Project Risk Management Training Manual 13092012

See discussions, stats, and author profiles for this publication at: https://www.researchgate.
net/publication/271909639
PROJECT RISK MANAGEMENT (COURSE NOTES)
Article · January 2012
CITATION READS
1 83,335
1 author:
Karim Eldash
Benha University
77 PUBLICATIONS 310 CITATIONS
SEE PROFILE
All content following this page was uploaded by Karim Eldash on 07 February 2015.
The user has requested enhancement of the downloaded file.

PROJECT RISK MANAGEMENT
0
Table of Contents
INTRODUCTION ................................................................................................ 5
WHAT IS RISK? .............................................................................5
Common Risks Affecting Estimate .............................................................. 6
Project Risk Management ...............................................................8
When is project risk management used? .....................................9
Risk Management Framework .....................................................11
Stakeholder identification and analysis .......................................12
Differences In Personal Risk Attitude ........................................................ 16
Plan Risk Management .................................................................17
Planning meetings & analysis ..................................................................... 17
Risk management plan ................................................................................ 17
RISK IDENTIFICATION .................................................................................. 21
Identification participants ........................................................................... 21
Information gathering techniques ............................................................... 22
Other identification techniques ................................................................... 27
Risk Register...................................................................................28
Risk Documentation ......................................................................29
Risk Responsibility ........................................................................30
Information Source ........................................................................30
Risk Allocation in Contracting .....................................................31
Known and Unknown Risks in Contracts ................................................... 32
Financial Risks ...............................................................................34
Types of Financial Risks ............................................................................. 34
Financial Risk in Concession Contracts ..................................................... 36
Global and Elemental Risks In Concession Contracts ............................... 37
QUALITATIVE ANALYSIS ............................................................................. 40
Qualitative Risk Assessment....................................................................... 40
Review of Project Programs and Budgets .................................................. 40
1
The Risk Log/Register ................................................................................ 42
Qualitative Methodologies ............................................................42
Risk probability & impact assessment ........................................................ 43
Probability ................................................................................................... 43
Impact.......................................................................................................... 43
Risk Probability and Impact........................................................................ 44
Risk Evaluation ..............................................................................47
Inherent risk ................................................................................................ 47
Risk data quality assessment ....................................................................... 47
Risk urgency assessment............................................................................. 48
RISK QUANTIFICATION ................................................................................ 50
Risk Quantitative Analysis............................................................51
General Approach..........................................................................52
Application......................................................................................54
Utility Theory .............................................................................................. 56
Perform Quantitative Risk Management ....................................58
Data gathering & representation techniques ............................................... 58
SENSITIVITY ANALYSIS ..........................................................59
EXPECTED MONETARY VALUE............................................62
Decision tree ............................................................................................... 65
SIMULATION ...............................................................................68
THE RISK PREMIUM .................................................................76
RISK-ADJUSTED DISCOUNT RATE .......................................77
DECISION ANALYSIS ................................................................78
CERTAINTY, RISK, AND UNCERTAINTY ............................79
Decision Making Under Certainty .............................................................. 79
Decision Making Under Risk...................................................................... 79
Decision Making Under Uncertainty .......................................................... 81
SCENARIO ANALYSIS ...............................................................85
RISK RESPONSE............................................................................................... 86
2
Strategies for Negative Risks or Threats .....................................87
Avoidance ................................................................................................... 87
Mitigation .................................................................................................... 89
Transference ................................................................................................ 91
Acceptance .................................................................................................. 93
Strategies for Positive Risks or Opportunities............................95
Exploit ......................................................................................................... 98
Share............................................................................................................ 98
Enhance ....................................................................................................... 98
Contingent response strategies.................................................................... 98
Contractual Risk Allocation Strategies ..................................................... 100
Risk Allocation According to Payment Mechanism ................................ 104
Outsourcing ............................................................................................... 106
Contract Award ...........................................................................108
Contractual Sharing In Governmental Projects ........................................ 108
The Fundamental Risks-Liability and Responsibility .............111
Risk Transfer by Surety Bonds ................................................................. 111
Risk Action Plan ...........................................................................115
Managing medium risks ........................................................................... 117
Determining Contingency ...........................................................118
Mak and Picken Model ............................................................................. 119
Contingency Management Model by Ford ............................................... 121
BOT Projects Risk Assessment ..................................................124
Zayed and Chang Model ........................................................................... 124
Risk in BOT Projects ................................................................................ 126
Political Risks in BOT Projects ................................................................ 127
Risk Reduction in BOT Projects ............................................................... 129
Exchange Rate Risk Management .............................................131
Tactics and Strategies for Reducing Foreign Exchange Risk................... 131
Reducing Economic Exposure .................................................................. 132
3
Developing Policies for Managing Foreign Exchange Exposure ............. 132
RISK MONITORING ....................................................................................... 134
RISK CONTROL .............................................................................................. 135
Communication and reporting ...................................................137
Risk Management of International Projects .............................139
Occupational Health, Safety and Environment (HSE) ..................................... 142
Hazard and Operability Study (HAZOP).......................................................... 143
........................................................................................................147
Fault Trees......................................................................................................... 148
Benefits of Environmental Risk Management .................................................. 149
Environmental Risk Management .............................................150
Environmental Management Systems ......................................151
Criteria and Consequences ........................................................152
Identification of Environmental Risk ........................................155
Risk Treatment Strategies ..........................................................157
Approaches to Environmental Risk Management ...................157
Appendix A: Risk Aspects ........................................................159
Appendix B: Statistical Measures ..............................................164
Appendix C: Risk Forms.............................................................166
Appendix D: Probabilistic Distributions ...................................170
4
INTRODUCTION
The construction industry generally has a bad reputation for its work. The
industry has a reputation for time and cost overruns. This may be summed up in
the commonly held perception that the industry tends to deliver expensive
buildings late.
Physical
l t
Material
Similarity
Components
Operations
Management Structure
Management Style
PROJECT PROJECT
A B
Site Condition
Structural Loading Conditions
Bearing Capacity
Size & Location
Specs
Management Style
Suppliers & Personnel
Differences
Figure 1: Similarities and differences between projects
WHAT IS RISK?
The Project Management Institute in their Guidelines for Project Management
Body of Knowledge (PMBOK-2008) stated that:
Project risk is an uncertain event or condition that, if it occurs, has an effect on

at least one project objective. Objectives can include scope, schedule, cost, and
quality. A risk may have one or more causes and, if it occurs, it may have one
or more impacts. A cause may be a requirement, assumption, constraint, or
condition that creates the possibility of negative or positive outcome.
5
For example, a cause may be requiring a permit or having limited personnel
assigned to the project. The risk event is that the permit may take longer than
planned, or the personnel may not be adequate for the task. If either of these
uncertain events occurs, there will be a consequence on the project cost,
schedule, or quality. Risk conditions could include aspects of the project
environment that may contribute to project risk such as poor project
management practices, or dependency on external participants that cannot be
controlled.
Risk arose in the 1940s when it was possible to make a statistical assessment of
the probability of occurrence of a particular event. Risk, therefore, tended to be
insurable. Using the logic, the actual risk to be carried was quantified as follows
(Raftery-1994):
Risk = Probability of event X Magnitude of loss/gain
Common Risks Affecting Estimate

Technical
 Adequacy of site investigation
 Availability of materials and components
 Adequacy of design and design information
Logistical
 Sourcing materials, plant and labor
Construction
 Productivity
 Weather
 Adequacy of contractor's own construction plan
 Adequacy of resource scheduling
 Industrial relations
Financial
 Escalation/inflation
 Payment schedule
6
It follows, then, that there will be good reasons for differences in estimates
produced by different contractors for the same project. The following are the
common types of these differences:
Cost of materials Discounts different suppliers, speed of payment vertical
integration
Labor Skill standard of workmanship
productivity
Labor costs Wages, overtime, good staff
Wastage Materials, labor, theft
Plant Amount, type, own/hire
Site techniques Different sequence of operations
Allowance for Future increased costs
fixed price
Effect of design
team
Deliberate Front loading and cash flow, anticipating variations
distortion
Overheads
Profit
7
Project Risk Management
The purpose of project risk management is to minimize the risks of not
achieving the objectives of the project and the stakeholders with an interest in it,
and to identify and take advantage of opportunities. In particular, risk
management assists project managers in setting priorities, allocating resources
and implementing actions and processes that reduce the risk of the project not
achieving its objectives.
There are three keys to managing project and procurement risk effectively:
1. identifying, analyzing and assessing risks early and systematically, and
developing plans for handling them;
2. allocating responsibility to the party best placed to manage risks,
which may involve implementing new practices, procedures or systems
or negotiating suitable contractual arrangements; and
3. ensuring that the costs incurred in reducing risks are commensurate with
the importance of the project and the risks involved.
The scope of risk management for projects includes :.

• Business risks include all those risks that might impact on the viability of
the enterprise, including market, industry, technology, economic and
financial factors, government and political influences.
• Project risk includes all those risks that might impact on the cost,
schedule or quality of the project.
• Operations and processing risks include all those risks that might impact
on the design, procurement, construction, commissioning, operations and
maintenance activities, including major hazards and catastrophic events.
8
When is project risk management used?
Many organizations undertake projects involving significant capital outlays, or
groups of related projects that together make up large programs. Three aspects
of large projects or programs make risk management desirable.
• Their size implies there may be large potential losses unless they are
managed carefully, and conversely large potential gains if risks are managed
well.
• They often involve unbalanced cash flows, requiring large initial
investments before meaningful returns are obtained. In these circumstances,
and particularly for assets with potentially long lives, there may be
significant uncertainty about future cash flows, due to changing economic
conditions, advances in technology, changing patterns of demand for
products or services, new competition, or varying operating requirements.
• Large public sector projects may involve a degree of private sector
participation, either in the form of direct private sector investment or
involvement in the through-life operations of a government-owned asset.
For some projects, risk management may be a formal requirement at specific
stages of the project development. There may be many reasons for this:
• Economic viability assessment, for high-level strategic decision-making
about whether or not to proceed with a project;
• Financial feasibility assessment, when a finance package is being assembled;
• Corporate governance and accountability, for managers, project staff,
end-users and suppliers to demonstrate that they have fully assessed all
the material risks, that the measures taken to control risk are appropriate,
and that the economic reward for taking on the risk that remains is adequate;
• Contractual purposes, to assess alternative contractual and legal
frameworks for the project, in the context of deciding who should bear
what risks and determining an equitable allocation and sharing of risks
and rewards between the parties involved;
• Tendering, when deciding whether or not to bid, or accept a bid, for a
proposed project, and in what form;
• Regulatory purposes, for legislative, judicial or licensing agencies, or for
public inquiries, to demonstrate accountability in a public or social context;
• Communication purposes, to provide information for owners, sponsors,
users, contractors, joint venture partners or other stakeholders, or to
demonstrate capability and competence in an area.
9
Table 1. Project stages and risk management application examples
Project stage Application example

Objectives and Assessment of internal skills needed to assure the success of the
requirements process (for example, for procurement of services by outsourcing)
analysis
Formulation of Incentive contract performance and fee modeling

procurement strategy Development of equipment acquisition strategies
Capital evaluation Capital evaluation of major spending initiatives (some examples

from our recent experience include new mine development, IT
systems acquisition, infrastructure provision, selection of capital
equipment within major developments)
Analysis of options Exploration of market testing strategies

Quantitative analysis of strategic options, with cost and risk trade-
offs
Assessment of alternate technologies for major plant upgrades
Formulation of Board, cabinet or ministerial submissions for approval of major

proposals for funding projects
approval Applications for additional funding
Preparation of Detailed development of requests for tender documents that address

procurement risks appropriately
documents
Preparation of tender Preparation and assessments of key delivery requirements for tender
evaluation plans evaluation plans
Evaluation and Evaluation of tender submissions taking account of bidders'

selection of tenderers capacity to manage the risks involved
Negotiation and Review of negotiation priorities ensuring effective risk allocation

signature of contracts
Implementation and Implementation and delivery risks, including approvals, technical,

delivery construction, budgets, phasing, milestones
Commissioning and Development and management of test and commissioning,

handover transition, delivery
10
Risk Management Framework
For government procurement, there are likely to be additional requirements that
must be addressed and demonstrated explicitly, and may be subject to external
audit and oversight. They include:
• value for money;
• open and effective competition;
• ethical behavior and fair dealing;
• maximizing opportunities for local industry to compete;
• environmental aspects;
• quality assurance;
• government sanctions against specified countries;
• social justice policies.
Specific requirements are typically related directly to the project itself. They
include such objectives as:
• cost control, ensuring the project is conducted within the available
budget;
• schedule control, ensuring the project is completed within the time frame
allowed;
• performance quality control, ensuring the project and its outcomes are
suitable for their intended purpose.
11
Stakeholder identification and analysis
Stakeholder analysis is important in risk assessments for most activities. It is
usually undertaken at an early stage of planning.
All projects and procurements involve at least two stakeholders: the
procuring entity (the buyer) and the supplier of goods or services (the seller).
The differing objectives of these two parties, and the contractual relationship
between them, are key determinants in the allocation and management of
risk in the procurement process.
Table 2. Stakeholders in a procurement project for a government agency
Group Stakeholder
Government agency Executive management
Agency business units involved in the procurement process
Agency users
Governments and their National Government

ministers Portfolio minister
State and local governments
Other government Central funding agencies

departments
Finance providers Financial institutions and their depositors
Industry Suppliers of capability
Communities Local communities and neighbors of a project site

Local businesses who benefit directly Local businesses who
benefit indirectly
12
Table 3. Stakeholders in a private sector project
Group Stakeholder
Senior management Major shareholders
The board
Executive management team
Business units with an Sponsoring business units, including users Engineering function
interest in the project Maintenance function
Other users
Administrative and support functions
Staff Operators
Maintainers
Industry Contractors
Suppliers and service providers
Commercial Purchasers and users of products Shippers

counterparts
Regulators Construction and building approvals regulators Occupational

health and safety regulators Environmental protection agencies
Community Public in the local area

Wider community outside the local area
Table 4. Stakeholder and issues summary

Project: Reference:
Stakeholder Key issues and objectives
Compiler: Date: Reviewer: Date:
13
Table 5. Stakeholder analysis worksheet, public-sector project
Stakeholder Desired outcome

Executive managers A capability delivered on schedule, within approved project costs
and annual expenditure levels, that meets the endorsed requirements
A selected capability acquisition option that demonstrably provides
the best value for money
Business units involved in A well-structured and efficient procurement strategy

the procurement
Open and effective competition
Agency users A delivered capability that meets the endorsed requirements and the
needs of users
Government and ministers An effective capability for the nation

Benefits for business and the economy
State and local governments Enhanced opportunities for their local business communities and
and their ministers economies
Central funding agencies Cost-efficient acquisition of endorsed capabilities

An open and accountable acquisition process
Budget allocations that are managed efficiently and effectively
Financial institutions Enhanced business opportunities

Effective management of risks associated with the provision of the
capital investment
A reasonable profit on business investments
Industry Enhanced business opportunities, sustainable on a long-term basis

A delivered capability that meets the needs of users capability
Effective management of risks associated with the provision of the
capability requirements
A reasonable profit on the supply and operation of the capability
Local businesses Enhanced business opportunities, whether as a prime contractor or

sub-contractor
A reasonable profit on business activities
14
Table 6. Criteria related to objectives for an oil production business
Criterion Objectives
Production loss Maximize the value of hydrocarbon resources Increase sustainable

or restriction production Annual production targets and costs
Facility damage Minimize disruption to operations; no damage to plant or equipment
Facility integrity Minimize disruption to operations Maintain asset or system condition

and performance
Project Cost-effective strategy Operating entities are involved Timely

performance implementation and operation of project facilities Time, cost and
performance related to budget
Financial impacts Supply costs reduced by 10% Capital costs optimized Operating costs
improved No losses, no increased or additional costs
Employees Low turnover, grow skills and experience Health, safety and
environmental performance Minimize health, safety and environmental
(HSE) risks during construction
Health and safety Health and safety performance Minimize health and safety risks during
construction No injuries, fatalities or long-term health problems
Environment and Environment and community performance Minimize environmental and

community community risks during construction No releases to the environment or
public outrage
Image and Exceptional high performance Shareholder and public support and trust
reputation
15
Differences In Personal Risk Attitude
Biases and misinterpretation occur even in situations where the output from a
cost model is reported in ways, which purport to take account of risk exposure.
An adviser may state that there is a “reasonable” chance that a project can be
completed for less than $40 million. What does this statement actually mean?
The language, in itself, seems reasonably clear.
However, is a “good” chance a 9 in 10, an 8 in 10, or a 6 in 10? Is a
“reasonable” chance an 8 in 10, a 7 in 10, or a 5 in 10?
These differences could be very significant to a decision maker choosing
between projects or between different approaches to the same project.
Estimator’s perspective
Assume that an estimator is just completing work on a bid for a large overseas
project. The estimator has to report a net cost estimate to the managing director
who will make the mark-up decision. The estimating team gets together on the
day before the bid is due to be submitted and decide that their best estimate of
the net cost is $72 m. This figure includes tangible and intangible costs, head
office overheads, and an allowance for the cost of recovering finance charges. It
includes no profit, normal or otherwise. This has been arrived at by breaking the
project down.
Manager’s perspective
The manager receives this figure together with the background briefing on the
project from the estimators and the planning department.
The decision on mark-up is a familiar problem to the manager who is
accustomed to taking calculated risks in order to secure work at favorable rates
for the firm.
The manager knows that the estimate is a forecast of the outturn cost should the
firm win the project.
Thus, for the purposes of calculation, it would be rational to assume that the
estimate is the most likely figure drawn from a distribution, which manifests
some skewness at the upper end of the range.
The mental cost model of the project held in the mind of the manager is that
described by the figure. The characteristics of this model are that the most likely
outturn cost is $72 m. The optimistic outcome is a project net cost of $65 m, and
the pessimistic outcome shows a cost of $86 m.
16
Plan Risk Management
Planning meetings & analysis

The purpose of these meetings, which are held with project team members,
stakeholders, functional managers, and others who might have involvement in
the risk management process, is to contribute to the risk management plan.
During these meetings, the fundamental plans for performing risk management
activities will be discussed and determined and then documented in the risk
management plan.
The key outcomes of performing these planning meetings are as follows:
Risk management plan

The risk management plan may include:
• Methodology: This section defines how you will perform risk management for the
particular project. Remember to adapt to the needs of each project.
• Roles and responsibilities: Who will do what? Did you realize that non-team
members may have roles and responsibilities regarding risk management?
Risk Responsibility Chart
Top Management
PM Risk Owner
management Team
Plan Risk
X X X
Management
Identify Risk X X
Perform Qualitative
X X X
Risk Management
Perform Qualitative
X X X
Risk Management
Plan Risk
X X X
Responses
Monitor & Control

X X X
Risks
17
• Budgeting: This section includes the cost for the risk management process.
• Timing: This sections talks about when to do risk management for this particular
project. Risk management should start as soon as you have the appropriate
inputs. It should also be repeated throughout the life of the project, since new
risks can be identified and may change the degree of risk on the project.
• Risk categories
Project
Technica Project Organization Extern Others

Managemen
t
Quality Time Objective Weathe
Performance Cost Fund Labor
Complexity Resourc Collaboratio Politics
Figure 2: Risk categorization
Likelihood expectation
Level Likelihood Expected or actual frequency experienced
May only occur in exceptional circumstances; simple process; no

1 Rare
previous incidence of non-compliance
Could occur at some time; less than 25% chance of occurring;

2 Unlikely noncomplex process &/or existence of checks and balances
Might occur at some time; 25 –50% chance of occurring; previous

audits/reports indicate non-compliance; complex process with
3 Possible extensive
checks & balances; impacting factors outside control of organization
Will probably occur in most circumstances; 50-75% chance of
4 Likely occurring; complex process with some checks & balances; impacting
factors outside control of organization
Can be expected to occur in most circumstances; more than 75%
chance of occurring; complex process with minimal checks &
5 Almost certain balances;
impacting factors outside control of organization
18
• Definitions of probably and impact: Would everyone who rates the probability a
"five" in qualitative risk analysis mean the same thing? A person who is risk
averse might think of seven as very high, someone who is risk prone might think
of seven as a low figure. The definitions and the standard probability and impact
matrix helps standardize these interpretations and also helps compare risks
between projects.
Impact scale example
Relative or numerical scales
Moderate / Very High /

Objective Very low / 0.05 Low / 0.10 High / 0.40
0.20 0.80
Insignificant 10-20% 20-40% >40%

Cost <10% increase
increase increase increase increase
Insignificant 5-10% 10-20% >20%

Time <5% increase
increase increase increase increase
Barely noticed Unacceptable Product is

Scope Minor change Major change
change by sponsor useless
Sponsor
Applications Unacceptable Product is
Quality Barely noticed approval
affected by sponsor useless
required
Stakeholder Tolerance Matrix
Tolerances
Stakeholder Requirements
Time Cost Quality
Deliver product as More than More than Conformance

PM requested 10% Phase II 5% Phase II to all specs
Conformance
Technical Passing all QC More than More than
to all
Manager criteria 20% Phase II 10% Phase II
limitations
Marketing More than More than Customer

Verify profits
Manager 5% Phase II 2% Phase II acceptance
Customer
More than More than Positive
IT Manager satisfaction (internal
20% Phase II 5% Phase II feedback
& external)
19
• Stakeholder tolerances: What if the stakeholders have low risk tolerance for cost
overruns? That information would be taken into account to rank cost impacts
higher than they would if the low tolerance was in another area. Tolerances
should not be implied, but uncovered in project initiating and clarified or refined
continually.
• Reporting formats: This section describes any reports related to risk management
that will be used and what they will include.
• Definitions of terms: (probability, impact, risk types, risk levels, and so on) are
developed and documented.
• The probability and impact matrix is defined or modified for this project.
Risk Matrix
Consequences
Likelihood Insignificant Minor Moderate Major Extreme
Rare Low Low Low Low Low
Unlikely Low Low Low Medium Medium
Possible Low Low Medium Medium Medium
Likely Low Medium Medium High High
Almost
Low Medium Medium High Extreme
certain
• Tracking: Take this to mean how the risk process will be audited, and
documenting what happens with risk management activities.
20
RISK IDENTIFICATION
Identification participants
Where time and resources permit, all members of the project team should
attend the identification session, including functional unit members assigned to
the project on a part-time basis. People who might be included in a
brainstorming group are:
• the project manager and the project team;
• project sponsors and site representatives;
• discipline engineers;
• experts with specific knowledge in particular areas of concern, where
there may be insufficient expertise in the project team;
• commercial specialists;
• health, safety and environmental specialists;
• people with experience in similar previous or current projects;
• users of the project outcomes;
• key stakeholders who need to be confident in the project and the project
management process before approvals are granted.
21
Information gathering techniques
I. Documentation reviews:
What is and what is not included in the preliminary project scope statement, the
project charter and later documents can help identify risks. Lessons learned,
articles and other documents can also help uncover risks.
Documentation reviews involve reviewing project plans, assumptions, and
historical information from a total project perspective as well as at the individual
deliverables or activities level. This review helps the project team identify risks
associated with the project objectives. Pay attention to the quality of the plans
and the consistency between plans.
II. Brainstorming
Brainstorming is a group creativity technique designed to generate a large
number of ideas for the solution of a problem. Although brainstorming has
become a popular group technique, researchers have not found evidence of its
effectiveness for enhancing either quantity or quality of ideas generated.
Although traditional brainstorming does not increase the productivity of groups
(as measured by the number of ideas generated), it may still provide benefits,
such as boosting morale, enhancing work enjoyment, and improving team work.
Thus, numerous attempts have been made to improve brainstorming or use
more effective variations of the basic technique.
There are four basic rules in brainstorming. These are intended to reduce social
inhibitions among group members, stimulate idea generation, and increase
overall creativity of the group.
Focus on quantity: This rule is a means of enhancing divergent production,
aiming to facilitate problem solving through the maxim, quantity breeds quality.
The assumption is that the greater the number of ideas generated, the greater
the chance of producing a radical and effective solution.
Withhold criticism: In brainstorming, criticism of ideas generated should be put
'on hold'. Instead, participants should focus on extending or adding to ideas,
reserving criticism for a later 'critical stage' of the process. By suspending
judgment, participants will feel free to generate unusual ideas.
Welcome unusual ideas: To get a good and long list of ideas, unusual ideas are
welcomed. They can be generated by looking from new perspectives and
suspending assumptions. These new ways of thinking may provide better
solutions.
Combine and improve ideas: Good ideas may be combined to form a single
better good idea, as suggested by the slogan "1+1=3". It is believed to stimulate
the building of ideas by a process of association.
22
III. Delphi technique
The Delphi method is a systematic, interactive forecasting method which relies
on a panel of independent experts.
The carefully selected experts answer questionnaires in two or more rounds.
After each round, a facilitator provides an anonymous summary of the experts’
forecasts from the previous round as well as the reasons they provided for their
judgments.
Thus, experts are encouraged to revise their earlier answers in light of the
replies of other members of their panel.
It is believed that during this process the range of the answers will decrease
and the group will converge towards the "correct" answer.
Finally, the process is stopped after a pre-defined stop criterion (e.g. number of
rounds, achievement of consensus, and stability of results) and the mean
or median scores of the final rounds determine the results.
This method utilizes a formal Delphi group and is designed to pool the expertise
of many professionals in such a way as to gain access to their knowledge and
to their technical skills while removing the influences of seniority, hierarchies,
and personalities on the derived forecast. The method is named after the oracle
at Delphi in ancient Greece.
IV. Interviewing
Interviews are question-and-answer sessions held with others, including other
project managers, subject matter experts, stakeholders, customers, the
management team, project team members, and users.
These people provide possible risks based on their past experiences with similar
projects.
This technique involves interviewing those people with previous experience on
projects similar to yours or those with specialized knowledge or industry
expertise.
Ask them to tell you about any risks that they’ve experienced or that they think
might happen on your project. Show them the WBS and your list of assumptions
to help get them started thinking in the right direction.
V. Root cause analysis

Root cause analysis (RCA) is a class of problem solving methods aimed at
identifying the root causes of problems or events.
The practice of RCA is predicated on the belief that problems are best solved by
attempting to correct or eliminate root causes, as opposed to merely addressing
the immediately obvious symptoms.
By directing corrective measures at root causes, it is hoped that the likelihood of
problem recurrence will be minimized.
23
However, it is recognized that complete prevention of recurrence by a single
intervention is not always possible.
Thus, RCA is often considered to be an iterative process, and is frequently
viewed as a tool of continuous improvement.
VI. Checklists
Checklists are quick to use, and they provide useful guides for areas in
which the organization has a depth of experience, particularly for projects that
are standard or routine in nature.
Sometimes these take the form of standard procedures that have a
similar effect. For example, many organizations have checklists for such
frequent activities as tendering or contract negotiations, designed to avoid or
minimize the risks in those activities.
Often, the checklists are part of the organization's quality assurance procedures
and documentation.
Checklists used during the Risk Identification process are usually developed
based on historical information and previous project team experience.
. It isn’t possible for a single checklist to be an exhaustive source for all projects.
You can improve your checklists at the end of the project by adding the new
risks that were identified.
VII. Diagramming techniques

Diagramming techniques, such as system flow charts, cause-and-effect
diagrams, and influence diagrams are used to uncover risks that aren't readily
apparent in verbal descriptions.
Labor Productivity Scope
Delay in
Project
Funding Materials Manageme
Figure 3: Fishbone (cause and effect) diagram
24
1. Cause and effect diagrams - Cause and effect diagrams or fishbone diagrams
are used for identifying causes of risk. While drawing the Fishbone chart, care is
taken to have the inner branches meet a horizontal straight line, called the
"spine" of the chart. The statement of the problem - or the effect - is to the right
of the spine inside a box, which makes it look like the head of a fish. When
finished, the entire map resembles a fishbone.
2. System or process flow charts: A flowchart is a common type of chart, that

represents an algorithm or process, showing the steps as boxes of various
kinds, and their order by connecting these with arrows. Flowcharts are used in
analyzing, designing, documenting or managing a process or program in various
fields.
Organization
Assets
Project
Planning
Auditing
Quality Corrective
Control Action
Verification
Figure 4: Flow chart diagram
3. Influence diagrams (ID): An ID is a directed acyclic graph with three

types of nodes and one sub-type:
25
Market Demand Product Strategy
Customer Product Verification

Satisfactio
Figure 5: Influence diagram
• Decision node (corresponding to each decision to be made) is drawn as a

rectangle.
• Uncertainty node (corresponding to each uncertainty to be modeled) is
drawn as an oval.
• Deterministic node (corresponding to special kind of uncertainty that its
outcome is deterministically known whenever the outcome of some other
uncertainties is also known) is drawn as a double oval.
• Value node (corresponding to each component of additively separable) is
drawn as an octagon (or diamond).
• SWOT analysis
SWOT Analysis is a strategic planning method used to evaluate the
Strengths, Weaknesses, Opportunities, and Threats involved in a project. It
involves specifying the objective of the project and identifying the internal and
external factors that are favorable and unfavorable to achieving that objective.
Strengths: attributes of the team or company those are helpful to achieving

the objective.
Weaknesses: attributes of the team or company those are harmful to

achieving the objective.
Opportunities: external conditions those are helpful to achieving the

objective.
Threats: external conditions which could do damage to the business's

performance.
26
PRO CON
Internal
External Strength Weakness
Opportunity Threat
Figure 6: SWOT analysis
Other identification techniques

• hazard and operability studies - a HAZOP is a structured approach
that systematically analyses every part of a process to identify how
hazards, operability problems and deviations from design intent may
arise;
• quantitative analysis of safety risks and their impacts (QRA);
• fault tree analyses - fault tree analysis is a systems engineering method
for representing the logical combinations of the system states and
possible causes that can contribute to a specified event (called the top
event);
• event tree analyses - an event tree describes the possible range and
sequence of outcomes that may arise from the initiating event;
• Other systems engineering techniques.
27
Risk Register
At this point the risk register would include:
• List of risks.
• List of potential responses. Though risk response planning occurs later, one of
the things experienced risk managers know is that it is not always logical to
separate work on each part of risk management.
• Root causes of risks previously explained, these are now documented.
• Updated risk categories. You will notice lots of places where historical records
and company records are updated throughout the project management
process.
Table 7: Risk register at identification process
Task Cause Risk Effect
Design Conflict Errors + Rework Delay
Procurement Inappropriate
Single supplier Delay / cost increase
delivery
Handing out Permit not ready No access Delay
Executing Technical
Rework Delay / Cost increase
problems
Verification Nonconformance Corrective action Quality / Cost/ Time
28
Risk Documentation
Each element and each risk should be numbered, to facilitate storage and
retrieval of information. Often the risk numbers are nested within the element
number, and the nested numbering is extended as necessary as the analysis
progresses.
Each risk should be described. The risk description work sheet in Figure 5
provides one way of recording this. In practice, such sheets are used as
summaries, supported by additional detailed or technical information.
The description of the risk should include the main assumptions and
mechanisms leading to the risk arising, the criteria likely to be affected, the
phases of the project in which it is most likely to occur and notes on the
consequences if it does arise. Sources of information should also be noted.
Project: Reference:
Element:
Risk:
Manager (risk owner):
Description and mechanisms:
Key assumptions:
Sources of information:
List of attachments:
Compiler: Date: Reviewer: Date:
Figure 7: Risk reference sheet
29
Risk Responsibility
Management responsibility for dealing with each specified risk and ensuring
effective treatment plans are developed and implemented should be assigned
and recorded. The responsible manager is sometimes called the risk owner.
Information Source
As a general rule, all available data sources should be used when assessing
high-priority elements and risks, and evaluating ways of managing them.
Information sources may include:
• historical records, often for similar or related projects;
• project experience, either specific to the kind of project being assessed or
more general experience with large or complex activities or with similar
kinds of contractors or suppliers;
• industry best practice and user experience, including relevant benchmarks
and standards;
• relevant published literature and research reports, including
appropriate theory, for example relating to failure modes or equipment
reliability;
• product brochures, technical manuals and audit reports;
• test marketing and market research, where there is benefit in seeking
or creating new information relating to specific aspects of the project,
and particularly its acceptability to its intended end-users or customers;
• experiments and prototypes, where there may be technical risks or areas
in which more
• empirical rather than theoretical information may be useful;
• economic or other models, to provide the necessary theoretical
foundations for specific and general risk assessments, including
traditional cash-flow and sensitivity models where appropriate;
• expert commercial and technical judgment, including that of the
project team and
• appropriate external advisers where necessary.
30
Risk Allocation in Contracting
In this session, the procurement cycle is examined to highlight the diversity of
approaches to the allocation of risk in the supply.
The appropriate procurement or contract strategy will only become apparent as
the evaluation progresses from initial appraisal to full analysis, including
consideration of potential areas for dispute because of known and unknown
risks.
Concept
Risk acceptable
Risk Assessment
High - Low
Project Execution
Plan
Contracting Strategy
Design – Construction – Equipment – O&M
Novelty Insurance Objectives

Work - Motive Supply Chain
Complexity – Risk transfer Surety Management
Partners
Validation of
Contracting Strategy
Analysis of Incentives
Analysis of Cost Liabilities
Contract Language
Selection of Consultants,
Contractors, Suppliers
Analysis of Cost Liabilities
Figure 8: Contracting process
31
Known and Unknown Risks in Contracts
The three main functions of contracts are:
1) work transfer: to define the work that one party will do for the other;
2) risk transfer: to define how the risks inherent in doing the work will be
allocated between the parties; and
3) motive transfer: to implant motives in the contractor that match those of
the client.
During project appraisal, risks that may occur throughout the whole life of the
project should be identified for the whole supply chain. These could then be
considered based on (Smith–1999):
• which party can best control events;
• which party can best manage risks;
• which party should carry the risk if it cannot be controlled;
• what is the cost of transferring the risk.
That is to say, some are pure risk, for example force majeure, while others' are
created, for example, by the technology or by the form of contract or
organizational structure. The client must ensure that, through the contract
strategy chosen, his exposure to risk is optimized, considering both the up and
the down side.
Traditionally, risk in construction projects is allocated as follows (Figure 4):

• client to designer and contractor;
• contractor to subcontractor;
• client, designer, contractor, and subcontractor to insurer;
• contractor and subcontractor to sureties or guarantors.
32
Client
Designer Contracto
Subcont.
Insurer Guarantor
Figure 9: Contractual risk transfer process
A number of clients list potential risks in the tender documents and request
tenderers to price each of them as part of the tender; the evaluation of such risks
and the price for their cover being part of the tender assessment criteria. The
size of the contingencies employed by the contracting parties will be dependent
upon a number of factors which may include the following: the riskiness of the
project, the extent of the contractor's exposure to risks, the ability of the
contractor to manage and bear the consequences of these risks occurring, the
level of contractor competition, and the client's perceptions of the risk/return
trade-offs for transferring the risks to other parties.
33
Financial Risks
Types of Financial Risks

Financial risks are common to most projects. In some cases, the financial risks
are dependent on the occurrence of other risks such as delay in construction or
reduced revenue generation.
Typical financial risks include (Mohamed and McCowan-2001, Smith–1999,
Alexander-1998, Woodhouse-1993):
• Interest: type of rate, fixed, floating or capped, changes in interest rate,
existing rates.
• Payback: loan period, fixed payments, cash flow milestones, discount
rates, rate of return, scheduling of payments.
• Loan: type and source of loan, availability of loan, cost of servicing loan,
default by lender, standby loan facility, debt/equity ratio, holding period,
existing debt, covenants.
• Equity: institutional support, take-up of shares, type of equity offered.
• Dividends: time and amounts of dividend/coupon payments.
• Currencies: currencies of loan, ratio of local/base currencies, depreciation
and devaluation of currencies.
• Market: changes in demand for facility or product, escalation of costs of
raw materials and consumables, recession, economic downturn, quality of
product, social acceptability of user pay policy, marketing of product and
consumer resistance to tolls.
• Reservoir: changes in input source.
• Currency: convertibility of revenue currencies, fluctuation in exchange
rates, devaluation.
34
Both borrowers and lenders need to adopt a risk management program. Risk
management should not be approached in an ad hoc manner but structured. The
five major steps of such a process are:
(1) identify the financial objectives of the project;
(2) identify the source of the risk exposure;
(3) quantify the exposure;
(4) assess the impact of the exposure on business and financial strategy
(5) respond to the exposure.
The first stage is to develop a clear understanding of the project. Borrowers and
lenders need to determine their objectives regarding the financing of a project.
Many borrowers seek long-term loans with repayments made from revenues.
The risk of not meeting repayments is often reduced when the borrower has
sufficient earnings at the start of operation to service the debt. Many projects,
however, suffer commissioning delays that increase the borrowers' loans and
repayments. In many cases, borrowers will seek grace periods from lenders to
cover such delays.
Lenders seek positive cash flows and must ensure that their objectives are met
by providing the best loan package. If a short-term loan is the lender's objective
then the major risk will occur at the start of operation, and should the project not
generate sufficient revenues the lender may need to consider debt for equity
swaps.
Once the project objectives are defined, the overall costs, including construction
and operation costs, are determined and a cumulative cash flow model is
prepared. The model can be used to quickly estimate the net present value
(NPV), internal rate of return (IRR) and payback period of a project. It is
essential that the estimates and programs prepared are reflective of cost and
time over the project's life cycle. The risk of inaccurate estimates based on fixed
budgets often leads to optimistic cash flows that do not truly illustrate the
effects of risk occurring during a project.
35
Financial Risk in Concession Contracts
In the context of concession projects there are two types of risk, those being
elemental risks and global risks and are defined as (Smith–1999, Alexander-
1998):
(1) elemental risks are those risks that may be controlled within the project
elements of a concession project;
(2) global risks are those risks outside the project elements that may not be
controllable within the project elements of a concession project.
Risk management is not a discrete activity but a fundamental of project

management techniques and the responsibility of the complete project team. In
concession projects, the project team representing the promoter needs to
determine the risks associated with each contract prior to appraisal
(Woodhouse-1993).
Financial risk, political risk, and technical risk must be considered as major
elements of projects as are pre-completion and post-completion risks. Political
risks may adversely affect the facility during either of these phases. Specific
legal risks may be broken down into three broad categories: political risks,
construction risks, and operational risks.
36
Global and Elemental Risks In Concession Contracts
In this section concession project risks are identified and classified into two
categories (Griffis and Christodoulou-2000, Smith–1999):
1) global risks;
2) elemental risks.
The four major global risks are: political, legal, commercial, and environmental
risks.
Political risks
Concession Delay in granting concession, concession period, price setting
by principal, public inquiries, enabling bill, commitment to
concession contracts, exclusivity of concession, competition
from existing facilities.
Legal risks
Host Existing legal framework; changes in laws during concession
country period; conflicting community, national or regional laws;
changes in regulations regarding importation and exportation;
changes in company law; changes in standards and
specifications; commercial law, liabilities and ownership; royal
decrees.
Agreement Type of concession agreement, changes in obligations under

legal framework, changes in provisions of agreement, statutory
enactments, resolution of disputes.
Commercial risks
Market Changes in demand for facility or product, escalation of costs
of raw materials and consumables, recession, economic
downturn, quality of product, social acceptability of user pay
policy, marketing of product and consumer resistance to tolls.
Reservoir Changes in input source.
Currency Convertibility of revenue currencies, fluctuation in exchange

rates, devaluation.
Environmental risks
Sensitivity Location of project, existing environmental constraints.
impending environmental changes.
37
Impact Effect of pressure groups, external factors affecting operation,
effect of environmental impact, changes in environmental
consent.
Ecological Changes in ecology during concession period.
The four major packages associated with concession projects are: construction,
finance, operation and maintenance, and revenue generation.
Construction risks
Physical Natural, pestilence and disease, ground conditions, adverse
weather conditions, physical obstructions.
Construction Availability of plant and resources, industrial relations. quality,

workmanship, damage, construction period, delay, construction
program, construction techniques, milestones, failure to
complete, type of construction contracts, cost of construction,
insurances, bonds, access, insolvency.
Design Incomplete design, design life, availability of information,

meeting specification and standards, changes in design during
construction, design life, competition of design.
Technology New technology, provision for change in existing technology.

development costs.
Operational risks.
Operation Operating conditions, raw materials supply. power, distribution
of off take, plant performance, operating plant, interruption to
operation due to damage or neglect, consumables, operating
methods, resources to operate new and existing facilities, type of
O&M contract, reduced output, guarantees, underestimation of
operating Costs, licenses.
Maintenance Availability of spares, resources, sufficient time for major

maintenance, compatibility with associated facilities, warranties.
Training Cost and levels of training, translations, manuals caliber and

availability of personnel. training of principal's personnel after
transfer.
Financial risks
Interest Type of rate, fixed, floating or capped, changes in interest rate,
38
existing rates.
Payback Loan period, fixed payments, cash flow milestones, discount

rates, rate of return, scheduling of payments, financial
engineering.
Loan Type and source of loan, availability of loan, cost of servicing

loan, default by lender, standby loan facility, debt equity ratio,
holding period, existing debt, covenants,, financial instruments.
Equity Institutional support, take-up of shares, type of equity offered.
Dividends Time and amounts of dividend payments.
Currencies Currencies of loan, ratio of local/base currencies.

Revenue risks.
Demand Accuracy of demand and growth data, ability to meet increase in
demand, demand over concession period, demand associated
with existing facilities.
Toll Market-led or contract-led revenue, shadow tolls, toll level,

currencies of revenue, tariff variation formula, regulated tolls,
take and/or pay payments.
Developments Changes in revenue streams from developments during

concession period.
39
QUALITATIVE ANALYSIS
This session illustrates the role of qualitative methods in risk management.
Often the first stage in any analysis has to be a qualitative approach because
there is insufficient information available to proceed with any quantitative
methods. The value of a risk log is reviewed. Finally, the methodology is
examined in detail.
Qualitative Risk Assessment

Qualitative risk assessment is the most useful part of the risk management
process and it lays the foundation for all the subsequent stages in that process,
including the quantitative analyses that are frequently required to define budgets
and time-scales.
Applying weighting factors to the qualitative assessment provides a quasi-
quantitative form of analysis.
Review of Project Programs and Budgets

It is important that a project's programs and budgets are realistic if it is to meet
its objectives in terms of its quality and performance even as remaining within
its predetermined time-scale and budget.
Unless the budget and program are achievable, it is unlikely that risk analysis
will predict the out-turn cost and duration. This depends upon several factors
including:
• the experience of the project management organization;
• the amount of relevant data from closely similar projects that can form
the basis of performance specifications, estimates and programs;
• the extent of innovation; and
• the size and complexity of the project.
Budgets should be based on a realistic program for the work taking into account
resource provision, productivity, time-related costs, and risks. Appropriate
estimating techniques should be used for the type of project and the project
stage at which the estimate is produced.
The outline program should be checked to ensure that:
• all the key activities have been identified;
• the durations are realistic; and
• the logic links and any other constraints are correct.
40
Such constraints may include, for example, the links to, or dependencies on:
• other projects;
• approvals for safety cases;
• approvals by statutory authorities (planning permission, etc.);
• approval of programs on method statements; and
• approval of subcontracts and materials.
If the program is in network form, the critical path(s), free and total float must
be identified. All assumptions underlying the budget and program must be
identified and logged.
Within each project the following interfaces must be identified to ensure that
they are included in the program and managed effectively:
• between design groups;
• between design groups and specialists;
• between design and procurement;
• between design and construction;
• between procurement and construction; and
• with other projects.
Management will be facilitated by ensuring that each such interface is logged as

a risk so that the following data are recorded and the following actions are
undertaken:
• define data each party requires from others;
• define when they are required;
• agree assumptions if data are not available on time;
• log the assumptions;
• revise assumptions until final data are available;
• specify physical factors:
• spatial positions;
• loadings;
• capacity, etc;
41
The Risk Log/Register
The results of the interviews and reviews of the program and budget should
form the basis for a risk log or risk register that will list all the identified risks.
It will also contain assessments of their potential impact on the budget,
program, and quality/performance aspects of the project.
To aid manipulation, the risk log may include:
• project phase;
• the owner of the risk;
• location;
• other use-defined categories, for example, cross-references to the project
program and budget.
The risk log will also contain the information on actions to avoid, mitigate, or
transfer risks, the secondary risks arising, and possible fallback plans.
Qualitative Methodologies
Qualitative methodologies concern themselves with how management decisions
are actually made, rather than the traditional operational research approach of
obtaining the “right” answer.
Methodologies that can screen out unfeasible alternatives, study the entire range
of solutions, and explore the effect of likely constraints, will develop con-
trasting possibilities as to what is required.
Placing decisions in the context of alternative future environments permits the
opening up of discussions about threats and opportunities.
Simplicity and clarity are sought, and uncertainty treated as a fact.
Outside influences such as technical, commercial and political considerations
are identified and considered in direct relation to internal issues.
42
Risk probability & impact assessment
This tool assesses the probability that the identified risk events will occur,
and it determines the effect their impacts have on the project objectives,
including time, scope, quality, and cost. Analyzing risks in this way allows
you to determine which risks require the most aggressive management.
Probability
Probability is the likelihood that an event will occur. The classic example is
flipping a coin. There is a 0.50 probability of getting heads and a 0.50
probability of getting tails on the flip.
Note that the probability that an event will occur plus the probability that the
event will not occur always equals 1.0.
Determining risk probability can be difficult because it’s most commonly
accomplished using expert judgment. This means you are guessing (or
asking other experts to guess) at the probability a risk event will occur.
Impact
Impact is the amount of pain (or the amount of gain) the risk event poses to
the project.
The risk impact scale can be a relative scale that assigns values such as high-
medium-low (or some combination of these) or a numeric scale known as a
cardinal scale.
Cardinal scale values are actual numeric values assigned to the risk impact.
Cardinal scales are expressed as values from 0.0 to 1.0 and can be stated in
equal (linear) or unequal (nonlinear) increments.
43
Risk Probability and Impact
The two dimensions of risk are applied to specific risk events, not to the overall
project. Analysis of risks using probability and consequences helps identify
those risks that should be managed aggressively.
Table 8: Risk matrix

Impact
0.9 0.7 0.5 0.3 0.1
Probability
0.9 0.81 0.63 0.45 0.27 0.09
0.7 0.63 0.49 0.35 0.21 0.07
0.5 0.45 0.35 0.25 0.15 0.05
0.3 0.27 0.21 0.15 0.09 0.03
0.1 0.09 0.07 0.05 0.03 0.01
Very low probability
Very high probability
Very high impact Very low impact
Figure 10: Determining priorities utilizing probability and impact of risk events
44
A matrix may be constructed that assigns risk ratings (very low, low, moderate,
high, and very high) to risks or conditions based on combining probability and
impact scales.
Risks with high probability and high impact are likely to require further
analysis, including quantification, and aggressive risk management.
A risk’s probability scale naturally falls between 0.0 (no probability) and 1.0
(certainty). Assessing risk probability may be difficult because expert judgment
is used, often without benefit of historical data.
An ordinal scale, representing relative probability values from very unlikely to
almost certain, could be used. Alternatively, specific probabilities could be
assigned by using a general scale (e.g., .1 / .3 / .5 / .7 / .9).
Table 9: Detailed priority-setting matrix
Consequences
Likelihood Insignificant Minor Moderate Major Catastrophic
Almost certain Medium Medium High High High
Likely Medium Medium Medium High High
Possible Low Medium Medium Medium High
Unlikely Low Low Medium Medium Medium
Rare Low Low Low Medium Medium
45
Table 14 shows an extended likelihood scale that was developed for a multi-
purpose set of assessments.
Table 10: Likelihood scale

Level Descriptor Description Frequency Probability
A Almost Very high, may occur at least once per year 1 per year 0.8 – 1
certain
B Likely Likely to arise at least once in a 1-5-year period 1 per 5 years 0.2 – 0.8
C Possible Possible, may arise at least once in a 1-10 years period 1 per 10 years 0.1 – 0.2
D Unlikely Not impossible, could occur at some time during the life 1 per 25 years 0.04 – 0.1
of the facility
E Very May occur only in exceptional circumstances 1 per 100 0.01 – 0.04
unlikely years
F Rare 1per 1,000 0.001-0.01
years
G Very rare 1 per 10,000 0.0001-
years 0.001
46
Risk Evaluation
Risk evaluation is about deciding whether risks are tolerable or not to the
project, taking into account:
• the controls already in place or included in project plans;

• the likely effectiveness of those controls;
• the cost impact of managing the risks or leaving them untreated;
• benefits and opportunities presented by the risks; and
• the risks borne by other stakeholders.
The evaluation step compares risk priorities from the initial analysis against all
the other risks and the organization's known priorities and requirements.
Any risks that have been accorded too high or too low a rating are adjusted,
with a record of the adjustment being retained for tracking purposes.
The outcome is a list of risks with agreed priority ratings.
Inherent risk
As an extension of the evaluation process, the inherent risk level for
each risk may be considered, using the four-point scale in Table 15. The
inherent level of risk is the level that would exist if the controls did not work as
intended, or if there were a credible failure of controls.
Table 11: Inherent risk rating
A Extreme inherent risk
B High inherent risk
C Medium inherent risk
D Low inherent risk
Risk data quality assessment

The data quality assessment involves determining the usefulness of the data
gathered to evaluate risk. Most important, the data must be unbiased and
accurate.
You will want to examine elements such as the following when performing
this tool and technique:
47
• The quality of the data used
• The availability of data regarding the risks
• How well the risk is understood
• The reliability and integrity of the data
• The accuracy of the data
Risk urgency assessment

In addition to a list of risks, qualitative risk analysis includes noting risks that
should move more quickly through the process. Reasons for this could include
the fact that the risk may occur soon, or will require a long time to plan a
response. Urgent risks may then move, independently, right into risk response
planning, or they may be simply the first ones for which you plan a response.
High severity
Low severity
High urgency Low urgency
Figure 11: Urgency of risk events
48
Table 12: Risk register
Task Cause Risk Effect Probability Impact

Errors +
Design Conflict Delay High High
Rework
Delay /
Inappropriate
Procurement Single supplier cost Medium Medium
delivery
increase
Handing out Permit not ready No access Delay Medium High
Delay /
Technical
Executing Rework Cost Low Medium
problems
increase
Quality /
Corrective
Verification Nonconformance Cost/ Low Medium
action
Time
49
RISK QUANTIFICATION
The quantitative risk analysis process aims to analyze numerically the
probability of each risk and its consequence on project objectives, as well as the
extent of overall project risk. This process uses techniques such as Monte Carlo
simulation and decision analysis to:
 Determine the probability of achieving a specific project objective.
 Quantify the risk exposure for the project, and determine the size of cost
and schedule contingency reserves that may be needed.
 Identify risks requiring the most attention by quantifying their relative
contribution to project risk.
 Identify realistic and achievable cost, schedule, or scope targets.
Quantitative risk analysis generally follows qualitative risk analysis. It requires
risk identification. The qualitative and quantitative risk analysis processes can
be used separately or together. Considerations of time and budget availability
and the need for qualitative or quantitative statements about risk and impacts
will determine which method(s) to use. Trends in the results when quantitative
analysis is repeated can indicate the need for more or less risk management
action.
50
Risk Quantitative Analysis
The earlier chapters have set out a framework for managing risk. They
describe risk management processes that are applicable to many forms of
projects and different kinds of risk requirements.
While the early chapters set out detailed processes for implementing risk
management in a qualitative or semi-quantitative framework, they do not
address quantification in any detail. The following chapters show how the
aggregate uncertainty associated with a project can be evaluated using
quantitative risk models in a variety of circumstances.
Quantitative Modelling provides a means of:
• describing the detailed mechanisms at work in a set of risks;
• evaluating the overall uncertainty in the project to which they relate and
the overall risk that this places on stakeholders;
• establishing targets, commitments and contingency amounts consistent
with the uncertainty the project faces and the risk the managers are
willing to accept; and
• exploring the relationship between detailed instances of uncertainty and
an overall level of risk, to inform risk management resource allocation.
The early chapters specify how to identify, evaluate and treat individual risks
and groups of risks. However, an analysis of individual risks gives no indication
of the combined effect of all the risks affecting a project.
Quantitative Modelling provides a framework within which to integrate
individual risks into an overall assessment to support decision-making and
management control. In the case of large, complex or particularly sensitive
projects, quantitative Modelling may also play a role in the evaluation of
individual risks.
51
General Approach
Quantitative risk assessments extend the process described earlier to more
detailed numerical analysis of uncertainty, usually in the context of a
model of the project being examined. Often the model is implemented in a
spreadsheet, incorporating the main cost or schedule aspects of the project and
their interrelationships.
Quantitative analyses come into their own when a view of the overall
risk associated with a project is needed, such as when:
• setting targets or accepting commitments;

• evaluating the realism of estimates;
• selling a project proposal on the basis of confidence in the forecast
outcome;
• assessing the return on major investments at pre-feasibility or feasibility
stage;
• choosing between alternative investments; and
• choosing between alternative technologies with different risk profiles.
Risk
Risk tools responses
Deterministic Probability
Quantify risk
model calculation
Figure 12: Quantitative risk management model

Risk Modelling may be viewed as an extension of conventional project
and business forecasting and Modelling (Figure 19.1). Generally, a
conventional spreadsheet is the starting point, such as a simple cost estimate or
a cash flow model of the net present value (NPV) of a capital investment. The
main elements of the model are examined to determine what might cause
the elements to vary, and the likely management responses to variations
are considered. The elements of a model, risks and responses are used to
develop quantitative descriptions of the variability in the model expressed as
distributions that replace simple fixed values in the spreadsheet. Of course, this
requires special software, often in the form of a simple spreadsheet add-in, such
as @Risk. The distributions are combined through the model structure to
52
generate distributions of the key variables need for decision making, such
as the distribution of capital cost, NPV or rate of return (Figure 19.2).
Figure 13: Simulation

Risk model parameters quantify uncertainty in the occurrence and the value of
model components. Uncertainty in the occurrence of an event is described in
terms of its probability of occurring. Uncertainty in the values of model
components, such as their cost, duration, throughput or other characteristics,
is described using probability density functions that are in turn defined by
parameters such as minima, maxima, most likely or mean values. For example,
Figure 19.3 shows an input distribution in density form, in this case
estimated as a percentage variation around a base value. Such a distribution
might be used to represent the uncertainty in an estimate of a cost at some time
in the future, where the base cost is linked to a standard cost-estimating process
and the risks are 'standard' estimating variations. Output distributions can be
displayed in several forms. The one most people find immediately useful is the
range of likely outcomes, and the risk of exceeding targets in that range. Figure
19.4 shows a typical example.
If Figure 19.4 represented the capital estimate for a procurement, for instance, it
would help in setting an overall budget target, generally towards the right-hand
end, and establishing how much to release initially to the project budget, usually
somewhere nearer the middle. It would also make it clear if earlier expectations
had been realistic. Anything falling to the left of the range would be seen as
very risky for all concerned.
53
Risk models provide considerable information about the business or project
being analyzed.
Figure 14: Accumulative probability after simulation
They can show:

• the realistically likely range of outcomes to expect;
• the risk (or probability) of exceeding a target as a function of the value of
the target;
• the relative magnitude of various sources of uncertainty; and
• the sensitivity of the uncertainty in the output to uncertainty in each input,
highlighting the major risk drivers (which might not be those expected!).
Application
Applications of the quantitative risk analysis processes described in this book
include, but are not confined, to the analysis of project-related aspects of:
• project cost, schedule and cash flow;
• enterprise or business cash flow (for example, where the project is a
stand-alone entity, or the dominant commercial activity of a company or
joint venture organization);
• capital investment decisions;
• processing system throughput; and
• marketing and sales forecasts and project revenues. Such analyses can
have a multitude of uses including:
54
• go/no-go investment decisions;
• establishing or negotiating targets, commitments and contingency
amounts;
• evaluating the realism of established targets and commitments;
• planning risk treatments that will reduce overall project uncertainty; and
• prioritizing sources of uncertainty and establishing the extent to
which various stakeholders can control the overall uncertainty in a
project.
55
Utility Theory
Utility theory explains how rational people sometimes prefer outcomes, which
do not have the highest monetary value (Raftery-1994, Thompson and Perry-
100
Utility
Risk averter
Neutral
Risk seeker
50
0
Amount at Stake
Figure 15: Utility

Curves
1992). Utility theory suggests that instead of maximizing expected monetary
value, people may maximize their own utility. The equation that describes the
utility curve is the utility function. Utility function varies from person to person.
The utility function of an individual is unlikely to be identical to the utility
function of that individual’s employing organization. It is also has been shown
that people are not consistent and that an individual decision maker may
demonstrate widely differing utility functions depending on the particular
circumstances and on the size and the monetary amount under consideration
(Figure 1).
56
Risk attitude is concerned with the trade-off that people will make between
uncertain payoffs of known probability and sure payoffs, again with known
probability.
The trade-offs are determined by asking decision-makers to specify how much
sure money (the certainty equivalent) must be received to make them indifferent
between the certainty equivalent and the expected value of a given amount that
is not certain.
For instance, if a person was given a choice between a 50% chance of winning
£10,000 on a roulette wheel and a 50% chance of winning nothing or a 100%
chance of winning £1,000 betting on a horse race and for a £500 stake winning,
there would be some point where the decision-maker would be indifferent
between the roulette wheel gamble and the horse race gamble. The decision is
colored by how much the gambler can afford to lose and how much he needs to
win. The relationship is between money and utility, where utility means the
satisfaction the decision-maker receives from given quantities of money.
Expected utility is a measure of the individual's implicit value, or preference, for
each policy in the risk environment. This measure is represented by a numerical
value associated with each monetary gain and loss in order to indicate the utility
of these monetary values to the decision-maker.
The utility measure can also be assigned to outcomes that have no monetary
value. For the moment, let us restrict ourselves to monetary payoff situations
which are more straightforward.
The utility measures should be consistent, in order to reflect the preference of
the decision-makers. The following rules must be obeyed:
• the more desirable an outcome, the higher the utility measure will be. For
example, winning £50 without any risk will have a higher utility measure
than winning £5 without any risk;
• if a decision-maker prefers outcome A to outcome B, and he prefers
outcome B to outcome C, then A will be preferred to outcome C;
• if a decision-maker is indifferent between two outcomes, they have equal
utility;
• in a situation involving risk, the expected utility of the decision equals the
true utility of the decision. For example, assume that a particular strategy
has an outcome 01 with a probability P1, and an outcome 02 with a
probability P2 = 1- Pl. If we define the utility of 01 as U(01) and the
utility of 02 as U(02), the expected utility of the strategy, which we
define as the EU strategy is:
EU(strategy) = P1*U(01) + (1 - P1) *U(02)
57
Perform Quantitative Risk Management
Data gathering & representation techniques

This technique is like the interviewing technique discussed earlier. Project team
members, stakeholders, and subject matter experts are prime candidates for risk
interviews. They are asked about their experiences on past projects and about
working with the types of technology or processes you’ll use during this project.
When using this technique, it is required first to determine what methods of
probability distribution. The chosen technique will dictate the type of information
needed to gather. For example, the team may use the three-point scale that
assesses the optimistic, pessimistic, and most likely risk scenarios or take it a
step further and use standard deviations calculations.
58
SENSITIVITY ANALYSIS
Sensitivity analysis is discussed in detail in chapter 6; the purpose in this section
is to give a brief overview. The discussion relates to the use of sensitivity
analysis for life cycle costing but the approach is applicable to a wide range of
activities.
Sensitivity analysis is used to identify the impact on the total of a change in a
single risky variable. The major advantage of sensitivity analysis is that it
explicitly shows the robustness of the ranking of alternative projects. Sensitivity
analysis identifies the point at which a given variation in the expected value of a
cost parameter changes a decision. For example, when considering the life cycle
costs, if the total costs of fuel exceed expectations by 10% does this change the
preference between two alternative projects?
Sensitivity analysis is an interactive process which tells you what effects
changes in a cost will have; on the life cycle cost. By identifying the relative
importance of risky cost variables, the decision-maker can adjust projects to
reduce the risks and responses should the outcomes occur.
A spider diagram is an effective way of using sensitivity analysis.
The steps are:
i) Calculate the expected total life cycle cost by using expected values.
i i) Identify the variables subject to risk using a decision tree approach.
iii) Select one risky variable, which we can call 'parameter 1', and re-calculate
the total life cycle cost using different assumptions about the value of this
parameter. The life cycle chosen is recalculated assuming that the cost
parameter changes by 1%, 2%, and so on.
iv) Plot the resulting life cycle costs on the spider diagram, interpolating
between the values. This generates the line labeled 'parameter 1' as shown in
Figure 2.
v) Repeat stages iii) and iv) 'for the other risky variables.
Each parameter line on the spider diagram indicates the impact on the life cycle
costs of varying the value attributed to a particular parameter within the defined
range. The flatter the line, the more sensitive will be the life cycle costs to
changes in that parameter. In Figure 2, total life cycle is much more sensitive to
variation in parameter 1 than it is to variation in parameter 2.
59
Spider diagram
The spider diagram tends to appear more difficult to read when more variables
are plotted. The practical answer is to have several spider diagrams. We would
recommend having a spider diagram for the financial and capital aspects of the
project, and a separate spider diagram for running costs.
The next question arises is whether there is likely to be a linear relationship
between percentage changes in costs and changes in the expected value for total
life cycle costs. In general, the spider diagram lines will not be linear, since if a
running cost increases by x per cent it will be a relatively larger component of
overall life cycle costs. Moreover, individual cost parameters may vary in many
different ways.
Sensitivity tests measure the effect on the model output of certain specified
changes in the values of input variables and parameters. It is usual to begin with
a deterministic output and to iterate through the model, examining the effect of
changes in the input variables and assumptions. The resultant changes in model
output may be presented as tables, graphs, or so-called spider diagrams.
Sometimes an analyst will vary many of the input variables in sensible
combinations. It would, of course, be unrealistic to decompose a model into a
number of independent components and then examine what happens to the
output if all the worst or best cases are added up (Figure 2). If the components
of the model are independent, then the probability of all of the worst cases
occurring simultaneously is a joint probability problem (Jovanović-1999,
Thompson and Perry-1992).
Variation %
Variable I
Variable
II
Variable III
(+)
0%
Total cost of the project
(-)
Variable IV
Figure 16: Spider diagram
60
Sensitivity analysis is a technique used to determine how different values of an
independent variable will impact a particular dependent variable under a given set of
assumptions. This technique is used within specific boundaries that will depend on
one or more input variables, such as the effect that changes in quality will have on a
total cost of a project or an item. By creating a given set of scenarios, the
management team can determine how changes in one variable(s) will impact
the target requirements. The results of the analysis can be presented in the form of
tornado diagram or spider diagram.
Inflation
Currency
Discount rate
Market demand
Conformance
-$2M -$1M $0M +$1M +$2M
Figure 17: Tornado diagram
61
EXPECTED MONETARY VALUE
The Expected Monetary Value (EMV) of each strategy is determined by
multiplying the payoff of each outcome by its probability of occurrence and
adding the products.
For example, if an investor has two strategies either hold £150,000 in cash or
invest the £150,000 in a project for which the options of return are £300,000
with a probability of 0.5 and £0 with a probability of 0.5, the EMV of the
investment return is:
EMV = 0.5 X 300,000 + 0.5 X 0 = £150,000
Under the probability choice criteria, the decision-maker's option is based on the
rule:
Strategy option = MAXi {EMV i}
However, the two strategies have the same Expected Monetary Value (EMV) of
£150,000, therefore, how the investor can make the decision of whether or not
to invest.
The following example shows another implementation of the EMV. A
construction company is hiring equipment with a value of £50,000. It can buy
insurance for £500 which will pay for replacing the equipment if it is damaged.
The probability of the equipment being damaged is 0.05.
There are two strategies:
Sl: don't buy insurance S2: buy insurance
and two events:
El: equipment not damaged E2: equipment damaged
Let us form the payoff table for this problem, taking losses as negative income.
If the company buys the insurance, their cost will be £500, whether or not the
equipment is damaged. The payoff matrix is shown along with the expected
monetary value (EMV) computations.
Using EMV criterion, the company would select S1 and not buy the insurance.
Yet, in practice, many construction companies would, and actually do, purchase
insurance. The prospect of a £50,000 loss somehow outweighs the £500
payment even with the low probability of risk.
• each possible outcome is defined by a single number;
• the outcomes are ranked in order of preference;
• the objective is to maximize expected utility.
The first step in deriving a utility function by the NM method is to determine
two monetary outcome values as reference points. For convenience, we will
look at the most favorable and least favorable monetary outcomes in a decision
62
situation. We then assign utility values to these two reference points. Since
utility is an ordinal rather than a cardinal concept, these utility values are
arbitrary. All that is necessary is that utility increases with the monetary gain.
For convenience again, therefore, we might assign arbitrary utility values of 1
and zero, respectively, to these extreme monetary outcomes. Assume that the
monetary return outcomes of a gamble range from £0 to £300. So we choose
extreme monetary values of £0 and £300, assigning a zero utility to £0 and a
utility of 1.0 to £300. That is, "' U(£0) = 0 and U(£300) = 1.0
The second step of the NM method is to assign the utility values for all the other
monetary outcomes lying between these two extreme monetary outcomes. The
utility values are determined in the NM method as the basis of the concept of
certainty equivalent.
Assume that the decision-maker has to choose between two strategies:
Strategy A: a given amount of money with certainty (certain money)
Strategy B: a risky environment with probability p of winning £300 and
probability (1-p) of winning £0.
To determine a certainty equivalent of strategies A and B, we can change the
parameter values of either strategy A or B, or both, until a certainty equivalent
is obtained. For convenience, assume p = 0.5 and (1-p) = 0.5 for strategy B and
that the certain money of Strategy A increases from zero. When the certain
money of strategy A reaches £100, it makes the decision-maker indifferent
between strategies A and B.
Therefore £100 is the certainty equivalent between strategies A and B. Its utility
equates to the expected utility of strategy B:
U(100) = pU(£300) + (1-p) U(£0) = 0.5*1 + 0.5*0 = 0.5
Probabilities P(El) = 0.95 P(E2) = 0.05
Table 13: Payoff matrix
E1: E2: Expected Monetary value
Not damaged Damaged
S1 (Do not buy $0 -$50,000 EMV(S1)= -0*0.95 -

insurance) 50,000*0.05 = -2,500
S2 (buy -$500 -$500 EMV(S2)=-500*0.95 -

insurance) 500*0.05 = -500
63
Figure 18: Risk and the contractor
64
Decision tree
The concept of expected value can also be combined with "probability" or
"decision" trees to identify and quantify the potential risks. Another common
term is the impact analysis diagram. Decision trees are used when a decision
cannot be viewed as a single, isolated occurrence, but rather as a sequence of
several interrelated decisions. In this case, the decision maker snakes an entire
series of decisions simultaneously.
The process of constructing a decision tree can be complicated. Decision trees
contain decision points, usually represented by a box or square, where the
decision maker must select one of several available alternatives. Chance points,
designated by a circle, indicate that a chance event is expected at this point.
The following three steps are needed to construct a tree diagram:
 Build a logic tree, usually from left to right, including all decision points
and chance points.
 Put the probabilities of the states of nature on the branches, thus forming a
probability tree.
 Finally, add the conditional payoffs, thus completing the decision trees.
The following illustration shows an example where a choice between good
quality and poor quality product is required. The probability of using good
quality product looks to be 60% while the probability of producing poor
quality product is only 40%. Meanwhile, the probability of having a good
market with respect to the specified product is 70% against only 30%
probability for poor market. The expected income for each branch of the tree
is shown as illustrated. The expected income for good quality product is L.E.
62,000 while that of poor quality product is only L.E. 29,000. On the other
hand, the expected monetary value for the whole process is L.E. 48,800.
N.B.:
Expected monetary value for good market = 0.7 * 80,000 + 0.3 * 20,000 = L.E. 62,000
Expected monetary value for poor market = 0.7 * 50,000 - 0.3 * 20,000 = L.E. 29,000
Expected monetary value for the whole process = 0.6 * 62,000 + 0.4 * 29,000 = L.E.
48,800
65
Good market L.E. 80,000
P=0.7
L.E. 62,000
Good quality Poor market
P = 0.6 L.E. 20,000
P=0.3
L.E. 48,800
Good market L.E. 50,000

Poor quality
P=0.7
P = 0.4
L.E. 29,000
Poor market
L.E. -20,000
P=0.3
Figure 19: Decision tree example 1
The figure below shows a simple example for a decision tree. The general
contractor has three options when tendering for three projects. He has the
resources to undertake only one of the projects and must select the most
profitable option.
66
The first option is to act as a general contractor submitting a lump sum bid for
the re-building of a sea wall. The project has a likely profit of £400,000, but
there is a chance that it could show a loss of £200,000. The second project is a
design and build scheme for a new pumping station at a waterworks. The
potential profit is £220,000, but again the project could show a loss, this time
£100,000. The third project is a management contract for the refurbishment of
an aircraft hangar with a potential profit of £160,000 but the possibility of a loss
of £20,000.
Reading the diagram from right to left, the contractor has put probabilities
associated with the profit and loss for each project. The cost of bidding for the
project is then deducted from the EMV to identify the project within the highest
net EMV, which is the design and build scheme.
Consider, for example, the sea wall.
EMV = £400,000 X 0.6 - £200,000 X 0.4 = £160,000
less the bidding costs of £5,000 giving a net EMV of £155,000.
Decision Definition Decision Node Chance Node Net Path value
30% Boom
+900,000 900k -500k = 400k
Large Plant
($500,000)
70% Recess
Large Plant 400*.3 -100*.7= 50k +400,000
400k -500k = -100k
or
Small Plant 30% Boom
+300,000 300k -200k = 100k
Small Plant
($200,000)
70% Recess
100*.3 - 40*.7 = 2k
+160,000 160k -200k = -40k
Decision Node
Chance Node
End of Branch

Decision trees are diagrams that show the sequence of interrelated decisions and
the expected results of choosing one alternative over the other. Typically, more than
one choice or option is available when you’re faced with a decision or, in this case,
potential outcomes from a risk event. The available choices are depicted in tree form
starting at the left with the risk decision branching out to the right with possible
67
outcomes. Decision trees are usually used for risk events associated with time or
cost.
SIMULATION
Using this method the estimator need no longer be restricted to conventional
estimates (Mulholland and Christian-1999, Vose-1996, Grey-1995, Raftery-
1994). If the estimator tends to choose “safe” figures then the result will be an
over-conservative estimate. On the other hand, if the “most likely” figure is
adopted then all the estimator's accumulated experience and judgment about
other possibilities is lost when the results are added up to one single figure. By
using computer simulation it is possible to carry through the estimate a
complete judgment about the range of each variable and the relative likelihood
of each value in that range. This judgment is made in the form of a probability
distribution defined by the estimator, which reflects the sum of his or her
knowledge about that variable. Using a simulation program, the project is
“built” many times. Thus, we are able to observe the effect of the combined
probabilities. On each “pass” through the project, the program selects for each
item a cost that is chosen from the input distribution for that item. The
simulation results in a statistical sample of projects with identical probabilistic
characteristics, each of which has had a different outcome. Analysis of this
sample enables us to attach some numeric evaluation to the degree of risk in the
estimate.
Choice of distribution
The choice of input distribution is not based upon a search for the true
distribution for the variable in question but on the objective of modeling the
estimator's perception of the range and probability of the likely outcomes for it.
The distributions chosen to work with in practical situations need to have
certain desired characteristics. They should be relatively easy to understand and
should have clear cut-off points. It is required to state reasonably clearly that the
cost or time for a particular variable will never exceed X or be less than Y
(Back et al.-2000, Fente et al.-2000, Maio et al.-2000, Guyonnet et al.-1999,
Vose-1996, Grey-1995, Raftery-1994).
68
There is leeway to be somewhat flexible in the choice of input distribution, as
errors in these distributions are improved by the effect of the Central Limit
Theorem. The Central Limit Theorem implies that when a range of distribution
shapes is entered and simulated many times, there will, as the number of
simulations increases, be a tendency for the output distribution to tend to the
normal shape. The precise choice of input distribution is not as important as the
problem of correlation among the subsystems of the project model. It is
important either to choose to analyze sources of risk that are reasonably
independent or to expend a lot of time dealing with the connections between
subsystems.
Probabilit
y
Minunum Maximum
Figure 22: Uniform probability distribution
Figures (8), (9), and (10) show some types of probabilistic distributions. More
details about possible distributions can be found in Appendix G. The
distributions themselves are self-explanatory. In eliciting subjective
probabilities and the parameters of the illustrated distributions, care should be
taken to ensure that there are consistent rules for defining most likely, maxima
and minima figures.
Correlations and independence
It is important to be aware of the trivia of the software being used to do the
simulation. Most of the smaller programs and many of the more expensive ones
do not deal with correlation. Some of the larger project management programs,
which tend to simulate networks, claim to be able to deal with correlation but
the detail of how strongly the links are defined is left to the user. Therefore,
users need to be quite sophisticated in their understanding of probabilistic
project models (Vose-1996).
Correlation may be dealt with in this manner. Assume that activity P is

dependent on the outcome of an earlier activity, say, activity K. The program
69
should allow for this to be flagged when entering the basic simulation model.
For activity P a number of different distributions are entered, each one
contingent upon a specific type of result from activity K. Now, in the simulation
when it is time to draw a number for activity P, the program checks back to read
the result drawn for activity K during the same pass. Reading this result, the
program then decides which of the range of distributions for P is now
appropriate, given the outcome of activity K. For example, the results of K
could be banded into three different sections. A lower band producing a very
optimistic result, a middle band and a higher band producing a pessimistic
result. In this case, we could enter three distributions to activity P, one for each
of the three cases. The correlation may be positive, where a good result in K
implies a good result in P, or negative, where a good result in K implies a bad
result in P.
However, it is also the case that the majority of all construction projects can be
adequately simulated using very simple and inexpensive software. Detailed
simulation of project activity networks is sometimes carried out for aerospace,
defense and large undersea oil and gas exploration projects, but these are all
much bigger, more heterogeneous, and more risky than most construction pro-
jects. Figure (14) shows sample output for simulated analysis for the duration of
a sub-project. The upper figure shows the probability distribution based on
1,000 trials, while the lower figure shows the accumulative distribution of that
outcome.
Probability
Minunum Most likely Maximum
Figure 23: Triangular probability distribution
70
Probability
σ σ (standard deviation)
µ (mean)
Figure 24: Normal probability distribution
Simulation is the art and science of designing a model which behaves in the
same way as a real system. The model is used to determine how the system
reacts to different inputs.
Figure 25: Probability density function
71
Simulation is a further method of analyzing risk; it is basically a means of
statistical experiment. Monte Carlo analysis is a form of stochastic simulation.
It is called Monte Carlo because it makes use of random numbers to select
outcomes, rather as a ball on a roulette wheel stops, theoretically at random, to
select a winning number.
The Monte Carlo simulation will require sets of random numbers to be

generated for use in testing various options. Random numbers could be selected
in a variety of ways such as picking a number out of a hat, or throwing a dice. In
reality, using a computer program is the most effective method of generating
sets of random numbers.
Simulation makes the assumption that parameters subject to uncertainty can be
described by probability distributions. In Monte Carlo simulation a large
number of hypothetical projects are generated to reflect the characteristics of the
actual project. Each simulation (or iteration, as it is known) is accomplished by
replacing a risky variable with a random number drawn from the probability
distribution used to describe that variable.
Cumulative frequency curves are also usually presented as part of the results.
From these it is a simple matter to read off the likelihood that a certain activity
will not exceed a given time.
Figure 26: Probability distribution after Monte Carlo’s simulation
72
Monte Carlo analysis is an example of a simulation technique. Monte Carlo
analysis is replicated many times, typically using cost or schedule variables.
Every time the analysis is performed, the values for the variable are changed
using a probability distribution for each variable. Monte Carlo analysis can also
be used during the Schedule Development process.
Figure 27: Accumulative probability distribution of budget after simulation
73
Figure 28: Sample output of simulation process
74
Many software packages are available for the probabilistic distribution analysis
(Merna and Storch-2000). INFRISK is the package utilized by the Economic
Development Institute of the World Bank. In INFRISK, the project data for the
simulation is inputted both through an input sheet and the INFRISK dialog
boxes. The input sheet contains fundamental project data for each year of the
project. The data on this sheet is divided into two sections: one for the
construction period and one for the operational period (Dailami et al.-1999).
Once the main project data are entered in the input sheet, the user can specify
the setting regulating functioning of the INFRISK simulation. This is done
through the main dialog’s key function, which cover the following areas:
 Macroeconomic Parameters
 Construction Cost
 Risk Variables
 Dept Capital Info
 Equity Capital Info
 Output Options
A generic form of probabilistic simulation is that utilized by the package called
Crystal Ball. This package is compatible with the Microsoft package and can
handle several types of distributions. Figure (14) shows sample output for the
expected duration of partial project.
Modeling and simulation techniques are often used for schedule risk analysis
and cost analysis. For example, modeling allows translating the potential risks
at specific points in the project into their impacts so it is possible to determine
how the project objectives are affected. Simulation techniques compute the
project model using various inputs, such as cost or schedule duration, to
determine a probability distribution for the variable chosen. Cost risks typically
use either a work breakdown structure or a cost breakdown structure as the
input variable.
Schedule risks always use the precedence diagramming method as the input
variable. If a simulation technique is used to determine project cost and use the
cost of the project elements as the input variable, a probability distribution for
the total cost of the project would be produced after running the simulation
numerous times. Modeling and simulation techniques examine the identified
risks and their potential impacts to the project objectives from the perspective of
the whole project.
75
THE RISK PREMIUM
• A discount rate reflects the investor's time value of money and the rate of
return the property must earn to justify the investment.
• The investor in land and property will balance the costs and the revenue of
the investment over a period of time by using a discount rate.
• Similarly the contractor and specialist contractor are looking at the
investment of their resources and effort into a construction project: there is a
risk of loss which is tempered by the possibility of gain.
• They might use discounted cash flow techniques in order to evaluate the
project.
• The risk premium will be added to the risk free discount rate.
• There are no formulae which derive an appropriate risk premium; each
investor will have his or her own requirements as to the risk premium for
each project.
• Financial commitments always carry certain risks which can be neither
eliminated nor transferred.
• The term risk free is intended to imply not absolute absence of all risk, but
virtual absence of default risk.
• In financial terms, the risk free rate is taken as that which would apply if
lenders viewed a borrower's credit and collateral so favorably that they were
absolutely certain of repayment at the scheduled time.
• Future risk is discounted more heavily than is near-term risk.
• Arguably, the greatest uncertainty surrounds the initial construction period.
76
RISK-ADJUSTED DISCOUNT RATE
• It is tempting to consider the risk premium as the requirement for an

additional rate of return.
• A real discount rate used in say, life-cycle costing calculations, may be
viewed as composed of three parts: a time value of money; an adjustment for
expected inflation; and a risk premium.
• The size of the premium depends upon the degree of risk associated with the
project and the attitude to risk by the investor.
• The greater the risk, the greater the premium.
• In practice, a single risk-adjusted discount rate is added to the discount
factor:
RA = (RF + I + RP)t
RA = Risk adjusted discount rate
RF = Risk free rate
I = allowance for inflation
RP = Risk premium which is the adjustment for extra risk above the
normal risk
• A potential disadvantage of this approach has already been noted. Since the
discount factor is part of a compounding function, the discount factor grows
with increases in the value of (t).
• This implies a special assumption that the risks associated with future costs
and revenues increase geometrically with time.
• A procedure for evaluating such projects is to separate timing and risk
adjustments using the concept of certainty equivalent value (CEV).
• The CEV of a cash flow in a given year is simply its risk adjusted value in
that year. Hence, if all future cash flows were converted to CEVs, they could
then be discounted to the present using a single risk free discount rate.
• An alternative is to discount cost and benefit streams separately, each with a
unique risk-adjusted (RA) discount rate.
77
DECISION ANALYSIS
Decision analysis deals with the process of making decisions. It is both an
approach to decision-making and a set of techniques to guide decision taking
under conditions of risk and uncertainty.
They may be opportunities to exploit a chance to enter a new property market or
plan a new development.
Decision analysis follows a number of steps:
• recognizing and structuring the problem;
• assessment of the values and uncertainties of the possible outcomes;
• determining the optimal choice;
• implementation of the decision.
The decision techniques considered in this section are fairly simple. They are:
• algorithms;
• means-end chain;
• decision matrix;
• decision trees;
• stochastic decision tree analysis.
78
CERTAINTY, RISK, AND UNCERTAINTY
Decision making falls into three categories: certainty, risk, and uncertainty.
Decision making under certainty is the best and easiest case to work with. With
certainty, we assume that all of the necessary information is available to assist
us in making the right decision, and we can predict the outcome with perhaps
100 percent confidence. As we progress from certainty to risk to uncertainty, the
potential damage to the project increases (Kerzner-1998, Raftery-1994,
Chapman and Ward-1997).
Decision Making Under Certainty
Decision-making under certainty implies that we know with 100 percent
accuracy what the states of nature will be and what the expected payoffs will be
for each state of nature. Mathematically, this can be shown with payoff tables.
To construct a payoff matrix, we must identify (or select) the states of nature
over which we have no control. We then select our own action to be taken for
each of the states of nature. Our actions are called strategies, which are actually
the risks that we are willing to take. The elements in the payoff table are the
consequences or outcomes for each risk.
Table 14: Payoff matrix (profit in millions)
State of nature
Strategy
N1 N2 N3
S 1 =A $50 $40 -$50
S 2 =B $50 $50 $60
S 3 =C $100 $80 $90
A payoff matrix based on decision-making under certainty has two controlling

features.
Regardless of which state of nature exists, there will be one dominant strategy
or risk that will produce larger gains or smaller losses than any other strategy or
risk for all the states of nature.
There are no probabilities assigned to each state of nature. (This could also be
stated that each state of nature has an equal likelihood of occurring.)
Decision Making Under Risk
In practical situations, there usually does not exist one dominant strategy for all
states of nature. In a realistic situation, higher profits are usually accompanied
by higher risks and therefore higher probable losses. When there does not exist
79
a dominant strategy, a probability must be assigned to the occurrence of each
state of nature.
Risk is the totality effect of outcomes (i.e. states of nature) that can be described
within established confidence limits (i.e., probability distributions). These
probability distributions are obtained from well-defined experimental
distributions.
Consider Table (15), in which the payoffs for strategies 1 and 3 of Table (14)
are interchanged for the state of nature N 3 .
Table 15: Payoff matrix (profit in millions)
Strategy State of nature
N 1 =0.25 N 2 =0.25 N 3 =0.5
S1 50 40 90
S2 50 50 60
S3 100 80 -50
From Table (15), it is obvious that there does not exist one dominant strategy.
When this occurs, probabilities must be assigned to the possibility of each state
of nature occurring. The best choice of strategy is therefore the strategy with the
largest expected value, where the expected value is the summation of the payoff
times and the probability of occurrence of the payoff for each state of nature. In
mathematical formulation,
n
Ei = ∑ Pi, j p j
j =1
where E i is the expected payoff for strategy i, P i,j is the payoff element, and p j is
the probability of each state of nature occurring. The expected value for strategy
S 1 is therefore
= (50)(0.25) + (40)(0.25) + (90)(0.50) = 67.50
The expected value can be interpreted as the average value that the project
manager can expect if he performs this effort 100 times. Repeating the
procedure for strategy 2 and 3, we find that E 2 = 55, and E 3 = 20. Therefore,
based on the expected value, the project manager should always select strategy
S 1 . If two strategies of equal value occur, the decision can be made arbitrarily.
The controlling factor in decision-making under risk is the assigning of the
probabilities for each of the states of nature. If the probabilities are erroneously
assigned, different expected values will result, thus giving us a different
perception of the best risk to take. Suppose in Table (15) that the assigned
80
probabilities of the three states of nature are 0.6,0.2, and 0.2. The respective
expected values are:
E 1 = 56
E 2 =52
E 3 = 66
In this case, the project manager would always choose strategy S 3 . We can
therefore see the importance of obtaining proper values for the probabilities of
each state of nature occurring.
Decision Making Under Uncertainty
The difference between risk and uncertainty is that under risk there are assigned
probabilities, and under uncertainty meaningful assignments of probabilities are
nonexistent. As with decision making under risk, uncertainty also implies that
there exists no single dominant strategy. The decision maker, however, does
have at his disposal four basic criteria from which to make a management
decision. Each criterion will depend on the type of project as well as the project
manager’s tolerance to risk.
The first criterion is the Hurwicz criterion, often referred to as the maximax
criterion. Under the Hurwicz criterion, the decision maker is always optimistic
and attempts to maximize profits by a “go-for-broke” strategy. This result can
be seen from the example in Table (15). The maximax criterion says that the
decision maker will always choose strategy S 3 because the maximum profit is
100. However; if the state of nature were N 3 , then strategy S 3 would result in a
maximum loss instead of a maximum gain. The use of the maximax, or Hurwicz
criterion, must then be bared on how big a risk can be undertaken and how
much one can afford to lose. A large corporation with strong assets may use the
Hurwicz Criterion, whereas the small private company might be snore
interested in minimizing the possible losses.
A small company would be more apt to use the Wald, or maximin criterion,
where the decision maker is concerned with how much he can afford to lose. In
this criterion, a pessimistic rather than optimistic position is taken with the
viewpoint of minimizing the maximum loss.
In determining the Hurwicz criterion, we looked at only the maximum payoffs
for each strategy in Table (15). For the Wald criteria, we consider only the
minimum payoffs. The minimum payoffs are 40, 50, and -50 for strategies S 1 ,
S 2 , and S 3 , respectively. Because the project manager wishes to minimize his
maximum loss, he will always select strategy S 2 since it gives him the lowest
risk. If all three minimum payoffs were negative, the project manager would
select the smallest loss if these were the only options available. Depending on a
81
company's financial position, there are situations where the project would not be
undertaken if all three minimum payoffs were negative.
Table 16: Regret Table

Strategy States of Nature
N1 N2 N3 Maximum regrets
S1 50 40 0 50
S2 50 30 30 50
S3 0 0 140 140
The third criterion is the Savage, or minimax criterion. Under this criterion, we
assume that the project manager is a sore loser. To minimize the regrets of the
sore loser, the project manager attempts to minimize the maximum regret; that
is, the minimax criterion.
The first step in the Savage criterion is to set up a regret table by subtracting all
elements in each column from the largest element. Applying this approach to
Table (15), we obtain Table (16).
The regrets are obtained for each column by subtracting each element in a given
column from the largest column element. The maximum regret is the largest
regret for each strategy, that is, in each row. In other words, if the project
manager selects strategy S 1 or S 2 , he will only be sorry for a loss of 50.
However, depending on the state of nature, a selection of strategy S 3 may result
in a regret of 140. The Savage criterion would select either strategy S 1 or S 2 .
The fourth criterion is the Laplace criterion. The Laplace criterion is an attempt
to transform decision making under uncertainty to decision making under risk.
Recall that the difference between risk and uncertainty is a knowledge of the
probability of occurrence of each state of nature. The Laplace criterion makes
an a priori assumption based on Bayesian statistics, that if the probabilities of
each state of nature are not known, then we can assume that each state of nature
has an equal likelihood of occurrence. The procedure then follows decision-
making value. Using the Laplace criterion, we obtain Table (16). Using the
Laplace criterion, the project manager would therefore choose strategy S 1 .
82
Table 17: Laplace criterion
Strategy Expected value
S1 60
S2 160/3
S3 130/3
The important conclusion to be drawn from decision-making under uncertainty

is the risk that the project manager wishes to incur. For the four criteria
previously mentioned, we have shown that any strategy can be chosen
depending on how much money we can afford to lose and what risks we are
willing to take.
83
BREAKEVEN ANALYSIS
This technique is an application of sensitivity analysis. It can be used to measure
the key variables which show a project to be either attractive or unattractive. A
simple example for a project would be examining the critical rate of return with
the cash inflow and initial cash outflow, the capital cost, the rate of inflation, the
discount rate, and with a rent review every three years with the new rent being
based upon the annual rate of inflation in the year preceding the review plus
2%.
The rate of return is calculated by finding the appropriate rate which equates all
future cash flows with the initial capital cost. The net present value criterion
merely states that a project is worth undertaking if the present value of all future
discounted cash flows is greater than, or equal to, the initial capital cost.
The table below shows the data for a proposed investment with various
assumptions. The results show a net present value of $2,555,848 which means
that the project is not a good investment. The rental income would need to be
$770,000 per annum in order for the project to be worthwhile if the other values
remain constant.
Capital cost (land, construction, fees, taxes) $6 millions

