Public Project Management

(PAD 400)

Dr. Ghada El Gaaly

Session 5

Managing Risks
in
Project Management
Introduction:

 In these days, when budgets are always very limited and there is
a need to use internal resources very mindfully, lots of projects
are being managed by employees who wear many hats and do
many jobs.
 Therefore, learning every skill of project management becomes a
must to those employees and allow them to be more valuable to
their organizations and more effective at their work.
 One of those skills is “risk analysis” or “risk assessment” because
it allows project managers to define project risks and determine
how they would be successfully handled.
What are Risks?

 Risks are unexpected circumstances and uncertain events

that if they happen they would have a negative impact on the
project outcome.
 The types of risks can include safety, quality, sustainability,
financial, time, reputation and many others.
 Once the managers define what risks are, they can perform a
risk estimation and evaluation of how much the risks will
affect the project progress and goals.
 These risks can be controlled using risk management tools.
What are Risks?

 The first rule of risk management is very simple: “If there is a

project, it is at risk”.
 Reality and experience in project management teaches us that
100% of projects must go through some form of change and risk
during the cycle of the project.
 Resources, staffing, delivery, deadlines, funding, stakeholders
expectations usually will change while the project is
implemented.
 That’s why, we have to be aware that risk is a “management”
concern and not an unsolved problem.
Whose job it is?

 It is the job of the Project Manager; he is responsible and

accountable to define/calculate risks and facilitate/lead change.
 Effective project managers predict and plan for risks, crisis and
change. It is said that “Bad news early is good news”.
 Knowing the project very well is the key, then, understanding the
people with whom they work and employing the skilled
proactive ones is always very helpful.
 Being proactive and anticipating the risks as possibilities, asking
the tough questions and planning in advance for facing them is a
must, otherwise, the project is at risk.
Important Terms in Risk Management:

 Risk Assessment
It is the process of defining and collecting data about the risk, then,
making risk estimation, which is the evaluation of how much the
identified risk can affect the project plan.
 Risk Impact

It is a numerical value that calculates how much the risk might affect
the project outcome. It is often described as low, medium, or high.
Low are risks that the project can afford to take; medium are those that
will require resources to manage but perceived easy to contain. High
may require a big amount of resources to fix.
Important Terms in Risk Management:

 Risk Tolerance
It is the level of risk the project would tolerate to take. This will depend
on several factors, including resources, company culture, leadership and
others. For example, when hiring new people, there’s always a negative
risk that the new hires would not perform efficiently. Most organizations
would tolerate taking new applicants for entry-level positions. Here, risk
TOLERANCE is high. However, risk tolerance may get lower for top-
level managers.
 Risk Probability

Risk probability is the possibility of a risk to happen. It can be rated as

very low, low, medium, high or very high.
Seven steps to Manage Project Risks:

Risk management includes the following steps:

1. Identifying and documenting the risks.
2. Assessing the probability and impact of the risks.
3. Prioritizing the risks.
4. Creating risk management plan to manage the most
important project risks.
5. Reviewing the risk management budget.
6. Monitoring and continuing to identify and assess risks.
7. Implementing the risk plans.
1) Identifying and Documenting
the Risks:
 The first step is to identify the sources and categories of risks. A
“risk register” is a document used to record information about
the risks for a project.
 People involved in this process are project members, external
stakeholders and external experts in a specific area. However, all
people in the project are encouraged to report any risk.
 To begin the risk identification process, the project manager
should conduct a brainstorming session to discuss with the
project team the categories of the project risks.
1) Identifying and Documenting
the Risks: (continued)
 A sample list of risk “categories” includes:
• Technology risks
• Customer requirements
• Customer satisfaction
• Scope risks
• Resource risks
• Stakeholder risks
• Change management risks
1) Identifying and Documenting
the Risks: (continued)
 After the categories of the project risks are identified,
“individual” risks that may happen under each category should
be identified, and thoughts, about how the risks should be
managed, should be initiated.
 For each risk that the project team identifies, the project manager
should document the name, category, and a brief description of
the risk in the risk register.
 Some methods that can be used for identifying risks are
brainstorming, checklists, compare with similar projects and
SWOT-analysis (Strengths, Weaknesses, Opportunities, Threats).
 2) Assessing the Probability and
Impact of Risks:
 After identifying the project risks, the project team should
determine a method for estimating the probability of each risk
occurring and the impact to the project if it occurs.
 By doing the estimation process as a team, the members of the
project will establish a solid understanding about the
probability and impact of the risks, what are the most
significant project risks and how immediate they should be
addressed.
 The probability is often estimated as a percentage of the chance
that the risk may occur during the course of the project.
 2) Assessing the Probability and
Impact of Risks: (Continued)
 Estimating the probability of each risk and its impact on the
project if it occurs would need 2 types of risk analysis:
- Quantitative risk analysis:
Quantitative risk analysis is a statistical analysis of a risk impact on
the overall project that produces data that is objective, numerical and
measurable.
- Qualitative risk analysis:
It refers to the risk analysis tools and techniques that rely on experts
opinions. It produces data that is subjective and non-statistical.
3) Prioritizing the Risk:

