Chapter 5 Risk Management PDF

CHAPTER 5 RISK MANAGEMENT ENGR. MARK ANDREW M. ALINGOG Processes: Plan Risk Management – Planning Identify Risk – Planning Perform Qualitative Risk Analysis – Planning Perform Quantitative Risk Analysis – Planning Plan Risk Response – Planning Implement Risk Response – Executing Monitor Risk – Monitor and Control What is Risk? Uncertainty that may have positive or negative outcomes on the Project in the future. Positive Risk – Opportunity Negative Risk – Threat The goal of Project Management is to increase the probability of Positive risk and decrease the probability of Negative risk. Project Risk? 1. Individual Project Risk Risks Identified in the Project The risk of Estimates Being inaccurate The Risk of Stakeholders being disengaged The Risk of Low quality materials 2. Overall Project Risk The Risk of a project as a whole Classification of Risk? 1. Pure Risk - Always have a negative effect on the project. 1.1 Personal Pure Risk -Personal risk can directly affect an individual person and can involve a loss of earnings and assets. It can also involve an increase in expenses. 1.2 Property Pure Risk Property may be damaged by uncontrollable forces and natural disasters, such as fire, hurricanes, tornados, lightning 1.3 Liability Pure Risk Liability risks can involve litigation. This is due to either perceived or actual injustice. 2. Business Risk - Has a positive or negative effect on the project. Business risk is the event of gain or loss resulting from business activities. Risk Appetite: The broad, high-level willingness to pursue or accept risk to achieve objectives. Reflects the overall approach to risk in strategic planning and decision-making. It’s about how much risk the organization will pursue or accept to achieve its goals. Risk Tolerance: More specific than risk appetite, it refers to the acceptable variation an organization can withstand. Often quantified in financial terms or operational metrics. Guides how much risk is acceptable before impacting the company's strategic objectives. Risk Threshold: Identifies the specific point at which an action is required to address the risk. Tied to specific risks with defined triggers or conditions. Provides actionable points for managing risks within the boundaries set by risk tolerance. Risk Averse: Not willing to accept any risk Risk Trigger A risk trigger is an indicator that a risk is about to occur or has occurred. Triggers may be discovered during the risk identification process band monitored as the project is executed. Once the risk trigger occurs, the project team needs to implement a risk response. Variability risk: There is a set number of possible outcomes, but we don’t know which one will actually occur. (ex. The number of errors found during testing may be higher or lower than expected) Ambiguity risk: This comes from uncertainties arising from lack of knowledge or understanding. (ex. New disruptive technologies or market conditions) 1. Brainstorming Brainstorming sessions are widely used in construction projects to gather diverse perspectives from team members and stakeholders. This technique encourages open discussion and helps identify a broad range of potential risks. 2. SWOT Analysis SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis is effective in construction for identifying internal and external factors that could impact the project. It provides a comprehensive view of potential risks by examining positive and negative aspects. 3. Checklists Checklists based on historical data and past project experiences are commonly used in construction. They provide a systematic way to ensure that no common risks are overlooked, making them a reliable tool for risk identification. 4. Expert Judgment Leveraging the knowledge and experience of experts is crucial in construction. Experts can provide valuable insights based on their past experiences and specialized knowledge, helping to identify risks that might not be immediately apparent. 5. Document Review Reviewing project documents, such as plans, contracts, and historical data, is a standard practice in construction. This technique ensures that all documented information is considered in the risk identification process. In project management, risks can be categorized into several types, each representing different sources of uncertainty. Technical Risks: These involve technology-related issues, such as software bugs, hardware failures, or technical challenges in project execution. Operational Risks: These are related to the project’s operational aspects, including process inefficiencies, supply chain disruptions, or resource availability. Financial Risks: These involve financial uncertainties, such as budget overruns, funding shortfalls, or changes in market conditions. Strategic Risks: These are associated with high-level objectives and strategies, such as changes in business priorities, market competition, or regulatory changes. Compliance Risks: These involve legal and regulatory requirements, including adherence to laws, regulations, and standard. Environmental Risks: These are related to environmental factors, such as natural disasters, environmental regulations, or sustainability