Lecture 44

VU

Project Risk Management

By
Dr. Ali Sajid
 “Nature does nothing
uselessly”
 
Aristotle (384 BC - 322 BC)

2
 “So much of what we call
management consists in
making it difficult for People to
work”

Peter Drucker (1909 - 2005)

3
 To do right is wonderful.
 To teach others to do right
is even more wonderful –
and much easier.
Mark Twain

4
 If you have your
sight, you are
blessed.
 If you have insight,

you are a thousand

times blessed.
5
 “Leadership & learning
are indispensable to each
other”
John F. Kennedy (1917 - 1963),

6
Setting an example is
not the main means
of influencing
others, it is the
only means.
Albert Einstein

7
 When the fight begins
within himself,
a man's worth
something.
Robert Browning

8
In times of storm,
the shallowness of
the root structure is
revealed.

9
 In early days of Project
Management, majority of project
decisions heavily favored “Cost
& Schedule”.
 This occurred as we knew more
about “Cost & Schedule” than
about Technical Risks.
 Technology forecasting is rarely
performed.
10
 Today, state of the “Art of
technology forecast” being
Pushed to Limits.
 For project with less than one
year duration, it is assumed that
environment is known & Stable,
Especially Technological
Environment.
 For project over one year
technical forecast is essential.
11
 Computer technology doubles in performance
about every two years.
 Engineering technology is doubled every 3 years.
Problem for Project Manager is to
“Accurately Define” & “Plan
Scope” of 3-4 years of project
without expecting Engineering
Changes resulting from
“Technological improvements?
What are the risks?
12
 Newspaper are about Full
regarding Cost overruns and
Schedule slips on a wide variety
of development of projects.

13
These causes include:
1. Starting a project with a budget and/or
schedule that is inadequate for the desired level
of performance or scope (e.g. integration
complexity).
2. Having an overall development process (or key
parts of that process) that favors performance
(or scope) over cost and schedule.
3. Establishing a design that is near the feasible
limit of achievable performance or integration
complexity at a given point in time.
4. Making major project design decisions before
the relationships between cost, performance,
schedule, and risk are understood.

14
 Four Causes will Contribute to:
 “Uncertaintyin forecasting technology.
 Associated Design is needed to meet
Performance requirements.
 Inability to Perfectly forecast
Technology & associated Design”
contribute to a Project's “Technical
Risk”- Lead to Cost & Schedule Risk.

15
 Risk mgt process, should be designed To do
more than just Identification of risk.
 Process must include:
 Formal Planning Activity
 Analysis to Quantify likelihood
 Predict impact on Project
 A handling strategy for Selection Risks is the
ability to monitor Progress in reducing these
“selection risks” to desired level.

16
 Risk
A possible future event
which if it occurs will
lead to an undesirable
outcome.
 WHAT IS RISK?

Risk and uncertainty

are equivalent.
Project risk management is the
Art & Science of identifying,
assessing, & responding to
Project Risk throughout the life
of a project & in Best interests
of its objectives.
Project Risk: Cumulative
effect of Chances of
uncertain occurrences
adversely affecting the
project objectives.

20
 RISK MANAGEMENT
IdentificationPURPOSE
of factors which are
likely to impact Project
objectives of Scope, Quality,
Cost & Time.
 Risk Management Includes
maximizing results of positive
Events & minimizing
consequences of adverse
events.
 Issues
A risk should only be taken when
potential benefit & chances
of winning exceed “remedial
cost” of an unsuccessful
decision” & chances of losing
by a satisfactory margin.
 Nature of Risk Management

When speaking of risk, think of only

“hazardous ones” rarely do we
systematically identify all risks
involved.
 Project Risk Management is Pro-active
Classic Systems Methodology:

Input Process output

Feedback loop

This process is vital to effective project control, however risk is different.

It has to do with uncertainty, probability or unpredictability,
and contain contingent planning.
 Reactive vs. Pro-active
Reactive mode selects
response.

pro-active mode anticipates

& plans to avoid risk &
decision making.
Take risk if:
a) Potential benefit
b) Chance of winning is greater
than Cost of unsuccessful
decision & Chances of losing by a
satisfactory margin.

27
 Project Risk Management

P r o je c t R is k
M anagem ent
1 1 .0

R is k R is k R is k R e s p o n s e R is k R e s p o n s e
Id e n tific a tio n Q u a n tific a tio n D e v e lo p m e n t C o n tro l
1 1 .1 1 1 .2 1 1 .3 1 1 .4
 Risk
 Opportunities – Positive
outcome.
 Threats – Negative outcome.
 A Project is something – Not
done previously and will not
be done again in future.
 uniqueness, developed and
'‘Live with It“.
 Attitude on Risk & Attribute
as Part of Doing Business.

