See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/310144253

The Role of Risk Assessment in Engineering Practice

Conference Paper · April 2013

CITATION READS

1 9,575

1 author:

Mobayode O. Akinsolu

42 PUBLICATIONS   364 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Antenna design and optimization View project

AI-Driven Antenna and RF devices Design and Optimization View project

All content following this page was uploaded by Mobayode O. Akinsolu on 14 November 2016.

The user has requested enhancement of the downloaded file.

 Business, Enterprise and Practice
The Role of Risk Assessment in Engineering Practice
Mobayode Olusola Akinsolu
School of Engineering, Design and Technology
University of Bradford
Abstract-This paper examines the central role of risk
assessment as a vital routine in Engineering Practice. Risk
assessment is the determination of the measure and value of
risk related to an existing situation and a known threat.
Engineering Practice involves the application of the
principles of physical and social sciences to the design,
development and implementation of projects, programmes
and policies, which have important implications in the
cultural and ethical traditions of various host communities.
These projects, programmes and policies can be faced with
the constraints of scope, cost, time and quality. There is,
therefore, the need for a thorough iterative conduct of risk
assessment at the design, planning, monitoring and
execution stages of engineering projects, programmes and
policies.
All through history and in recent times, many lives have
been lost, properties destroyed and insolvencies have been
created in numerous engineering organisations owing to
failed projects, programmes and policies that led to
avoidable disasters. If only risk assessment had been
routinely utilised in the design, development and
implementation of these projects, programmes and policies,
likely loss or injury to people and properties would have
been identified, analysed, qualified, quantified and mitigated
if not totally eliminated.
Keywords: Engineering, Risk, Risk Assessment
I. INTRODUCTION
Owing to complexity in structure and nature,
engineering practice has been described to be fickle,
unpredictable, volatile and fraught with risks [1]. Many
professional bodies such as International Organisation for
Standardisation (ISO), Committee of Sponsoring
Organisations of the Treadway Commission (COSO) and
Project Management Institute (PMI) have identified risk
assessment to be a specialised process embedded in the
framework of good management practice [2], [3], [4].
Risk assessment is not only considered as a managerial
procedure, but it is also viewed as a crucial independent
discipline in engineering. While this proves to be true, the
Royal Academy of Engineering generated a clearer
synopsis of risk assessment being a process and a
discipline in the second in a series of reports on managing
engineering risks produced by working groups of
professionals [5].
Of course, recent times have experienced increased
attention and focus on risk assessment. It has become
increasingly clear that the need for a holistic framework
to effectively identify, assess, and efficiently manage risk
is a crux in the practice of engineering. Though risk
assessment has always been associated with mathematical
models and analytical tools, a qualitative approach was
underscored by PMI. PMI studied and showcased the
-48-
12th Research Seminar Series Workshop
quantitative, semi-quantitative and qualitative attributes
of risks. This progressive study portrayed the wholeness
and objectivity of risk assessment in the implementation
of engineering policies, programmes and projects. [4]
It is good to note that risk assessment is not limited to
the theory and practice of engineering. It has a foothold in
medical, hospital, food, chemical and bio-medical
industries. However, it is often carried out in a more
complex way in the disciplines of Risk Engineering,
Safety Engineering and Reliability Engineering where
threats to life, environment and machine functioning are
ascertained and dealt with. One major task risk
assessment performs in engineering practice is the
measurement and assignment of values to the two
variables that revolve round engineering risks –
probability of occurrence and potential consequence or
impact. [6]
This paper examines the concept of risk in engineering
and its definition in the first two sections. An overview of
risk assessment process, tools and techniques and the
organisational perspectives for the conduct of risk
assessment are depicted in the subsequent sections. On
the whole, the benefits, opportunities and challenges
associated with an effective and efficient conduct of risk
assessment in engineering practice are highlighted and
discussed.
II. THE CONCEPT OF RISK IN ENGINEERING
In engineering practice, risk is the tendency that a
chosen line of action and or the choice of inaction will
lead to a deviation from a desired outcome or result. In
other words, risk in engineering practice arises as a result
of uncertainties in the environment, security, cost, quality
and timeframe of engineering policies, programmes and
projects. Therefore it can be said that an essential element
of risk in engineering practice is uncertainty – the fact
that engineers can’t tell exactly the failures that may
likely occur, when, where and how the failures will occur
[7]. Evidently, these uncertainties prove the probabilistic
nature of engineering risks. The concept of risk in
engineering practice further combines the chance for
failures with the consequences caused by the failures.
Therefore, the assessment of risk in engineering practice
involves both probabilities and consequences. This
relationship can be represented mathematically in
equation (1) below.
R = ƒ (Pm, Cm) (1)
Where R is the risk linked with event ‘m’, Pm is the
probability of event ‘m’ occurring and Cm is the
consequence of event ‘m’ occurring. The above
mathematical representation depicts that risk is a direct
function of the probability of an event occurring and the
consequence associated with the occurrence of such event
[7].
School of Engineering, Design and Technology
University of Bradford
 12th Research Seminar Series Workshop
At the risk of repetition, the development and
implementation of engineering policies, programmes and
projects is subject to constraints. These constraints have
associated levels of uncertainties which depict risks from
a theoretical point of view. Thus, the scope of risk
assessment represents a range within which these risks
are controlled and kept at a greater confidence level
acceptable in good engineering practice. Fig. 1 shows the
quintuple constraints and their associated level of
uncertainties that present risks in engineering practice.
Fig. 1 Quintuple Constraints and Associated Risks [8]
Where K and K+1 phase lines depict the
implementation progress, they also represent the balanced
state of policies, programmes and projects development.
Resulting from a thorough conduct of risk assessment, the
status quo of implementation at a subsequent phase is
presented as risk lines, and the sections between each two
risk lines show the state an engineering task can achieve
in the face of risks. As exemplified in fig. 1 the shaded
area is called risk status area. [8]
III. DEFINITION OF RISK ASSESSMENT
Risks constitute a part of all efforts in engineering
practice. This is why a thorough understanding of risks,
its cause and impacts is pertinent for success in
engineering practice. Risk assessment is not an add-on to
mainstream operating activities in the development and
implementation of engineering tasks. Rather, it is an
iterative process that must be continuously employed and
embedded in ongoing functions and operations in
engineering practice [5]. Fig. 2 shows an iterative
structure following a sequential order in the conduct of
risk assessment. It will be observed that it is the review
stage captured in the decision (diamond) block that
triggers the iteration in this approach to risk assessment.
Though there are no simple rules for determining which
algorithm should be used in a given situation, Fig. 2
provides an approach to a well structured conduct of risk
assessment [9].
School of Engineering, Design and Technology
University of Bradford
Business, Enterprise and Practice
Risk Description
Risk Identification
Risk Estimation
Risk Evaluation
Risk Response Plan
Review
Implementation and Closure
Fig. 2 Process Stages involved in the Conduct of Risk Assessment
The discipline of risk assessment primarily focuses
upon the qualification and quantification of the risks
related to a spectrum of negative consequences in general
practice. However, risk engineering as a subject addresses
the broader topic that includes the positive as well as
negative consequences [7]. As slightly addressed in the
introduction, risk assessment used to be a measure of only
the quantitative value of risks, but critics expressed
concerns that this approach to risk assessment tends to be
overly quantitative and reductive. They argued that risk
assessments ignored qualitative differences among risks
by dropping out important non-quantifiable information
[6]. However, risk assessment currently involves a
holistic study of risks in which assumptions and
uncertainties are clearly defined, identified, considered
and presented in their qualitative, semi-quantitative and
quantitative measures [4].
IV. OVERVIEW OF RISK ASSESSMENT PROCESS, TOOLS
AND TECHNIQUES
In a view to highlight the definitive role of risk
assessment in engineering practice, a tabulated summary
of the process stages, tools and techniques that can be
employed for the effective and efficient conduct of risk
assessment in any engineering context is given in table 1.
The process stages have been defined to be iterative as
indicated in fig. 2. Table 1 is a guide developed for a
standard conduct of risk assessment by the Office of
Government Commerce (OGC), United Kingdom [9].
Obviously, there are no simple rules for determining
which tool and technique should be used in a given
situation while carrying out risk assessment. Nonetheless,
the tools and techniques associated with the process
stages of risk assessment must be utilised appropriately
and religiously. While there are many more tools and
techniques available for the good conduct of risk
assessment not listed in the summary given in table 1, the
table in itself provides a workable framework in
evaluating approaches to assessing risks in the
development and implementation of policies,
-49-
 Business, Enterprise and Practice 12th Research Seminar Series Workshop

