10. Understand risk and issue management in the context of project management Flashcards
Explain two stages in a typical risk management process.
Identify – In this stage the project manager will work with the team leaders and team members to identify risks (threats and opportunities).
The risks can be identified via several techniques such as a PESTLE analysis, SWOT, and brainstorming. An assumption and dependency analysis is also used to identify risks. All identified risks are added to a risk register, which will have columns for: recording the risk description, the cause, the event, and consequences; the risk author and date identified; the agreed control measures and the control budget; the agreed risk owner (most qualified team member); and the agreed date of the next review.
Analyse – In this stage of the risk management process the project manager will work with the team again to assess the likelihood of the risk occurring and the impact it would have on the project should it occur. A probability/impact matrix is created, with each risk given a quantifiable
score for both probability and impact. Often this may be colour coded with risks scoring highly in both probability and impact showing as red, those scoring moderately amber and those scoring low green. In order to further distinguish between high, moderate and low risks a severity score is calculated for each risk by multiplying the probability score by the impact score. This allows the project manager to see which of the high (red) risks are significant and which are catastrophic should they occur. You can also look at the proximity of the risk - when is it likely to happen and also risk appetite - how much risk the organisation is prepared to face in order to deliver greater benefits. A high risk appetite of a particular risk means the project manager and project sponsor are aware the benefits cannot be delivered without facing that risk and so the risk is accepted and a specific contingency budget put into place for that risk alone. The impact on the project could be the risk effect on schedule, budget, quality, resources, scope, environment.
Explain three responses to a threat
Eliminating a threat by choosing an alternative approach to solving a problem. Elimination ensures that this particular risk will not occur, but may introduce new ones which will need to go through the same
analysis process. Alternatives may bring about bigger threats, and therefore both should be considered together to determine the best approach. For example, the risk of not being able to complete an exam in
person due to corona virus can be removed by taking it online.
Transfer the threat – insurance is a transfer of a financial threat away from the project and onto the insurer. A project can be insured against fire for example - in the event of a fire on a building site the cost of recovering the project might be paid by the insurance company. This is not a very flexible management response, and is not suited to most risks, but may permit a project to go ahead without doing anything additionally to reduce the risk. i.e. the threat of loss of revenue to a shipping company if their ship is
wrecked, can be covered by the insurance. The financial impact to those people whose goods are being shipped can be covered in this way also, but not the impact to their schedules required by purchasing
replacements.
Reduce – through managing a response within the project the impact of a threat being realised can be reduced. If there is a known risk that a power supply is faulty and therefore may fail, cutting all power to
a factory, the factory may decided to enter a contractual agreement with a company to supply generators to the site within a given period of time. This wont remove the risk entirely as there will be some impact of losing power as the generators wont be on site immediately, but the factory will be able to operate again quickly, limiting the loss of production and therefore the impact of the event.
Question part (a) Explain two stages in the risk management process.
Marks 20 marks (10 marks each)
Question part (b) Explain three key benefits of risk management for projects.
Marks 30 marks (10 marks each)
Question 1 part (a)
1) The first stage in the risk management process is to IDENTIFY any risks that if they occur could impact on the project objectives being achieved. This will consider the ‘cause’, ‘event’ and ‘effect’ of the uncertainties (threats and opportunities) which may impact the project objectives. This can be done using a variety of risk identification tools and techniques such as “brainstorming” and “interviews” with stakeholders – the outcome of these activities would result in a list of potential risks each described by a phrase or sentence indicative of the risk source; all of which are documented in the risk register. Looking at risk registers of previous projects is also a way to identify risks by using the previous experience of other project managers.
2) The next stage would be to ANALYSE the identified risks. This would be carried out using either quantitative or qualitative measures. For example, a qualitative method would be where each risk is (subjectively) assessed and prioritised based on a probability and impact estimation to indicate low, medium or high-risk exposure. A quantitative method of analysis could be using historical statistical information about risk in similar project scenarios to extrapolate the potential for the proposed project, based on the identification of certain parameters such as size, complexity numbers of workers. These provide data which allows the project manager to fully understand the consequences of the risk in question to enable consideration of appropriate mitigated responses
Question 1 part (b)
Three benefits of undertaking the risk management process are:
Benefit 1: The risk management process can enable much more accurate and meaningful plans/schedules and budgets to be drawn up. If the project team are aware of the risks posed for the project, they will be able to allocate sufficient tolerances/contingencies where necessary and this will help to create more objective plans for the future of the project work. By doing this, the project manager can add credibility to the plans/schedules/budgets, increasing stakeholder confidence.
Benefit 2: The ability to take greater risks. If the project team are aware of the risks that may occur, they will be prepared to allocate appropriate mitigation/contingency. With this in place, they will be able to take greater risks with lower contingency therefore increasing the overall return on investment for the organisation.
Benefit 3: The risk management process allows for more meaningful analysis and justification of contingency funds. Through identifying and managing risks appropriately, the project manager is aware of the acceptable quantification of contingency and therefore can actively manage the risk budget throughout the project lifecycle. This is especially important as the project progresses where further unknowns may arise – the project manager can ensure that the risk budget is being used as effectively as possible in the prime risk areas.
Question part (b) Explain three key benefits of risk management for projects.
Marks 30 marks (10 marks each)
Benefit 1 - It brings visibility to the potential risks that the project could face, which in turn enables risks to be mitigated - possibly avoiding it by removing it completely or reducing the impact or the likelihood through mitigation controls and contingency planning. It also discourages the acceptance of financially unsound projects.
Benefit 2 - Risks can be positive as well as negative and so it brings visibility to potential opportunities. The project manager can investigate how to respond to the opportunity to obtain the most benefits as possible for the project.
Benefit 3 - It enables greater control and better governance. It allocates the best risk owner, based on the team members knowledge, to each identified risk. It builds up very useful lessons learned knowledge for future projects saving time and resources.
