Project Risk Management

Prof.V.Seshadri
Risk Management – What is Risk?
• A risk is an uncertain event or set of
events which, if it occurs, will have an
effect on the achievement of objectives
• PMI defines Risk Management as the
‘formal process by which risk factors are
systematically identified, assessed, and
provided for’.
•

V.Seshadri Ref 1 Ch 10 2
 What is Risk?
• An uncertain event or condition that, if it
occurs, will have a negative or positive
effect on one or more project objectives
• Risk in Projects has 2 dimensions
1)Risk Likelihood
2)Risk Impact
• Risk is a joint function of the two
Risk = f ( Likelihood, Impact)

There is also the third dimension of “Proximity”

Risk = f ( Likelihood, Impact, Proximity)

V.Seshadri Ref 1 Ch 10 3
 What is Risk Management?
• The systematic process of identifying,
analyzing and responding to project
risks
*Increase the positive risks

*Minimize the negative risks

 Ref

V.Seshadri Ref 1 Ch 10 4
 Risk management – elements & processes

Sources, Methods
Identify Risk
Likelihood, Impacts,
Consequences, Priority

Assess Risk Strategy: Accept

responsibility,
Transfer, Avoid,
Reduce, Contingency

Plan Risk responses

N
e
w
ris Status
ks
Track & Control Risks
Revise Assessment
V.Seshadri Ref 1 Ch 10 Close-out 5
 Beneficial Risks
• Risk may be adverse or it may be
beneficial.
• Project management should anticipate
and face any risk; minimize the impact of
the adverse risks and take advantage of
those which are beneficial.
• Even adverse risks could lead to new
opportunities(“In adversity lies
opportunity”
V.Seshadri Ref 1 Ch 10 6
 Risk Classification
• Catastrophic Risk : That which has direct and
significant impact on project delivery (in terms
of time, cost & quality).
E.g. Any Organization-level restructuring can
lead to a catastrophic impact on a project.
•
• Critical : If an activity that forms a part of the
critical path is affected by uncertainty, it could
lead to this level of risk. In this case also the
impact on the project delivery (in terms of
time, cost & quality) is direct but not very
significant.
•

V.Seshadri Ref 1 Ch 10 7
 Risk Classification –contd.
• Nominal : Those activities which have a
marginal impact on the project delivery
(in terms of time, cost & quality) can be
treated as ‘Nominally risky’. If detected
at early stages of the execution stage,
the impact of these risks can be even
further reduced.
•

V.Seshadri Ref 1 Ch 10 8
 Steps in RM
• The steps involved in the process of risk
management are :
– Risk Identification
– Risk Assessment/Quantification
– Risk Response
– Risk Control
 Ref 1 pg 327

V.Seshadri Ref 1 Ch 10 9
 Risk components
• The notion of project risk involves two
concepts
1)The likelihood that some problematical
event will occur
2)The severity of impact of the event if it
does occur
Risk = f ( likelihood, impact)
 Ref 1 pg 327

V.Seshadri Ref 1 Ch 10 10
 Risk Identification
• This involves the following :
– Identifying the Causes of Risk
– Attach a probability to the risks becoming real.
– Identify Risk symptoms
• Causes of Risk : This is based on the ways to classify
risks as mentioned above – technical / human /
financial / environmental
• Classifying if the risk is catastrophic / critical / nominal.
• Risk symptoms refer to ‘trigger points’ which give strong
indications of the risk becoming real. For e.g. before
an equipment breaks down, certain unusual sounds
might be produced as indications of failure.
 Ref 1 pg 327

V.Seshadri Ref 1 Ch 10 11
 Sources of information
• Past Experience
• Studying the facts
• Group discussions
• Expert advice

V.Seshadri Ref 1 Ch 10 12
 Sources of Risks
• Internal Risks:
a)Market Risks – failure to meet customer’s
needs, failure to identify changed
requirements, failure to identify newly
introduced products by customers
b)Assumption Risk
c)Technical Risk – w.r.t. Time, Cost or
Performance. May be High, medium or
Low
d)
V.Seshadri Ref 1 Ch 10 13
 Rating of Technical Skills - Criteria
• Maturity
• Complexity
• Quality
• Concurrency or Dependency

V.Seshadri Ref 1 Ch 10 14
 Risk from known Sources
High risk in projects stem from:


1)Using an unusual approach

2)Attempting to further technology
3)Training for new tasks or applying new
skills
4)Developing and testing of new equipment,
systems or procedures


•
V.Seshadri Ref 1 Ch 10 15
 Sources of Risks - contd
• External risks: Risks that stem from
sources outside the project.
 Market, Competitors, Government,
Interest rates, Senior management
decisions, Weather, Labour unavailability
due to strikes, Supplier’s relations,
unforeseen Material shortage

V.Seshadri Ref 1 Ch 10 16
 Risk Assessment
• Quantification of risk involves assessing the
relation between the risk and the outcome of
the project.
• Sometimes even a small error in a project can
lead to a catastrophe.
• For. e.g. even a 1% error in any of the
parameters in a rocket launching a satellite
can cause failure of project.
• There are various techniques used to quantify
risks as mentioned below :
•
V.Seshadri Ref 1 Ch 10 17
 Risk Identification Techniques
• Analysis: of various project documents like
reports from past similar projects, WBS, Work
package definitions, cost estimates,
schedules, schematics and models of end-
items.
• Analogy technique
• Create Risk checklist based on risk sources &
risk levels
• Scrutiny of process flow charts, schedules,
precedence relationships
• Brainstorming by team members
• Use of Cause Effect diagram for analysis
 Ref 1 pg 331
V.Seshadri Ref 1 Ch 10 18
 Risk Quantification Techniques
• Using a Probability based model.
– The simplest being calculating the Risk Exposure
(R.E) as defined below :
– R.E. = P * C
where P ~ Probability of Risk becoming real. &
C ~ Cost to project if the Risk occurs
• Using Decision-trees and calculate EMV
(Expected Monetary Value)
• Operational Research Techniques such as CPM
& PERT.


V.Seshadri Ref 1 Ch 10 19
 How are risk measured?
• Severity/Impact –It’s effect on outcomes
• Probability- the chance of it’s happening
• Proximity – When it might happen?


 Ref 1 pg 337

V.Seshadri Ref 1 Ch 10 20
 Composite Risk Assessment
• Composite likelihood factor(CLF)= weighted sums of the
likelyhood of it’s component elements
CLF= (W1)*M
H + (W2)* MS etc where MH MS, has values
from 0 to 1.Weights are usually assigned as 0-1 fractions
adding upto 1
Composite Impact Factor(CIF)= (W1) T1 + (W2) C1+ (W3)

S1 etc where W1, W2 are weights and T1is the

Technical Impact, C1 is the Cost Impact and S1 is the
schedule impact;
the parameters M , M , C etc. and T1, C1 , S1 etc. are
H S H
rating values where qualitative ratings are converted to
numerical values in fractions from 0-1
 Ref 1 pg 334

V.Seshadri Ref 1 Ch 10 21
 Risk Consequence
• RCR – Risk Consequence rating
• CLF – Composite likelihood factor
• CIF – Composite Impact Factor
RCR = CLF+ CIF - CLF*(CIF)

The RCR value is a measure of how serious the

risk is to project performance.

The expected value of Risk Consequence can be

depicted as Impact Likelihood.This depicts the

average outcome if the project was repeated a
large number of times
 Ref 1 pg 336

V.Seshadri Ref 1 Ch 10 22
 Risk Response Planning
1.Avoid Risk, Reduce Risk, Transfer risk,
2.Insure against Risk
3.Design the Contract Type based on Risk
4.Sub-contract difficult/specialized work
5.Clarify Risk Responsibility
6.Contingency Planning
7.Accept Risk ( do nothing)

V.Seshadri Ref 1 Ch 10 23
 Ways to reduce risk in Projects
1.Employ the best technical team
2.Use scientific tools, simulation and models of
key technical parameters
3.Use parallel development on high risk tasks
4.Employ outside experts for review and
assessment of critical activities
5.Perform a risky task early on in a project
6.Minimise system complexity
7.Use design margins
8.Perform extensive tests and evaluations
V.Seshadri Ref 1 Ch 10 24
 Risk Management
Management should anticipate and take


suitable corrective actions wherever possible.

Management should expect the unexpected.
1.Create risk management plan
2.Create a risk profile
3.Appoint a risk officer
4.Include in the budget and schedule a
calculated risk reserve
5.Establish Communication channels
6.Document procedures accurately
•
V.Seshadri Ref 1 Ch 10 25