issues. Reputational Risks: These involve potential damage to the organization’s reputation, which can arise from project failures, negative publicity, or stakeholder dissatisfaction. Human Resource Risks: These are related to personnel issues, such as skill shortages, labor disputes, or team dynamics. Compliance Risks: These involve legal and regulatory requirements, including adherence to laws, regulations, and standard. Environmental Risks: These are related to environmental factors, such as natural disasters, environmental regulations, or sustainability issues. Reputational Risks: These involve potential damage to the organization’s reputation, which can arise from project failures, negative publicity, or stakeholder dissatisfaction. Human Resource Risks: These are related to personnel issues, such as skill shortages, labor disputes, or team dynamics. Risk Probability Rating Risk probability ratings help in assessing the likelihood of a risk occurring. 1. Very Low (0-10%): The risk is highly unlikely to occur. Risks in this category are often monitored but may not require immediate action. 2. Low (10-30%): The risk is unlikely to occur but is still possible. These risks are noted and monitored, with contingency plans developed if necessary. 3. Medium (30-50%): The risk has an even chance of occurring. These risks are actively managed and monitored, with mitigation strategies in place. 4. High (50-70%): The risk is likely to occur. These risks require immediate attention and detailed mitigation plans. 5. Very High (70-100%): The risk is almost certain to occur. These risks are critical and need urgent and comprehensive risk management strategies. Risk Impact Ratings 1. Very Low: Minimal impact on project objectives. The project can continue with negligible disruption. 2. Low: Minor impact on project objectives. Some adjustments may be needed, but the project remains largely on track. 3. Medium: Moderate impact on project objectives. Significant adjustments are required; the project may experience delays or increased costs. 4. High: Major impact on project objectives. The project will face substantial delays, cost overruns, or performance issues. 5. Very High: Critical impact on project objectives. The project may fail to meet its objectives or be terminated Risk Ratings R = Probability x Impact Risk Matrix A common format is a 5x5 matrix, where one axis represents the probability, and the other represents the impact. Each cell in the matrix corresponds to a risk rating. Risk Rating Interpretation Use the risk rating to prioritize risks. Higher ratings indicate higher- priority risks that need more immediate attention. Risk response refers to the actions taken to address identified risks in a project. It is a crucial component of risk management, involving the development and implementation of strategies to mitigate, avoid, transfer, or accept risks. Risk Response Strategies Avoidance: Eliminate the threat or protect the project from its impact by changing the project plan. E.g., Adjusting the project scope or timeline to avoid a risk1. Mitigation: Reduce the probability or impact of the risk to an acceptable level. E.g., Implementing additional quality checks to reduce the likelihood of defects. Transfer: Shift the impact of the risk to a third party, often through contracts or insurance. E.g., Outsourcing a risky component of the project to a specialized vendor. Acceptance: Acknowledge the risk and decide to deal with it if it occurs. This can be active (with a contingency plan) or passive (without a specific plan). E.g., Setting aside a contingency budget to address potential cost overruns. Escalation: Escalate the risk to a higher authority when it is beyond the project manager’s control. E.g., Reporting a significant regulatory risk to senior management for resolution. Identify Trigger Conditions and Warning Signs Determine the conditions or events that will trigger the implementation of a risk response. Example: For a risk of supplier delay, the trigger condition might be a missed delivery date. Develop Detailed Action Plans Create specific, actionable plans for each risk response strategy. This includes outlining the steps, resources required, and timelines. Example: The action plan might include additional quality checks and backup suppliers for a mitigation strategy. Assign Risk Owners Assign responsibility for each risk to a team member who will monitor the risk and implement the response plan if necessary. Example: A project manager might be assigned to oversee the risk of budget overruns. 4. Establish Contingency Reserves Allocate budget and resources to address risks if they materialize. This ensures that the project can continue smoothly even if a risk occurs. Example: Setting aside a contingency fund to cover potential cost overruns. 5. Monitor and Review Risks Continuously monitor identified risks and the effectiveness of the response strategies. Adjust plans as necessary based on new information or changes in the project environment. Example: Regularly reviewing the risk register and updating it with new risks or changes in existing risks1.

Chapter 5 Risk Management PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue