Professional Documents
Culture Documents
MB4055 Managing Risk Chapter 8
MB4055 Managing Risk Chapter 8
MB4055 Managing Risk Chapter 8
Introduction
• Any project involves a degree of uncertainty which can impact the
outcome of a project.
• Risk is an uncertain event that, if it occurs, can jeopardize
accomplishing the project objective.
• Risk management involves identification, assessment,
monitoring, and response to project risks to minimize the likelihood
of occurrence and/or potential impact of adverse events on the
accomplishment of the project objective.
Introduction
• Addressing risks proactively will increase the chances of
accomplishing the project objective.
• Waiting for unfavorable events to occur (reactively) and then reacting
to them can result in panic and costly responses.
• Managing risk includes taking action to prevent or minimize the
likelihood of occurrence or the impact of such unfavorable events.
• A project manager cannot be risk averse. He/She must accept
that risk is a part of project management and has to be addressed it
head-on.
Identify Risks
• A risk is an uncertain event that, if it occurs, can jeopardize
accomplishing the project objective.
• Risk identification includes determining which risks may adversely
affect the project objective and what the impact of each risk might
be it if occurs.
• Sometimes a sponsor identifies major risks in the project charter
when the project is authorized.
• A contractor may identify risks in a proposal to a customer.
Identify Risks
• A common approach to identifying the sources of risks is
brainstorming.
• Cause-effect (“fishbone”) diagrams, flow charts, influence
diagrams, SWOT analysis, and other operations management
techniques may be used in identifying risk factors.
Cause-and-Effect Diagram (Fishbone Diagram)
12-6
Identify Risks
• The project manager should involve key project members in
identifying potential sources of risk things that would happen
negatively impact accomplishing the project objective.
• Another approach is to establish risk categories, which are
groupings of potential sources of risk by topic, and then identify risks
that might occur for each category.
Identify Risks
• Examples of risk categories:
1. Technical
2. Schedule
3. Cost
4. Human resources
5. External
6. Sponsor/customer
Identify Risks
Technical
• Failure to meet customer performance requirements
• New application for technology
• May not be able to meet quality standards or codes
Schedule
• Vendor delay in delivery of critical equipment
Cost
• Material costs escalate more than anticipated
Identify Risks
Human resources
• May not have people available when required to staff the project
External
• Inclement weather
• Changes in government regulations
• Change in consumer preferences
• Local protesters file legal action to delay project
Sponsor/customer
• Delays in approvals
• Security of sponsor funding
Identify Risks
• Another source that can be helpful in identifying possible risks is
historical information from past projects.
• For each risk that is identified, the potential impacts must be
estimated.
• It should be noted that at the beginning of the project, it may not be
possible to identify all risks. This is especially true for longer-term
projects, such as multiyear projects or projects that have several
phases.
PMBOK 5 Edition
th
Assess Risks
5-21
Assess Risks
• In the PMBOK 5th Edition, the use of decision tree is associated with the
concept of Expected Monetary Value (EMV) analysis.
• Expected monetary value (EMV) analysis is a statistical concept that
calculates the average outcome when the future includes scenarios that
may or may not happen(i.e., analysis under uncertainty).
• The EMV of opportunities are generally expressed as positive values, while
those of threats are expressed as negative values. EMV requires a risk-
neutral assumption— neither risk averse nor risk seeking.
• EMV for a project is calculated by multiplying the value of each possible
outcome by its probability of occurrence and adding the products together
Plan Risk Responses
• A risk response plan can be to avoid the risk, mitigate the risk, or
accept the risk.
• Avoidance means to eliminate the risk by choosing a different course
of action.
Using conventional technology rather than advanced state-of-the-art
technology in a new product
Holding a weekend festival indoors to avoid the possibility of a rainout
Plan Risk Responses
• Mitigating a risk involves taking an action to reduce the likelihood
that the risk event will occur or to reduce the potential impact.
Reducing the risk of multiple redesigns of a customer’s website might require
reviewing other sample designs with the client earlier in the project.
• Accepting a risk means dealing with it if and when it occurs.
Plan Risk Responses
• A risk response plan should include a trigger point or warning flag for
when to implement the action plan for each risk.
A trigger point for when to purchase a rare material may be if the current
price increases more than 5 percent above the amount budgeted for
purchasing the material;
The trigger point for deciding to incorporate advanced technology in a new
product may be the completion of an engineering feasibility study;
The trigger for deciding to use overtime work is when the project falls behind
schedule by more than 5 percent of the remaining project duration.
• A tool for assessing and managing risks is a risk assessment matrix,
also referred to as a risk register, which includes potential risks, their
potential impact, likelihood of occurrence, and response plan.
Monitor Risks
• Monitoring risk includes implementing risk response plans,
tracking identified risks, identifying and analyzing new risks, and
evaluating the risk response process.
• Implementing risk response plans often requires spending additional
funds for additional resources, working overtime, paying for
expedited shipments, purchasing additional materials, and so forth.
• Project prices and budgets should include a contingency reserve to
pay for additional costs associated with implementing response plans.
Monitor Risks
• Risk monitoring involves regularly reviewing the risk assessment
matrix throughout the project in order to determine if there are any
changes to the likelihood of occurrence or the potential impact of any
of the risks:
A particular risk has increased in priority for attention
A risk has diminished
New risks have just been identified
• Project meetings are a good forum for regularly reviewing, updating,
and addressing risks and evaluating the risk response process.
• Monitoring risks throughout the project enables project decisions to be
based on current information about the project and its potential risks.