programmes and projects in engineering practice. Owing

to the scope of this paper, table 1 will not be discussed. A. Policy Perspective
However, a full description of the risk assessment This is an organisational perspective that is concerned
process, tools and techniques is given in the available with ensuring overall business success, vitality and
guide developed by OGC for Risk Management. [9], [10] viability. It acts by creating a platform for the assessment
V. RISK ASSESSMENT AND ORGANISATIONAL of risks across all the tiers of the organisation and plays a
PERSPECTIVES key role in the execution, development and
As stated earlier, engineering practice is characterised implementation of remediation. The policy perspective
with a very strong matrix of functions and operations. also establishes a chain of communication between all
These functions and operations are clearly stated, other organisational perspectives. Typical areas of risks
sometimes described in organisational charts. Though within the policy perspective are competition, acquisition,
organisational charts present a well structured view of an legislation or regulation and reputation. All engineering
organisation, the complexity of functionalities which organisations are faced with uncertainties arising from
varies within the organisation leaves a labyrinth. more or less competition, acquisitions of skill
However, four clear perspectives with associated degrees development, emergence of new technologies and
of risks are always present at various levels within every mergers, changes to legislations or regulations having
engineering organisation. These perspectives provide the financial impact and disasters (fire, flood, acts of
basis for estimating and evaluating the consequence and terrorism and subsidence) that affects reputation. [9], [11]
likelihood of risks within the organisation. These B. Programme Perspective
perspectives are discussed as follows: Programme perspective is contextual with the
alignment of groups of related projects to the
TABLE 1
RISK ASSESSMENT PROCESS STAGES AND THE CORRESPONDING organisation’s business strategy. It outlines the
TOOLS AND TECHNIQUES [10] management of these projects in a coordinated way to
Process Stage Tools and Techniques
obtain optimal benefits and maximum control.
Stakeholder analysis Programme perspective sets the course for the assessment
PESTLE analysis of risks within the organisational programmes, projects
Identification –
Context
SWOT analysis and operational activities that constitute the various
Horizon scanning programmes. In other words, the programme perspective
Defining the probability impact matrix
tells on the project perspective, operational perspective
Historical information
Prompt list and vice versa. [1], [9]
Cause and effect diagrams C. Project Perspective
Grouping techniques, including As the name implies, project perspective sets the scene
brainstorming, nominal group technique for the assessment of risks within concerns associated
Identification –
and Delphi technique
Risks with delivering defined outputs to an appropriate level of
Questionnaires
Individual interviews quality within agreed scope, time and cost constraints. In
Assumptions analysis other words, it is the nucleus for identification and
Constraints analysis estimation of the risk factors associated with the delivery
Risk Descriptions
Probability assessment
of a project. It puts into consideration such things as
Impact assessment stakeholders, dependencies, timelines, cost, and other key
Estimation
Proximity assessment considerations. Typical areas of risk within the project
Expected value assessment perspective are requirements, deliverables, skills,
Summary risk profiles resources and quality. [4], [9]
Summary expected value assessment
Evaluation Probabilistic risk models D. Operational Perspective
Probability trees Project managers and coordinators have always argued
Sensitivity analysis that operational perspective within the organisation
Risk Response Planning should be streamlined to the project perspective. While
Response Plan Cost-benefit analysis
this may be good and functional in certain contexts, it
Decision trees
Management meetings
will be illogical since projects are temporary endeavours
Review limited by resources and time. Depictions of the various
Internal and External auditing
Update summary risk profiles lines of authority in every enterprise proves operational
Implementation and
Closure
Risk Exposure trends perspective to be a core in the conduct of all business
Update probabilistic models activities, that is, operational perspective is wider than
project perspective. It is premised on the daily
maintenance improvement and correction of appropriate
levels of business services to customers and the general
public. Operational perspective sets the scene for the
assessment of risks within particular operational and
functional areas in the organisation. [1], [9], [12]
Effective and efficient risk assessment ought to begin
and end with specific business objectives anchored in

