PROJECT RISK

MANAGMENT

BY
Okite Moses

1
Session objectives
By the end of the session, participants
should be able to
• Define project risk management
• Describe the risk management process
• Explain the risk response strategies
• Give the requisite skills for project risk
management
2
Risk
• Risk is part of any project undertaken.
• It’s a significant, permanent reality
faced by virtually every project
manager.
• To compete, grow, and capture benefit,
project managers need to take risks.

3
 What is A risk
• There is no clear definition of a risk. This is because
different professionals define the term differently.
For example;
• Statisticians: Define risk as the degree of dispersion
from the central position. A common statistical approach
used here is the standard deviation.
• Decision theorists: To a decision theorist, the term risk is
taken differently from the rest of the descriptions. In this
regard, a risk condition exists when in making a decision,
there is insufficient information available regarding the
risk event to calculate the probability of the risk
happening and the alternative potential outcome.
What is A risk. Cont,d
• Insurance theorists: Take risks as having a clear and
specific meaning- An event that should be insured.
Associate the term risks to pure risks with a –ve
connotation.
• Financial theorists: Perceive risks in matters like
financial/business risks. The concept is all about
investment.
• IT Professionals: Perceive risks in terms of data
system security, recovery and retrieval mechanisms
• Against the above back ground one would
therefore ask what then should be taken as the
correct definition of the term.
 Other definitions
• According to the British standards, the term risk is
referred to as a chance of something happening, that
will have an impact on the set objectives. It is measured
in terms of consequences and likelihoods.
• Webster Dictionary defines a risk as the exposure to
chance of injury or loss, a hazard or a dangerous
chance.
• Risk can also be seen as a threat or probability that an
action or event will adversely or beneficially affect an
organizations ability to achieve its objectives.
• Risk can also be seen as uncertainty of outcome either
from pursuing a future positive opportunity or an
existing negative threat in trying to achieve a current
objective.
Project Management
Perspective
Project Management Perspective
• A risk can be taken as a chance of something
happening that will have an impact on the project
objectives. A risk in this perspective is a condition that
if it occurs, will have a positive or negative effect on
the set project objectives.
• Centre for Finance & Project Management, A Risk is
the potential for unwanted happenings or
consequences.
• Why Project Managers may need all this background:
(Different professional elucidation)
 Class Exercise
• With reference to the various professional
definitions of a risk, identify why a project manager
may need to plan for risk in the project
environment ?.
 Justification for risk planning
• Better contingency planning and selection of responses to those
risks which are known and do occur.
• Provides a bottom line justification for undertaking risk analysis
studies.
• High lights to management that there is a range of possible
outcomes for the project.
• Enables decision making in the project to be systematic, rational
and more objective than subjective.
• It provides a frame work for justification of prudent responses to
risks which may involve early expenditure of substantial sums of
money.
• Enhance your ability to control your project implementation as you
are now aware and have planned for things that can go wrong in
your project.
• The benefits of addressing risks early exceeds the negative impact if
the risk occurs
A trib u teso frisk

• Risk has a future focus.

• Risk has alternative possible
outcomes.
• Risk deals with probabilities.
• Risk requires information for decision
making- ranging from total
uncertainty to total certainty.
• Risk must affect the bussines/project
objective.
10
Risk components
Risk components include:
• Causes
• Event
• Effects

11
Risk components

Causes Event Effect

Risk components
• An event is an incident or situation that occurs in
a particular place and time. e.g Floods, death etc.
• It is what can go wrong or what may happen to
the detriment or in favor of a business.
• Causes. A cause is a reason why the event can
occur. In risk management, it is usual to first
generate a list of risk events possible and then a
consideration of their possible causes and effects.
• Effects are the consequences of the event
occurring.

13
Class exercise 1
• Name a risk event you are familiar with
from either your work or life
experience, using that example
illustrates what its causes and effects
might have been.

14
Exercise 2
• You have been appointed as a Project Manager to
oversee the renovation and upgrade of a school
dormitory.
Question
Identify and describe four adverse risk events, their
causes and effects
Risk Classification
• Risk can be classified according to.
1. Project Objectives. (time risk, quality risk, cost risk and
scope risk)
2. The sources of the risk. (political ,economic , human
behavior, natural events ,technological risks e.t.c)
3. Project life cycle In which the risk occurs. ( Conception,
Development, Execution & Finish/Termination)
4. Degree of control: (controlled and uncontrolled risk)
5. Availability of information: (Known and unknown)
6. Degree of Spread. (particular and fundamental risk)
7. Level of risk or probabilities. (High, medium or low risk)

16
Exercise 3
• Come up with a project of your choice and
identify at least four risk events following the
Risk Classifications.
• Suggest a response strategy
• Develop a risk register
Project risk identification
• Project risk identification refers to the process of
determining which risks might affect the project
and documenting their characteristics.
• Its major output is A List of Risks/Risk Register

18
 Risk Register
ID Risk Probability Impact Strategy/ Action Owner Review
rating rating control taken Date

1 Supplier Low High Treat Develop Account

failure Evaluate/ evaluation Manager
multi criteria,
sourcing dual
sourcing

2 Quality failure Low Medium Treat, Consult Quality

specs supplier Manager

3 Lead time Medium Low Accept Monitoring Purchasing

variance Monitor Officer

4 Price variance High Medium Treat/ Prices Account

transfer locked in Manager

5 Purchasing Medium High Treat Internal Finance

fraud Ethical control Manager
code

6 Loss of goods High Medium Transfer Insurance Logistics

in transit Manager
19
Risk Identification Methods
The common risk identification methods (5)
Objective-Based Risk Identification
 Scenario-Based Risk Identification
 Taxonomy-Based Risk Identification
Common-Risk Checking
 Risk Charting

11/15/2023 20
Project risk identification. Cont,d

• Objective-Based Risk Identification: Organizations

and projects have objectives. Any event that may
endanger achieving an objective partly or
completely is identified as risk.
• Scenario-Based Risk Identification: Different
scenarios are created. The scenarios may be the
alternative ways to achieve an objective, or an
analysis of the interaction of forces. Any event that
triggers an undesired scenario alternative is
identified as risk.

21
Project risk identification. Cont’d
• Taxonomy-Based Risk Identification: This is a
breakdown of possible risk sources and their
classification. Based on the taxonomy an
knowledge of the best practices, a questionnaire is
designed and filled by the relevant stakeholders.
The answers to the questions reveal the possible
risks.
• Common Risk Checking: In several industries lists
with known risks are available. Each risk on the list
can be checked for application to a particular
situation
22
Project risk identification. Cont,d
• Risk Charting: This method combines the above
approaches by listing Resources at risk. Threats to
those resources modify factors which may increase
or decrease the risk and the associated
Consequences.
(a) One can begin with resources and consider the
threats they are exposed to and the consequences of
each.
(b) Alternatively one can start with the threats or
Risk

23
Example
Assume a project has the following objectives.
1. Generate the possible risks using Objective based risk identification
method.
OBJECTIVES
• To be the management development institute of first choice and an
acclaimed provider of relevant best-practice management education,
training, research and consultancy services.
• To acquire and sustain adequate physical and technical infrastructure
to cope with increased demand for the institute’s services.
• To provide a conducive work environment that retains high caliber
academic and administrative staff in an increasingly competitive labor
market.
• To be a strong, financially sustainable organization.
• To be a socially responsible corporate citizen locally, regionally and
internationally.
Solution.
• There is a risk of the public demands changing
• Failure to attract participants to enroll on courses
• Human behavior risks: Failure to retain the staff for
long
• Financial Risks, e.g. Ever-changing foreign exchange
rates, High rates of Inflation, etc.
• Competition from other service providers
What is risk management?
Risk management is a systematic
approach to managing risks throughout
the whole organization by identifying,
assessing, understanding, acting on and
communicating risk issues.

26
What is risk management?
• Risk management is the systematic
process of identifying, analyzing and
responding to project risk. It includes
maximizing the probability and
consequences of positive events while
minimizing the probability and
consequences of adverse /unfavorable
events to the project objectives.
27
Process of project risk
management
Project risk management includes:
• Risk planning
• Risk identification
• Risk analysis
• Risk response planning
• Risk monitoring and control

28
Risk management process
• Risk planning: the process of
determining how to approach and plan
the risk management activities
• Risk identification: involves
determining which risks might affect the
strategy

29
 Project risk Management
process
. Qualitative risk analysis. Measuring the probability and
consequences of risks and estimating their implication to
project objectives (subjectively)
Quantitative risk analysis. Measuring the probability and
consequences of risks and estimating their implication to
project objectives (objectively)
Risk response planning. Developing procedures and
techniques to enhance opportunities and reduce threats
to the projects objective.
Risk monitoring and control. Monitoring risks,
executing risk reduction plans and evaluating their
effectiveness throughout the project life
Risk response
• After risk identification and analysis,
then one has to
• Select and implement appropriate
options for dealing with risk.

31
Risk response strategies
• Risk Avoidance
• Risk Mitigation
• Accept risk
• Risk Transfer
• Monitor the risk

32
Risk avoidance

• Eliminate task or do it differently

• Not undertaking a project
• Undertaking an alternative
project

33
Risk avoidance
• By eliminating the condition that is
causing the risk. For instance, risks
associated with a particular service
provider can be avoided if another
one is sourced.