30
 If Risk management is established
as continuous Disciplined Process of
Planning, Assessment (Identification
& Analysis), Handling, & Monitoring,
then System will Easily Supplement
other System as “Organizational
project, budget, & Cost Control.
 It surprises, becoming a problem and
diminished because Emphasis is on
Pro-Active not Reactive
Management.
31
 Risk management is justified
on almost all projects.
-Level of implementation
Depending on:
1. Size, Type of Projects.
2. Who is the customer.
3. Relationship to Corporate “Strategic Plan”.

4. corporate culture.

32
Risk management is important
when:
a) Overall stakes are high.
b) Great deal of “Uncertainty
Exists”.

33
 Today, Risk Management is the key
part of overall Project management.
 It Forces to focus on Future where
Uncertainty exists &
 we Develop suitable Plans of action
to prevent potential issues from
adversely impacting on project.

34
 Risk
 Measure of Probability &
Consequence of not
achieving a defined Project
goal.
 It Involves notion of
uncertainty.

35
 Specified aircraft range be achieved?
 Computer produced within budgeted Cost?
 New prod launch date should be met?
 A “probability measure” is used for such queries.
 Probability of not meeting new product launch date
is 0.15.
 When risk is considered, “consequences/damage”
associated with occurrence must also be considered.

36
 Figure 1.
Overall risk is a function of its components

37
 Risk constitutes a Lack of
knowledge of future events.
 Typically, Future Events (or
outcomes) that are Favorable
called opportunities,
Unfavorable events called Risks.

38
 Another element of risk is
“Cause of Risk”.
 Something, or “Lack of
something” Can induce a
Risky Situation.
 Source of danger is
“hazard”.
39
 Risk = f ( Hazard, Safeguard)
 Risk increases with hazard but
decreases with safeguard.
 Good Project Manager should be
structured to Identify hazards to
allow “safeguards” developed to
outcome them with enough
safeguards
 Risk can be reduced to an
acceptable level. 40
Certain hazards can be outcome to
a great extent by knowing them &
Taking action to overcome them.

41
 Tolerance for Risk
 Project manager must rely upon
“Sound Judgment” & use of
appropriate Tools in Dealing With Risk.
 Ultimate decision on how to Deal with
Risk is based on Project Manager’s
“Tolerance for Risk”.

42
 Figure 2.
Risk preference & utility function.

43
 Certainty, Risk, and Uncertainty
 Decision making falls into three categories:
 Certainty
 Risk
 Uncertainty.
 Decision making uncertainty is easiest case to
work with.
 With certainty: Assume that all necessary
information is available to assist us.

44
 Decision Making under Certainty

It implies that we know with 100
%
accuracy what “States of nature”
Will be.
 What Expected Payoffs Will be
for each state of Nature.

45
 Decision Making under Risk
 In most cases, no dominant strategy
for all “States of nature”.
 In a realistic situation, high profits
are earned by high risks and high
probable losses.
 With no Dominant Strategy, a
probability must be assigned to
occurrence of each “State of Nature”.

46
 Decision making under Uncertainty
 Difference between Risk &
uncertainty.
 Under risk, assign probabilities.
 Under uncertainty, meaningful
assignments of probabilities are not
possible.

47
 Decision maker has no basic
criteria for management od
Decision.
 Decision about which criterion to
use will depend on:
A) Type of project
B) Project Manager’s Tolerance to
risk.

48
 Risk Management Process
 Risk Management strategy is
established early in a project.
 Risk is continually addressed
throughout Project Life Cycle.
 Risk Management includes related
actions:
a) Risk: Planning
b) Assessment (identification &
analysis)
c) Handling
d) Monitoring
49
 Risk Planning
 Process of Developing & documenting an
organized, Comprehensive & Interactive
strategy & Methods for identifying & Tracking
risk issues to develop risk handling Plans,
Performing Continuous Risk assessments to
determine How Risks changed, & Assigning
adequate Resources.

50
 Risk assessment: Identifying
& analyzing program areas
& Critical Technological
Process Risks to include
likelihood of meeting Cost,
Planning & Scheduling of
Objectives.

51
 Risk Identification
 Main Step in Risk Management is to
Identify all Potential Risk Issues.
 May include a survey of Programs,
Customers, & users for concerns and
Problems.
 Some Degree of Risk is always exists in
Project area.

