9.

Risk Management Plan

9.1 Methodology

For the initial risk assessment, the project manager and the team have
brainstormed and collaborated in identifying all possible risks within the current
known elements of the project. These identified risks will be reviewed in the
presence of Dr. Lipsett and Roger Marchand as early as their schedules allow
the review.

To ensure that the risk environment is being assessed sufficiently, Dr. Lipsett
will act as the risk management expert. Other risk-related inquiries will also be
made to the laboratory equipment experts (Roger Marchand and his team).

The following risk management process (described in Figure #) will be

implemented throughout the duration of the project. If any changes are made to
the project plan during the execution phase of the project, a risk assessment will
be carried out to determine if any new risks are present.

Doing Planned
Reviews

Identification of
Hazards

Reduce the Risk

Risk Assessment/
Analysis
Yes

Yes
Can the Risk Be Is the Risk
Reduced? Acceptable?

No Yes

Discontinue the Manage the

Activity Residual Risk

Figure # - The Risk Management Process

Doing Planned Reviews: Risk reviews will take place during weekly meetings to
discuss the current state of risks within the project.

Identification of Hazards: Throughout the project lifetime, new processes and

actions may be implemented that pose new risks which had not been identified
in earlier planning stages. During the planned reviews, these risks will be
identified. (See Section 9.1.1 for further details)

Risk Assessment/Analysis: A risk assessment/analysis will be carried out for

any new identified risks. (See Sections 9.1.2 to 9.1.4 for analyses)

Is the Risk Acceptable?: Risks are deemed acceptable only once they have
been rated using a risk matrix (see Sections 9.1.2.1 and 9.1.2.2). Low level
risks are “acceptable,” without any further management involvement. Medium
level risks are “acceptable with certain conditions.” These risks must be closely
monitored, and the project manager must be present to ensure the risk is kept
under control. High level risks are “unacceptable” and any actions producing
such risks will be halted immediately.

Manage the Residual Risk: Once a risk is determined to be acceptable, it must

be managed in the way that is most appropriate for that risk. Methods for
managing each risk will be discussed by the project manager, the team, and the
Dr. Lipsett. (See Section 9.1.4 for further details)

Can the Risk be Reduced?: Further controls, management systems, protective

features, etc. may be added to reduce risks to an acceptable level. (See Section
9.1.4 for further details)

Reduce the Risk: If the risk can be reduced, the necessary changes must be
implemented to decrease it (see Section 9.1.4). It is important to note that if a
change is made to reduce the risk present in a process or action, a full risk
analysis must be redone on the newly implemented process or action. This will
reveal possible new risks that may have been added to the project. (See
Sections 9.1.1 to 9.1.4)

Discontinue the Activity: If a risk has been identified as unacceptable, any

processes or actions that pose that risk will be stopped. This is important to
protect all people involved in the project, people of the community, personal and
university assets, as well as the sustainability of Chrome Engineering as an
enterprise with favourable public opinion.
9.1.1 Risk Identification

9.1.1.1 Documentation Review

Risks have been identified by the project manager and the team by
first reviewing the following project documentation:

1) Activity cost estimates

2) Activity duration estimates
3) Scope baseline
4) Stakeholder register
5) Cost management plan
6) Schedule management plan
7) Quality management plan
8) Project documents
9) Enterprise environmental factors
10) Organizational process assets

9.1.1.2 Tools & Techniques

Brainstorming: At weekly meetings, the team has undergone a

brainstorming session to assess the possibility of risks that were
overlooked earlier in the project Planning Phase. As well, origins of
new risks have been considered as any changes to the project plan
have been made.

Interviewing: Aside from the project team members, Dr. Lipsett has
been interviewed on his perception of possible risks.

Checklist Analysis: A checklist for the duration of the Execution

Process has been created to ensure essential safety and risk
management processes are not overlooked. Refer to the Laboratory
Relocation Safety Checklist in Appendix 9.8.1.

