Angel M. Mukuvisi MBA,FCIS, ACCA. Agenda: • Distinguish projects from contracts
• Identify generic project and contract risks
• Discuss mitigation of project and contract
risks What is a project? What is a contract? What is risk? At what point do projects risks emerge? Causes of project risks
From the previous slide, identify some
causes of project risks. Primary causes of project risks • Failure to define project scope • Absence of criteria for use in various project decision making • Failure to define project activities • Failure to determine task dependencies • Poor work scheduling • Resource planning and responsibility assignments • Poor project budgetary system • No formal project risk management • No formal communication schedule • No tools for project tracking • Post project reviews Project risks
From the causes of risk identified above,
identify possible risks from each category. Project Management Risks: The key risks include: • Scope creep • Time delays • Cost overruns • Failure to finish the project due to inadequate resources • Disputes with subcontractors • Public concerns • The personnel organisational structure may be inappropriate for the project • The project may fail to achieve its objectives Generic risk management strategies
Let’s talk:
• Risk heat map
• TARA / SARA framework
Project Risk Mitigation
From the risks you identified earlier, craft
strategies that can be used to mitigate the risks. Examples of contracts 1. Outsourcing 2. Procurement 3. In‐house agreements 4. Privatisation 5. Sales and disposals of products or services 6. Joint ventures 7. Consent agreements 8. Leases 9. Licenses 10. Barter 11. Employment contracts At what point do contract risks emerge? Common causes of contract risks Many of the risks during the contacting process result from three basic causes - focus on three activities during the early stages of the contract / project: 1. Definition of scope (including specification) 2. Choice of contractor (and/or subcontractors), and 3. Implementation Mitigation of scope related risks • Cover all requirements in a well‐defined manner • Provide accuracy in important areas • Detail practical requirements, for example, realistic performance timeframes • Uphold consistent laws or regulations, for example, building codes • Include an unbiased specification, e.g. by excluding “brand names” or “only made” in clauses • Ask for appropriate design, technology and effective work methods • Refer to appropriate standards and benchmarks on quality, quantity etc. • Quality assurance and improvement, paying particular attention to including industry benchmarks and standards Mitigation of contractor related risks Adherence to both minimum, and preferred, contract terms and conditions relating to: • Warranties and guarantees • Indemnities • Liquidated damages • Insurances • Exclusions and disclaimers • Ownership of contractor’s intellectual property (whether brought with them or developed during the contract), and • Acceptance on the method to cost variations, the definition and responsibility for latent conditions, force majeure, contract suspension or termination for whatever reason. Mitigation of contractor related risks Technical capacity: • Technical assessments require objective and subjective analysis and must be conducted by suitably qualified and experienced assessors. • Contractors are to provide evidence of previous experience, and technical qualification relating to the following: • Past performance of contractor • Qualifications, experience, and past performance of key personnel • Staffing resources • Subcontract resources • Physical resources, whether owned or hired • Application capability, i.e., ability to apply expertise and resources • Appreciation of the project/supply task, and • Any special expertise or resource requirements. Mitigation of contractor related risks Financial capacity: • Here contractors are expected to show both minimum standards of accounting and financial controls • They should have the financial resources to undertake the role and financial capacity to absorb adverse experiences on this contract and other works they might be undertaking during the same period • Care should be taken to ensure that no one project or supply (including this contract) would account for a major part of their business – say, more than 30 per cent – this leads to dependency problems • Show ability to produce monthly financial statements within a month of the financial report date • Provision of forward budgets of balance sheet items, profit and loss, and, particularly, cash flow • Establishment of minimum financial ratios for the contractor’s financial performance, relating to net worth, cash flow and profitability Mitigation of implementation risks • Situations can arise that require a prompt and timely response. Typically, these require important decisions to rectify, adjust or acknowledge a change from the original plan. Companies need to know as soon as possible whether: - Progress is falling short of the original plan, or - The plan needs to be revised following a realisation that the original scope or specification will not fully satisfy key needs. • A Baseline plan must be agreed with the contractor. This usually consists of the following: - Establishing intermediate performance indicators for contracts, i.e., milestones - Defining the required tasks - Defining the relationship between tasks so that they are effective, efficient and safe. • Define sequence, concurrence with other tasks and Any questions so far? Project & Contract Risk management Step 1 – Establish the Context • What is the strategic and organisational role of contracting? To find this, establish the following: - Company objectives (direction) and goals (target) - Activities where contracting can optimise the attainment of those objectives and goals - How performance will be measured, i.e., create evaluation criteria and performance indicators, and - Define suitable definitions of risk levels, from low to high, according to possible risks in achieving those objectives and goals. - Defining rates of likelihood and consequences. Project &Contract Risk management Step 2- Identify the risks • Postulate what could happen and how • What is the nature of the activity, the equipment and work methods required to do it? • Who are the personnel undertaking it? • What other persons and their property and activities could be impacted by the activity? • Look at experience via reviews, claims, incidents, records and so on • Look at hidden threats, proposed activities and possible new circumstances • Appoint a facilitator to extract ‘corporate knowledge’ using team‐based exercises • Hire a contracting risks expert, and Project &Contract Risk management Step 3 – Analyze the Risks Estimate risk levels. Consider and record: • Possible causes ‐ direct, underlying and system ‐based • The maximum reasonable consequence level. Consider effectiveness, cost and efficiency, health and safety, liability, environment, property and reputation and image, and • The likelihood of occurrence for that consequence level. • Determine existing controls to eliminate or reduce the likelihood and consequences, i.e., what procedures and processes exist either to provide a defence against the occurrence, or reduce the adverse impacts if the situation or event does occur? • Establish a preliminary list of risks from highest to lowest risk level. Project &Contract Risk management Step 4 – Evaluate and prioritize risks Determine risks that might need further treatment: • Compare risks with the evaluation criteria set in context • Reconsider the appropriateness of the criteria with the preliminary list of risks and risk levels • Re‐adjust risks and risk levels, paying particular attention to medium and high risks, and • Propose which risks can be tolerated and which require more treatment to reduce the risk level. Project &Contract Risk management Step 5 – Treat the Risks Take action to reduce risks and record what level of risk is retained: • Identify options to eliminate or reduce and/or transfer risks • Determine the net benefit (i.e., cost/benefit) of the options • Recommend the preferred option • Propose an all risks treatment plan (i.e., list all risks requiring treatment, the proposed treatment, estimated budget, those responsible, and realistic start and completion dates) • Prepare specific implementation plans (i.e., the person responsible for each risk reviews and proposes how this will be done), and • Ensure that treatments are aligned with the company’s management system, i.e., all its processes and procedures. References • ISO 10006:1997(E) Quality Management – Guidelines to Quality in Project Management • Enterprise Risk Management, John Fraser & Betty J. Simkins Questions