Lecture 5 - Risk Management Flashcards
Define ‘uncertainty’:
Uncertainty is the limited knowledge (“lack of certainty”) about current state and/or future outcomes.
Define ‘risk’:
Risk is the state of uncertainty that can
lead to undesired effects or significant losses.
Define ‘risk management’:
It is the structured approach to identifying, assessing
and mitigating risks.
What are the 3 parts that compose the risk management framework?
- Risk Identification.
- Predict the key project risks - Risk Assessment.
- Assess likelihood of undesirable events
- Determine impact on the project - Risk Mitigation.
- Reduce their likelihood
- Alleviate their impact on the project
What are the 4 sources for identifying risk?
- Company-wide checklists.
- Studying similar projects.
- In-house brainstorming.
- External help.
What are the 5 risk categories?
- Scope risks:
- scope creep, scope gap (ill-defined scope),
dependency change (e.g. new legal requirements). - Schedule risks: task delays, estimation errors.
- Resource risks: inadequate cost estimates, changes in
funding (e.g. liquidity, interest rate), inadequate skills in
team, problems with outsourcing. - Technological risks: hardware/software failures, technical
feasibility (of intended project outcome). - Commercial risks: misestimation of ROI.
What are the 2 qualitative approaches to risk management?
- Probability Impact Chart.
2. Failure mode effect analysis.
Describe the ‘probability impact chart’:
- Characterises undesirable event through two dimensions (impact & probability).
- Critical risks require mitigation plans.
- Medium risks require careful monitoring throughout the project.
- Low risks can often be ignored.
Describe the ‘failure mode effect analysis’:
- Characterises undesirable events through three measures:
1. Likelihood
2. Severity
3. Hideability (how easy is it to conceal failure until late in the project?)
Risk Priority number = L x S x H
What are the 2 quantitative approaches to risk management?
- Sensitivity Analysis.
2. Monte Carlo simulation.
Describe ‘sensitivity analysis’ in terms of TCQ:
For C/Q:
- Use the three methods of cost analysis to determine the effect on revenues caused by small changes in markets etc (e.g. a competitor launches a similar product).
For T:
- Use CPA and work out the difference caused by delays in specific tasks etc.
Describe the ‘Monte Carlo simulation’:
- Uses continuous variables (variable that can take any value in a given range) to produce probability functions for costs, time and revenues in terms of the payback period, present value and IRR.
Name two software packages which run Monte Carlo simulations.
- Risk (Palisade).
2. Oracle (Crystal Ball).
Name the six types of risk mitigation techniques:
- Avoid the risk: abandon possible causes
- Accept the risk: for low priority risks
- Share the risk: collaborate with others
- Limit the risk: roll-out plans, stage-gate model
- Transfer the risk:
- Take out insurance
- Use contractors (with penalty payments)
- On financial markets (e.g. currency risks) - Reduce probability or impact of the risk
What are the 4 ways you can reduce the probability or impact of a risk?
- Monitoring.
- Risk register
- Project assurance
- Communication - Testing.
- Simulation
- Prototyping
- Beta-testing - Contingency Plans.
- Backup plans
- Contingency buffers
- Time buffers - Process standards.
- Health & safety standards
- Employee training
- Regular inspections, double-checking
