1- Risk management

Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the
effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical
application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events
or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project
failures (at any phase in design, development, production, or sustainment life-cycles), legal liabilities, credit
risk, accidents, natural causes and disasters as well as deliberate attack from an adversary, or events of uncertain
or unpredictable root-cause. Several risk management standards have been developed including the Project
Management Institute, the National Institute of Standards and Technology, actuarial societies, and ISO
standards. Methods, definitions and goals vary widely according to whether the risk management method is in
the context of project management, security, engineering, industrial processes, financial portfolios, actuarial
assessments, or public health and safety.
The strategies to manage risk typically include transferring the risk to another party, avoiding the risk, reducing
the negative effect or probability of the risk, or even accepting some or all of the potential or actual
consequences of a particular risk.
Certain aspects of many of the risk management standards have come under criticism for having no measurable
improvement on risk, whether the confidence in estimates and decisions seem to increase.
Method
For the most part, these methods consist of the following elements, performed, more or less, in the following
order.
1. identify, characterize threats
2. assess the vulnerability of critical assets to specific threats
3. determine the risk (i.e. the expected likelihood and consequences of specific types of attacks on specific
assets)
4. identify ways to reduce those risks
5. prioritize risk reduction measures based on a strategy
Principles of risk management
The International Organization for Standardization (ISO) identifies the following principles of risk
management:
Risk management should:
 create value – resources expended to mitigate risk should be less than the consequence of inaction, or (as
in value engineering), the gain should exceed the pain
 be an integral part of organizational processes
 be part of decision making process
  explicitly address uncertainty and assumptions
 be systematic and structured
 be based on the best available information
 be tailor able
 take human factors into account
 be transparent and inclusive
 be dynamic, iterative and responsive to change
 be capable of continual improvement and enhancement
 be continually or periodically re-assessed
Process
According to the standard ISO 31000 "Risk management – Principles and guidelines on implementation," the
process of risk management consists of several steps as follows:
Establishing the context
This involves:
 identification of risk in a selected domain of interest
 planning the remainder of the process
 mapping out the following:
 the social scope of risk management
 the identity and objectives of stakeholders
 The basis upon which risks will be evaluated, constraints.
 defining a framework for the activity and an agenda for identification
 developing an analysis of risks involved in the process
 Mitigation or solution of risks using available technological, human and organizational resources.
Identification
After establishing the context, the next step in the process of managing risk is to identify potential risks. Risks
are about events that, when triggered, cause problems. Hence, risk identification can start with the source of
problems, or with the problem itself.
Source analysis [citation needed] - Risk sources may be internal or external to the system that is the target of
risk management.
Examples of risk sources are: stakeholders of a project, employees of a company or the weather over an airport.
Problem analysis[citation needed] - Risks are related to identified threats. For example: the threat of losing
money, the threat of abuse of confidential information or the threat of accidents and casualties. The threats may
exist with various entities, most important with shareholders, customers and legislative bodies such as the
government.

When either source or problem is known, the events that a source may trigger or the events that can lead to a
problem can be investigated. For example: stakeholders withdrawing during a project may endanger funding of
the project; confidential information may be stolen by employees even within a closed network; lightning
striking an aircraft during takeoff may make all people on board immediate casualties.
The chosen method of identifying risks may depend on culture, industry practice and compliance. The
identification methods are formed by templates or the development of templates for identifying source, problem
or event. Common risk identification methods are:
 Objectives-based risk identification [citation needed] - Organizations and project teams have objectives.
Any event that may endanger achieving an objective partly or completely is identified as risk.
 Scenario-based risk identification - In scenario analysis different scenarios are created. The scenarios
may be the alternative ways to achieve an objective, or an analysis of the interaction of forces in, for
example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk
– see Futures Studies for methodology used by Futurists.
 Taxonomy-based risk identification - The taxonomy in taxonomy-based risk identification is a
breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a
questionnaire is compiled. The answers to the questions reveal risks.
 Common-risk checking - In several industries, lists with known risks are available. Each risk in the list
can be checked for application to a particular situation.
