Project Risk Management

RISK
Occurrence of an unplanned event that may have
either positive or negative impact on any of the
project objectives, cost, schedule, and scope.
Project Risk Management

• Organization’s success is achieved by pursuing

Opportunities to gain competitive advantages.

• Decisions are often taken on incomplete information with

high level of Uncertainties.

• Uncertainties lead to risk.

Project Life Cycle as per BS 6079
Termination
Phases
Operation

Realization
e
y cl
C
ife Shutdown
Feasibility L

Conception Hand-over

Plan Authorization

Control Authorization
Milestones

Figure 2 - Project Management Life Cycle (BS-6079)

Generic Project Life Cycle

• Conception/ Feasibility

• Planning , Design and Development

• Implementation/Execution

• Close-Out / Hand over.

Project Life Cycle
By plotting the phases versus total effort, a very clear
picture can be obtained as to where the money goes.
Project Life Cycle
Project Life Cycle
Why Projects fail?

• Stakeholder’s Interest
• Communication
• Scope Definition
• Poor Estimation
• Improper Planning & Scheduling
• Improper Monitoring & Control
• Lack of support from Team members/Stakeholders
• Too much Innovation
• Concurrency.
Project Risks
- Inherent, that result from the nature of project objectives,
scope, and risks listed in the contract.

- Acquired, that result from the selected approach,

methodologies, tools, techniques, skills and experience that
are applied to the project.

- External, that result from change in client expectation,

vendor non-compliance, statutory, legal, political, so on.
Type of Risks in different Project
phases
Concept/Feasibility Phase - Choice of Location, Social,
Environmental Constraints, Proper Market Survey, Choice of
Technology

Design/ Development Phase - Suitability of Design chosen,

Safety, Faulty Design, Testing Criteria, Procurement

Implementation Phase - Health Hazards, Resource

Availability, Cultural Difference, Cost Overruns, Schedule
delay, Quality maintenance

Hand-over & Review Phase - Delivery Schedules,

Communication, Proper Hand-over to Customer
Risk Management Process
The process of decreasing and / or completely
eliminating the likelihood of occurrence and
severity/impact of the events that have negative
impact/effect on the project objectives.
Risk Management Process
- Establishing Context (Define and Focus)

- Risk Identification

- Risk Analysis or Risk Assessment

- Risk Planning or Risk Treatment

- Develop and Implement Risk Management Plans

- Monitor, Report and Update the Risk Profile

 Define and Focus
• Key objective and goals of the project being
undertaken to be first defined and than clearly
understood by all stakeholders.

• Organizational Plan is made

• The entire process should be formalized into a risk

plan that should be included with the project
management plan.
Risk Identification
- Identify risks in the ‘Business case.’
- Confirm risks at the start of the project.
- Encourage wide participation for risk identification.
- Use a formal process.
- Document the identified risks.
Risk Identification Techniques
- Assumption Analysis
- Documentation Review
- Brainstorming
- Delphi Technique
- Nominal Group Technique
- Crawford Slip
- Expert Interviews
- Check Lists
- Establishing Analogy
Risk Identification Categories
- Project Objectives (timeframe, size, complexity,
organizational need and importance)
- Business impacts (changes to processes, org. structure)
- Technology (New, proven, seed available)
- Project Scope and Approach
- Performing Organization and project team
- Experience, training and support
Risk Analysis or Risk Assessment
Individual risks are analyzed to determine the:
- Cause of the risk;
- Likelihood that the risk will occur (often defined
as a percentage probability);
- Consequences of the risk occurring in terms of its
financial and non-financial impact
Qualitative Risk Analysis - PI Matrix
 Risk Evaluation

Rank the risks

Moderate Risk Major Risk according to the
Top Priority, severity;
High Identify risk Develop detailed
Impact management risk mgmt. plans
actions Assess the
Minor Risk Moderate Risk acceptability of
Low the risks;
Accept or ignore Identify risk
Impact management
actions Document the
risk profile.
Low High
Probability Probability
Qualitative Risk Analysis - PI Matrix
 Quantitative Risk Analysis
• To determine the probability of achieving a specific objective
• To quantify the risk exposure for the project
• To identify the risks requiring the most attention
• To identify realistic and achievable Cost, Schedule and Scope

Tools and Techniques

• Sensitivity Analysis
• Impact Analysis Diagrams
• Statistical Modeling - Monte Carlo Simulation
 Quantitative Risk Analysis
Sensitivity Analysis

Examines the extent to which the uncertainty of each

project element affecting the objective being examined
when all other uncertain objects are kept at baseline
value.
Quantitative Risk Analysis
Impact Analysis Diagrams
Quantitative Risk Analysis
Impact Analysis Diagrams
Quantitative Risk Analysis
Monte Carlo Simulation
Quantitative Risk Analysis
Monte Carlo Simulation
 Risk Planning / Treatment
1. Eliminate or Avoid Risk, , by not proceeding with the cause
of the risk

2. Risk Transfer or Deflect, transfer responsibility to another

party.

