Project Management

Chapter 7

Risk Management

Professor Ayman Abdallah

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 01-01

 Chapter 7 Learning Objectives
After completing this chapter, students will be able to:
Define project risk.
Recognize four key stages in project risk management and
the steps necessary to manage risk.
Understand five primary causes of project risk and four
major approaches to risk identification.
Recognize four primary risk mitigation strategies.

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 01-02

 Risk
 Project risk: any possible event that can
negatively affect the viability of a project

 Risk management: the art and science of

identifying, analyzing, and responding to risk
factors throughout the life of a project and in the
best interest of its objectives.

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 01-03

 Process of Risk Management
Four Stages of Risk Management

1. Risk identification

2. Analysis of probability and consequences

3. Risk mitigation strategies

4. Control and documentation

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-04

 1) Risk identification

Risks commonly fall into the following clusters:

1. Financial risk

2. Technical risk

3. Commercial risk

4. Execution risk

5. Contractual risk

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-05

 1) Risk identification
Some common types of risk to which most projects
maybe exposed:

 Absenteeism
 Resignation
 Staff being pulled away by management
 Additional staff/skills not available
 Training not as effective as desired
 Initial specifications poor or incomplete
 enhancements taking longer time than expected

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-06

 1) Risk identification
Some helpful methods in identifying risk factors:

 Brainstorming meetings
 Expert opinion: Delphi method, or simply ask
people who have previous experience in such
project within your firm
 History: what problems have been encountered in
previous projects
 Multiple (or team based) assessments: one single
source may result in potential bias. Team-based
approach means more comprehensive assessment

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-07

 2) Analysis of Probability and Consequences
 Probability:
the likelihood that the risk will occur
 Consequences: the impact if the risk will occur

 Project manager should analyze probability and

consequences before the implementation of the
project

 Risk impact matrix is often used to analyze

probability and consequences

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-08

 2) Analysis of Probability and Consequences
 The simple risk impact matrix has two levels of
probability (likelihood) and two levels of
consequences (impacts)

 So, for each risk factor, the two levels will be:
 probability (likelihood): Low and High
 Consequences: Low and High

 These levels will be determined by the project

manager and project team

 See the matrix in the next slide

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-09
 Risk Impact Matrix

2 4

3
1

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-10

 Risk Impact Matrix
Analysis of each square:
 Square (1): Low impact/low probability: the risks here are
low level (low-level risks), and the manager can often
ignore them.
 Square (2): Low impact/high probability: Medium-level
risks. The manager can cope with them. However, he/she
should try to reduce the likelihood (probability) that they
will occur.
 Square (3): High impact/low probability: Medium-level
risks. The manager should do what he can to reduce the
impact of these risks if they occur, and he should have a
contingency plans in place just in case they occur.
 Square (4): High impact/high probability: High-level risks.
These are the top priorities of any manager, and are risks
that the manager must pay close attention to

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-011

 Calculating a project risk factor
Quantitative method
1. Identify factors and assess the probability (Pf )
and consequences (Cf) of each factor
2. Calculate overall probability & consequence

Pm  Pc  Pd Cc  Cs  Cr  C p
Pf  Cf 
3 4
3. Calculate overall risk factor

RF  Pf  C f  ( Pf )(C f )
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-12
 Calculating a project risk factor
Quantitative method

This means that the project manager and his

team have to assess the probability (Pf ) and
consequences (Cf) for each risk factor. They
have to estimate them as values between zero
and one. High value for probability (Pf )
means that the probability of occurrence is
high. Similarly, high value for consequences
(Cf) means that the impact is high.

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-013

 Calculating a project risk factor
Quantitative method

Example:
Assume that the project team have decided on the following
risk values:

P1: 0.2 C1: 0.6

P2: 0.5 C2: 0.4
P3: 0.7 C3: 0.7
P4: 0.9 C4: 0.1
C5: 0.3

Compute the overall project risk using the quantitative

approach

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-014

 Calculating a project risk factor
Quantitative method
Solution:
1) Calculate overall probability:
Pf = 0.2 + 0.5 +0.7 + 0.9/4 = 0.575

2) Calculate overall consequence:

Cf = 0.6 + 0.4 + 0.7 + 0.1 + 0.3/5 = 0.42

3) Calculate overall project risk:

RF = 0.575 + 0.42 – (0.575)(0.42) = 0.75

Rule of thumb:
Low risk: RF is less than 0.30
Medium risk: RF from 0.30 to 0.70
High risk: RF is higher than 0.70

Conclusion for the example: High overall project risk

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-015

 3) Risk Mitigation Strategies
The following strategies are used to address risks:

1) Accept risk: just regard risks as acceptable and ignore them (especially
low-level risks).
2) Minimize risk: develop strategies to minimize the risk.
3) Share risk: the manager may include legal requirements in the contract
to share risks with suppliers and customers. The company may also enter
partnerships in order to share the risk.
4) Transfer risk: transfer risk to another party (especially when the risk
can’t be reduced and can’t be accepted by the project organization).
5) Use of Contingency Reserves: additional resources added to the
estimated cost within the defined project scope to ensure against
unforeseen risks. It includes
Task contingency: safety budget to respond to unforeseen
circumstances related to individual tasks/work packages
Managerial contingency: reserve against high level risks
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-16
 4) Control & Documentation
Help managers classify and codify risks, responses,
and outcomes

Reporting and documentation system is developed

for future reference

Useful control document should include key

information regarding risks, and should include
answers to the following questions (also with
regard to dealt with risks): What? Who? When?
Why? And How?

Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 07-17