52
Project risks include Cost
funding, Schedule Control,
contract release & Political risks.

53
1.Tech Risks are related to
Engineering &Technology
involved.
2. Risk of meeting Performance
requirement.
3. Risks-in Feasibility of Design
Concept.
4. Risks associated with using State-
of the Art Equipment/Soft Ware.
54
5. Production risk concerns over
packaging, manufacturing, lead
times, & material availability.
6. Supportive risks -
Maintainability, operability, &
trainability concerns.
understanding of risks in these &
other areas evolves over time.
Consequently, risk identification
must continue through all Project
Life Cycle.
55
 Methods for “Identification of Risk Classify”
Project Risk in accordance with its Source.
 Most sources are Objective/subjective
 Objective sources:
1. Recorded experience from past projects.
2. Current projects as it proceeds.
3. Lessons learned files.
4. Program documents evaluations.
5. Current performance data.

56
Subjective Sources:
Experiences based upon
knowledgably experts
interviews & other data
from subjective matter
experts.
57
Life-cycle risk analysis

58
 Any source of information that allows
recognition of a potential problem can be used
for Risk identification.
 These include:
 Sys engineering documents.
 Life-cycle cost analysis.
 Plan/WBS decomposition.
 Schedule analysis
 Baseline Cost Estimation.

59
 These include:
 Requirement documents.
 Lessons learned files.
 Assumption analysis.
 Trade studies/analyses.
 Technical performance measurement (TPM)
planning/analysis.
 Models (influence diagrams).
 Decision drivers.
 Brainstorming.
 Expert judgment.

60
 Expert judgment techniques are
applicable for risk
identification, forecasting &
decision making.
 Two expert judgment
techniques are:
Delphi
method
Nominal group technique

61
 Ways to Classify Risks
In Simple business context, risk are:
1. Business risk
2. Insurable risk
Examples of business Risk:
 Competitor’s Activities
 Bad weather
 Inflation
 Recession
 Customer response
 Availability of resources

62
 Insurable risks provide us only a
Chance for a loss.
 Insurable Risks includes:
Directproperty damage
Insurance for assets

63
Indirect consequential
loss: Protection for
Contractors for indirect
losses due to third Party
Actions.

64
 Legal liability
 Protection for legal liability
resulting from:
“Poor Product Design”
“Design Errors”
“Product Liability”
“Project Performance Failure”
 This does not include “Protection
from loss of Goodwill”.
65
 Personnel Provides protection resulting from:
 Employee’s bodily injury (worker's compensation).
 Loss of key employees.
 Replacement cost of key employees.
 Several other types of business losses due to
employee actions.

66
 On construction of project,
owner/customer usually
provides ''wrap-up" or "bundle"
insurance.
 It bundles “owner, contractor, &
sub contractors into one
insurable package”.

67
Project Management Institution
(PMI) categorizes risks as:
External–unpredictable:
Government regulations, natural
hazards, & Acts of God.
External–Predictable:
Cost of money, borrowing rates,
raw material availability.

68
 External Risks: Outside of
Project Manager’s control but
may affect direction of Project.
 Internal (non-technical):
Labor Stoppages
Cash Flow Problems
Safety issues
Health
Benefit Plans
69
Internal Risks: Within control of
Project Manager and Present
uncertainty that may affect Project.
Technology Risk: Changes in
technology, changes in state of art,
Design issues,
operation/maintenance issues.
Technology Risks relate to utilization
of Technology & Impact it has on
direction of Project.
70
Legal: Licenses, patent
rights, lawsuits,
Sub contractor
performance,
contractual failure.

71
 Risk Analysis
 Analysis begins with a detailed
study of “Risk Issues identified”.
 Objectives: Gather enough
information about risk issues to
judge probability of occurrence of
Cost, Schedule & Technological
Consequences, if risk occurs.

72
“Risk analysis” is based on detailed
information that come from:
1. Comparisons with similar systems.

2. Relevant lessons-learned studies.

3. Experience.

4. Results from Tests & prototype

development.
5. Data from engineering or other
models.

73
6• Analysis of plans and
related documents.
7. Modeling and simulation.
8• Sensitivity analysis of
alternatives.

74
Three forms of Quantitative Risks:
1. High risk
 Substantial impact on Cost,
Schedule/Technology.
 Substantial action required to
alleviate issue.
 High priority management attention
is required.
75
2.Moderate risk:
 Some impact on Cost, Schedule/technolgy.

 “Special action” must be required to alleviate

issue.
 Additional management attention must be

needed.
3. Low risk:
 Minimal impact on Cost, Schedule & technology.

 Normal management oversight is sufficient.

76
 Risk Analysis begins with a
detailed study of Risk issues
that have been identified.
 Objective- Gather enough
information about risk issues to
judge Probability of occurrence
& Cost, Schedule & technology
consequences, If risk occurs.

77