34
Risk avoidance
• In another perspective, you may have a
project associated with implementing a
solution in multiple locations. Once the
risk is identified, the sponsor may
change the scope of the project, e.g, to
only implement in one location. In this
way, the risk of implementing at
multiple locations has been avoided.
35
Risk reduction/Mitigation
• Reduce Probability
• lower chance that risk will occur
• Risks with high probability
• Reduce Impact
• Minimize severity of consequences of risk
event should it occur
• Undertake contingency planning and
recovery programme

36
Risk Mitigation
• Mitigating a risk means that you put in place a set
of steps to ensure that the risk does not occur
(Precautionary measures).
• Another purpose of mitigation is to ensure that if
the risk occurs, the negative impact of the risk is
minimized (Use of a four wheel drive car on bad
roads, Employing skilled Human Resources, Use of a
condom)

37
Accept risk
• In this approach, the project manager might
look at the risk and decides to do nothing.
This can happen because of one of the
reasons below:
(a) The project manager may notice that the
potential impact of the risk on the project
is not substantial enough to require a risk
response.
This would typically be in the case for low-
level risk that may have a low impact on
the project.
38
Accept Risk
b) Theproject managers may feel that the
risk should be managed, but the
negative impact of the risk is not worth
the cost of the effort required to
manage the risk.

39
Accept Risk
• There may not be any reasonable and
practical activities available to manage
the risk.
• This is different from the prior reason
where the cost is more than the benefit.
In this case, there is no practical way to
manage the risk, even if it has been
identified as high.
40
Risk Transfer
• By Contract
• In some instances, the responsibility for
managing a risk can be removed from
the project by assigning the risk to
another entity or third party. For
instance, subcontracting a function to a
third party might eliminate that risk for
the project team.

41
Risk Transfer
• By Insurance
- Insurance is a clear example of
moving the risk to another party.
- Note: The risk remains

42
Have a Risk Contingency
Budget
• This should be based on the qualitative and
quantitative risk analysis.
• Reflect on the would be cost and then the risk
contingency.

11/15/2023 43
Monitor the risk
• In this regard, a Project Manager & his team may
monitor to see whether the risk is more or less likely
to occur as time goes on. If it looks more likely to
occur, the team may formulate a different response
at a latter time.
• The approach works better for project risks that are
not likely to occur.
• The advantage is that scarce resources are expended
only on those risks that are likely to occur.
• The disadvantage is that the delay in addressing the
risk might make it less likely that the risk can be
successfully managed in future.
11/15/2023 44
Do not take a risk if;

- The benefits are not identified.

- There appears to be a large number of
alternatives.
- There is not sufficient data.
- A contingency plan for recovery is not in
place, should the results prove to be
less satisfactory.

45
Tips on risk management
• Do not risk a lot for a little.
• The organization cannot afford to lose
something.
• Always plan ahead.
• Always analyze both the sources and
consequences of the risks.
• Be prepared to seek advice from experts.
• Consider the controllable and
uncontrollable parts of the risk.
46
Benefits of project risk
management
• Risk management will help senior
management to plan strategically,
• Allocate resources more wisely,
• It enables more responsible decision-
making

47
Benefits of project risk
management
• Contributes to achieving the
organization’s goals more efficiently,
• Enables firms to avoid costly surprises
• Encourages organizations to take risks
wisely

48
Project risk management skill
requirements
• Experience
• Impartiality and objectivity
• Data management techniques
• Finance and costing skills
• Communication and presentation
skills
• Diplomacy
• Imagination

49
CLASS EXERCISE
• XYZ Company has been operating in Ugandan urban areas
for the last four years and intends to expand on its market
out-reach to rural areas. Because of the skills you have
acquired in Project Planning and Management, you have
been given a job to work as a Project Risk Manager to
oversee the implementation of a project on “Improved
Service Delivery to clients by introducing low-cost
telephone rates in Uganda by 2019”. Your contract is to last
for five years.
• Task:
• Identify three risks that are likely to come during this
project’s implementation and discuss the methods you can
use to identify those possible risk events.
• With practical examples, explain the major steps you would
follow in the Risk Management process during you term in
office.
• Explain the strategies you can use to respond to possible risk50
events in any project environment.
Class exercise
•Select a project of your choice that you are presently or
have recently been involved in within your professional
work or a project within an organization that you can
access relevant information.
I. State the purpose and objectives of the project
II. Identify and describe four adverse risk events, their
causes and effects.
III. For every risk, describe and explain its level i.e.
(probability and severity of consequences)
IV. For each risk, describe and explain a suitable strategy
to deal with the risk.
V. Develop a risk register for the above project.
11/15/2023 51
 END
THANK YOU

52