Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Definition
Organizations of any kind face internal and external factors and influences that make it
uncertain whether, when and the extent to which they will achieve or exceed their
objectives. The effect this uncertainty has on the organizations objectives is risk.
(AS/NZS ISO 31000:2009, p. iv)
Thus risk is the effect of uncertainty on objectives. Typically projects have a variety of
objectives. For example typically construction projects have objectives related to time,
cost, quality, safety and environmental impact.
The uncertainty involved may come from a variety of sources. It may be the result of
some inherent randomness regarding the factor involved. For example it is difficult to
predict the weather. It may be the result of a lack of information that can be rectified by
some investigation. For example the uncertainty in the proportion of soil and required for
an excavation. It may be because the factor is under the control of somebody else. For
example, will a negotiation be successful, and how long will it take to resolve. However,
basic principles for dealing the resulting risk are the same.
Sometimes there are legal requirements of analysing and assessing risk, particularly in
the occupational health and safety area and in environmental issues. These legal issues
will not be covered, however the approach discussed should be applicable to any specific
legislation.
The likelihood is the chance that the risk will happen. It may be expressed qualitatively or
quantitatively. Quantitative measures include probability and average recurrence interval.
The consequence is the impact that the risk event will have on the objective. Sometimes it
can be measured easily, for example the number of days that a project is late. Other times
it may be difficult to measure, for example the level of injury received in an accident.
The consequences may be beneficial or detrimental. Usually when people think about
risk management they think about dealing with the risks that might have an adverse
effect. However, positive risks should also be measured. Positive risks are called
opportunities. Managing them involves maximising the scope for taking advantage of
them.
Risk Management
Risk management is the coordinated activities to direct and control an organisation with
regard to risk.
(ISO Guide 73:2009, definition 2.1)
It involves:
Culture
Processes
Structures
The move to a more formal recognition of risk and the need for risk management appears
to have been strongest in projects involving large capital, particularly defence, oil and
gas, aerospace and civil engineering sectors; in the insurance industry; in accident and
safety matters; and in the environment.
The diagram below shows the risk management framework (ISO 31000:2009):