Project and Contract Risks

Prepared and presented by:

Angel M. Mukuvisi MBA,FCIS, ACCA.
 Agenda:
• Distinguish projects from contracts

• Identify generic project and contract risks

• Discuss mitigation of project and contract

risks
What is a project?
What is a contract?
What is risk?
At what point do projects risks emerge?
Causes of project risks

From the previous slide, identify some

causes of project risks.
Primary causes of project risks
• Failure to define project scope
• Absence of criteria for use in various project decision making
• Failure to define project activities
• Failure to determine task dependencies
• Poor work scheduling
• Resource planning and responsibility assignments
• Poor project budgetary system
• No formal project risk management
• No formal communication schedule
• No tools for project tracking
• Post project reviews
Project risks

From the causes of risk identified above,

identify possible risks from each category.
Project Management Risks:
The key risks include:
• Scope creep
• Time delays
• Cost overruns
• Failure to finish the project due to inadequate resources
• Disputes with subcontractors
• Public concerns
• The personnel organisational structure may be
inappropriate for the project
• The project may fail to achieve its objectives
Generic risk management strategies

Let’s talk:

• Risk heat map

• TARA / SARA framework

Project Risk Mitigation

From the risks you identified earlier, craft

strategies that can be used to mitigate the
risks.
Examples of contracts
1. Outsourcing
2. Procurement
3. In‐house agreements
4. Privatisation
5. Sales and disposals of products or services
6. Joint ventures
7. Consent agreements
8. Leases
9. Licenses
10. Barter
11. Employment contracts
At what point do contract risks emerge?
Common causes of contract risks
Many of the risks during the contacting process
result from three basic causes - focus on three
activities during the early stages of the contract /
project:
1. Definition of scope (including specification)
2. Choice of contractor (and/or subcontractors),
and
3. Implementation
Mitigation of scope related risks
• Cover all requirements in a well‐defined manner
• Provide accuracy in important areas
• Detail practical requirements, for example, realistic performance
timeframes
• Uphold consistent laws or regulations, for example, building codes
• Include an unbiased specification, e.g. by excluding “brand names” or
“only made” in clauses
• Ask for appropriate design, technology and effective work methods
• Refer to appropriate standards and benchmarks on quality, quantity
etc.
• Quality assurance and improvement, paying particular attention to
including industry benchmarks and standards
Mitigation of contractor related risks
Adherence to both minimum, and preferred, contract terms and conditions
relating to:
• Warranties and guarantees
• Indemnities
• Liquidated damages
• Insurances
• Exclusions and disclaimers
• Ownership of contractor’s intellectual property (whether brought with them
or developed during the contract), and
• Acceptance on the method to cost variations, the definition and
responsibility for latent conditions, force majeure, contract suspension or
termination for whatever reason.
Mitigation of contractor related risks
Technical capacity:
• Technical assessments require objective and subjective analysis and must
be conducted by suitably qualified and experienced assessors.
• Contractors are to provide evidence of previous experience, and technical
qualification relating to the following:
• Past performance of contractor
• Qualifications, experience, and past performance of key personnel
• Staffing resources
• Subcontract resources
• Physical resources, whether owned or hired
• Application capability, i.e., ability to apply expertise and resources
• Appreciation of the project/supply task, and
• Any special expertise or resource requirements.
Mitigation of contractor related risks
Financial capacity:
• Here contractors are expected to show both minimum standards of accounting and
financial controls
• They should have the financial resources to undertake the role and financial capacity
to absorb adverse experiences on this contract and other works they might be
undertaking during the same period
• Care should be taken to ensure that no one project or supply (including this contract)
would account for a major part of their business – say, more than 30 per cent – this
leads to dependency problems
• Show ability to produce monthly financial statements within a month of the financial
report date
• Provision of forward budgets of balance sheet items, profit and loss, and, particularly,
cash flow
• Establishment of minimum financial ratios for the contractor’s financial performance,
relating to net worth, cash flow and profitability
Mitigation of implementation risks
• Situations can arise that require a prompt and timely response. Typically,
these require important decisions to rectify, adjust or acknowledge a change
from the original plan. Companies need to know as soon as possible
whether:
- Progress is falling short of the original plan, or
- The plan needs to be revised following a realisation that the original
scope or specification will not fully satisfy key needs.
• A Baseline plan must be agreed with the contractor. This usually consists of
the following:
- Establishing intermediate performance indicators for contracts, i.e.,
milestones
- Defining the required tasks
- Defining the relationship between tasks so that they are effective,
efficient and safe.
• Define sequence, concurrence with other tasks and
Any questions so far?
Project & Contract Risk management
Step 1 – Establish the Context
• What is the strategic and organisational role of contracting? To find
this, establish the following:
- Company objectives (direction) and goals (target)
- Activities where contracting can optimise the attainment of those
objectives and goals
- How performance will be measured, i.e., create evaluation criteria
and performance indicators, and
- Define suitable definitions of risk levels, from low to high, according
to possible risks in achieving those objectives and goals.
- Defining rates of likelihood and consequences.
Project &Contract Risk management
Step 2- Identify the risks
• Postulate what could happen and how
• What is the nature of the activity, the equipment and work methods required
to do it?
• Who are the personnel undertaking it?
• What other persons and their property and activities could be impacted by
the activity?
• Look at experience via reviews, claims, incidents, records and so on
• Look at hidden threats, proposed activities and possible new circumstances
• Appoint a facilitator to extract ‘corporate knowledge’ using team‐based
exercises
• Hire a contracting risks expert, and
Project &Contract Risk management
Step 3 – Analyze the Risks
Estimate risk levels. Consider and record:
• Possible causes ‐ direct, underlying and system ‐based
• The maximum reasonable consequence level. Consider
effectiveness, cost and efficiency, health and safety, liability,
environment, property and reputation and image, and
• The likelihood of occurrence for that consequence level.
• Determine existing controls to eliminate or reduce the likelihood and
consequences, i.e., what procedures and processes exist either to
provide a defence against the occurrence, or reduce the adverse
impacts if the situation or event does occur?
• Establish a preliminary list of risks from highest to lowest risk level.
Project &Contract Risk management
Step 4 – Evaluate and prioritize risks
Determine risks that might need further treatment:
• Compare risks with the evaluation criteria set in context
• Reconsider the appropriateness of the criteria with the
preliminary list of risks and risk levels
• Re‐adjust risks and risk levels, paying particular attention
to medium and high risks, and
• Propose which risks can be tolerated and which require
more treatment to reduce the risk level.
Project &Contract Risk management
Step 5 – Treat the Risks
Take action to reduce risks and record what level of risk is retained:
• Identify options to eliminate or reduce and/or transfer risks
• Determine the net benefit (i.e., cost/benefit) of the options
• Recommend the preferred option
• Propose an all risks treatment plan (i.e., list all risks requiring treatment, the
proposed treatment, estimated budget, those responsible, and realistic start
and completion dates)
• Prepare specific implementation plans (i.e., the person responsible for each
risk reviews and proposes how this will be done), and
• Ensure that treatments are aligned with the company’s management
system, i.e., all its processes and procedures.
References
• ISO 10006:1997(E) Quality Management –
Guidelines to Quality in Project
Management
• Enterprise Risk Management, John Fraser
& Betty J. Simkins
Questions

Thank You