-50- School of Engineering, Design and Technology

University of Bradford
 12th Research Seminar Series Workshop
beneficial perspectives defined by management. Based on
the clear interrelationships that exist between the different
organisational perspectives and their associated risks, a
thorough understanding and assessment of the risks
associated with the perspectives of every engineering
organisation is imperative for progress and success. Fig. 3
is a modified diagrammatic representation of
interrelationships between organisational perspectives
developed by the Office of Government Commerce
(OGC), United Kingdom for the assessment of risk. [9]
Policy Perspective -
Risks
Programme Operational
Perspective -Risks Perspective -Risks
Project Perspective -
Risks
Fig. 3 Interrelationships between different Organisational
Perspectives [9]
VI. BENEFITS AND OPPORTUNITIES
Using Fig. 4 Yunna Wu, Yong Huang and Kai Xiong
established that increased investment in risk assessment
will result to a clear decrease in the measure of
uncertainties and risks generated by constraints inherent
in the development and implementation of engineering
policies, programmes and projects. They also suggested
that since the proper conduct of risk assessment
juxtaposes historical information and real-time
information in every engineering organisation, a good
risk assessment will always reflect the organisation’s
status quo objectively creating a basis for improvement.
In other words, the more time, attention and cost an
organisation channels towards the proper conduct of risk
assessment, the more likely the organisation will thrive in
the face of uncertainties and risks. [8]
In Fig. 4, the shaded portion signifies risk losses at
matching investment level. RCO depicts the least
investment cost. L-k and L+k denote the scope of risk
threats and losses (L+k are losses with benefit possibility).
[8]
School of Engineering, Design and Technology
University of Bradford
Business, Enterprise and Practice
Fig. 4 Plot of Risk Assessment Investment against Risk Threats and
Losses [8]
PricewaterhouseCoopers (PwC) and OGC both
identified risk assessment as the only applicable and
practical tool that can be used to measure an
organisation’s ability to achieve its objectives. They also
suggested that risk assessment forms the cornerstone of
effective and efficient management programmes by
providing a clear guidance to the organisation in making
informed decisions. Suffice it to say that risk assessment
ensures the alignment and achievement of organisational
objectives by facilitating continual improvement and
reducing negative surprises within the various
perspectives of the organisation. [1], [9]
VII. CHALLENGES AND CONCLUSION
The proper conduct of risk assessment in engineering
practice is capital intensive and many organisations are
not willing to invest in it. Nitin Nayak and Rama
Akkiraju of IBM agreed jointly that lack of expertise,
bureaucracy and data access restrictions are also some of
the many challenges in the conduct of risk assessment in
organisations. They inferred based on their personal
experiences and observations that the limitation of risks
and risk assessment to functional silos such as
production, supply and finance within organisations poses
to a challenge. [13]
No doubt, the benefits and opportunities of risk
assessment in the development and implementation of
engineering policies, programmes and projects outweigh
the challenges. Though risk assessment roles have been
well identified in engineering practice through workable
integrated frameworks, much authority and attention still
needs to be delegated and devoted to the conduct of risk
assessment across all organisational perspectives.
Cogently, a more holistic and definitive role still needs to
be given to risk assessment in the executive and
functional helms of every goal driven engineering
organisation.
REFERENCES
[1] PricewaterhouseCoopers (PwC) LLP, (2008, December) A
Practical Guide to Risk Assessment*. [Online]. Available:
http://www.pwc.com/en_us/us/issues/enterprise-risk-
management/assets/risk_assessment_guide.pdf [Accessed:
02February, 2013].
-51-
 Business, Enterprise and Practice
[2] Louis Kunimatsu, (2011, October) Risk Management Basics – ISO
31000 Standard. [Online]. Available:
http://www.secureworldexpo.com/2011/detroit/Louis_Kunimatsu.p
df [Accessed: 03 February, 2013].
[3] The Committee of Sponsoring Organizations of the Treadway
Commission, (2004, September) Enterprise Risk Management —
Integrated Framework [Online]. Available:
http://www.coso.org/documents/coso_erm_executivesummary.pdf
[Accessed: 03 February, 2013].
[4] Project Management Institute, “A Guide to the Project
Management Body of Knowledge” 4th Ed. Pennsylvania, Project
Management Institute, Inc., 2008.
[5] The Royal Academy of Engineering, (2003) Common
Methodologies for Risk Assessment & Management [Online].
Available:
http://www.raeng.org.uk/news/publications/list/reports/Common_M
ethodologies_for_Risk_Assessment.pdf [Accessed: February,
2013].
[6] Wikimedia Foundation Inc. (2013, February, 22) Risk assessment.
[Online]. Available: http://en.wikipedia.org/wiki/Risk_assessment
[Accessed 03 Feb, 2013].
-52-
View publication stats
12th Research Seminar Series Workshop
[7] J. X. Wang and M. L. Roush, What Every Engineer Should Know
About Risk Engineering and Management, W. H. Middendorf, New
York: Marcel Dekker, Inc. 2000.
[8] T. Wu, Y. Huang and K. Xiong, “Research on Risk Management
Gains of Construction Project Based on the Goal Orientation
Perspective.” Presented at IEEE International Conference on
Quality and Reliability (ICQR), 2011. [Online]. pp. Available:
IEEEXplore, DOI: 10.1109/ICQR.2011.6031746 [Accessed:02
March, 2013]
[9] Office of Government Commerce (OGC), Management of Risk:
Guidance for Practitioners, 3rd Ed. London, TSO (The Stationery
Office), 2010.
[10] E. H. Conrow, Effective Risk Management: Some Keys to Success,
2nd Ed. Virginnia, American Institute of Aeronautics and
Astronautics, Inc. 2003.
[11] SANS Institute (2006) Risk Assessment Policy. [Online]. Available:
http://www.sans.org/security-
resources/policies/Risk_Assessment_Policy.pdf [Accessed 09
February, 2013]
[12] K. Heldman, Project Management Professional Exam Study Guide,
5th Ed. Canada, Wiley Publishing, Inc., 2009.
[13] N. Nayak and R. Akirraju, “Knowledge Driven Enterprise Risk
Management.” Presented at Service Research and Innovation
Institute Global Conference, 2012. [Online] pp.564-573. Available:
IEEEXplore, DOI: 10.1109/SRII.2012.69 [Accessed: 02 March,
2013]
School of Engineering, Design and Technology
University of Bradford