 The third step is to prioritize the risks in order to decide

which ones the team should design instant plans to manage.
 The plans are usually based upon the results of the probability
and impact assessments done in step 2 .
 4) Creating Plans and a Budget
to Manage the Most Important Project
Risks:
 Every project risk needs a risk plan. The team should identify what
is the best action that they can take to remove or decrease the risk.
 The project manager should allocate a member from the team
project to be what is called the “risk owner” for each risk. This
person should have the appropriate expertise to create a risk
management plan that identifies:
• The actions that need to be taken to remove or reduce the risk.
• The people that need to work on managing the risk.
• The cost to manage the risk.
 4) Creating Plans and a Budget
to Manage the Most Important Project
Risks: (continued)
 Next, the project manager should calculate the total cost and
the tasks to implement the risk management plans and
identifies the adjustments that need to be made to the project
budget and schedule.
 All project budgets should include a backup of at least 10% of
the total project budget since there are always doubts about
what risks a project would face and the cost of managing them.
 5) Reviewing the Risk Management

Budget:
 If the backup budget is not enough to manage the risks, the
project manager should discuss with the project sponsor the
needed resources and seek an approval for the risk budget.
 After approving the project budget for risk management, the
project team can proceed with the implementation of the risk
plans as necessary.
 6) Monitoring and Continuing
to Identify and Assess Risks:
 The project manager and risk owners, in collaboration with the
project team, should continue to review the identified risks to
see if they have changed in anyways as the project team learns
more about the project.
 Meanwhile, the project manager, in collaboration with the
team and stakeholders, should continue to find emerging risks
and create and implement risk management plans as needed.
6) Monitoring and Continuing
to Identify and Assess Risks: (continued)
 While monitoring risks, some activities should be conducted:
• Determine if the risk management plans have been implemented.
• Identify and analyzing new risks.
• Test the effectiveness of the risk management plans that have
been implemented.
• Share risk status information with the project team.
• Identify any unexpected results of risk management activities.
• Update constantly the risk management plans as lessons are
learned from the project.
7) Implementing the Risk Plans:
 Project risk owners implement the risk management plan
activities in order to remove or reduce risks.
 After plans are implemented, every risk owner should
determine if the planned activities have successfully
managed the risks and identify if any remaining risks remain
after the plans have been implemented.
 The data about any remaining risks should be documented in
the risk register and assessed to determine if any additional
risk management plans need to be created and implemented.
Benefits of Risk Analyses in
Project Management:
 Encourages progression: A successful risk management plan
enables the project to move forward even while facing
deviations and surprises. You can decide whether to continue
with a project or make adjustments when you understand the
risks and ways of eliminating them.
 Creates awareness: Recognizing the possible risks enables the
team and the stakeholders to communicate problems and ensure
designing communication tools that encourage team members to
report perceived risks, deliver feedback and generate timely
reactions to risks before and when they occur.
Benefits of Risk Analyses in
Project Management: (continued)
 Makes risks manageable: Analyzing risks offers chances to
prepare the project team to manage issues when they happen
and decreasing their effect on the project outcome.
 Minimizes liabilities (charges): In some projects types, it is
essential to ensure security for members, including staff and
customers, for efficient and cost-effective processes.
 Improves efficiency: Finalizing a risk analysis, at an early stage
of the project, is positively reflected on timeline and resources.
It also helps to make better decisions about project resources
and cost.
Thank you for Today