9.1.1.3 Identified Risks

All identified risks have been documented in the Risk Register. (See
Section 10). As any further risks become apparent, a full risk
analysis will be performed on each new risk, and the Risk Register
will be updated accordingly.
9.1.2 Qualitative Risk Analysis

9.1.2.1 Risk Probability & Impact Assessment

Each identified risk has been assessed for the potential effects on
schedule, cost, and scope by the project manager and the project
team. Incident probabilities have been documented through
brainstorming between the project manager and project team, as
well as through interviewing Dr. Lipsett (See the Risk Register in
Section 10).

9.1.2.2 Probability & Impact Matrix

A probability and impact matrix has been used to identify incident

impacts on project objectives (time, cost, and scope). The matrix
can be found in Appendix 9.8.2.

9.1.2.3 Risk Data Quality Assessment

Risk data will be reviewed on a weekly basis. The data collected

from individuals interviewed for their opinions on risk probabilities
have been carefully reviewed for consistency. Any variations larger
than ±0.20 have been reassessed by the project manager, project
team and Dr. Lipsett to attain values whose variation is equal to or
less than ±0.20 for a set of ratings describing a single risk.

9.1.2.4 Risk Categorization

All documented risks have been categorized by the sources of risk

and the area of the project affected. This methodology illustrates the
areas of the project that have the greatest exposure to uncertainty.
Related documentation can be found in Appendix 9.8.3.

9.1.3 Quantitative Risk Analysis

Sean will complete

9.1.4 Risk Monitoring, Control and Response Planning

 With respect to the Probability and Impact Matrix shown in Appendix 9.8.2,
and the Risk Register in Section 10, activities posing a risk rating between
8% and 17% will be closely monitored and controlled by the risk owner
during the activity to ensure safe completion. Emergency services offered
by the University of Alberta will be utilized in the event of an injurious or
facilities-related incident. There are no current activities with a risk rating of
18% or higher. If any risks arise with this rating, they will be avoided by
changing the method of execution.

During the weekly risk assessments, any new risks that are identified will be
added to the risk register.

9.2 Roles and Responsibilities

The Risk Owners consist of Dr. Lipsett, Roger Marchand, AICT and the
University of Alberta facilities. Any risk-related activities or processes relevant to
Dr. Lipsett or Roger Marchand will be supervised by them accordingly during
the time that the risk is present. If any incidents occur, these individuals are to
handle them according to the risk responses listed in the Risk Register. Any
incidents relevant to AICT or the University of Alberta facilities will be
documented and the corresponding departments will be contacted.

9.3 Budgeting

(Luke will supply this information)

9.4 Reporting Format and Content

In the event of an incident, the Accident / Incident Report Form is to be filled out
and returned to the Risk Owner. In the event that the risk was previously
unforeseen, and there is no Risk Owner dedicated to the incident, this
correspondence is to be given directly to Dr. Lipsett. This form can be found in
Appendix 9.8.4.

9.5 Risk Ownership

All risks identified in the Risk Register have been assigned a Risk Owner. Any
actions, processes or events posing a risk to the project will be closely
monitored and dealt with accordingly by the Risk Owners in the event where the
risks are present. In the event that a risk was previously unforeseen, and there
 is no Risk Owner dedicated to a risk, Dr. Lipsett will act as the designated Risk
Owner.

9.6 Risk Auditing

Upon the completion of the Execution Phase of the Laboratory Development

Project, the new laboratory set-up in Mec E 1-38 will be assessed a final time
for possible risks present within the new layout. Any new risks will be
documented in the Risk Register found in Section 10, and a risk analysis will be
carried out. (See Section 9.1)

9.7 Risk Management Plan Approval

The Risk Management Plan is to be approved by Dr. Lipsett and Roger

Marchand. Relevant documentation can be found in Appendix 9.8.5, and is to
be read, understood and signed by both individuals prior to the start of the
Execution Phase.