Project Risk Management

1
What is Risk?
 A dictionary definition of risk is “the possibility of
loss or injury”
 Negative risk (threats) involves understanding
potential problems that might occur in the project
and how they force impede/block project success.
 Negative risk management is like a form of
insurance; it is an investment.
2
Risk Can Be Positive
 Positive risks are risks that result in good things
happening; sometimes called opportunities.
 A general definition of project risk is an
uncertainty that can have a negative or positive
effect on meeting project objectives.
 The goal of project risk management is to
minimize potential negative risks as well as
maximizing potential positive risks.

3
 Risk Utility
 Risk utility or risk tolerance is the amount of satisfaction
or pleasure received from a potential payoff.
 Utility rises at a decreasing rate for a person who is
risk-averse.
 Those who are risk-seeking/taking have a higher
tolerance for risk and their satisfaction increases when
more payoff is at stake.
 Risk neutral, approach achieves a balance between risk
and payoff.
4
Risk Utility Function and Risk
Preference

5
 What is Project Risk Management?
 Risk management is the systematic process
of identifying, analyzing, and responding
to project risk.
 It is the art and science of identifying,
analyzing, and responding to risk throughout
the life of a project and in the best interests
of meeting project objectives. 6
 Contt.
 It involves all activities relating to
identification ,analyzing and making provision for
predictable as well as non predictable risk in the
project.
 Risk such as :
 Experienced staff leaving the project and new staff
coming in.
 Changing in organizational managt.
 Requirement change or misinterpreting.
 Under estimation of required time and resources.
 Technological changes, environmental changes,
business competition….. 7
Project Risk Management Processes

8
Risk Management Planning
 It is the process of deciding and plan risk
management activities for the project.
 The main output of this process is a risk
management plan, a plan that documents the
procedures for managing risk throughout a project.

 The project team should review project

documents and understand the organization’s
and the sponsor’s approach to risk.
9
 Questions Addressed in a Risk Management Plan

 Why is it important to take/not take this risk

in relation to the project objectives?
 What is the specific risk, and what are the
risk mitigation deliverables?
 How is the risk going to be mitigated? (What
risk mitigation approach is to be used?)
 Who are the individuals responsible for
10
implementing the risk management plan?
 Risk Identification
 This process helps in documenting the existing
individual project risks and sources of overall project
risk.
 Risk identification is the process of understanding
what potential unsatisfactory outcomes are associated
with a particular project.
 Determining which risks are likely to affect a project
and documenting their characteristics.
11
Contt…
 Similar to collect requirement process in scope
management knowledge area.
 Several risk identification tools and techniques
include
 Brainstorming

 The Delphi technique

Read more on these
 Interviewing tools and techniques

 SWOT analysis
12
Risk Breakdown Structure(RBS)
 RBS is a hierarchical representation of
potential risk categories for a project.
 Similar to a work breakdown structure but
RBS is used to identify and categorize
risks.

13
Sample Risk Breakdown
Structure

14
 Negative Risk Conditions Associated With
Each Knowledge Area
Knowledge Area Risk Conditions
Integration Inadequate planning; poor resource allocation; poor integration
management; lack of post-project review
Scope Poor definition of scope or work packages; incomplete definition
of quality requirements; inadequate scope control
Time Errors in estimating time or resource availability; poor allocation
and management of float; early release of competitive products
Cost Estimating errors; inadequate productivity, cost, change, or
contingency control; poor maintenance, security, purchasing, etc.
Quality Poor attitude toward quality; substandard
design/materials/workmanship; inadequate quality assurance
program
Human Resources Poor conflict management; poor project organization and
definition of responsibilities; absence of leadership
Communications Carelessness in planning or communicating; lack of consultation
with key stakeholders
Risk Ignoring risk; unclear assignment of risk; poor insurance
management 15
 Risk Register
 The main output of the risk identification process
is a list of identified risks and other information
needed to begin creating a risk register
document.
 A risk register is:
 A document that contains the results of
various risk management processes and that
is often displayed in a table or spreadsheet
format.
 A tool for documenting potential risk events
and related information in a table form.
16
 Qualitative Risk Analysis
 Assess the probability and impact of identified risks to
determine their magnitude and priority.
 The process of characterizing and analyzing risks and
prioritizing their effects on project objectives.
 The major benefit of this process is that focuses/ efforts on
high priority risks.
 Using tools and techniques include:
 Probability/Impact matrixes
 The Top 10 Risk Item Tracking technique
 Expert judgment 17
Sample Probability/Impact Matrix for
Qualitative Risk Assessment

18
 Top 10 Risk Item Tracking
 Top 10 Risk Item Tracking is a tool for maintaining an

awareness of risk throughout the life of a project.