 Risk charting - This method combines the above approaches by listing resources at risk, threats to those
resources, modifying factors which may increase or decrease the risk and consequences it is wished to
avoid. Creating a matrix under these headings enables a variety of approaches. One can begin with
resources and consider the threats they are exposed to and the consequences of each. Alternatively one
can start with the threats and examine which resources they would affect, or one can begin with the
consequences and determine which combination of threats and resources would be involved to bring
them about.
Assessment
Once risks have been identified, they must then be assessed as to their potential severity of impact (generally a
negative impact, such as damage or loss) and to the probability of occurrence. These quantities can be either
simple to measure, in the case of the value of a lost building, or impossible to know for sure in the case of the
probability of an unlikely event occurring. Therefore, in the assessment process it is critical to make the best
educated decisions in order to properly prioritize the implementation of the risk management plan.
Even a short-term positive improvement can have long-term negative impacts. Take the "turnpike" example. A
highway is widened to allow more traffic. More traffic capacity leads to greater development in the areas
surrounding the improved traffic capacity. Over time, traffic thereby increases to fill available capacity.
Turnpikes thereby need to be expanded in a seemingly endless cycles. There are many other engineering
examples where expanded capacity (to do any function) is soon filled by increased demand. Since expansion
comes at a cost, the resulting growth could become unsustainable without forecasting and management.
The fundamental difficulty in risk assessment is determining the rate of occurrence since statistical information
is not available on all kinds of past incidents. Furthermore, evaluating the severity of the consequences (impact)
is often quite difficult for intangible assets. Asset valuation is another question that needs to be addressed. Thus,
best educated opinions and available statistics are the primary sources of information. Nevertheless, risk
assessment should produce such information for the management of the organization that the primary risks are
easy to understand and that the risk management decisions may be prioritized. Thus, there have been several
theories and attempts to quantify risks. Numerous different risk formulae exist, but perhaps the most widely
accepted formula for risk quantification is:
Rate (or probability) of occurrence multiplied by the impact of the event equals risk magnitude
Composite Risk Index
The above formula can also be re-written in terms of a Composite Risk Index, as follows:
Composite Risk Index = Impact of Risk event x Probability of Occurrence
The impact of the risk event is commonly assessed on a scale of 1 to 5, where 1 and 5 represent the minimum
and maximum possible impact of an occurrence of a risk (usually in terms of financial losses). However, the 1
to 5 scale can be arbitrary and need not be on a linear scale.
The probability of occurrence is likewise commonly assessed on a scale from 1 to 5, where 1 represents a very
low probability of the risk event actually occurring while 5 represents a very high probability of occurrence.
This axis may be expressed in either mathematical terms (event occurs once a year, once in ten years, once in
100 years etc.) or may be expressed in "plain english" – event has occurred here very often; event has been
known to occur here; event has been known to occur in the industry etc.). Again, the 1 to 5 scale can be
arbitrary or non-linear depending on decisions by subject-matter experts.
The Composite Index thus can take values ranging (typically) from 1 through 25, and this range is usually
arbitrarily divided into three sub-ranges. The overall risk assessment is then Low, Medium or High, depending
on the sub-range containing the calculated value of the Composite Index. For instance, the three sub-ranges
could be defined as 1 to 8, 9 to 16 and 17 to 25.
Note that the probability of risk occurrence is difficult to estimate, since the past data on frequencies are not
readily available, as mentioned above. After all, probability does not imply certainty.
Likewise, the impact of the risk is not easy to estimate since it is often difficult to estimate the potential loss in
the event of risk occurrence.
Further, both the above factors can change in magnitude depending on the adequacy of risk avoidance and
prevention measures taken and due to changes in the external business environment. Hence it is absolutely
necessary to periodically re-assess risks and intensify/relax mitigation measures, or as necessary. Changes in
procedures, technology, schedules, budgets, market conditions, political environment, or other factors typically
require re-assessment of risks.
Risk Options
Risk mitigation measures are usually formulated according to one or more of the following major risk options,
which are:
 Design a new business process with adequate built-in risk control and containment measures from the
start.
