Lecture 10: Risk Management Flashcards
List four definitions of risk from the dictionary
- possibility of loss or injury: peril
- someone that creates a hazard
→ risk is something that might happen and if it will and it will have an impact
What is uncertainty? And what is its impact on a PJ?
Refers to unknown things when planning a major PJ. The unknowns could be either positive or negative.
→ lead to possible threats and opportunities:
-e.g. offshore pipe laying (bad weather can have bad impact, good weather can have good impact)
-if properly managed it can become a positive issue
→ is not only bad
Name difference between risk and uncertainty
Risk → outcome and its probabilities are certain
Uncertainty → either the outcome and/or its probabilities are uncertain
What are questions to consider in RM?
- what is likely to happen (probabilty and impact)
- what can be done to minimize these events
- what cues will signal the need of such action
- what are likly outcomes of there problems and my anticipated reaction
In whicht periods of an PJ are whicht risk most apparent?
List approaches to risks
- Crisis management
- manage risk when they become issues and provide problems - Error correction
- manage risks prompty when they become issues - Risk compensation
- plan to mitigate risks if they should occur - Prevention
- implement mitigation actions to prevent risk occurrence- Risk elimination
- eliminate facotrs that could create risks
- Risk elimination
For which steps are the PM and the Support stuff responsible for?
- identification, evalutation and monitoring risks
- Determination, planning, allocation of PJ contingencies
- generation of required reports
- updating risk database
For which steps is the Risk assesor responsible for?
- providing guidance, especially in the pre-bid and bid-phase
- supervision of the correct appliaction of RiskM principles and methods
- providing methods support to PM
- Managing risk database
What are the stages of the RM process?
- Risk identification
- Analysis of probabilty and consequences
- Risk mitigation strategies
- Control and documentation
What are the objectives and inputs of risk identification
- *Objectives:**
- identify major sources of risk related to the PJ lifecycle
- the key is a clear and common understanding of the sources of uncertainty
- *Inputs:**
- enterprise environmental factors (published info, commercial databases)
- PJ scope statement
- PJ management plan
List the main types of risks
-
Financial
- financial exposure a firm open when developing a PJ
- relevant for large up-front capital PJ (construction, software development)
- construction company without a contracted buyer prior to construction -
Technical
- unique tech elements or unproven tech
- new ways of working (process related) -
Commercial
- PJ that have commercial goals, bu their success is not secure -
Execution
- environment related (bad weather, volcano) -
Contractual/legal
- ce
List some methods and techniques for risk identifikation
- Brainstorming
- Brainstorming method
- SWOT analysis (strength, weaknesses, opportunities, threats)
- Diagramming tequniques
- Chapman 6Ws - Expert opinions
- interviews
- Delphi - History
- risk database
- checklists - Multiple (or team-based) assessments
What is the Cause-effect diagram?
List Chapman 6Ws
- Who: who are the parties involved?
- Why: what do the parties want to achieve?
- What: what is the parties are interested in?
- Which way: how is it to be done?
- Wherewithal: what resources are required?
- When: when does it have to be done?
Explain the methods from the expert opinion and its downside
- Interview
- Open
- Semi-structured
- Structured (survey)- Delphi approach
- first indivdual
- then group
- (repeat)
- Delphi approach
→ expert opinion cost a lot of money
What are the uses of a risk database
-archive of risks in previuos PJ
-provides info about:
→information describing the risk
→data for evaluating/managing the risk
→ effective for repetitive PJ + good reference for new PJ
What is the idea behind multiple (or team-based) assessments?
→ single sources may be to risky, because of biases
-Team based approach to risk idenfification offer a wider view on the topic
→ Look for diversity:
-age
-gender
-academic background
-nationality
What is a risk register?
→ repository where outputs of RM are recorded
- includes:
1. person responsible for managing the risk
2. probabilty, impact, risk score
3. planned risk response
4. info for understaning an individual risk
What are objectives and main input for the “Analysis of probability and consequences”
→ evaluate impact of risk and opportunities in terms of:
- what is the likelihood of occurrence
- what is the impact of risks on performances
Main input:
- prioritize risk
- quantify potential effects
- evalutate if and which action should be applied
- define contingency policy
LIst some qualitative anaylsis methods of risks
- risk impact matrix (2x2 level)
- 4x5 level
- 5x5 level
-risk mapping
What is qunatitative analysis of risk?
→ performed on certain risks that have been prioritized by qualitative analysis as critical
- goal is to provide quantitative evaluation of risk likelihood and impact
- often done by assuming certain distributions of uncertrainty
→ combining probability and impact to expected value
What are the issues of quantative analysis?
- modelling the probability
- evaluating the impact
- how to estimate risk at PJ level
Why is it not useful to use deterministic modelling with single point “best guess”
- wrong most of the time
- unstructured → overlook or underestimate source of risks
- affected by assessment biases
- no consideration of “what if” scenarios and combined effect?
What is the purpose of RM software (RMS)
- helps decision making by modelling/simulating various scenarious
- useful a PJ becomes more complex + competetive
- useful for combining effekt of risk and uncertainty from one or more sources
BUT:
→ dont not change “real world”
→ does not predict future
What is the difference between objective and subjetive risks?
Objective:
-probabilty distribution known in advance
→ can be describe precisely based on theory, experiment and common sense (coin flip)
Subjective:
-probabilty distribution unknown
-representing the probability can differ from person to person (bets or weather forecast)
→ subjective risk are very common in PM
What are the main steps behind stochastic analysis & Monte Carlo Method
- observe real life
- build your model (excel)
- collect data
- use distributions
- sample from your distributions
- calculate and record results
- repeat step 5/6
- look at final result → statistical distributions
What is the difference modelling & simulation
Modelling → process of describing project in a mathematical way
Simulation → process of imposing real-life complication on model and measuring the effects
What is a stochastic process?
-a collection of random variables
→ used to represent the evolution of random value/system over time
→ many different outcomes are possible (difference to deterministic processes)
What are the alternatives for risk mitigation and what is it?
→ can become a “project within the project”
- past experience useful to identify potential actions
- teamwork is essential
- need ofr processes and alternatives in place
-all mitigation imply costs
→ allows to reduce potential cost by having certain cost
- Accept risk
- Minimize risk
- Share risk
- Transfer risk
What is Accept risk about?
→ key question: “is risk sufficientyl strong that any action is warranted?”
-acceptable if likelyhood or impact is so small
What is Minimize Risk about? + Project Example
→ reduce probabilty and/or impact by:
- more standart tech
- experienced suppliers/teams
- reducing overlap phase
- start construction with a complete design
Example: Boeeing is in continous contact with its suppliers, if a part is not safe, suppliers have to change it
What is “Share Risk” about?
-risk are shared withing members of PJ
→ often done with contracts among suppliers
→ joint ventures, Public Private partnerships etc.
-comes from “skin in the game idea”
→ aircraft engineer tests his own plance first
What is “Transfer Risk” about?
-shifts the risk to another partner
→ often includes payment ot a risk premium
-does not eliminate the risk
What are strategies for positive risks?
-
Exploit
- increase the opportunity that a certain positive event occurse
- assign more talented resources to a specific activity -
Share
- allocating ownershipt to a third party, who is able to captur the opportunity for benefit -
Enhance
- increase probability and/or positive impacts
- target+reinforce triggering events