Cash inflow (rental income) $700,000
Cash outflow costs (running cost) $200,000
Rent review period 3 years
Rent review allowance above initiation in the
2% pa
final year preceding the review
Discount rate 12.5%
Time horizon 30 years
Net lettable floor area (rent $10/m2 70,000
84
SCENARIO ANALYSIS
This is a rather grand name for another derivative of the sensitivity analysis
technique which tests alternative scenarios; the aim is to consider various
scenarios as options.
When undertaking a scenario analysis the key variables are identified together
with their values.
Option A Option B Option C
Most likely Optimistic Pessimistic
Circulation space area 1,000 m2 1,600 m2 2,300 m2
required to meet the client’s
requirements
Net usable floor area of the 7,000 m2 6,600 m2 7,300 m2
building stipulated in the brief
Gross superficial floor area of 5,000 m2 5,000 m2 5,000 m2
the building
Construction prices forecast $1,000 $950 $1,100
for building cost per m2 at
fourth quarter 1988
Inflation allowance for a 12 5% pa 4% pa 8% pa
month design time and 12
month construction period
Cost of providing car parking $500,000 $400,000 $800,000
and modifying the existing
roads to meet state
requirements
85
RISK RESPONSE
Risk response and mitigation is the action that is required to reduce or eliminate
the potential impact of risk. There are two types of response to risk - one is an
immediate change or alteration to the project, which usually results in the
elimination of the risk; second is a contingency plan that will only be
implemented if an identified risk should materialize (Wideman-1992).
In order to mitigate the potential impact of any risk the project manager or his
designated risk manager must consider alternative courses of action and
evaluate the consequences should that action be taken. As an integral part of the
risk management process (RMP), the main aim of any response and mitigation
strategy is to initiate and implement appropriate action to prevent risks from
occurring or, at minimum, limit the potential damage they may cause (Tweed-
1996).
Furthermore, through the use of adequate and appropriate contingency plans, if
the occurrence of a risk is unavoidable, its impact should be limited to the
contingency levels contained within the overall project allowances. This should
ensure that the overall project objectives of time, cost, and quality are not
jeopardized.
The options for responding to risk are avoidance, reduction/mitigation,
transfer/sharing, and retention/acceptance - each should be assessed as one or
more will apply in every circumstance. In order to identify which route(s)
should be adopted a number of questions must first be asked (Tweed-1996):
• is the risk controllable or uncontrollable
• who is best placed to influence/deal with the source and outcome of the
risk
• what secondary or resultant risks arise as a result of the action taken
• is the cost of mitigating the risk acceptable when compared to the
potential impact of the risk itself?
86
Strategies for Negative Risks or Threats
Once risks have been identified and assessed, all techniques to manage the
negative risk fall into one or more of these four major categories:
• Avoidance (eliminate)
• Mitigation (reduce or control)
• Transference (outsource or insure)
• Acceptance (retain or assume)
Ideal use of these strategies may not be possible. Some of them may involve
trade-offs that are not acceptable to the organization or person making the risk
management decisions. Another source, from the US Department of Defense,
calls these categories ACAT, for Avoid, Control, Accept, or Transfer.
Avoidance
This strategy includes not performing an activity that could carry risk.
Avoidance may seem the answer to all risks, but avoiding risks also means
losing out on the potential gain that accepting (retaining) the risk may have
allowed. Not entering a business to avoid the risk of loss also avoids the
possibility of earning profits. A simple example could like doing activities in
parallel which usually being carries out in series to accelerate the performance
of the project. This risk could be assumed if the project is behind schedule and
the management team trying to catch up the due date of the project or phase. On
the contrary, it is better to avoid this risk in the planning process.
Risk avoidance may include a review of the overall project objectives leading to
a reappraisal of the project as a whole. Risk avoidance is often perceived as the
ultimate mitigation strategy in that it implies that the project may be aborted.
In simple terms, this method of mitigation involves the removal of the cause of
the risk and therefore the risk itself. Ideally any approach involving avoidance is
best implemented by the consideration and adoption of an alternative course of
action. Other examples of risk avoidance include the use of exemption clauses
in contracts, either to avoid certain risks or to avoid certain consequences
following from the risks. Risk avoidance is most likely to take place where the
level of risk is at a level where the project is potentially unviable.
Risk avoidance strategies are directed to eliminating sources of risk or reducing
substantially the likelihood of their occurrence. Examples of risk avoidance
include:
• more detailed planning;
• the selection of alternative approaches;
87
• improving designs and systems engineering, or adopting enhanced design
standards;
• procedural changes;
• permits to work;
• protection and safety systems;
• preventive maintenance;
• formal processes and quality assurance procedures;
• operations reviews;
• regular inspections and audits; and
• training and skills enhancement.
Figure 29: Risk response
88
Mitigation
In this strategy it is targeted to reduce the severity of the loss or the likelihood
of the loss from occurring. For example, sprinklers are designed to put out a fire
to reduce the risk of loss by fire. This method may cause a greater loss by water
damage and therefore may not be suitable. Halogen fire suppression systems
may mitigate that risk, but the cost may be prohibitive as a strategy.
Outsourcing could be an example of risk reduction if the outsourcer can
demonstrate higher capability at managing or reducing risks. In this case
companies outsource only some of their departmental needs. For example, a
company may outsource only its software development, the manufacturing of
hard goods, or customer support needs to another company, while handling the
business management itself. This way, the company can concentrate more on
business development without having to worry as much about the
manufacturing process, managing the development team, or finding a physical
location for a call center.
Impact mitigation is directed to minimizing the consequences of risks. Some
risks, such as those associated with economic variations or extreme weather
conditions, cannot be avoided. The likelihoods of other risks arising may be
reduced by risk prevention strategies, but the risks may still occur. In these
cases, risk management must be directed to coping with their impacts, and
ensuring that adverse consequences for the project and the project criteria are
minimized.
This method adopts an approach whereby potential exposure to risks and their
impact is alleviated. Often this is achieved by the managing or designing out of
potential risk. Methods of risks reduction may require some initial investment,
which should then reduce the likelihood of the risk occurring. Risk reduction
occurs where the level of risk is unacceptable and alternative action is available.
Typical action to reduce risk could be:
• detailed site investigation where adverse ground conditions are known to
exist but the full extent is not known;
• alternative procurement route - by utilizing an alternative contract
strategy risks will be allocated between project participants in a different
way
• changes in design to accommodate the findings of the risk identification
process.
• contingency planning;
• engineering and structural barriers;
• separation or relocation of an activity and resources;
• quality assurance;
89
• contract terms and conditions;
• regular audits and checks to detect compliance or information security
breaches; and
• crisis management and disaster recovery plans.
Risk reduction exercises will always be worthwhile because they can lead to
greater knowledge about the project and this reduces not only the potential
impact of risks but also the level of uncertainty - itself a major source of risk.
Risk reduction invariably leads to greater confidence regarding the project's
outcome. However, risk reduction will result in an increase in the base cost but
should offer a significantly greater reduction in the level of contingency
required. It goes without saying that risk reduction should only be adopted
where the resultant increase in costs is less than the potential loss that could be
caused by the risk being mitigated.
90
Transference
In the terminology of practitioners and scholars alike, the purchase of an
insurance contract is often described as a "transfer of risk." However,
technically speaking, the buyer of the contract generally retains legal
responsibility for the losses "transferred", meaning that insurance may be
described more accurately as a post-event compensatory mechanism. For
example, a personal injuries insurance policy does not transfer the risk of a car
accident to the insurance company. The risk still lays with the policy holder
namely the person who has been in the accident. The insurance policy simply
provides that if an accident (the event) occurs involving the policy holder then
some compensation may be payable to the policy holder that is commensurate
to the suffering/damage.
Transference of risk should comprise the passing of risks to those better placed
or more capable to maintain control or influence the outcome of the risk.
Transference should never be viewed as a negative risk response. Its intention is
not to pass the buck by making someone else responsible. Further, it should not
be used in a penal or disciplinary manner as a protective mechanism for other
project participants. For risks to be managed properly an incentive may be
required.
When transferring risk it is important to differentiate between the transference
of the risk itself and the allocation of risk responsibility. Where a risk is
transferred the intention should be to transfer the whole of the risk including its
potential impact. Where the responsibility for the risk is allocated to a project
participant, time, cost, quality repercussions remain, and this may still adversely
affect the project's outcome.
Where a portion of the risk is transferred whilst some risk is retained this is
known as risk sharing. This approach may be adopted where the risk exposure is
beyond the control of one party. In such instances it is imperative that each
party appreciates the value of the portion of risk for which it is responsible.
Some ways of managing risk fall into multiple categories. Risk retention pools
are technically retaining the risk for the group, but spreading it over the whole
group involves transfer among individual members of the group. This is
different from traditional insurance, in that no premium is exchanged between
members of the group up front, but instead losses are assessed to all members of
the group.
Risk transferring occurs when contracts are negotiated between an
organization and its suppliers or sub-contractors. Contracts are the primary
means of allocating risk between the parties involved in most projects.
However, transferring a risk with a contractor or supplier does not transfer it
fully, and it may not really eliminate the risk - it just transforms it into a
91
'contractor failure' or 'contractor performance' risk. In these circumstances it is
critical to ensure the contractor has a system in place for managing risk
effectively, otherwise the project may end up with additional risks. In many
projects, procurement contracts require sound risk management processes to
be developed and implemented by the contractors, sub-contractors or
suppliers of products or services, as part of prudential control and oversight
procedures.
Insurance is a well-known risk transferring strategy. It is normally used for
physical assets and a limited range of commercial risks, particularly for the low
probability but high impact residual risks that may remain after other risk
treatment actions have been implemented. Transferring a risk with another
party will usually incur a cost, for example an insurance premium, which
provides a direct measure of the cost of transferring the risk. It should be
noted that an insurance contract, like most contracts, is also a process that
transforms the risk into something different: in this case, the insured party now
has a credit risk that the insurer will not pay the full amount of a claim or will
delay payment.
Insurance is particularly relevant to the management of 'residual' risks, where
active risk prevention and mitigation measures have been implemented. The
remaining variability is a prime candidate for insurance.
92
Acceptance
Risk acceptance involves accepting the loss when it occurs. True self-insurance
falls in this category. Risk retention is a viable strategy for small risks where the
cost of insuring against the risk would be greater over time than the total losses
sustained. All risks that are not avoided or transferred are retained by default.
This includes risks that are so large or catastrophic that they either cannot be
insured against or the premiums would be infeasible. War is an example since
most property and risks are not insured against war, so the loss attributed by war
is retained by the insured. Also any amount of potential loss (risk) over the
amount insured is retained risk. This may also be acceptable if the chance of a
very large loss is small or if the cost to insure for greater coverage amounts is so
great it would hinder the goals of the organization too much.
Sometimes risks cannot be avoided or transferred, or the costs of doing so
would be high. In these circumstances, the organization must retain the risks.
Nevertheless, risk prevention and impact mitigation measures and monitoring
are usually recommended, at least in outline form.
As most businesses in the private sector know, hedging or shedding all risks is
rarely possible, and in any case it often costs so much that little or no
profit can be made. In these circumstances, companies may become risk
takers as an integral part of conducting their business, and reap the associated
rewards. In some instances, organizations may wish to consciously retain
significant risks, particularly where they have the appropriate expertise to
manage them.
Once all the avenues for response and mitigation have been explored a number
of risks will remain. This does not imply that these risks can be ignored; indeed
it is these risks, which will in most instances undergo detailed quantitative
analysis in order to assess and calculate the overall contingency levels required.
There are two types of acceptance strategy:
1- Active acceptance. The most common active acceptance strategy is to

establish a contingency reserve, including amounts of time, money, or
resources to handle the threat or opportunity. Some responses are
designed for use only if certain events occur. In this case, a response plan,
also known as “Contingency Plan”, is developed by the project team that
will only be executed under certain predefined conditions commonly
called “triggers.”
2- Passive acceptance. Requires no action leaving the project team to deal

with the threats or opportunities as they occur. Workaround is
distinguished from contingency plan in that a workaround is a recovery
plan that is implemented if the event occurs, whereas a contingency plan
93
is to be implemented if a trigger event indicates that the risk is very likely
to occur.
The aim of the previous responses is to reduce project uncertainty and in so

doing increase the base estimate to reflect the more certain nature of the project.
However, it does not imply that these retained risks can simply be ignored.
Indeed, they should be subject to effective monitoring, control, and
management to ensure they are contained within the contingency allowances
set.
It should be noted that this contingency should be made up of residual risks,
which are assessed, to be of a low likelihood and low potential impact. High
probability and high impact risks should undergo further rigorous examination
so that an alternative response can be found.
94
Strategies for Positive Risks or Opportunities
Risk is defined as exposure to the consequences of uncertainty. In a project
context, it is the chance of something happening that will have an impact upon
objectives. It includes the possibility of loss or gain, or variation from a desired
or planned outcome, as a consequence of the uncertainty associated with
adopting a particular course of action.
The definition of risk is broader than ‘hazards’. The risk management process
can embrace this broader definition, within the same basic approach as is used
to manage the undesirable consequences of uncertainty.
Figure 30: Risk Analysis Matrix
Figure 31: Threats and Opportunities

95
Treatment options for risks having positive outcomes (opportunities) are similar
in concept to those for treating risks with negative outcomes, although the
interpretation and implications are clearly different. Options include:
• actively seeking the opportunity by deciding to proceed with or continue
the activity likely to create it (where this is practicable);
• changing the likelihood of the opportunity, to increase the chance of
beneficial outcomes;
• changing the consequences, to increase the potential gains;
• sharing the opportunity with others who can assist in any of the other
strategies; and retaining the residual opportunity.
After opportunities have been changed or shared, there may be residual
opportunities that are retained with no further immediate action specified. This
may be described as 'leaving it to chance'.
The following table shows a selection of the Extreme and High opportunities for
a business unit with responsibilities for conducting small and medium projects
within its organization and for managing the provision by other companies
of large projects. There are a number of points of interest in this example.
• Consequence ratings were on the scale -A to -E for risks and A to E for
opportunities.
• The criterion that was most affected by each opportunity was noted.
• The assessment of agreed priorities was extended to consider the
inherent levels of opportunity. The inherent priority was interpreted
as the potential opportunity that might be obtained if current plans
and processes were implemented.
• However, the members of the business unit preferred to think about it as
an opportunity, in the sense that changing the pay and reward structure
would generate far better business and project outcomes.
96
97
Four strategies exist to deal with opportunities or positive risks that might
present themselves on the project: exploit, share, enhance, and accept.
Exploit
When exploiting a risk event, the opportunities for positive impacts are aimed.
This is the strategy of choice when identifying positive risks that you want to
make certain will occur on the project. Examples of exploiting a risk include
reducing the amount of time to complete the project by bringing on more
qualified resources (as possible) or by providing even better quality than
originally planned.
Share
The share strategy is similar to transferring because you’ll assign the risk to a
third-party owner who is best able to bring about the opportunity the risk event
presents. For example, perhaps what your organization does best is investing.
However, it isn’t so good at marketing. Forming a joint venture with a
marketing firm to capitalize on a positive risk will make the most of the
opportunities.
Enhance
The enhance strategy closely watches the probability or impact of the risk event
to assure that the organization realizes the benefits. This entails watching for
and emphasizing risk triggers and identifying the root causes of the risk to help
enhance impacts or probability. It is something like convincing the customer to
enlarge the size of the project, adding more activities to the scope, or repeating
the project again in terms to enhance the profit of my organization.
Contingent response strategies
The last tool and technique of the Risk Response Planning process is called the
contingent response strategy, better known as contingency planning. It involves
planning alternatives to deal with the risks should they occur. This is different
from mitigation planning in that mitigation looks to reduce the probability of the
risk and its impact, whereas contingency planning doesn’t necessarily attempt to
reduce the probability of a risk event or its impacts. Contingency planning says
the risk might very well occur, and you better have plans in place to deal with it
when it does.
Contingency comes into play when the risk event occurs. This implies you need
to plan for your contingencies well in advance of the threat occurring. After the
risks have been identified and quantified, contingency plans should be
developed and kept at the ready.
Contingency allowances or reserves are a common contingency response.
Contingency reserves include project funds that are held in reserve to offset any
unavoidable threats that might occur to project scope, schedule, cost, or quality.
98
It also includes reserving time and resources to account for risks. You should
consider stakeholder risk tolerances when determining the amount of
contingency reserves.
Secondary Risk: A secondary risk can be defined as a risk created by the
response to another risk. In other words, the secondary risk is a consequence of
dealing with the original risk. A simple way to look at this is to think of project
management as a chess game in which one has to think as many moves ahead as
possible. One has to consider the reaction to the reaction, or in other words, the
consequences that could arise from dealing with a problem or risk. Secondary
risks are generally not as severe or significant as primary risks, but can become
so if not anticipated and planned for appropriately.
Residual Risk: It is these risks which remain after risk response planning, and
those that have been accepted for which contingency plans and fallback plans
can be created. Residual risks should be properly documented and reviewed
throughout the project to see if their ranking has changed. Contingency Plans
Contingency plans are plans describing the specific actions that will be taken if
the opportunity or threat occurs.
Workaround: Another type of corrective action is a workaround. Workarounds
are unplanned responses to emerging risks that weren't accepted or identified.
Workarounds give a way to "work around" the problem and as a result, reduce
the effects that the risk has on the project. Workarounds should not be applied
without documentation. Since using workarounds may have a positive or
negative effect on the project, it is required to incorporate them into the project
plan and risk response plan.
Risk register after planning risk responses
Task Cause Risk Effect Probability Impact Trigger Response Allocation Owner Residual risk Secondary risk
Design
Procurement
Handing out
Executing
Verification
99
Contractual Risk Allocation Strategies
Risk allocation strategies should be determined at the inception of the project by
the client. Further risk management exercises may be undertaken during the
course of a project but the reallocation of risk at this time is rare and will require
negotiations with the contractor, which may or may not be successful. A
contractor's exposure to risk must be related to the return that he can reasonably
expect from a project. Thus if a contractor is making only a 5% return on a
project, it is reasonable for a contractor's risk exposure to be restricted.
Alternatively, tenders may be much higher than expected, reflecting the cost of
transferring the risk to the contractor (Smith–1999).
Figure 32: Effectiveness vs. cost of change over time
The main characteristics of the available choices of risk allocation strategy can
be grouped according to organizational structure or payment mechanism.
Construction risks such as ground conditions, risk of non-completion, cost
overruns and risk of delay are considered as major technical risks.
Specification risk and errors in design that could have a detrimental effect on
both construction and operation are also common. Physical hazards that may
occur in the construction phase include force majeure, such as earthquake,
flood, fire, landslip, pestilence, and diseases (Edawards-1995).
100
Typical construction risks.
Risk category Description
Physical Natural, ground conditions, adverse weather, physical obstructions
Construction Availability of plant and resources, industrial relations, quality,
workmanship, damage, construction period, delay, construction
program, construction techniques, milestones, failure to complete,
type of construction contracts, cost of construction, commissioning
insurances, bonds, access and insolvency
Design Incomplete design, availability of information, meeting specification
and standards, changes in design during construction
Technology New technology, provisions for change in existing technology,
development costs and intellectual property rights and need for
research and development
In the following subsections, a number of risk strategies are examined and their
usefulness in a number of situations is discussed. Whatever approach is taken,
the implications for the whole cycle of the project must be considered and the
goals of all parties aligned.
Conventional Approach
This approach is commonly used in construction projects. The parties' roles and
responsibilities are based on the separation of design from construction. The
design is carried out by a consultant or in-house team, with limited contractor
involvement, whereas the construction is the responsibility of the contractor
with limited involvement of the client. The construction contract is usually
supervised and administered by the design consultant working on behalf of the
client. As the parties' responsibilities vary, their obligations, risk exposures and
ability to carry risk also vary.
This organizational structure usually allocates the risk of changes in the price of
items to the contractor, while the risk of delay can be allocated to either the
contractor or the client. The tendered prices used in this type of contract include
a contingency for risk, which again means that the client is likely to pay more
for the privilege of transferring the risks to the contractor than if he had
accepted them himself.
Cost-Based - Reimbursable Approach

This form of contracting requires the client to take the majority of the risks as
the contractor is paid on a cost plus fee basis but it also means that the client
only has to pay for those risks that occur. The downside is that the client may
pay for contractor's inefficiencies, which should be the contractor's risk. Cost-
101
reimbursable contracting can allow the contractor to have an input into the work
at an early stage and this should help to reduce some of the project risks that
may occur using a conventional approach.
Figure 33: Project risk exposure
Management Contracting Approach

Management contracts are used by clients who want a third party to supervise
and coordinate the design and construction of the project. These contracts
require management contractors to place contracts for the packages of work and
to oversee the project and ensure that the client receives what he initially
specified. The client transfers all risks, except those associated with the
operation of the project, to the management contractor. The management
contractor can then transfer the risks that he holds through the contracts with the
works contractors, as he wishes. The management contractor is usually
reimbursed for all expenses he incurs, including those paid to subcontractors. A
fee (either fixed or a percentage of the total) is usually paid to cover overheads
and profit.
Fast-Track Approach
The fast-track method of construction requires the compression of the design
and construction stages by the overlapping of many activities and, although not
a type of contract, fast track is a method of constructing the works that requires
a much greater degree of control over the construction process. Fast-track
projects are governed by contracts and it is necessary to choose a suitable type
of contract to ensure that there is continuity in the work. This method of
construction increases the risks in the project because the design of the work is
not usually completed before the construction starts. If problems occur, they are
less recoverable, from the program point of view, than if using conventional
102
methods of construction. This requires a large amount of coordination to ensure
that construction is not halted because the necessary designs are not completed.
The use of fast-tracking also means that the contractor must have a good
relationship with his suppliers because he has very little advance warning of the
exact quantities of goods that are required for a particular section of work. A
management contract is often used for fast-track projects.
Turnkey Approach
For this approach, the client gives detailed specifications of what he requires
and awards a single contract for the entire facility. It is then the responsibility of
the contractor to design, construct, commission the facility, and ensures that it
conforms to the client's specifications. The contractor can subcontract out the
work, but it remains the contractor who deals with the client. The client's
involvement in a project of this type is minimal. These contracts can be termed
“turnkey”, “design-build”, or “package deal”.
A BOOT (build, own, operate, transfer) approach can be similar to this

organizationally but, in the case of BOOT projects, finance has to be raised by
the promoter that is repaid (in the form of tolls or tariffs) over a concession
period, and eventually the facility reverts to the ownership of the client
organization.
This type of project is very inflexible for the client, despite the reduction for
risks that have to be accepted. If the client wishes to make any changes or
alterations when the specifications have been given, it will result in increased
premiums and increase the chance that the project will not meet its objectives.
For the contractor, this type of project has increased the risks, but it does allow
the contractor to use expertise and experience in planning and managing the
work.
Normally, the contractor is paid on a fixed price basis. There is no mechanism
in this type of contract for price adjustments, so the price tendered by the
contractor must include some allowance for changes in prices. The allowance
included in the tendered price for price changes is the premium that the client
pays for transferring the risk to the contractor.
103
Firm Fixed Price (FFP)
Fixed Price plus Incentive Fee (FPIF)

Contractor incentive
Fixed Price with Economic Price Adjustments (FP-EPA)

Contractor risk
Cost plus Fixed Fee (CPFF)
Cost plus Incentive Fee (CPIF)
Cost plus Award Fee (CPAF)
Time & Materials
Customer influence
Customer risk
Figure 34: Factors influencing payment choice

This type of contract allocates the cost risk associated with the construction, and
possibly the design work, to the contractor. There may be a clause in the
contract that requires the contractor to pay the client in the event of a delay, but
the inclusion of this clause is left to the discretion of the client. Otherwise, the
risk of a delay in the project is retained by the client, along with all the other
risks in the project.
Risk Allocation According to Payment Mechanism

According to this classification, there are two main categories: price-based and
cost-based contracts. In the former the price and rates are submitted by the
contractor in his tender. Lump sum (or fixed price) and admeasurement
contracts lie under this category. The case is different for cost-based contracts
where the contractor is reimbursed for the actual costs he incurs with a fee for
overheads and profit. Cost-reimbursable and target-cost contracts are in this
category.
Lump Sum or Fixed Price

Some clients wish to transfer all of the construction risks to the contractor and
be certain of his commitment. Usually, the responsibility for the package is
vested in a single contractor. The contractor agrees to carry out the work for
money stated in the contract, regardless of its actual cost, as long as there is no
change or breach of the contract from the client. This is quite common for
104
schools, warehouses, and similar works where the scope is relatively well
defined and the work is straightforward.
From the contractor's point of view, fixed price contracts are a good opportunity
to maximize profits. As the client's involvement in the project is minimal, good
planning, efficient use of resources and effective control can reduce costs and
maximize profit. These contracts are normally let after competitive tender and
so it is possible for the contractor to underestimate the costs involved. If this
happens, he may not be able to cover the contract expense and, in extreme
cases, he could become bankrupt. The quality of work and the program may
also suffer.
Admeasurement
Admeasurement contracts require the use of a bill of quantities (BOQ) or
schedule of rates. The work that the contractor is required to carry out is
itemized, and it is necessary for the contractor to put a rate against each item of
work. This method allows for the adjustment of price by the use of the itemized
tendered rates. Uncertainty remains about the final price for the work because it
does not necessarily follow that the lowest tender will be the one to give the
lowest final price for the work.
Admeasure contracts are commonly used in building and civil engineering

projects, especially in the public sector. They are usually used when risks are
relatively low and quantifiable, the program is almost fixed, and the design is
almost complete and ready to be included in the tender. In cases where design
and construction need to be overlapped, care should be exercised to ensure that
there is sufficient information from which quantities can be obtained.
Admeasurement contracts are more flexible than lump sum contracts because
they allow additional work to be priced using the contractor's own pricing
scheme.
Under this type of payment mechanism, the client's main concern when entering
into a construction contract will be the risk that the duration or cost of the
project will exceed their estimates. The contractor's principal risk is that
undertaken when he makes an offer based on his tender estimate. He accepts the
possibility of incurring greater costs than the income provided by his prices.
The contractor can include contingencies in his tender anywhere that he
chooses, this being part of the skill of tendering.
Cost Reimbursable and Target Cost

The cost-based contract is one in which the contractor is reimbursed for the
actual cost he incurred carrying out the contract works plus a specified fee for
105
overheads and profit. No total price is quoted at tender, competition is limited to
the fee and technical capabilities and in most cases, and contracts are let after
negotiation. Details of proposed management procedures and resources to be
utilized must be given at tender. In the building industry, this tends to be known
as “fee contracting”.
Cost-based contracts have been used for process plant and some building and
civil engineering contracts for several decades. The main use for cost-
reimbursable contracts is for projects where there is a need for an early start
while the scope is not well defined. They are also used for works where the
quantity of work is not well defined, demolition, site clearing, repair works or
incomplete contracts where work was interrupted, and for innovative works
where research development or novel design is required. Cost-reimbursable
contracts are appropriate in these cases because they are flexible and there is a
high degree of client involvement through an active management role that gives
the client confidence that the contract will be properly executed. In order to
maximize benefits and to ensure that the work is carried out efficiently and
economically, the client must maintain constant and detailed involvement in the
project. The project team, in addition to technical and administrative
supervision, must ensure that the contractor is utilizing resources efficiently.
Outsourcing
The outsourced provision of goods and service in an organizational framework
can be considered in terms of three functions:
• the internal or external customers who require goods or services;
• the outsourced provider of the goods or services; and
• a purchaser who must acquire those goods and services and ensure they
continue to meet the customers' needs to an appropriate standard.
To achieve organizational efficiencies many organizations have segregated and
formalized these three functions. Many of the risks associated with outsourcing
are associated with these three functions and their interrelationships.
Adverse impacts of outsourcing may be associated with the purchaser, the
provider or the customer or their interactions.
• For the customer, outsourcing usually involves more formal and complex
arrangements for the supply of goods and services and their payment.
• For the purchasing function, this may require the organization to develop
new skills and expertise for establishing, managing and monitoring the
contractual relationship between the provider and the customer.
106
• For management, outsourcing may mean a loss of technical expertise from
the organization, with no guarantee it will be available if required in the
medium to long term.
Outsourcing may cause major changes to the nature and competence of
organizations, particularly if the outsourced activity is a critical link in the
organization's value chain. Once implemented, outsourcing may be difficult
and expensive to reverse, due to the loss of in-house skills coupled with the
difficulty in re-acquiring such skills.
Outsourcing does not necessarily transfer the governance, accountability or
risks associated with the outsourced function. The manager responsible for the
outcomes of that function generally retains accountability for performance and
the management of the risks associated with it. In addition, new risks emerge
with outsourcing that in turn requires management attention.
107
Contract Award
The selection of external contractors is one of the crucial decisions made by the
client if the project is to be a success. The criterion for selection may be price,
time, or expertise. The price criterion is often the key objective issue as the
client seeks the most economic price for the development, whereas time and
expertise criteria are often seen as being less objective because of the need to
expedite the construction program and the need for good quality workmanship
(Alarcón and Mourgues-2002).
The tender process may take a number of forms, the main distinguishing feature
being the level of competition. Open tendering involves a high-risk element for
the client, as many of the tendering organizations will be unknown. With
selective tendering in either one or two stages, a limited number of
organizations are invited to tender after some form of pre-selection or pre-
qualification has taken place. In this case, award to the lowest conforming
tender is not such a high-risk strategy. Negotiated tendering takes place when a
client approaches a single organization, based on reputation, but this can also be
time-consuming. The risk here is that at a later stage in the project the client
may question whether value for money has been achieved in the absence of
competition.
The tendering process has three key stages: pre-qualification, tender
documentation and bid evaluation. A number of factors will influence the
pricing policy of the tendering organization, such as, competition, availability of
resources and workload; however, these should not influence the criteria that the
client uses for selection, but rather be taken into account as part of the client's
evaluation.
The contractual evaluation may be carried out as a separate assessment or as a
part of the technical and financial evaluation. Compliance with the contract
documents is considered paramount. Any qualifications included in the
contractor's bid that had been accepted in the initial evaluation stage would be
re-examined and clarified; if necessary, the bid may have to be rejected. The
contractual evaluation is summarized in a report identifying those areas of risk
and possible contractual problems associated with each of the bids.
Contractual Sharing In Governmental Projects