 Periodically re-assess risks that are accepted in ongoing processes as a normal feature of business
operations and modify mitigation measures.
 Transfer risks to an external agency (e.g. an insurance company)
 Avoid risks altogether (e.g. by closing down a particular high-risk business area)
Later research [citation needed] has shown that the financial benefits of risk management are less dependent on
the formula used but are more dependent on the frequency and how risk assessment is performed.
In business it is imperative to be able to present the findings of risk assessments in financial, market, or
schedule terms. Robert Courtney Jr. (IBM, 1970) proposed a formula for presenting risks in financial terms. The
Courtney formula was accepted as the official risk analysis method for the US governmental agencies. The
formula proposes calculation of ALE (annualised loss expectancy) and compares the expected loss value to the
security control implementation costs (cost-benefit analysis).
Potential risk treatments
Once risks have been identified and assessed, all techniques to manage the risk fall into one or more of these
four major categories:[8]
Avoidance (eliminates, withdraw from or not become involved)
 Reduction (optimize – mitigate)
 Sharing (transfer – outsource or insure)
 Retention (accept and budget)
Ideal use of these strategies may not be possible. Some of them may involve trade-offs that are not acceptable to
the organization or person making the risk management decisions. Another source, from the US Department of
Defense (see link), Defense Acquisition University, calls these categories ACAT, for Avoid, Control, Accept, or
Transfer. This use of the ACAT acronym is reminiscent of another ACAT (for Acquisition Category) used in
US Defense industry procurements, in which Risk Management figures prominently in decision making and
planning.
Risk avoidance
This includes not performing an activity that could carry risk. An example would be not buying a property or
business in order to not take on the legal liability that comes with it. Another would be not flying in order not to
take the risk that the airplane were to be hijacked. Avoidance may seem the answer to all risks, but avoiding
risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. Not
entering a business to avoid the risk of loss also avoids the possibility of earning profits.
Hazard prevention
Hazard prevention refers to the prevention of risks in an emergency. The first and most effective stage of hazard
prevention is the elimination of hazards. If this takes too long, is too costly, or is otherwise impractical, the
second stage is mitigation.
Risk reduction
Risk reduction or "optimization" involves reducing the severity of the loss or the likelihood of the loss from
occurring. For example, sprinklers are designed to put out a fire to reduce the risk of loss by fire. This method
may cause a greater loss by water damage and therefore may not be suitable. Halon fire suppression systems
may mitigate that risk, but the cost may be prohibitive as a strategy.
Acknowledging that risks can be positive or negative, optimizing risks means finding a balance between
negative risk and the benefit of the operation or activity; and between risk reduction and effort applied. By an
offshore drilling contractor effectively applying HSE Management in its organization, it can optimize risk to
achieve levels of residual risk that are tolerable.
Modern software development methodologies reduce risk by developing and delivering software incrementally.
Early methodologies suffered from the fact that they only delivered software in the final phase of development;
any problems encountered in earlier phases meant costly rework and often jeopardized the whole project. By
developing in iterations, software projects can limit effort wasted to a single iteration.
Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability at
managing or reducing risks. For example, a company may outsource only its software development, the
manufacturing of hard goods, or customer support needs to another company, while handling the business
management itself. This way, the company can concentrate more on business development without having to
worry as much about the manufacturing process, managing the development team, or finding a physical location
for a call center.
Risk sharing
Briefly defined as "sharing with another party the burden of loss or the benefit of gain, from a risk, and the
measures to reduce a risk."
The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk
to a third party through insurance or outsourcing. In practice if the insurance company or contractor go bankrupt
or end up in court, the original risk is likely to still revert to the first party. As such in the terminology of
practitioners and scholars alike, the purchase of an insurance contract is often described as a "transfer of risk."
However, technically speaking, the buyer of the contract generally retains legal responsibility for the losses
"transferred", meaning that insurance may be described more accurately as a post-event compensatory
mechanism. For example, a personal injuries insurance policy does not transfer the risk of a car accident to the
insurance company. The risk still lies with the policy holder namely the person who has been in the accident.
The insurance policy simply provides that if an accident (the event) occurs involving the policy holder then
some compensation may be payable to the policy holder that is commensurate to the suffering/damage.
Some ways of managing risk fall into multiple categories. Risk retention pools are technically retaining the risk
for the group, but spreading it over the whole group involves transfer among individual members of the group.
This is different from traditional insurance, in that no premium is exchanged between members of the group up
front, but instead losses are assessed to all members of the group.
Risk retention
Involves accepting the loss, or benefit of gain, from a risk when it occurs. True self insurance falls in this
category. Risk retention is a viable strategy for small risks where the cost of insuring against the risk would be
greater over time than the total losses sustained. All risks that are not avoided or transferred are retained by
default. This includes risks that are so large or catastrophic that they either cannot be insured against or the
premiums would be infeasible. War is an example since most property and risks are not insured against war, so
the loss attributed by war is retained by the insured. Also any amounts of potential loss (risk) over the amount
insured is retained risk. This may also be acceptable if the chance of a very large loss is small or if the cost to
insure for greater coverage amounts is so great it would hinder the goals of the organization too much.
Create a risk management plan
Select appropriate controls or countermeasures to measure each risk. Risk mitigation needs to be approved by
the appropriate level of management. For instance, a risk concerning the image of the organization should have
top management decision behind it whereas IT management would have the authority to decide on computer
virus risks.
The risk management plan should propose applicable and effective security controls for managing the risks. For
example, an observed high risk of computer viruses could be mitigated by acquiring and implementing antivirus
software. A good risk management plan should contain a schedule for control implementation and responsible
persons for those actions.
According to ISO/IEC 27001, the stage immediately after completion of the risk assessment phase consists of
preparing a Risk Treatment Plan, which should document the decisions about how each of the identified risks
should be handled. Mitigation of risks often means selection of security controls, which should be documented
in a Statement of Applicability, which identifies which particular control objectives and controls from the
standard have been selected, and why.
Implementation
Implementation follows all of the planned methods for mitigating the effect of the risks. Purchase insurance
policies for the risks that have been decided to be transferred to an insurer, avoid all risks that can be avoided
without sacrificing the entity's goals, reduce others, and retain the rest.
Review and evaluation of the plan
Initial risk management plans will never be perfect. Practice, experience, and actual loss results will necessitate
changes in the plan and contribute information to allow possible different decisions to be made in dealing with
the risks being faced.
Risk analysis results and management plans should be updated periodically. There are two primary reasons for
this:
 to evaluate whether the previously selected security controls are still applicable and effective
 to evaluate the possible risk level changes in the business environment. For example, information risks
are a good example of rapidly changing business environment.
Risk Assessment
Risk assessment is a step in a risk management procedure. Risk assessment is the determination of quantitative
or qualitative value of risk related to a concrete situation and a recognized threat (also called hazard).
Quantitative risk assessment requires calculations of two components of risk (R):, the magnitude of the potential
loss (L), and the probability (p) that the loss will occur. In all types of engineering of complex systems
sophisticated risk assessments are often made within Safety engineering and Reliability engineering when it
concerns threats to life, environment or machine functioning. The nuclear, aerospace, oil, rail and military
industries have a long history of dealing with risk assessment. Also, medical, hospital, and food industries
control risks and perform risk assessments on a continual basis. Methods for assessment of risk may differ
between industries and whether it pertains to general financial decisions or environmental, ecological, or public
health risk assessment.
Risk assessment in project management
In project management, risk assessment is an integral part of the risk management plan, studying the
probability, the impact, and the effect of every known risk on the project, as well as the corrective action to take
should that risk occur.

2- Project Life Cycle

Project Management Life Cycle comprises four phases...
 1. Initiation involves starting up the project, by documenting a business case, feasibility study, terms of
reference, appointing the team and setting up a Project Office.
2. Planning involves setting out the roadmap for the project by creating the following plans: project plan,
resource plan, financial plan, quality plan, acceptance plan and communications plan.
3. Execution involves building the deliverables and controlling the project delivery, scope, costs, quality,
risks and issues.
4. Closure involves winding-down the project by releasing staff, handing over deliverables to the customer
and completing a post implementation review.
Initiation
1. Develop a Business Case
2. Undertake a Feasibility Study
3. Establish the Project Charter
4. Appoint the Project Team
5. Set up the Project Office
6. Perform Phase Review
Planning
1. Create a Project Plan
2. Create a Resource Plan
3. Create a Financial Plan
4. Create a Quality Plan
5. Create a Risk Plan
6. Create an Acceptance Plan
7. Create a Communications Plan
8. Create a Procurement Plan
9. Contract the Suppliers
 Define the Tender Process
 Issue a Statement of Work
 Issue a Request for Information
 Issue a Request for Proposal
 Create Supplier Contract
 Perform Phase Review
Execution
1. Build Deliverables
2. Monitor and Control
  Perform Time Management
 Perform Cost Management
 Perform Quality Management
 Perform Change Management
 Perform Risk Management
 Perform Issue Management
 Perform Procurement Management
 Perform Acceptance Management
 Perform Communications Management
Closure
1. Perform Project Closure
2. Review Project Completion
3- Benefits of Project Management
The benefits of project management contain all the elements of what is a truly symbiotic relationship between
manager, client and worker bee.
1. Better efficiency in delivering services: Project management provides a “roadmap” that is easily
followed and leads to project completion. Once you know where to avoid the bumps and pots holes it
stands to reason that you’re going to be working smarter and not harder and longer.
2. Improved/increased/enhanced customer satisfaction: Whenever you get a project done on time and under
budget, the client walks away happy. And a happy client is one you’ll see again. Smart project
management provides the tools that enable this client/manager relationship to continue.
3. Enhanced effectiveness in delivering services: The same project management strategies that allowed you
to successfully complete one project will serve you many times over.
4. Improved growth and development within your team: Positive results not only command respect but
more often than not inspire your team to continue to look for ways to perform more efficiently.
5. Greater standing and competitive edge: This is not only a good benefit of project management within the
workplace but outside of it as well; word travels fast and there is nothing like superior performance to
secure your place in the marketplace.
6. Opportunities to expand your services: A by-product of greater standing. Great performance leads to
more opportunities to succeed.
7. Better Flexibility: Perhaps one of the greatest benefits of project management is that it allows for
flexibility. Sure project management allows you to map out the strategy you want to take see your
project completed. But the beauty of such organization is that if you discover a smarter direction to take,
you can take it. For many small-to-midsize companies, this alone is worth the price of admission.
 8. Increased risk assessment: When all the players are lined up and your strategy is in place potential risks
will jump out and slap you in the face. And that’s the way it should be. Project management provides a
red flag at the right time: before you start working on project completion.
9. Increase in Quality: Goes hand-in-hand with enhanced effectiveness
10. Increase in Quantity: Often the result of better efficiency, a simple reminder regarding the benefits of
project management.

4- Steps for Planning a Project

The key to a successful project is in the planning. Creating a project plan is the first thing you should do when
undertaking any kind of project.
Often project planning is ignored in favour of getting on with the work. However, many people fail to realise
the value of a project plan in saving time, money and many problems.
This article looks at a simple, practical approach to project planning. On completion of this guide, you should
have a sound project planning approach that you can use for future projects.
Step 1: Project Goals
A project is successful when the needs of the stakeholders have been met. A stakeholder is anybody directly, or
indirectly impacted by the project.
As a first step, it is important to identify the stakeholders in your project. It is not always easy to identify the
stakeholders of a project, particularly those impacted indirectly. Examples of stakeholders are:
 The project sponsor.
 The customer who receives the deliverables.
 The users of the project outputs.
 The project manager and project team.
Once you understand who the stakeholders are, the next step is to find out their needs. The best way to do this is
by conducting stakeholder interviews. Take time during the interviews to draw out the true needs that create real
benefits. Often stakeholders will talk about needs that aren't relevant and don't deliver benefits. These can be
recorded and set as a low priority.
The next step, once you have conducted all the interviews, and have a comprehensive list of needs is to
prioritise them. From the prioritised list, create a set of goals that can be easily measured. A technique for doing
this is to review them against the SMART principle. This way it will be easy to know when a goal has been
achieved.
Once you have established a clear set of goals, they should be recorded in the project plan. It can be useful to
also include the needs and expectations of your stakeholders.
This is the most difficult part of the planning process completed. It's time to move on and look at the project
deliverables.
Step 2: Project Deliverables
Using the goals you have defined in step 1, create a list of things the project needs to deliver in order to meet
those goals. Specify when and how each item must be delivered.
Add the deliverables to the project plan with an estimated delivery date. More accurate delivery dates will be
established during the scheduling phase, which is next.
Step 3: Project Schedule
Create a list of tasks that need to be carried out for each deliverable identified in step 2. For each task identify
the following:
 The amount of effort (hours or days) required to complete the task.
 The resource who will carryout the task.
Once you have established the amount of effort for each task, you can workout the effort required for each
deliverable, and an accurate delivery date. Update your deliverables section with the more accurate delivery
dates.
At this point in the planning, you could choose to use a software package such as Microsoft Project to create
your project schedule. Alternatively, use one of the many free templates available. Input all of the deliverables,
tasks, durations and the resources who will complete each task.
A common problem discovered at this point, is when a project has an imposed delivery deadline from the
sponsor that is not realistic based on your estimates. If you discover this is the case, you must contact the
sponsor immediately. The options you have in this situation are:
 Renegotiate the deadline (project delay).
 Employ additional resources (increased cost).
 Reduce the scope of the project (less delivered).
Use the project schedule to justify pursuing one of these options.
Step 4: Supporting Plans
This section deals with plans you should create as part of the planning process. These can be included directly
in the plan.
Human Resource Plan
Identify by name, the individuals and organisations with a leading role in the project. For each, describe their
roles and responsibilities on the project.
Next, describe the number and type of people needed to carryout the project. For each resource detail start
dates, estimated duration and the method you will use for obtaining them.
Create a single sheet containing this information.
Communications Plan
Create a document showing who needs to be kept informed about the project and how they will receive the
information. The most common mechanism is a weekly or monthly progress report, describing how the project
is performing, milestones achieved and work planned for the next period.
Risk Management Plan
Risk management is an important part of project management. Although often overlooked, it is important to
identify as many risks to your project as possible, and be prepared if something bad happens.
Here are some examples of common project risks:
 Time and cost estimates too optimistic.
 Customer review and feedback cycle too slow.
 Unexpected budget cuts.
 Unclear roles and responsibilities.
 Stakeholder input is not sought, or their needs are not properly understood.
 Stakeholders changing requirements after the project has started.
 Stakeholders adding new requirements after the project has started.
 Poor communication resulting in misunderstandings, quality problems and rework.
 Lack of resource commitment.
Risks can be tracked using a simple risk log. Add each risk you have identified to your risk log; write down
what you will do in the event it occurs, and what you will do to prevent it from occurring. Review your risk log
on a regular basis, adding new risks as they occur during the life of the project. Remember, when risks are
ignored they don't go away.

5- Role of project manager

The project manager is accountable for ensuring that everyone on the team knows and executes his or her role,
feels empowered and supported in the role, knows the roles of the other team members and acts upon the belief
that those roles will be performed. The specific responsibilities of the Project Manager may vary depending on
the industry, the company size, the company maturity, and the company culture. However, there are some
responsibilities that are common to all Project Managers, noting:
 Developing the project plan
 Managing the project stakeholders
 Managing the project team
 Managing the project risk
 Managing the project schedule
 Managing the project budget
 Managing the project conflicts
* The Project Manager is the person responsible for managing the project.

* The Project Manager is the person responsible for accomplishing the project objectives within the constraints
of the project. He is responsible for the outcome(success or failure) of the project.
* The Project Manager is involved with the planning, controlling and monitoring, and also managing and
directing the assigned project resources to best meet project objectives.
* The Project Manager controls and monitors “triple constraints”—project scope, time and cost(quality also)—
in managing competing project requirements.
* The Project Manager examines the organizational culture and determine whether project management is
recognized as a valid role with accountability and authority for managing the project.
* The Project Manager collects metrics data(such as baseline, actual values for costs, schedule, work in
progress, and work completed) & reports on project progress and other project specific information to
stakeholders.
* The Project Manager is responsible for identifying, monitoring, and responding to risk.
* The Project Manager is responsible to the project stakeholders for delivering a project’s objectives within
scope, schedule, cost, and quality.
* The reporting structure of a Project Manager changes depends on organizational structure. He may reports to a
Functional Manager or to a Program Manager.

6- Characteristics/Features of A Project
1- Projects have a purpose:
projects have clearly- defined aims and set out to produce clearly-defined results. Their purpose is to solve a
"problem”, and this involves analysing needs beforehand. Suggesting one or more solutions, a project aims at
lasting social change.
2- Projects are realistic: Their aims must be achievable, and this means taking account both of requirements
and of the financial and human resources available.
3- Projects are limited in time and space: They have a beginning and an end and are implemented in
(a)specific place(s) and context.
4- Projects are complex: Projects call on various planning and implementation skills and involve various
partners and players.
5- Projects are collective: Projects are the product of collective endeavours. They involve teamwork and
various partners and cater for the needs of others.
6- Projects are unique: Projects stem from new ideas. They provide a specific response to a need(problem) in
a specific context. They are innovative.
7- Projects are an adventure: Every project is different and ground-breaking; they always involve some
uncertainty and risk.
8- Projects can be assessed: Projects are planned and broken down into measurable aims, which must be open
to evaluation.
9- Projects are made up of stages: Projects have distinct, identifiable stages (see Project cycle).

Note: Components of project management and project life cycle are same.

7- Inspection
The single word term inspection refers to one of the most critical elements of the entire process that surrounds
the execution and successful completion of a given project. The term inspection refers specifically to the act in
which the project management team, project management team leader, or other interested and significant parties
take the effort to go review the entirety of the project in meticulous detail to determine whether or not the
project meets certain predetermined requirements for completion. Of particular concern is a careful review of all
individual components, activities, products, and results and services that have been completed as part of the
project management process. In some cases, an independent third party will conduct an inspection of a number
of the final deliverables as it allows an independent arbiter to weigh in from a fresh perspective at a time when
the project management team may be unable to objectively review.
 8 - Project Monitoring & Control

The project
management term
action of monitoring
and controlling
processes refers
specifically to those
particular processes
that are implemented
by the project team
and/or the project
team leader for the
sole and explicit
purposes of taking a careful and thorough measurement of and to complete a through monitoring of the team’s
project execution to date. The purposes of the project team’s implementation of monitoring and controlling
processes include a retrospective view in hopes of potentially implementing corrective action in the event that
any action of this type is deemed necessary. This can be the case when any particular phase of the project has
taken a wrong turn or has possibly fallen behind schedule in regards to the execution elements. The act of
monitoring and controlling project processes is essential to maintaining an efficient and effective workflow
throughout the project. At the onset of the project, the project team leader may assign one or more project team
members to be responsible for this activity.
After the project has been planned it is time to begin executing the project lifecycle. At this point, two of the
project management process groups come into the forefront to manage the project. Some of these processes are
classified as “executing” and some are classified as “monitor and control”. This section focuses on the “monitor
and control” project management processes.
The “monitor and control” project management processes typically start with a baseline. The project manager
monitors the actual results of the project and compares the results to the baseline. If the actual results and the
baseline vary by an unacceptable margin the project manager must react to bring the actual results in line with
the variance (or else gain approval to change the baseline).
For example, scope management is a process of monitoring the project scope baseline. If the scope changes
from the baseline version the project manager invokes scope change management. Likewise in the planning
process you build a baseline schedule. You need to monitor progress against the schedule. If you remain on
schedule and your schedule continues to represent the path to project completion, you may not have to update it
again. If you detect a variance against your schedule, corrective actions may be necessary. Other “monitor and
control” processes include managing budget against baseline, managing risks against baseline and managing
vendor performance against contracts.
