What Is Risk Analysis? Risk Analysis is a process that helps you identify and manage potential problems that could undermine key business initiatives or projects. The overall purpose of the management of risk process is to help a decision-maker understand a situation, along with the likely outcomes. When Risk Analysis should be used? When you're planning projects, to help you anticipate and neutralize possible problems. When you're deciding whether or not to move forward with a project. When you're improving safety and managing potential risks in the workplace. When you're preparing for events such as equipment or technology failure, theft, staff sickness, or natural disasters. When you're planning for changes in your environment, such as new competitors coming into the market, or changes to government policy. Benefits of Risk Analysis Saves time and money. Reduces the level of uncertainty. Decreases the impact of negative events. Improves project controls. Improves organizational learning. Risk Analysis Steps oRisk identification Risk oRisk assessment Analysis oResponse planning and implementation oRisk monitoring and control Identify Assess Respond Identify 1. Risk Identification Determining and documenting the potential risk that could occur. These can come from many different sources. For instance, they could be: ◦ Human – Illness, death, injury, or other loss of a key individual. ◦ Operational – Disruption to supplies and operations, loss of access to essential assets, or failures in distribution. ◦ Reputational – Loss of customer or employee confidence, or damage to market reputation. ◦ Procedural – Failures of accountability, internal systems, or controls, or from fraud. ◦ Project – Going over budget, taking too long on key tasks, or experiencing issues with product or service quality. ◦ Financial – Business failure, stock market fluctuations, interest rate changes, or non-availability of funding. ◦ Technical – Advances in technology, or from technical failure. ◦ Natural – Weather, natural disasters, or disease. ◦ Political – Changes in tax, public opinion, government policy, or foreign influence. ◦ Structural – Dangerous chemicals, poor lighting, falling boxes, or any situation where staff, products, or technology can be harmed. Risk Identification Methods and Sources To identify project risks are usually used typical information-gathering techniques like the following listed: •Brainstorming: is a method to enhance PT creativity. It consists of: identification of the appropriate team to execute the brainstorming; constitution of the team and definition of the basic rules for the Brainstorming performance; generation of new ideas; clarification of ideas and conclusion of the Brainstorming session. The entire process is usually followed by a qualified facilitator •Delphi method: is a method to gain the experts agreement or disagreement about a problem; the experts should express their opinion about the problem (i.e. risk posed on the project), and a process administrator should aggregate the opinions received (i.e. in a statistical form) and send these back to the experts as anonymous feedback; the experts might revise their opinion and generate new ideas or keep the previous; the process is repeated 4÷5 times, and the areas of agreement or disagreement documented; the main advantage of this method is to avoid the direct mutual influence on judgements among the experts •Interviews: interviews are the simplest method and consist of asking various people their opinion Risk Identification Methods and Sources •Checklist: provides a typical list of risks from literature •Database: the collection of all risks experienced by the Company in the various projects; the database can be inquired to decide whether a certain identified risk could reasonably occur, or which are the risks that the project is exposed to. •Cause / effect diagrams: are diagrams supporting the analysis of the root cause of the risk on which the control strategy should operate •Network analysis: the analysis of the project network to compute the impact of the activities' duration on the project schedule; it allows the identification of the critical path, near critical paths, etc. •Sensitivity analysis: is the technique that allows to understand the relative impact of several variables to the entire problem; it consists in keeping all variables constant except one and modifying its value to assess its importance in the problem •Risk already identified might disappear and new risks might appear; and •Risks already identified might change over the time in probability of occurrence and / or impact to understand such variance, risk management process shall be repeated periodically during the project starting from risk identification. 2. Risk Assessment is the process of assessing the impact and likelihood of the identified risks, thus prioritizing the risks according to their potential effect on project objectives. Helps to evaluate the significance of each risk. Highlight the risks that present the greatest threat on the overall objectives. Risks should be prioritized according to their potential impact and probability of occurring. o Risk Impact is the effect the risk will cause if it occurs. o Risk probability is a measure of the likelihood of the risk occurring. The risk score helps guide risk responses 3. Risk Response Planning and Implementation is the process of developing options and determining actions to reduce threats to the project objectives You need now to respond to the assessed risks by developing options and actions to reduce the probability or impact. Here you will apply strategies to deal with them effectively. Response Strategies Avoidance: It usually involves changing in the project plan such as: o Extending the schedule. o Reducing the scope. o Spending money or hiring resources to eliminate the risk. An example is when you hire a more skilled resource who is likely to get the tasks done in less time.