3. Reduce Consequences or Mitigate, where action is taken to

minimize the impact of a risk if it develops. Includes
Contingency planning

4. Risk Acceptance or Absorption, where the risk is minor,

or the cost of risk management cannot be justified.
 Eliminate / Avoid Risk
• In the Concept and Design Stage of the Project

• Choosing Alternative Course of Actions

• Removing the Cause of Threat

• When the level of Influences are high

• Cost of Change is low

• When the risk is NOT ACCEPTABLE

 Transfer or Deflect Risk

• Transfers the liability to Third Party

• In part or Whole, by Bonding , Insurance etc.

• Sub-Contracting to the Specialists

• Choosing a Low Risk Contracts

Mitigate Risk

• Use proven Technology and Design Methodology

• Use Validated Softwares

• Use Experienced Resources

• Introduce Contingency Plan

When & Where Contingency Plan is
established?
• Internal Design Changes
• Estimation in the BOMs, resources etc.
• Lack of Experiences
• Unexpected Procurement purpose
• Correction of some erroneous assumptions
• Insufficient Scope Details
• Implementation and commissioning problems
• Other unforeseen events/regulations/rules
Accept or Absorb Risk

• When the risks cannot be avoided/transferred/

mitigated

• Maintaining a pro-active attitude to Risk

Management

• Regular Feedback Mechanism

Risk Treatment Features

• Not Mutually Exclusive

• May be combinations

• Risk Mitigation and Transfer costs Money

• Cost - Benefit Analysis to be done

 Cost- Benefit Analysis

• How much risk can we accept against cost?

• When to do?

• Discounted Cash flow (DCF) to reduce all cash flows to its

Net present value (NPV)

• Whether uneconomic to respond?

Develop And Implement Risk
Management Plans
Major steps in development and implementation are:
- Identify alternative risk treatments;
- Assess the cost effectiveness of each treatment;
- Obtain commitment to risk treatments;
- Document the risk treatment plan;
- Develop risk reporting mechanisms.
 Monitor, Report and Update the
Risk Profile
Major steps in monitoring and updating risk profile are:
- Regularly review the risk profile;
- Monitor the emergence of new or escalating risks;
- Update the risk management plan;
- Report all changes to the relevant stakeholders.
Risk Register
Contents:
- Name and unique code of the risk
- Description and why it may so occur
- P-I Ranking of the Risk
- Owner of the Risk, Persons responsible for monitoring and
Control
- Strategies to reduce/mitigate the risk
- Dates/ Summary, when the the risk was last updated
- Contingency plan in case the risk still occurs
- List of secondary risks developed, if any.
Risk Control and Monitoring
Purpose is to determine:
1. Risk responses have been implemented as planned
2. Risk responses are as effective as expected
3. Project assumptions are still valid
4. Risk exposure has changed or not
5. Proper risk policies and procedures are followed
6. Risk trigger has occurred.
7. Any new risks?
 Risk Control
Involves:
1. Choosing alternative strategies
2. Implementing contingency plan
3. Taking corrective action
4. Re planning the project

Basic Steps of Risk Control:

Risk Control and Monitoring
Tools and Techniques:

1. Project Risk Response Audits

2. Periodic Project risk review

3. Earned Value Analysis

4. Technical Performance Measurement

5. Additional Risk Response planning

Project Risk Response Audits

1. Examine documents for effectiveness of risk

responses

2. Effectiveness of Risk Owner

3. To be done during the entire Project Life Cycle

Periodic Project risk review

1. Regular Scheduled Review

2. Team Meeting with agenda

3. Risk Rating and Prioritization

4. Any further Quantitative / Qualitative Analysis

required?
Earned Value Analysis

1. Monitoring against Baseline Plan

2. Potential Deviation to be noted

3. Update Risk Identification and analysis

Technical Performance Measurement

1. Measurement of Technical Accomplishment during

Project Execution against Plan

2. Deviation to Planned Milestones

3. Any change in Design Criteria

Additional Risk Response
planning
1. Any risk emerging which was not anticipated in the
Risk Plan

2. Impact is greater or less than expected

3. Planned responses may not be adequate or

redundant

4. Whether any additional response panning is

required?
Project Risk Analysis and
Management (PRAM)
Risk or Opportunity ??
• Positive Effect on the Project
Measures Summary

Facilitating Choose project approach

accordingly. Enhance Other
beneficial outcomes
Involving Involve stakeholders who can
Facilitators help facilitating occurrence of
the opportunity
Enhancing Change project approach, Examine
Likelihood links between opportunity and project

Enhancing Develop plans for taking full

Consequences advantage of an opportunity
How important is Business Planning
for Risk Management?
• Every stakeholders contribution is assessed
• Business planning is integrated into the business
improvement process to produce a strategic and focussed
goal plan.
• Goal plan then needs to be cascaded throughout the
organization
• The resulting action plans are communicated to every
member with the necessary ownership at each level
 Benefits of Proper Business Planning
• Clear expression of executive strategy communicated in a
practical way through all levels of your organization
• Early identification of local interests and conflicts with the top-
level plan
• Negotiation process actively involves middle managers to
participate and align themselves with top level objectives.
• Cascaded clear business objectives right down to individual
teams
• Measurement systems and continuous improvement processes to
keep the business planning process 'live' as priorities change
throughout the year.
 Thank You
for your kind attention