIVE COST+LIKELIHOOD]

WBS LIKELI
ELEMENT BCE CC HOOD EC
J $10,000 $2,000 0.2 10400
M 8000 1000 0.3 8300
V 16,000 4000 0.1 16400
Y 10,000 6000 0.2 1200
L 8000 2000 0.3 8600
Q 9000 2000 0.1 9200
W 5000 1000 0.3 5300
X 5000 1500 0.3 5750
Total 71000 75150
132
Assignment Questions
The network for the Large Hydro
Project is shown

5
3 7
T U
S
9 Dummy
8
L
3 6
V J Dummy
C
4
R

133
The following table gives BCE & BTE ,estimates of
the cost & time to correct for failure , & likelihood of
failure for each work package in Hydro Project.

WBS CORRECTIVE LIKELIHO

ELEMENT BTE TIME OD ET

J 6 1 0.2 6.2
M 4 1 0.3 4.3
V 6 2 0.1 6.2
Y 8 3 0.2 8.6
L 2 1 0.3 2.3
Q 8 1 0.1 8.1
W 1 1 0.3 1.3 134
X 1 1 0.3 1.3
For the same eight work –package project,assume the
base line time(BTE),risk likelihood & corrective time
have been estimated for each work package. What is
expected project completion time(ET)

135
Computation of Risk in Time and Cost

• Determine the risk time & risk cost for project.

• Consider the risk times on non critical paths.which activities &
paths. Which activities & paths should be watched carefully as
posing the highest risks?
• What is project expected cost(EC) & Expected time(ET).

136
 Project Risk Management

Eliminate Risks
List Critical
Risks

Reduce
Add Additional Update
Plan for Identify Probability / Impact
Risks Project Plan
Risks Risks of the Risks
to the Watch-List

Keep
Non-Critical Identify Develop
Risks Accept Risks Residual Contingency
in the Watch-List Risks Plans

137
““

Left to themselves, things will

go from bad to worse”
Murphy

138