Transference: Sharing the risk with someone else.
It is simply handling off the risk to another team, organization or a third party. Examples are outsourcing a service and buying an insurance. Response Strategies Mitigation: Involves carrying out work now to reduce the probability and/or impact of a risk to be within the acceptable threshold limits. It may include preventive, detective or testing possible ways to reduce the risk. Examples are: backing up the data to an offsite location and choosing a more stable supplier. Acceptance: An acceptable risk is the one that is tolerated because: o There is nothing you can do to prevent or mitigate it. o It is costly. o It is difficult to implement. One of the common acceptance strategies is to come up with a contingency plan to cope with its consequences. 4. Controlling Risks Improves the efficiency of the risk analysis process. Involves: oMonitoring and re-assessing risks overtime. oIdentifying new risks. oEvaluating the effectiveness of the risk response strategies. Performance information should be reviewed regularly: oSchedule progress oCosts incurred 4. Controlling Risks Risk monitoring and control is an ongoing process during the project lifecycle, the risks change as the project develops, new risks arise, or some disappear. Two different techniques can be used to evaluate and prioritize risks: Qualitative risk analysis Qualitative risk analysis requires that the probability and consequences of the risk be evaluated using established qualitative-analysis methods and tools, describing them in terms such as very high, high, moderate, low, very low. These two dimensions of risk are applied to each specific risk event and the results may be plotted using a probability-impact matrix. It illustrates the simple multiplication of the scale values assigned to determine whether a risk is considered low, moderate or high. Two different techniques can be used to evaluate and prioritize risks: Quantitative Risk Analysis A quantitative risk analysis is a further analysis of the highest priority risks during a which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. A quantitative analysis: oQuantifies the possible outcomes for the project and assesses the probability of achieving specific project objectives oProvides a quantitative approach to making decisions when there is uncertainty oCreates realistic and achievable cost, schedule or scope targets Qualitative vs. Quantitative Qualitative Quantitative risk-level project-level subjective evaluation of probability probabilistic estimates of time and and impact cost
quick and easy to perform time consuming
no special software or tools may require specialized tools required Quantitative Risk Analysis Tools & Techniques Three Point Estimate – a technique that uses the optimistic, most likely, and pessimistic values to determine the best estimate. Decision Tree Analysis – a diagram that shows the implications of choosing one or other alternatives. Expected Monetary Value (EMV) – a method used to establish the contingency reserves for a project budget and schedule. Quantitative Risk Analysis Tools & Techniques Monte Carlo Analysis – a technique that uses optimistic, most likely, and pessimistic estimates to determine the total project cost and project completion dates. For example, we could estimate the probability of completing a project at a cost of $20M. Or what is a company wanted to have an 80% probability of achieving its cost objectives. What is the cost to achieve 80%? Sensitivity Analysis – a technique used to determine which risks have the greatest impact on a project. Fault Tree Analysis (FMEA) – the analysis of a structured diagram which identifies elements that can cause system failure. References Rossi, P. (December, 2005). R(2000). Risk Management Process: methods, tools & techniques. Eni Best Practices Rossi, P. & Piantanida, M. (2007 May,). Supporting Project Management Processes with integrated Software tools and database. PMI EMEA Global Congress, Budapest. https://www.mindtools.com/pages/article/newTMC_07.htm http://projectriskcoach.com/evaluating-risks-using-quantitative-risk-analysis/ https://www.pmi.org/learning/library/link-qualitative-quantitative-risk-assessment-7375
RM 436 Guidelines On The Applcation Projects For The School Heads Development Program Foundation Course and Instructional Leadership Program For Division and District Supervisors