 Establish a periodic review of the top 10 project risk items.

 List the current ranking, previous ranking, number of times

the risk appears on the list over a period of time, and a

summary of progress made in resolving the risk item.

19
 Example of Top 10 Risk Item Tracking
Monthly Ranking
Risk Item This Last Number Risk Resolution
of Months Progress
Month Month
Inadequate 1 2 4 Working on revising the
planning entire project plan
Poor definition 2 3 3 Holding meetings with
of scope project customer and
sponsor to clarify scope
Absence of 3 1 2 Just assigned a new
leadership project manager to lead
the project after old one
quit
Poor cost 4 4 3 Revising cost estimates
estimates
Poor time 5 5 3 Revising schedule
estimates estimates
20
 Expert Judgment
 Many organizations rely on the intuitive
feelings and past experience of experts to
help identify potential project risks
 Experts can categorize risks as high,
medium, or low with or without more
sophisticated techniques.
21
 Quantitative Risk Analysis
 Often follows qualitative risk analysis, but both
can be done together or separately
 Large, complex projects involving leading edge
technologies often require extensive quantitative
risk analysis.
 It involves numerical quantification or measuring
the probability and consequences of risks in the
project. 22
Contt..
 A numerical analysis of the probability and impact
of the highest risk on the project, to determine
overall project risks, that are come from cost, time
,scope,…).
 Main techniques include:
 Decision tree analysis
 Simulation

23
Decision Trees and Expected Monetary
Value (EMV)
 EMV is a type of decision tree where you calculate the
expected monetary value of a decision based on its risk
event probability and monetary value for the risk item.

24
Simulation
 By using a Monte Carlo simulation, numerical
quantification of overall project risks, that are come from
cost, time,…..

25
Sample Monte Carlo Simulation Results for
Project Schedule

26
Sample Monte Carlo Simulations Results for
Project Costs

27
Risk Response Planning
 After identifying and quantifying risk, you must
decide how to respond to them.
 So ,next process is taking steps to enhance
opportunities and reduce threats for meeting
project objectives using different risk response
strategies.
 It is the process of developing options , selecting
strategies, and approving on action to address
overall risk disclosure.
 It also identifies appropriate ways, to address overall
or individual project risks.

28
Contingency and Fallback Plans,
Contingency Reserves
 Contingency plans are predefined actions that the
project team will take if an identified risk event occurs.
 Fallback plans are developed for risks that have high
impact on meeting project objectives.
 Contingency reserve or allowances are provisions
held by the project sponsor, that can be used to mitigate
cost or schedule risk if changes in scope or quality occur.

29
 Strategies for Risk Response
 Four main strategies:
 Risk avoidance: eliminating a specific threat
or risk, usually by eliminating its causes.
 Risk mitigation: reducing the impact of a risk
event by reducing the probability of its
occurrence.
 Risk transference: shifting the consequence
of a risk and responsibility for its management
to a third party.
 Risk acceptance: accepting the
consequences should a risk occur.

30
Possible Risk Strategies

• Can I avoid the risk?

• Can I reduce the risk impact or

Can I reduce the risk probability?
Risk
• Can I limit the risk? Reduction
Staircase
(Contingency)?

• Can I transfer the risk?

• Can I accept the risk ?

31
GENERAL RISK MITIGATION STRATEGIES FOR
TECHNICAL, COST, AND SCHEDULE RISKS

32
 Implement Risk Responses
 This process helps in implementing approved risk
response plans (act on your plan).
 The benefit of this process is to ensure that
decided upon risk responses are executed as
planned, in order to address overall project risk
exposure, minimize threats(-ve risk) ,and maximize
opportunities(+ve) for project.
 Example : Power 33
 Monitor and Control Risk
 It is the process of monitoring/checking the
implementation of agreed upon risk response plans,
identifying/analyzing known or new risks, reducing
and tracking identified risks, and evaluating the
effectiveness of risk reduction strategies.
 Workarounds are unplanned responses to risk events that
must be done when there are no contingency plans.
 The main outputs of risk monitoring and control are
project change requests, and updates for PM plans.
34
 Using Software to Assist in
Project Risk Management
 Risk registers can be created in a simple
Word or Excel file or as part of a database
 More sophisticated risk management
software, such as Monte Carlo simulation
tools, helps for analyzing project risks
quantitively.
 Etc.

35
I thank you.

36