All of this “monitor and control” project management work ends up in the schedule. Having the work in the
schedule ensures that it gets done and ensures that the “monitoring and control” work is all appropriately
integrated.

9 - Feasibility Study
A feasibility study is an evaluation and analysis of the potential of the proposed project which is based on
extensive investigation and research to give full comfort to the decisions makers.Feasibility studies aim to
objectively and rationally uncover the strengths and weaknesses of an existing business or proposed venture,
opportunities and threats as presented by the environment, the resources required to carry through, and
ultimately the prospects for success. In its simplest terms, the two criteria to judge feasibility are cost required
and value to be attained. As such, a well-designed feasibility study should provide a historical background of
the business or project, description of the product or service, accounting statements, details of the operations
and management, marketing research and policies, financial data, legal requirements and tax obligations.
Generally, feasibility studies precede technical development and project implementation.
Consideration
There are basically six parts to any effective Feasibility Study:
1. The Project Scope which is used to define the business problem and/or opportunity to be addressed. The old
adage, "The problem well stated is half solved," is very apropos. The scope should be definitive and to the
point; rambling narrative serves no purpose and can actually confuse project participants. It is also necessary to
define the parts of the business affected either directly or indirectly, including project participants and end-user
areas affected by the project. The project sponsor should be identified, particularly if he/she is footing the bill.
I have seen too many projects in the corporate world started without a well defined project scope. Consequently,
projects have wandered in and out of their boundaries causing them to produce either far too much or far too
little than what is truly needed.
2. The Current Analysis is used to define and understand the current method of implementation, such as a
system, a product, etc. From this analysis, it is not uncommon to discover there is actually nothing wrong with
the current system or product other than some misunderstandings regarding it or perhaps it needs some simple
modifications as opposed to a major overhaul. Also, the strengths and weaknesses of the current approach are
identified (pros and cons). In addition, there may very well be elements of the current system or product that
may be used in its successor thus saving time and money later on. Without such analysis, this may never be
discovered.
Analysts are cautioned to avoid the temptation to stop and correct any problems encountered in the current
system at this time. Simply document your findings instead, otherwise you will spend more time unnecessarily
in this stage (aka "Analysis Paralysis").
3. Requirements - how requirements are defined depends on the object of the project's attention. For example,
how requirements are specified for a product are substantially different than requirements for an edifice, a
bridge, or an information system. Each exhibits totally different properties and, as such, are defined differently.
How you define requirements for software is also substantially different than how you define them for systems.
4. The Approach represents the recommended solution or course of action to satisfy the requirements. Here,
various alternatives are considered along with an explanation as to why the preferred solution was selected. In
terms of design related projects, it is here where whole rough designs (e.g., "renderings") are developed in order
to determine viability. It is also at this point where the use of existing structures and commercial alternatives are
considered (e.g., "build versus buy" decisions). The overriding considerations though are:
Does the recommended approach satisfy the requirements?
Is it also a practical and viable solution? (Will it "Play in Poughkeepsie?")
A thorough analysis here is needed in order to perform the next step...
5. Evaluation - examines the cost effectiveness of the approach selected. This begins with an analysis of the
estimated total cost of the project. In addition to the recommended solution, other alternatives are estimated in
order to offer an economic comparison. For development projects, an estimate of labour and out-of-pocket
expenses is assembled along with a project schedule showing the project path and start-and-end dates.
After the total cost of the project has been calculated, a cost and evaluation summary is prepared which includes
such things as a cost/benefit analysis, return on investment, etc.
6. Review - all of the preceding elements are then assembled into a Feasibility Study and a formal review is
conducted with all parties involved. The review serves two purposes: to substantiate the thoroughness and
accuracy of the Feasibility Study, and to make a project decision; either approve it, reject it, or ask that it be
revised before making a final decision. If approved, it is very important that all parties sign the document which
expresses their acceptance and commitment to it; it may be a seemingly small gesture, but signatures carry a lot
of weight later on as the project progresses. If the Feasibility Study is rejected, the reasons for its rejection
should be explained and attached to the document.