Charoenngam and Yeh (2001) presented a study on the contract sharing in
governmental contracts. Most government-funded construction contracts are
prepared by the government agencies or consulting engineers, and contractors
are typically unable to influence the fairness of the contract conditions or
clauses. Many of these government agencies have perceived that they can
transfer risk and liability by placing major responsibilities upon contractors
108
through contract clauses. These clauses are intended to shift the preponderance
of risk to contractors and associated insurers while minimizing the risk to
themselves, the owners. This practice may result in high bid prices because
contractors may add risk or uncertainty to the bid cost in the form of
contingencies.
Infrastructure construction projects are typically large, uncertain, and complex
in many aspects. Therefore, they are subject to more risks related to economic,
social, political, and environmental conditions than other types of construction
projects. Should these risks materialize, they may have an impact on the cost,
schedule, or quality of projects (or a combination of these). Construction risk
can seldom, if ever, be eliminated. It can merely be transferred from one party
to another.
Grouping and prioritization of risks

Rank Description Score
Construction Risk Factors
1 Construction delay 191
2 Changes in work 185
3 Availability of resources 170
4 Delayed site access 158
5 Damage to persons or property 75
6 Late drawings & instructions 63
7 Defective design 63
8 Cost of tests and samples 48
9 Actual quantities 25
Physical Risk Factors
1 Subsurface conditions – geology 196
2 Subsurface conditions – ground water 176
3 Acts of God 88
Performance Risk Factors
1 Defective work 163
2 Productivity of equipment 145
3 Productivity of labor 89
4 Conduct hindering work performance 82
5 Suitability of material 80
6 Accidents 53
7 Labor disputes 39
Contractual & Legal Risk Factors
1 Delayed dispute resolution 156
2 Change order negotiation 154
3 Delayed payment 86
4 Insolvency of contractor or owner 63
Financial & Economic Risk Factors
1 Inflation 154
2 Funding 130
109
Grouping and prioritization of risks
Rank Description Score
3 National & international impacts 93
Political & Social Risk Factors
1 Environmental issues 170
2 Regulations 91
3 Public disorder 72
In large-scale infrastructure projects, risks and liabilities should be fairly shared

among project participants through contractual arrangements. In order to
prevent unexpected risks and thus disputes during construction, international
contracts should pay close attention to local project characteristics and contract
practices. Political reform and economic change in the last decades in the
developing countries has led to dramatic changes for the society and the impact
has been felt in the construction industry as well. Demand for efficiency of
massive infrastructure development has forced developing countries to open
their construction markets. Emerging large-scale international construction
companies frequently challenge the fairness of government contracts for civil
engineering projects. These, combined with the impact of the General
Agreement on Trade in Services (GATS) on changing construction-related
regulations, will cause changes in the environment of the construction industry
in many countries as well as influence the contract strategies for future in-
frastructure projects. International competitive bidding procedures will be the
standard practice; then, government agencies will be subject to much stronger
pressure from the international construction industry to prepare fair construction
contracts (Chapman et al.-2000).
110
The Fundamental Risks-Liability and Responsibility
The fundamental risks inherent in any construction project are apportioned
between the client, the design team, the general contractor, the specialist
contractors, and the material and component suppliers within the various
contractual relationships. The risks are:
• adequacy of design - which party bears the risk of liability for latent
defects occurring as a result of errors in design?
• cost of construction - which party assumes the risk of how much it will
cost to build the project?
• liability for latent defects arising as a result of bad workmanship, faulty
materials, and poor specification- which party is responsible for the
inadequacy, the professional team, the prime contractor, the specialist
contractors, or the material suppliers?
• safety and indemnification for all accidents - it is customary for one party
to agree to indemnify the other for all damage and liability to third parties
arising from the works;
• completion deadlines - which party takes responsibility for completion to
the agreed deadlines?
• quality of workmanship and materials - which party takes responsibility
for fitness for purpose and for ensuring the quality is acceptable?
Risk Transfer by Surety Bonds

In law a surety is a party that assumes liability for the debt, default, or failure in
duty of another. A surety bond is not an insurance policy; it is the contract that
describes the conditions and obligations of such an agreement. Insurance
protects a party from risk of loss, while suretyship guarantees the performance
of a defined contractual duty.
The types of surety bond in use are:

• bid bond ensures the contractor will stand by his tender bid;
• performance bond ensures that if the contractor defaults, the project will
be completed in accordance with the terms of the contract. All
performance bonds have a face value which acts as an upper limit of
expense the surety will incur;
111
• labor and material payment bond protects the employer for labor and
material used or supplied on the project. It protects against liens being
filed on the project by unpaid parties to the work.
Basic factors relating to risk in contracts:

• what is the exposure inherent in the contract
• who is most capable of handling that exposure
• who has the responsibility for that exposure
• who has the power to make sure that responsibility is carried out
• what has been done to take account of the uncontrollable risks
• to what extent have the risks been transferred
112
Figure 35: Risk sources and corresponding offset
113
Figure 36: Risk documenting
114
Risk Action Plan
The manager responsible for treating a risk may belong to the project team, the
sponsoring business unit, or a functional area. Generally, responsibility should
be allocated according to who is best able to deal with the matter. Responsible
managers should complete Risk Action Plan summaries for each risk classified
as extreme or high on the agreed risk priority scale. The structure of the
summary is shown in Figure 6.8.
• Extreme and High risks: All Extreme and High risks must be
reduced. A detailed Risk Action Plan is required, with a one-page
executive Risk Action Plan summary in the form shown in Figure 6.8.
Similar risks, or risks for which a common treatment is indicated, can be
grouped. All the boxes in the summary are required to be completed. The
summary may be sufficient in many circumstances, but additional
detail can be included if required, such as the benefit-cost analysis
justifying the action. The summary can refer to existing work plans and
processes. Managers should amend existing work plans appropriately.
• Medium risks: All Medium risks should be reviewed and, where
resources are available, suitable cost-effective reduction actions
should be implemented and a Risk Action Plan summary completed
(Figure 6.8). The aim should be to reduce all Medium risks unless it is
decided, based on an assessment of costs versus benefits, to accept the
risk.
• Low risks: The managers responsible should take into account the
identified risks, and ensure existing controls, plans and procedures are
adequate to cover them. Where the risk is inherently Extreme or High,
managers must also ensure that the control processes are being
implemented correctly and effectively.
115
Figure 37: Risk ranking
116
Managing medium risks
Although Extreme and High risks individually lead to the greatest
potential problems, there are usually many more Medium risks than Extreme
and High risks, and the effect of the Medium risks in aggregate may be
significant. Accordingly, the Medium risks must be managed too. The
assessment process for identifying and evaluating options for the management
of Medium risks is similar to that described for Extreme and High risks. The
level of detail required may be lower, but the same considerations apply.
The management processes are often simple, depending on the complexity of
the project organization:
• designating the manager responsible for each risk area;
• ensuring that each manager has plans developed to a level of detail
appropriate to the requirement; and
• ensuring the reporting and monitoring procedures are adequate for
tracking the implementation of risk management activities.
117
Determining Contingency
The contingency sum, usually expressed as a percentage markup on the base
estimate, is used in an attempt to allow for the unexpected. Construction and
development is fraught with difficulty, and the basic notion of risk analysis is
that it is useful to at least make an attempt to identify these risky items and
attach some financial value to them. These amounts can then be added to a
project budget as items of possible expenditure. The intention is that the project
budget becomes a more realistic representation of the client's likely outlay
(Smith and Bohn-1999).
Thompson and Perry (1992) pointed out several weaknesses of using a

contingency amount:
• The percentage figure is, most likely, arbitrarily arrived at and not
appropriate for the specific project.
• There is a tendency to double count risk because some estimators are
inclined to include contingencies in their best estimate.
• A percentage addition still results in a single-figure prediction of estimated
cost, implying a degree of certainty that is simply not justified.
• The percentage added indicates the potential for detrimental or downside
risk; it does not indicate any potential for cost reduction and may therefore
hide poor management of the execution of the project.
• Because the percentage allows for all risk in terms of a cost contingency, it
tends to direct attention away from time, performance, and quality risks.
• It does not encourage creativity in estimating practice, allowing it to
become routine and mundane, which can propagate oversights.
The use of risk premium money is regarded as standard practice in construction

(Raftery 1994). The practice of presenting project cost estimates as a
deterministic figure comprising a base estimate and the addition of a single
contingency amount has been adopted in the construction industry for a long
time for budgeting purposes. Usual practice is for this amount to be a single
lump sum with no attempt made to identify, describe, and value various
categories and possible areas of uncertainty and risk. In many cases it amounts
to an educated guess at best. If there is some form of tender documentation
provided to bidders, the contingency will usually be transferred to the
provisional sums section in these documents.
118
Mak and Picken Model
In an attempt to deal with the determination of contingencies in a more
analytical way, the Hong Kong Government implemented a technique called
Estimating using Risk Analysis (ERA) in 1993. ERA produces similar base plus
contingency cost estimates at pretender stage. For building projects that usually
use the government's fixed quantities con-tract, the magnitude of the final
account variations can be compared with the contingencies included in
estimates (Mak and Picken-2000).
In the ERA model, estimates are prepared at specific stages identified as
Category C, Category B, and Category A. As the project becomes more definite,
its category designation is changed – Category A being more certain than
Category C. After identification the potential risks in the project, risks are
categorized as either (1) fixed; or (2) variable. For each risk event, an average
risk allowance and a maximum risk allowance are calculated. The relationship
between risk category and risk allowance is shown Table.
Relationship between risk allowance and risk category

Type of risk Average risk allowance Maximum risk allowance
Fixed risk Probability X maximum cost Maximum cost
Variable risk Estimated separately Estimated separately
Assumption 50% chance of being exceeded 10% chance of being exceeded
119
Figure 38: ERA calculation
The ERA process is usually carried out several times during the pretender
period for any one project. Figure (22) shows the ERA calculations for one of
these stages. As the project develops, some events that were originally
identified as uncertain will be clarified and will be either deleted or included in
the base estimate as a certainty.
The following table presents a summary of completed projects that detailed the
contract sum, original contingency, amount of additions, amount of omissions,
final account amount, and start date of 322 building projects.
120
Summary of raw data
Statistics Non-ERA projects ERA projects
Number of projects 287 45
Contract sum (minimum) 0.31 M 0.99M
Contract sum (maximum) 1331.01 M 208.48 M
Contingency (minimum) 0.15 M 0.08 M
Contingency (maximum) 110.00 M 38.00 M
Contingency/contract sum (minimum) 0.67% 4.02%
Contingency/contract sum (maximum) 137.40% 18.23%
Final account variation (minimum) 6.00 K 41K
Final account variation (maximum) 85.98 M 27.39 M
DEVI (minimum) 0.10 0.30
DEVI (maximum) 45.00 6.64
Contingency Management Model by Ford

Ford (2002) proposed a model to test hypotheses of the effectiveness of
aggressive and passive management strategies on cost, timeliness, and facility
value. Managers were found to pursue general project objectives in their
management of contingency.
Hypotheses
Hypotheses were developed concerning how contingency management
strategies impact the performance of different types of projects. Better
performance is measured by more emergencies resolved, reduced delays, and
facility improvement. Projects are described with their management difficulty,
as described by the amount and nature of their uncertainty, and the project cost
structure. Contingency management strategies are aggressive or passive. An
aggressive strategy reallocates funds quickly, uses contingency to correct
schedules before many emergencies have been discovered and resolved, and
applies funds early to improve the facility. In contrast, a passive strategy
reallocates slower, postpones using contingency until it must be used to meet
critical objectives, and uses little funds for improvement until emergency and
schedule objectives are met.
121
If sufficient contingency funds are available, all emergencies are resolved,
deadlines are met, and facilities are improved. Under these conditions, many
contingency management strategies are effective. But when resources constrain
performance projects that are more difficult to manage (are uncertain and have
higher costs), are expected to cost more, take longer, and improve facilities less.
Four hypotheses were utilized in the model as:
Hypotheses 1 (H 1)-performance decreases with increasing management
difficulty.
Hypotheses 2 (H2)-the percent of emergencies resolved are less and delays are
larger using an aggressive strategy than when using a passive strategy for a
fixed level of management difficulty.
Hypotheses 3 (H3)-the value added using an aggressive strategy is larger than
the value added using a passive strategy for a fixed level of management
difficulty.
Hypotheses 4 (H4)-performance decreases less as management difficulty
increases using an aggressive strategy than a passive strategy.
Contingency Management Model

Modeling describes the observed contingency management mental models. In
this way, the interactions and potential flaws of contingency managers are
captured better than in more complete and detailed models.
The model has four subsystems: (1) escrow accounts; (2) emergencies; (3)
schedule control; and (4) facility improvement.
The escrow accounts subsystem simulates the monetary requirements,
accumulations, and dynamic allocations of money among the four accounts and
the use of contingency. The emergencies subsystem models the discovery and
resolution of emergencies. The schedule control subsystem models the effects
of emergencies on schedule performance and the perception and management of
delays. The improvements subsystem simulates the addition of value to the
facility by spending contingency funds. Each subsystem also models one form
of contingency management performance. The simulation model is a set of
nonlinear difference equations that describe the information structures and
decision-making processes used to manage contingency. Because no closed
form solutions are known, the behavior of the system was simulated over time.
122
Contingency management performance
Performance Project Management Conditions
Measures Easiest Easy Difficult Most difficult Total change
Emergency resolution (percent of total emergencies resolved)
Aggressive strategy 91.0 70.7 61.0 47.5 -43.5%
Passive strategy 100.0 76.7 68.0 51.2 -48.8%
Schedule control (actual duration as percent of planned duration)
Aggressive strategy 106.1 116.5 153.2 156.6 +50.5%
Passive strategy 100.0 114.2 152.5 157.7 +57.7%
Facility improvement (thousands of dollars of value)
Aggressive strategy 53.5 24.3 27.8 20.6 -61.5%
Passive strategy 37.1 4.3 4.6 3.6 -90.2%
The table above shows the performance of the aggressive and passive strategies
in resolving emergencies, controlling the project schedule, and facility
improvement for each of the four project management conditions, as well as, the
total change in performance across project management conditions.
123
BOT Projects Risk Assessment
Zayed and Chang Model

Zayed and Chang (2002) presented a model to anticipate the risk index (F),
which is a prototype-developed evaluation tool, composed of one-level
hierarchical structure that consists of the main eight BOT risk areas. Figure (26)
shows the eight risk areas that the study focused on: political, financial,
revenue, promoting, procurement, development, construction, and operating.
Figure 39: BOT projects main risk areas
The objective of the risk factor (F) is to evaluate whether a particular project
should be privately promoted based on BOT risk. It assesses the degree of BOT
project exposure to risk areas. The risk index (F) can be presented by adding the
risk areas’ value function as follows:
where; F = risk index for BOT project (probability of failure);
W i = weight for each risk area I using Eigen value method;
n
F =δ ∑ Wi * Vi ( xi )
i =1
V i (x i ) = worth score for each risk area (x i );

X i = different risk areas i;
i =1,2,3,….,n;
124
n=number of risk areas (8);
δ=constant
The term (δ) was introduced to account for situations where a single dominant
attribute’s performance level is so low that it is sufficient to render a company
incapable of promoting the project. The (δ) factor is calculated by multiplying
the delta of each of n dominant risk area falls below a certain threshold, P1, set
by the decision maker (cutoff point), then its δ i =0 whenever a dominant risk
area I has a performance level x i ≤P1 [ that is, whenever V i (x i ) = 0]. The
qualitative risk area measurement scale used to quantify the qualitative
assessment of any risk area i is shown in Figure (28).
Figure 40: Qualitative risk area measurement
125
Risk in BOT Projects
Askar and Gab-Allah (2002) presented this study aiming to investigate the
potential for implementing the BOT system in the Egyptian environment. This
could be achieved by giving a clear view of BOT and of its problems, risk areas,
and features, pertaining to the Egyptian environment, in order to maximize the
benefits and minimize the risks as much as possible.
Figure 41: Comparison between expected and actual risk factors in project
126
The collected data was analyzed based on actual implementation in Egypt. This
involved the following: (1) An overview of the critical success factors in order
to achieve a BOT project; (2) an analysis of results obtained from
questionnaires seeking to determine the possibility of occurrence of the different
risk factors in the Egyptian environment, and their ranking; (3) a comparison
between the questionnaire results and the actual risks from requests for the
proposal of locally advertised projects; and (4) a determination of the missed
critical success factors in the Egyptian environment. The main conclusion of
this study is that three critical success factors are essential for the success of
BOT projects in Egypt: (1) Picking the right project; (2) competitive financial
proposal; and (3) special features of bid.
The analysis of seven RFPs of locally advertises BOT projects revealed the
common risk factors that are shared in these projects. Figure (29) presents a
comparison between the results obtained by questionnaire and those obtained by
analysis of locally advertised BOT projects.
Political Risks in BOT Projects

Wang et al. (1999 and 2000) presented the result of their investigation about the
risk management of BOT projects in developing countries. The objectives of the
study were to (1) identify the unique or critical political and force majeure risks
associated with China’s BOT projects, and (2) evaluate the effectiveness of
mitigation measures that are available to manage these risks. The categories
targeted in the study were; Chinese parties’ reliability and creditworthiness,
change in law, force majeure, delay in approval, expropriation, and corruption,
as shown in the following table.
127
Unique/Critical Political and Force Majeure Risks and Mitigating Measures
Risk Measure 1 Measure 2 Measure 3 Measure 4
(1) (2) (3) (4) (5)
Change in law Obtain government's Insurance for Maintain good -
guarantees (e.g., political risk relationship with
adjust tariff or extend government authori-
concession period) ties, especially
officers at state or
provincial level
Corruption Maintain good Establish JV with Enter into contract to -
relationship with local partners, prevent corruption
government especially central
authorities, especially government agency
officers at state or or state owned
provincial level enterprise
Delay in approval Establish JV with Obtain government's Maintain good Ask
local partners, guarantees to adjust relationship with government
especially central tariff or extend governments to establish
government agencies concession approvals one-stop
or state-owned agency for all
enterprises
Expropriation Establish JV with Relay on a Obtain support of -
local partners, combination of sponsor's government
especially central international (e.g., export credit)
government agency consortium and
or state-owned insurance policies
enterprise (political insurance)
Reliability and Gain accurate Maintain good Appoint independent -
creditworthiness of information (e.g., relationship with accountant to audit
Chinese entities financial, etc.) about government officers the Chinese entities
Chinese entities and at state or provincial
choose most capable level
ones
Force majeure Obtain government's Insure all insurable Obtain government's -
guarantees to adjust force majeure risks guarantee to provide
tariff or extend financial help if
concession period needed
Based on the previous table, a questionnaire for international survey was

designed. There were three parts: (1) criticality of risk, (2) effectiveness of the
proposed mitigating measures, and (3) adequacy of related in contracts. The
following table presents the findings of the criticality of political and force
majeure risks. The “criticality index” was calculated for each risk using the
following formula:
Critical index = (5n 1 + 4 n 2 + 3 n 3 + 2 n 4 + n 5 ) / 5 (n 1 + n 2 + n 3 + n 4 + n 5 )
R R R R R R R R R R R R R R R R R R R R
where n 1 = number of respondents who answered “extremely critical”,

R R
n 2 = number of respondents who answered “very critical”,

R R
n 3 = number of respondents who answered “critical”,

R R
n 4 = number of respondents who answered “fairly critical”, and

R R
n 5 = number of respondents who answered “not critical”.

R RR R
128
Criticality of Political and Force Majeure Risks
Survey respondents (%)
Risks of BOT projects in Extremely Very Critical Fairly Not Not Criticalit Mean Ranking
China critical critical critical critical applicable y index score
(1) (2) (3) (4) (5) (6) (7) (8) (9) (10)
Chinese entities reliability 52 33 15 0 0 0 0.87 4.36 1
Change in law 52 36 6 6 0 0 0.87 4.33 2
Force majeure 34 34 22 9 0 0 0.79 3.94 3
Delay in approval 24 30 36 9 0 0 0.74 3.70 4
Expropriation 44 13 19 13 13 0 0.73 3.62 5
Corruption 9 18 38 18 9 9 0.55 2.74 6
Risk Reduction in BOT Projects

Yeo and Tiong (2000) proposed a risk reduction framework based on relevancy
ideas of systematic thinking, especially the soft systems methodology (SSM)
(Figure 30). Case examples of successful and non-successful BOT projects are
selectively used to illustrate elements of framework. The proposed risk
reduction framework was addressed under the following three aspects:
1. Positive management of differences to achieve convergence for results.
2. proactive control of variation in critical variables.
3. strong entrepreneurial leadership and consortium.
The first is the dominant theme and the second on control of variation is a
subset of the first. Though the former is more qualitative in nature while the
latter quantitative. The ideas are systemic because they are built on the concepts
of both soft systematic thinking and the ‘harder’ systems analysis and systems
engineering. The third idea of a strong entrepreneurship and consortium as
‘human actors’ could be a decisive factor in overall risk management and
reduction. The perception and resolution of risk are relative to the problem
solving capability of the human actors.
To provide a useful basis for taking a rounded view of the business process and
effective stakeholder management, the systemic approach suggests a set of six
elements (CATWOE) represented by customer (C), actor (A), transformation
(T) process, worldviews (W), owner (O), and environment (E), respectively.
The intention is to find a way to minimize the danger of irreconcilable
differences I perception among the stakeholders, and to enhance chances for
success.
129
Figure 42: Soft systematic negotiation model for BOT concession projects
130
Exchange Rate Risk Management
Foreign exchange exposure refers to the risk that future changes in a country's
exchange rate will hurt a firm. Foreign exchange exposure can be divided into
three categories: transaction exposure, translation exposure, and economic
exposure. Kapila & Henderichson (2001) categorized the types of forex risk
exposure as follows:
Transaction exposure is typically defined as the extent to which the income
from individual transactions is affected by fluctuations in foreign exchange
values. Such exposure includes obligations for the purchase or sale of goods and
services at previously agreed prices and the borrowing or lending of funds in
foreign currencies.
Translation exposure is the impact of currency exchange rate changes on the
reported consolidated results and balance sheet of a company. Translation
exposure is basically concerned with the present measurement of past events.
The resulting accounting gains or losses are said to be unrealized. They are
"paper" gains and losses, but they are still important. Translation exposure can
have a very negative impact on a firm.
Economic exposure is the extent to which a firm's future international earning
power is affected by changes in exchange rates. Economic exposure is
concerned with the long-run effect of changes in exchange rates on future
prices, contracts, and costs. This is distinct from transaction exposure, which is
concerned with the effect of exchange rate changes on individual transactions,
most of which are short-term affairs.
Tactics and Strategies for Reducing Foreign Exchange Risk

A number of strategies and tactics can help international contractors reduce
their foreign exchange exposure. The tactics are best suited to alleviating
transaction exposure and translation exposure.
Reducing Transaction and Translation Exposure

Future currency exchange contracts (called "buying forward") and netting
currency transactions (aggregation of costs and incomes for the same currency)
are important sources of insurance against the short-term effects of foreign
exchange exposure.
Buying forward involves a currency contract for future sale or purchase of a
foreign currency at a predefined exchange rate rather than the market rate at the
time of the transaction. Terms of these forward contracts are set by the forward
market itself and will vary with expectations of currency movements and the
131
demand and supply of the currency transaction requests. The forward contracts
may be firm commitments for transactions or may be options in which the
purchaser can decide at the time of maturation whether or not to exercise the
future contract. Future options have the advantage that favorable foreign
exchange movements might result in extra profits, but the options will normally
have a corresponding charge.
Firms can also reduce their foreign exchange exposure through managing the
timing of payables and receivables. A firm might collect and pay early or late
depending on expected exchange rate movements. This timing involves
accelerating payments from weak-currency to strong-currency countries and
delaying inflows from strong-currency to weak-currency countries.
Reducing Economic Exposure

Reducing economic exposure requires strategic choice that goes beyond the
realm of financial management. The key to reducing economic exposure is to
distribute the firm's productive assets to various locations so the firm's long-
term financial well-being is not severely affected by adverse changes in
exchange rates.
Developing Policies for Managing Foreign Exchange Exposure

The international contractor needs to develop a mechanism for ensuring it
maintains an appropriate mix of tactics and strategies for minimizing its foreign
exchange exposure. Although there is no universal agreement as to the
components of this mechanism, a number of common themes stand out.
First, central control of exposure can help protect resources and ensure that each
subunit adopts the correct mix of tactics and strategies. Central depositary
allows having larger amounts in liquid accounts, have access to information
about good short-term investment opportunities, and reduce the total size of the
cash pool it must hold in highly liquid accounts (Hillson-2002).
Second, firms should distinguish between, on one hand, transaction and
translation exposure and, on the other, economic exposure. Many companies
seem to focus on reducing their transaction and translation exposures and pay
scant attention to economic exposure, which may have more profound long-
term implications.
Third, the difficulty to forecast future exchange rate movements cannot be
overstated. The best that can be said is that in the short run, forward exchange
rates provide reasonable predictions of exchange rate movements, and in the
long run, fundamental economic factors-particularly relative inflation rates-
should be watched, because they influence exchange rate movements.
132
Fourth, construction firms need to establish good reporting systems so that the
central finance management can regularly monitor the firm's exposure positions.
Finally, on the basis of the information it receives from exchange rate forecasts
and its own regular reporting systems, the firm should produce regular foreign
exchange exposure reports. The reports can then be used by management as a
basic for adopting tactics and strategies to hedge against undue foreign
exchange risks.
133
RISK MONITORING
Under the heading 'risk management' in the meeting agenda, several items will
be considered;
1. For each risk on the risk watch list, the progress and effectiveness of risk
treatment actions will be reviewed, and adjustments to Risk Action
Plans will be made as needed.
2. Extreme, High and Medium risks for which effective risk treatment
has been completed should be reassessed and reclassified, and
removed from the risk watch list if appropriate.
3. Medium or Low risks that have changed in status and become important
enough to be reclassified as Extreme or High will be included in the risk
watch list, and responsibilities and timing for preparing detailed Risk
Action Plans will be allocated.
4. Any new identified risks will be considered, and Extreme and High
ones will be included in the risk watch list. For each new risk included in
this way, the responsibility and timing for preparing a detailed Risk
Action Plan will be allocated. Risk Action Plan summaries for all new
Extreme and High risks will be included in the risk register and the project
Risk Management Plan.
5. Trends and general issues in program risks and risk management will be
considered, and any necessary changes to risk management strategies will
be made.
134
RISK CONTROL
Risk assessment
Periodic, scheduled reviews of identified risks, risk responses, and risk priorities
should occur during the project. The idea here is to monitor risks and their
status and determine whether their consequences still have the same impact on
the project objectives as when they were originally planned. Every status
meeting should have a time set aside to discuss and review risks and response
plans.
Risk identification and monitoring is an ongoing process throughout the life of
the project. Risks can change, and previously identified risks might have greater
impacts than originally thought as more facts are discovered. Reassessment of
risks should be a regular activity performed by everyone involved on the
project.
Risk audits
Risk audits are carried out during the entire life of the project by risk auditors.
Risk auditors are not typically project team members and are expertly trained in
audit techniques and risk assessment. These audits are specifically interested in
looking at the implementation and the effective use of risk strategies.
Technical performance measurement

This technique compares the technical accomplishments of project milestones
completed during the Executing processes to the technical milestones defined in
the project Planning processes. Variances might indicate that a project risk is
threatening, and you’ll want to analyze and prepare a response to it if
appropriate.
Status meetings
The purpose of status meetings is to provide updated information regarding the
progress of the project. They are not show-and-tell meetings.
Risk reviews
The nature of risks changes as projects and implementation timeframes change.
Regular reviews of risks and risk treatment will be undertaken as part of the
normal project management process to revise the lists of Extreme and
High risks, to generate new Risk Action Plans and to revise the risk
register.
135
The most appropriate way of doing this is likely to be in conjunction with the
project's monthly project cost and schedule control system (CSCS) or equivalent
reporting, quarterly system audits or equivalent formal review cycle.
Incorporating semi-quantitative assessments in the form of risk surveys in the
CSCS 'Estimate to complete procedure’ is a practicable way of doing this. The
estimate to complete procedure requires managers to think about aspects of
the project related to risks and uncertainty, specifically analyses of the work
and resource usage to completion, based on historical performance. The
risk analysis extends this thinking to more explicit considerations of what
problems might occur in the future, and ways of dealing with them.
It should be noted, however, that risk surveys will rarely be needed monthly. A
six-monthly reporting cycle may be sufficient for small projects; for large
projects quarterly reports may be adequate, or surveys may be conducted on an
'as needed' basis.
Typical milestone review stages
Review Phase Project Phase
1 Scheme definition, pre-project study
2 Design proposal, plant specification
3 Detailed design
4 Construction and pre-commissioning
5 Commissioning
6 Post-commissioning
Additional formal and more complete risk identification and assessment reviews
may be needed. In general, such reviews should be undertaken at key
milestones, including:
• key planning and design review activities, where there may be
significant changes proposed in the project strategy, scope or processes;
• at major transition points, such as the start of tendering, contract
negotiation, implementation, acceptance testing and commissioning
activities, where there are significant changes in the structure and focus of
the project and its associated risks;
• as part of formal project review processes;
• where there is a major change in external circumstances, including any
major change in policy, organization or priorities that might impact on the
project.
136
Communication and reporting
There are many reasons for communicating and reporting the outcomes of a risk
management study.
• Communication within the project team. Maintaining the consistency and
'reasonableness' of a large risk assessment in a complex project, possibly
incorporating the judgments from a diverse team of experts, requires
special care. Recording the assumptions that underlie each judgment and
decision is important for checking purposes when the results of a risk
analysis do not seem right.
• Communication with an owner or client. It is important that the end-users
understand the risks and trade-offs that must be made in a large project,
as they are usually the ones who must pay for risk.
• Communication with the providers of finance and insurance support.
Funding bodies, whether they are banks, bond holders, equity providers
(shareholders), credit guarantors, the finance divisions of the
procuring organisations, government funding agencies, or private-
sector participants in a public-sector project, all require information
about the risks and their allocation and management.
• Accountability and auditability. Project managers must be accountable
for their decisions. It is important that the risk assessment process is
documented in such a way that it can be reviewed, to enable the structure
and assumptions to be examined and the reasons for particular judgments
and decisions to be identified.
• Information source for future projects. The collection of detailed
information about all aspects of a project, in a structured fashion that
facilitates retrieval, generates a very valuable organizational asset.
• Record for post-implementation project evaluation. All organizations
should review their large projects after completion, to ensure their
objectives have been met and their procedures have been adequate, and to
extract the key lessons for improving performance in future projects.
Communication and reporting also makes an important contribution to planning

processes.
• Risk management planning for the key stakeholders. The project Risk
Management Plan described in the next chapter provides a high-level
focus on risk across the entire project.
• Tactical risk action planning. The Risk Action Plans described in the
previous chapter provide the basis for tactical action and implementation.
137
• Justification for spending money now or taking a particular course of
action. Where significant risk management activity must be taken early in
the life of a project, usually directed to risk prevention measures,
different funding levels and spending profiles may result.
• Communication between the project team and the contractors or
suppliers. The project Risk Management Plan and Risk Action Plans
should identify the problems and the solutions and convey a detailed
understanding of what must be done and why.
• Control of risk and risk management activities. Formal project risk
management reports specify the criteria for success, the targets and
measures used to assess performance, detailed accountabilities for
managing risk and the allocation of budgets and resources. They provide
the strategic and tactical focus for successful project risk management.
138
Risk Management of International Projects
Aleshin (2001) investigated the risk management processes of international
projects in Russia. He stated that Russian and foreign publications on project
management and business activity pay great deal of attention to the external
project risks. These risks include political instability, changeability of tax and
customs systems, and significant change in level of currency. The risks are
initiated at macro-level and, as a rule, are traditional for countries with a
transient economy. At their onset, these risks can produce a strong negative
effect on the project. In some studies there are certain recommendations on the
ways of escaping external risks.
Figure 43: Interaction between risk breakdown structure and work breakdown structure
For example, American specialists believe that to avoid negative consequences

caused by changeability of legislations base, one may include in the contract the
so-called "grandfather's clause". In this part of the contract, the authorities
should guarantee that all changes taking place in legislation after the signing of
139
the contract do not reflect in the project. However project participants have
limited control on external risk management. At the same time, the project
analysis and meetings with practical specialists showed that a significant
number of risks are initiated by the participants within the project. By contrast,
internal risks are more manageable than external ones.
Based on the above-mentioned approach, Aleshin (2001) developed a support

system for risk mitigation in international projects in Russian conditions as
illustrated in Figures (1) and (2). The interrelationship between the risk
breakdown structure and the work breakdown structure could be established
based on the risk identification of the potential risk events (Figure 1). Also, the
interrelationship between the risk breakdown structure and the life cycle of the
project could be established in a way similar to the latter one (Figure 2). The
time building and revealing of the risk event in the project was defined for each
event.
Figure 44: Interaction between risk breakdown structure and project life cycle
140
The proposed risk management support system is based on a firm risk
management database. Such a database allows using knowledge about risks
efficiency and could be used at different stages of business and project activity
as illustrated in Figure (3).
Figure 45: The general area of risk management database application
141
OCCUPATIONAL HEALTH, SAFETY AND ENVIRONMENT (HSE)
Responsibility for the safety of employees and contractors usually rests with the
person in control of the workplace. This means that outsourcing does not relieve
the organization of its legal obligations to identify, assess, control and monitor
HSE risks associated with the work to be outsourced, unless the work is carried
out on the contractor's site. HSE risks (in terms of accountability) can rarely be
transferred by contract.
There may also be implications for the health and safety of the
organization's own employees from the way in which outsourced work is
performed: for example, poor quality cleaning or poor quality equipment
maintenance may lead to injury or illness. The HSE performance of tenderers
should be a criterion considered when awarding a contract.
A further HSE risk relates to employees' lack of familiarity with safety
procedures that have now become the prime responsibility of a contractor. For
example, critical safety procedures may change to comply with a contractor's
normal practice; this may mean that internal staff need to be familiar with,
and comply with, several different procedures depending on the contractor.
This is a particular issue where the organization has a competition policy of not
awarding multiple contracts to a single supplier.
142
HAZARD AND OPERABILITY STUDY (HAZOP)
A Hazop study is a common identification technique used to examine proposed
systems, equipment and procedures systematically and in detail. Its objective is
to identify potential hazards to people, the environment, the plant or operations
and the proposed methods for their control. It particularly examines the
effects of deviations from the design intent by asking a series of
questions based on prompts or guide words: for example, 'High pressure,
how might it arise? If it did arise, what would be the potential consequences?'
A Hazop study is usually conducted when the design for a proposed
system, plant or production unit is at or nearing completion. Piping and
instrument diagrams (P&IDs), sometimes termed process and instrument
diagrams, are usually available, the control strategy including start-up and
shutdown has been defined and the basic operating procedures have been
specified.
Like the general risk management process described in earlier chapters, a Hazop
begins by defining a set of key elements. Usually these are the main process
lines or flow lines through sections of the plant, identified from the P&IDs,
and the analysis begins as soon in the design process as they are available. Key
elements could also be identified from process flow sheets if the Hazop is being
conducted at an early design stage, as in a concept hazard analysis or
preliminary hazard analysis.
Preferably the study is facilitated by an experienced independent person
and includes appropriate management, design, operations and maintenance
personnel with a direct involvement in the project. The process works
systematically through the design, examining each item on each flow line in
detail. For each item, the facilitator asks a series of questions based on guide
words. These are designed to stimulate the analysis team to think about how
situations described by the key word might arise - possible causes or sources of
risk. The flow line is examined for all possible deviations relating to each
guide word.
For each potential deviation, the team identifies the cause of the deviation and
its consequences for the plant as a whole. Assessments of the probability and
severity of each potential deviation may be used to set priorities for
management action.
The elements are usually the specific flow lines, process flows, process steps or
equipment items on the P&IDs. The process should be systematic
And complete, addressing all the elements and all the guidewords.
143
Technique Information required Approach Deliverable
Preliminary design Structured facility- List of hazards

What-if analysis
information such as specific list of inherent in the
basic process flows and what-if? questions proposed process
conditions and a list of applied and materials
the main hazardous systematically
materials across the facility
Preliminary design Use generic List of hazards,
Checklists
information checklists but may miss
systematically hazards specific
across the facility to the particular
application. More
powerful when
used in
combination with
a “What if
analysis”
Detailed design Detailed List of detailed
Hazop study
information including systematic review hazards, their
(IEC 61882)
P&IDs or equivalent, of each process consequences
control and safety step, process line and proposed
system strategy or equipment rectification
item, explicitly actions
examining
deviations from
the design intent
Detailed design Detailed List of detailed
Chazop study
information including systematic review hazards
P&IDs or equivalent, of each control associated with
control and safety the control
function, explicitly
system logic and examining system and
sequences deviations from proposed
the design intent rectification
actions
Preliminary design Systematic review List of hazards
Preliminary
information including of each major and proposed
Hazop study
process flow diagrams process step, rectification
and most P&IDs (but process line or actions
still in draft), combined equipment item,
with vendors' typical explicitly
drawings examining
deviations from
the design intent
SIL Basic design Often performed List of ranked
determination information including as an add-on to a hazards and the
study (IEC P&IDs or equivalent Hazop study, level of
61508) and control strategy rating the risk protection
associated with required to
144
Project: Kiln Project Section: Coal handling Date: 12 December
Drawing: 123-1Rev A, 456 Rev C Revision: Draft
each potential reduce each

hazard without hazard to
any proposed tolerable levels
protection system
FMEA Basic design Systematically Detailed list of the

information including examines each hazards caused
P&IDs or equivalent, item and from internal
controls and safety determines how failures; may miss
system strategy; if that item may fail issues associated
being applied to a and the with human
single problem area, a consequences of systems and
detailedSystematically a failure external events,
examines each item but can be
and determines how applied with care
that item may fail and to activities
the consequences of a
failure breakdown of
the components
FMECA As for the FMEA, plus The hazards Detailed ranked

an agreed set of identified by the list of the
criticality (risk) rating FMEA process hazards arising
scales are rated from internal
according to their failures
criticality (risk)
145
Comments
Node Guideword Causes Consequences Safeguards Action Manager
and Status
Raw coal Position Ignition from Coal dust and Design means of
unloading truck or front- explosion controlling where
end loader dumping occurs.
engine Western door must be
closed at all times when
coal is being delivered
Raw coal Movement Coal left in Undisturbed coal Consider means of

unloading corners for long can self-ignite keeping corners free of
periods coal for longer periods.
Ensure no loader
movement when there
is a dusty enviromental
Raw coal High Coal delivered Undetected coal Consider

unloading Temperature hot and fire thermocouples in the
smoldering concrete to detect high
temperature and/or a
manual survey
Raw coal Low Moisture Big lumps going Front-end Screen on top of raw
unloading Temperature content in coal into the plants loader will coal hopper.
freezes break up
some lumps
Raw coal Maintenance No personnel Person unable to Consider operational .

unloading doors in the egress from coal philosophy of
roller doors and storage if doors restricting access to the
controls are closed coal store
outside
overload
Raw coal Load Spillage Design some control to

hopper indicate when not to
dump into the hopper.
Raw coal Contamination Rags, concrete, Contamination of Regular Screen on top of

hopper etc. In coal feed into the plant visual hopper.
inspections of
the hopper
146
Design requirements
Define risk
Define causes
Define consequences
Yes No
Response Significant hazard Accepted
Figure 46: HAZOP model
147
FAULT TREES
Fault tree analysis is an important specialist technique for risk assessment, with
significant extensions into quantitative aspects of risk analysis. It is a process,
derived from systems engineering, for identifying and representing the logical
combinations of causes, system states and risks that could lead to or contribute
to a specified failure event, often termed the top event. Fault tree analysis
provides a structure for estimating the likelihood of the top event by tracing
back the causes until it has identified simple events or component states for
which the likelihood can be estimated. The analysis is continued until a set
of base events is reached, sufficient to understand the nature of the failure
processes and how they may be managed. Typically the top event is a system
failure or undesired outcome, and the process attempts to identify the possible
causes that might lead to the undesired outcome and its frequency.
Fault trees are constructed using two types of logical connection, 'AND' gates
and 'OR' gates. Figure 17.4 shows a simple example of how a failure in a
pressure vessel might arise and be represented as a fault tree. An AND gate is
used when a fault tree component and another component must both be in
the required state for the event to propagate; for example, the pressure
vessel would only fail if there were both an over-pressure and the relief
valve did not open. An OR gate is used if the failure event is propagated if
either one component or another component is in a particular state; for example,
the relief valve might fail to open if there were a failure of the safety valve itself
in a closed position or if the isolation valve were closed manually by an
operator.
Pressure
vessel failure
AND
Pressure Relief valve

exceeds limits fails to open
AND OR
Control valve Pump fails Safety valve Isolation valve

fails close to trip fails close closed by operator
Figure 47: Fault tree model
148
Limiting factor cutter dredge
production
Hydraulic reclamation
Construction Circumstances Personnel
Cutter
Pumping Crew Staff
production
Cutter
Side winch Suction Delivery Planning
power
Max. swing
Power
speed
Figure 48: Dredging case study
BENEFITS OF ENVIRONMENTAL RISK MANAGEMENT

Project plans and appraisals should consider environmental risks, their
impacts and their treatment. There are many reasons why organizations
undertake environmental risk management as part of their project management
activities.
• There is a regulatory requirement for it. In many jurisdictions, regulators
require formal environmental impact studies and reports, to ensure
environmental risks have been identified and adequate treatment
measures to mitigate them have been included in project plans. Often
the mitigation measures become a condition for project approval and
licensing. Mitigation activities are likely to extend over all phases of a
project and the whole life of the asset created by a project, from design
and construction through operations and on to close-down and site
rehabilitation.
• There is an ethical requirement for it. Many companies have codes of ethics
and environmental conduct that require appropriate priority to be given
to minimizing environmental damage and harm. This is part of the ‘good
citizen’ role of companies. Environmental performance may also be included
in the organization's triple-bottom-line and balanced scorecard reporting and
monitoring systems.
149
• There is an economic reason for it. Identifying environmental risks and
mitigating them early in the life of a project is usually far easier and cheaper
than having to rectify problems and clean up a harmful environmental
release. As well as direct financial benefits, avoiding environmental
problems reduces the amount of management time and distraction
involved in dealing with them, reduces disruption to operations and, in
the extreme case, avoids regulatory penalties and costly litigation.
• There are social and community reasons for it. Most projects have many
stakeholders with an interest in the project's outcomes and its wider
effects. Sound environmental risk management promotes better
communication with stakeholders, better community understanding of
environmental costs and benefits and greater transparency of process. In
some jurisdictions, explicit community consultation is a formal requirement,
and in many projects it would be strongly recommended anyway
without the regulatory imperative.
Overall, good environmental risk management makes good business sense.
Systematic consideration of environmental risks as a component of
business risk assessment helps identify key uncertainties and areas where lack
of knowledge may be critically important to estimates of potential business
performance. In extreme cases, environmental risks may be a reason for not
proceeding with a project as conceived or at all.
Risk assessment may also be used to set remedial action priorities, where past
activities may not have met current environmental guidelines.
Environmental Risk Management

Risk may arise from an event, an action or a lack of action. Risk to the
environment can be in the form of stresses caused by human activity, or
inactivity. This risk might manifest itself as a threat, which can lead to
degradation of the environment or loss of sustainability
Conversely, risk can also lead to the enhancement of the environment when a
risk management process is used to identify opportunities and they are
pursued.
When reviewing environmental risks and the actions that may be taken to
manage them, the threats and opportunities that an activity, service or product
may present should be considered. Opportunities and threats are both important
parts of risk management, as assessing the opportunities on offer may influence
the prioritization and subsequent treatment strategies.
150
Environmental Management Systems
The basis and much of the information for the context stage may often
be found in the environmental management system (EMS) that many
organizations maintain, consistent with the ISO 14000 series of environmental
standards.
Risk management is an integral part of such an EMS. ISO 14000 requires
organizations to maintain an 'aspects and impacts register', which is equivalent
to a risk register, and to maintain formal environmental risk management
practices. Whether the EMS drives risk management or risk management drives
the EMS may not matter much - the important thing is that the processes work
together to generate better environmental and project outcomes.
151
Elements Concepts that should be included
Principles Possible environmental incidents must be anticipated, and managed.
Proactive and diligent risk management is essential.
Risk management forms a key part of responsible environmental policy.
It is also good business practice.
Objectives Identify and characterize environmental risks.

Determine priorities for the introduction of effective risk management
actions.
Responsibilities Managers responsible for operations that may present a potential risk to
the environment should review their operations to determine whether or
not they represent a significant risk, and take appropriate risk management
action to reduce both the organization's and their own exposure.
Criteria and Consequences

It is common to think about environmental risks in terms of events with
potential environmental consequences, and to restrict the assessment purely to
consequences for flora, fauna and the natural environment. However, this is
often too narrow a perspective, and business impacts may be as important as
environmental consequences in many cases. An appropriate range of
consequence criteria should be included in all risk assessments, including
environmental risk assessments.
For example, the following table shows a holistic set of environmental
consequence criteria adopted by the Australian Department of Defense as part
of its defense EMS risk management framework. In this case, environmental
and related community and heritage criteria alone would be insufficient to
reflect the range of cones- quinces of interest to defense managers and
environmental managers. Similar concerns arise in more obviously
commercial businesses.
152
Example of environmental consequence criteria
Criterion Notes
Capability and Impact on the ability of the Australian Defense Force (ADF) to protect
mission Australia and fulfill its national security obligations. Impact on the ADF's
ability to train and equip for war and for the conduct of peacetime
operations. Impact on the ability of defense to develop its capability as
detailed in the Defense White Paper.
Environment Impact on the environment, including contamination, damage to flora and

fauna, fire, noise, soil damage and erosion, greenhouse gas emission.
Environmental management in the strategic context of defense business.
Community Impact on our ability to create a sustainable environment for the future,
and including depletion of resources, excessive energy use, long-term damage
sustainability to the environment.
Safety (staff Impact on the physical well-being of military and defense employees,
and public) communities in defense regions and the public in general.
Compliance Impact on defense’s reputation as a world leader in managing the

and reputation environment, political and media attention to environmental matters,
community concerns or actions over defense environmental management.
Compliance with environment and other regulatory requirements and the
impact of failing to comply.
Short-term cost of prevention vs. long-term cost of recovery.
Financial Monetary impact on defense, the Government and other stakeholders.
153
Elements based on issues and environmental aspects
Environmental Issues Environmental Aspect
Sustainable management Land use

of ecosystems Interaction with marine environment
Interaction with aquatic environment
Flora and fauna interaction
Natural resource Energy use

consumption Water use
Waste generation
Pollution prevention Soil and water contamination

Waste treatment and disposal
Air emissions
Noise vibration and electromagnetic radiation generation
Climate change and Use of ozone depleting substances

ozone depletion Greenhouse gas emissions
Stewardship Procurement and acquisition

infrastructure development and support
Stakeholder management
Business practices
Heritage management
Elements based on general functions
Function Function continued

Ablutions and sewage treatment Landfilling
Accommodation Office administration and miscellaneous
Dangerous goods Special functions
Dining areas and kitchens Vehicle servicing
Engineering and building Vehicle washing
Grounds maintenance Warehousing
Hospital and first aid
154
Identification of Environmental Risk
Risk identification for environmental risk assessment is often based on general
structures relevant to the way in which hazards may arise and affect
things in the surrounding environment. For example, it is often useful to
consider that a risk exists if there is:
• a hazard or potential source of harm;
• one or more targets susceptible to the hazard; and
• one or more pathways for the source to affect the target.
Sources may be identified by site reviews, process reviews, hazard inventories
and incident monitoring, some of the tasks that may be mandated by regulators
as part of environmental impact assessment processes.
• Site reviews should consider structures (buildings, surfaces, drainage
systems), storage facilities for hazardous substances, including wastes,
and process equipment.
• Process reviews should consider potential hazards associated with
processes, process streams, materials and by-products, and transport and
storage systems.
• Hazard inventories should list all potentially hazardous materials on or
near the site.
• Incident monitoring should record and analyze previous incidents of
non-routine releases of hazardous materials into the environment, or near-
misses where a release was possible but avoided.
Chemical hazards are often classified according to their potential effects. It is
often useful to distinguish between acute hazards (those where the event
itself poses the primary risk directly) and chronic hazards (where there are
long-term effects or long-term accumulations in the environment). Particular
characteristics of note may include:
• acute Eco toxicity - immediate impacts, e.g. death;
• chronic Eco toxicity - long-term damage, e.g. ability to reproduce;
• mutagenicity and teratogenicity - the potential effects on offspring due to
mutations or congenital malformations;
• persistence - the length of time a release will remain hazardous before
decaying;
• bioaccumulation and bio concentration - the potential for material to
accumulate and concentrate within components of the ecosystem.
155
Physical hazards are usually associated with the industrial operations presenting
potential for harm to the environment. These may include fire, explosion, noise,
flooding or dust.
To identify receptors, survey the environmental setting and neighborhood to
identify targets that may be at risk. Where appropriate, discuss the initial list
with regulatory authorities and other groups with interests in potential
receptor categories. Examples of receptors include:
• population areas;
• farm land and fisheries;
• water resources, including ground water and surface water;
• park land and recreational areas;
• specific ecosystems, particular species and the wider natural
environment;
• rivers and lakes;
• geological features and features of scientific interest;
• historic buildings and ancient monuments; and
• sites of cultural or religious importance to indigenous groups.
Potential sources of risk should be considered systematically against each

potential transport pathway to determine which are relevant to each identified
hazard.
Sources, pathways and receptors are sometimes described in terms of the risk
scenarios that may result in hazardous incidents. Tools for developing and
classifying risk scenarios include:
• failure mode and effect analysis (FMEA);
• event trees; and
• project hazard studies.
156
Risk Treatment Strategies
The same kinds of risk treatment options are available for environmental risks
as for other project risks: avoidance, reduction of consequences and likelihoods,
transfer and acceptance. For environmental risks, examples of physical
treatments include:
• design and engineering solutions;
• bunds, cut-off drains;
• reduced hazardous inventory; and
• removal of vulnerable targets from potential impact areas. Examples of
procedural treatments include:
• preventive maintenance;
• monitoring, sampling and alarms;
• risk-based inspections;
• emergency plans;
• formal operating procedures; and
• incident and near-miss reporting.
Approaches to Environmental Risk Management

While the approaches to environmental risk management often have many
similarities, the terminologies and underlying philosophies may vary. For
example, the following table shows the terms used in the US Environmental
Protection Agency Guidelines, showing the similarity in the basic steps. The
approach to regulatory decision making in some jurisdictions seems to envisage
a clear separation of responsibilities between the risk identification and analysis
activities - viewed as a more-or-less scientific and value-free pursuit - from the
risk treatment or risk management activities involved in making decisions,
where a broader range of political criteria and values are not only appropriate
but necessary for policy setting.
157
Comparison of the base process with the US EPA Guidelines
Reference process US EPA Guidelines

Establish the context Planning
Problem formulation
Identify the risks Analysis
Analyze the risks Analysis
Evaluate the risks Risk characterization
Treat the risks Risk management decisions
Monitor and review Iteration and monitoring
158
Appendix A: Risk Aspects
Risk aspects of power projects (Lam-1999)
Project Risk mitigation measures Residual risks Risk consequences
name /
location
• Akkuyu • Electric authority undertook to • Absence of sovereign • Export credit agencies unwilling
Power purchase power from the guarantee on: to provide guarantee for
Plant, concessionaire at fixed price • Repayment of external debt, proposed investments or export
Turkey • Purchase of minimum amount credits,
of electricity, • Sponsors and lenders unwilling
• Exchange rate, to proceed
• Convertibility of revenues into
hard currencies
• Dabhol • Central government counter- • Fuel (liquidified natural gas) • 1st phase changed to use local
Power guarantees that State Electricity has to be imported with naphtha as f fuel
Plant, Board pays for electricity bureaucratic procedures for • Legal challenge by trade union
India supplied, clearances and approvals, body (cleared),
• State Electricity Board commits • Many locals are not used to • Successive State governments
to take 900/o of power even in paying for power supply reviewed contract, nearly
non-peak hours, making it politically awkward scrapping it,
• Free repatriation of dividends and to enforce collection, • Work interrupted for over 1 year
interest on foreign equity and • Lack of competitive tendering before being revived in Dec., 96
loans, aroused skepticism of after a compromised reduction of
• Protection from forex accountability capital cost and tariff
fluctuations, • Environmentalists' objection • State government obtained right
• Guaranteed return on equity for a • Allegedly high capital cost and to take a 30% stake in the project
specified minimum availability tariffs
• Tax holidays
• Pagbilao • Multilateral agencies (IFC, CDC • Environmentalists' objection • Legal battle challenging the
Power and ADB) invested equities and • Land acquisition and proper issuance of the
Plant, provided loans, compensation problem Environmental Compliance
The • Electricity authority undertook to • Delay in construction of Certificate,
Philippi supply coal at no cost to transmission system. • Injunction sought by local groups
nes concessionaire, against the project agreement on
• Differences in the
• Electricity authority undertook to interpretation of concession ground of public interest, public
construct transmission facilities contract safety and health,
• Bonus for early completion, • 160/o of project cost spent on
• Capacity and energy fees payable pollution control,
in USS and pesos • Delay start-up
• Expansion plan at odds for fear
of rekindling opposition from
local residents
• Karachi The government had issued guidelines • Government insisted on the • Alternative inland site locations
Power for 3 other projects as follows: use of local coal, which offered by government, but these
Plant, • Guaranteed return on equity, investors feel uncertain as to require substantial investment in
Pakistan • Guarantee against currency quality and quantity. building connecting roads,
depreciation. • Slow progress of geological • Impasse affected progress of
• Guarantee payment by power survey offered little help to negotiation
purchasers verify local coal reserve,
• Promoter chose site near coast
for import of coal. But
government objected
159
Risk aspects of expressway projects project name/location (Lam-1999)
Project name Risk mitigation measures Residual risks Risk consequences
/location
• North-South Highway, • Government guarantees to reimburse • Difficult terrains: the highway construction ran through • Cost overruns entailed additional loan and equity
Malaysia concessionaire for traffic volume shortfall, abandoned tin mines with unknown conditions, jungles, financing,
foreign exchange and interest rate losses, mountain and swamps, • Completion 15 months ahead of schedule brings
• Obligatory contribution to equity by the 48 • Design changes to overcome unexpected technical additional toll revenue (upside result)
participating sub-contractors, effectively difficulties,
providing completion incentives • Inflation on cost due to construction boom in Malaysia,
• Opening date brought forward by 1 year to ease pressing
congestion,
• Allegation of political patronage
• Second-Stage • Government willing to share revenue from Disputes broke out on the following issues: • Banks suspended loan in 1993 halting project,
Expressway, Thailand existing toll road system, • revenue sharing scheme, • Completed stretch of 20 km closed for 5 months due
• A decree was issued to facilitate acquisition • whether concessionaire could collect tolls and manage traffic, to row,
of land, • which party was to pay VAT, • Government obtained court order to force open
• Corporate income tax relief, • which party had right to develop land under elevated sections completed stretch,
• Tax exemptions on dividends, of the expressway, • Concessionaire claimed that US$80 million was
• Upon adversities in interest rates, economic • reduction of contracted toll by one-third owed from the defunct revenue sharing agreement,
conditions, relocation of utilities, • Major share-holder, Kumagai Gumi, pulled out by
government interferences, unanticipated selling its 65% share to Thai contractor and hankers
ground conditions, force majeure, etc., in 1994,
concessionaire would be entitled to adjust • Shock-wave sent across the international financing
revenue sharing proportions, toll levels and community, posing questions of financiability of
extension of concession period subsequent projects
• ~ Highway, China • Project guaranteed by GITIC, the investment • Financial close delayed for 2 years due to Tiananmen event in • Delayed commencement but Phase 1 was opened to
arm of the Provincial government, 1989, traffic earlier than agreed with financiers,
• People's Insurance Co. of China covers • The land acquisition process (8000 acres) took 6 years and • Developer applied for doubling of toll due to
political risk of policy change and US$132 million to complete, depreciation of local currency,
nationalization, • The 16 km Boca Tigris Bridge, which forms in essential link • Frequent accidents within the first 2 months of
• No dividend or repayment of sub-ordinated of the entire route, was under threat of take-over by operation,
loans to be made until Performance Test competitor, • Pilferage of road signs and trespassers,
criteria are met, • Design changes and abortive work (e.g. Widening span of • Non-payment by local authorities' vehicles, leading
• Bonus clause for early completion bridge already constructed), to accounting problems and revenue loss
• Depreciation of local currency,
• Post-completion traffic management not fully in
concessionaire's control
160
Risk aspects of bridge, tunnel and airport projects (Lam-1999)
/location
• Prince Edward • Construction cost fully financed • The project would result in • Over 70 environment impact
Island Bridge, in Canadian capital market redundancy of 500 ferry assessment studies were
Canada through the use of real rate workers, who staged strong carried out since 1986,
bonds, which are fully indexed objection, resulting in prolonged
to inflation with a guaranteed • Opposition from fishermen gestation period,
rate of return, and environmentalists • Court hearings were conducted
• Security package to guard alleging that ice build-up to decide contest from ferry
against delay and cost overruns in the strait would harm workers and fishermen, which
(e.g. US$141 million valuable lobster and might have put project to a halt
performance bond and US$14 scallop business
million labor and material
payment bond),
• Government subsidized US$29
million over the entire
concession period, which
represents the avoidable cost of
running the replaced ferry
service
• Channel • Guarantee by 2 governments • Massive design changes • Cost overrun entailing re-
Tunnel, against political interruption or and delays resulted from financing,
between Britain cancellation, escalation of safety, • Substantial claim from TML,
and France • Guarantee that governments security, and which is pending assessment
would not facilitate any 2nd link environmental
requirements demanded by • Several fatal accidents during
before the year 2020, construction,
the two governments.
• Independent Project Manager • Shuttle train service opened in
(Maitre d'Oeuvre) monitored • Contractual disputes
1994, 18 months behind
progress and quality, between Euro tunnel and
TML, its contractor, schedule,
• Construction contracts were • Estimated revenue not realized
designed to control cost: • Tunneling machines were
in 1st year of operation (25%
designed to operate in dry
Tunneling-target price contract under-capacity),
and self-supporting chalk
whereby contractor would be • Post loss for 1st year, leading
based on site investigation
rewarded for keeping cost below to suspension of interest
and previous records but it
target or penalized for excess. payment on its junior debts in
turned out to be a lot
Terminal works-lump sum wetter and more fissured Sept. 95 with plunge in share
causing cave-in prices. Re-structured debts
with financiers.
• Optimistic estimate of
potential market beyond
Channel Tunnel's
hinterland,
• Stiff competition from
ferries and airlines
• Terminal 1 and • Government would not develop • Concession contract signed • The contract was cancelled by
2 of Toronto any other airport facilities weeks before an impending the incoming government after
International within a 75 km radius until the general election, a 1-month review in 1993,
• Airport, terminals are processing 33 • Lobbying to obtain the • In 1994, a new bill was
Canada million passengers a year, concession was challenged. proposed to bar the developer
• Partial deferral of lease payment • Political patronage was from claiming forgone profit
to the government (interest- alleged. and lobbying fees. The bill was
bearing). nevertheless held up
• No cancellation clause was
• Assignment of lease with an indefinitely after much debate,
put into the concession
existing major air carrier contract dealing with • In 1995, the court ruled that the
compensation in case of government was in breach of
default contract and the developer
could proceed with lawsuit for
damages.
• Terminal then came under
Local Authority
161
Risk aspects of rail system projects (Lam-1999)
Project Risk mitigation measures Residual risks Risk consequences
name/location
• Tanayong Light • Concessionaire granted 8- • Public objected to the use of • Relocation of depot entailed
Rail System, year corporation tax the popular Lumpini Park as 4 additional stations and re-
Bangkok, holiday, depot. submission of turnkey bids,
Thailand • Fully exempted from duties • Alternative depot competed • Cost would be doubled and
on imported machinery and by others, program extended by 3 years
materials, • Change of governments if system forced to go
• Route follows government's incurred stop-go hiccups. underground, • 21 km of the
right of way, hence little • Government wanted system to route had to go underground,
land acquisition problem. go underground within 25 km • Duplicated roles of
• use of proven elevated rail of city center as a result of government ministries
technology, environmentalists' campaign. created conflicts,
• no revenue sharing or • Train fare as sole source of • Rider ship becomes critical
royalty payable project revenue, for profitability,
• Financing made difficult by • Financing finalized 15
the row of the 2nd Stage months after construction
Expressway had begun
• Skytrain project, Original contender 'Lavalin' put • Proposed route required more • Cost increased by US$ I
Bangkok, forward the followings to lure land acquisition than the other billion during the 6-year
Thailand concession: two projects. hiccup and delay,
• Major contractor-member of • Lavalin's contract declared
• interest-free loans from the Lavalin consortium unable void by the Thai government
export-credit agencies, to participate at last stage, in 1992; Bangkok Land
• international banks acted as • Financiers reviewed credit chosen as the next contender
guarantors, rating of Thailand due to but deal also foundered,
• lower fare structure and soft frequent coups, making it • Government took over
loan terms, difficult for Lavalin to obtain construction of entire subway
• repay Thai government financing within time limit set with hope to privatize
investment earlier than by Thai government operation
competitor
• Combined road • Concessionaire (Hopewell • Conflicts with other routes • Increased construction cost
and rail system in Thailand) granted property and state railway. of interfaces;
Bangkok, development right (more • Government wanted part of • Protracted negotiation and
Thailand (BERT) than 900000 m2) along route to go underground on delays in design approval
route, environmental ground. and land resumption,
• proposed route mostly • Government increased rent for • Government allowed the
follows existing rail/road, pre-casting yards. system to remain elevated,
hence little land acquisition • Threat of contract review by • Hopewell had to double
problem, successive new governments equity contribution over
• granted 8-year tax holiday and military coups hampered contract requirement to show
on profits, country's credit rating, commitment,
• exempted from withholding • Depreciation of Thai Baht • Share price of parent
tax on interest from overseas caused by speculators in July, company fluctuated,
bank loans, 1997 • Contract cancelled
• option to extend concession
for 20 years
162
Risk aspects of telecommunication and process plant projects (Lam-1999)
/location
• Bangkok • State telecom body (TOT) • The equipment supplied by • Coup broke out in April, 92
Metropolitan • assists Telecom Asia Telecom Asia must integrate resulting in change of
Telephone (Concessionaire) to obtain with TOT's existing network, government during which time
System, all necessary government • Telecom Asia is obliged to the deal was negotiated,
Thailand consents, make changes to its telephone • Another new government was
• TOT responsible for system to match up with formed in July, 1995 and
customers' service and bill potential changes to the TOT reviewed( the concessionaire's
collection. network, plan to extend the network by
• Telecom Asia can use • Telecom Asia bears the cost 600000 fixed line~
existing TOT facilities of expanding TOT's exchange • Telecom Asia committed to pay
to suit the addition of royalty of 16% of its phone line
telephone system revenue to the government
• Buenos Aires • Legislation to ensure • Early retirement scheme of • Retirement scheme entailed
Water payment for water supplied 4000 (50%) redundant US$90 million severance
Treatment. (45% was lost prior to employees was a sensitive payment in 6-month time,
Argentina privatization) and to permit issue, • Bid evaluation and award
cutting off service in case of • Contention with regulator on delayed by 8 months,
nonpayment the degree of independence of • Interruptions in services due to
• Free convertibility of foreign operator, frequency of unexpected power break and
currency. reporting, and the reliability planned repair works.
• Quality requirements for of information. • Cash deficit in the 1st year of
both potable water and • Pressure to impose priorities operation
sewage effluents set to was exerted onto the operator
tighten gradually very 5
years and not immediate
upon privatization.
• Water rates to be reassessed
every' 5 years to adjust for
cost inflation
163
Appendix B: Statistical Measures
164
165
Appendix C: Risk Forms
Risk Log
Potential
Reference Description Probability Response Reported by Date
Impact
166
Interim project risk report
Project
Report No. Date:
Initial / Previous estimate Current estimate

Base estimate Confirmed costs
Confirmed allowance Revised risk allowance
Expected outcome Anticipated out-turn costs
Target completion date Contract completion date
Risk allowance Approved extension
Expected completion date Risk allowance
Anticipated completion
Risks to be expended Average allowance Maximum allowance
Notes:
Signature:
For:
167
Risk identification form
Project
Risk Reference Date Identified
Description
Identified by
Likelihood of occurrence Low / Medium / High …………..%
Potential Impact Low / Medium / High Impact area Cost/ Time/ Performance
Risk Exposure Acceptable/ insignificant/ significant/ critical/ unacceptable
Response Ignore/ Manage/ Share/ Transfer
Assessment
Likely time Items affected
Optimistic
Pessimistic
Likely cost Description
Optimistic
Pessimistic
Secondary risks
Reference of secondary risks

Responsibility
Detailed assessment Yes No By:
Prepared by: Approved by:
Signature Signature
168
Risk Register
Interdependencies Response Response

Ref. Description Trigger Probability Impact Owner Status Date Comments
Refs. required implied
169
Appendix D: Probabilistic Distributions
170
171
172
173
View publication stats

Project Risk Management Training Manual 13092012

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Project Risk Management Training Manual 13092012

Uploaded by

Copyright:

Available Formats

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

PROJECT RISK MANAGEMENT (COURSE NOTES)

Article · January 2012

The user has requested enhancement of the downloaded file.

Structural Loading Conditions

Figure 1: Similarities and differences between projects

Project risk is an uncertain event or condition that, if it occurs, has an effect on

Common Risks Affecting Estimate

The scope of risk management for projects includes :.

Project stage Application example

Formulation of Incentive contract performance and fee modeling

Capital evaluation Capital evaluation of major spending initiatives (some examples

Analysis of options Exploration of market testing strategies

Formulation of Board, cabinet or ministerial submissions for approval of major

Preparation of Detailed development of requests for tender documents that address

Evaluation and Evaluation of tender submissions taking account of bidders'

Negotiation and Review of negotiation priorities ensuring effective risk allocation

Implementation and Implementation and delivery risks, including approvals, technical,

Commissioning and Development and management of test and commissioning,

Table 2. Stakeholders in a procurement project for a government agency

Governments and their National Government

Other government Central funding agencies

Finance providers Financial institutions and their depositors

Industry Suppliers of capability

Communities Local communities and neighbors of a project site

Commercial Purchasers and users of products Shippers

Regulators Construction and building approvals regulators Occupational

Community Public in the local area

Table 4. Stakeholder and issues summary

Stakeholder Key issues and objectives

Compiler: Date: Reviewer: Date:

Stakeholder Desired outcome

Business units involved in A well-structured and efficient procurement strategy

Government and ministers An effective capability for the nation

Central funding agencies Cost-efficient acquisition of endorsed capabilities

Financial institutions Enhanced business opportunities

Industry Enhanced business opportunities, sustainable on a long-term basis

Local businesses Enhanced business opportunities, whether as a prime contractor or

Production loss Maximize the value of hydrocarbon resources Increase sustainable

Facility damage Minimize disruption to operations; no damage to plant or equipment

Facility integrity Minimize disruption to operations Maintain asset or system condition

Project Cost-effective strategy Operating entities are involved Timely

Environment and Environment and community performance Minimize environmental and

Planning meetings & analysis

Risk management plan

Risk Responsibility Chart

Monitor & Control

Technica Project Organization Extern Others

Quality Time Objective Weathe

Performance Cost Fund Labor

Complexity Resourc Collaboratio Politics

Figure 2: Risk categorization

Level Likelihood Expected or actual frequency experienced

May only occur in exceptional circumstances; simple process; no

Could occur at some time; less than 25% chance of occurring;

Might occur at some time; 25 –50% chance of occurring; previous

Impact scale example

Relative or numerical scales

Moderate / Very High /

Insignificant 10-20% 20-40% >40%

Insignificant 5-10% 10-20% >20%

Barely noticed Unacceptable Product is

Stakeholder Tolerance Matrix