Risk?
Probability (of occurrence) x Damage (consequences/impact)
- WITHOUT RISK, THERE IS NO RETURN.
Risk can potentially have a positive impact, not just negative.
E.g. really popular product with lots of orders, and order site crashes, its positive that u have good product but risk was site crashing.
e.g apple very close to bankruptcy and took risk with iPod and done well since then. Taking certain risks can offer better return on investment.
Why are projects risky?
- Uniqueness; complexity; constraints; stakeholders
* Market volatility; competitor actions; client or internal organisational changes
Consequences of not managing risk?
- losing market
- disrupting supply
- bad press
- increasing costs
- losing competitive advantage
- e.g. Lego close to shutting down, invested in video games and didn’t work out, they got new partner and turned it around.
Risk Management Process steps?
- Risk process initiation
- Risk identification
- Risk assessment and analysis
- Risk/opportunity response planning and implementation
- Risk communication, review and post-project review
- Risk process initiation
- Establish the context (e.g. risk appetite/tolerance/attitude)
- Which project/programme/organisational objectives are at risk?
- No ‘one-size-fits-all’ solution (Diamond Model!) (each project needs a different process)
- Set risk thresholds (e.g. schedule, budget, performance)
- Agree common framework for assessment of identified risks (e.g. definition table)
- Define potential sources of risks (RBS)
- We need to understand how many risks; the severity of risks and ultimately how much risk are you willing to take on.
E.g. Hinckley point C new power plant have a whole host of people responsible for different types of risk.
Risk appetite?
is the risk that companies are willing to take.
Risk universe?
is all the risks a project could be exposed to and some may be unknown.
Risk tolerance?
is the minimum and maximum risk tolerance a project could deal with.
- Risk identification
Different techniques
- SWOT
- checklists
- group brainstorming
- interviews with key project stakeholders
- review of completed similar projects
- RBS
Types of risk?
Operational
- distribution
- product quality
- suppliers
- IT
Strategic
- markets
- technology
- competitors
- economy
Compliance
- stock exchange rules
- tax requirements
- environmental legislation
Financial
- costs
- profit
- interest rates
- exchange rates
- Risk assessment and analysis
Going back to three key measures: time, cost and performance.
- analyse consequences + likelihood to derive level of risk.
- rank risk to assign managing and monitoring.
- it’s unlikely you have resources to manage all risks identified.
- Risk/opportunity response planning and implementation
o Avoid (prevent)/Exploit: eliminate risk, exploit an opportunity means to make it def. happen
o Transfer/Share: involve another party in managing the risk; using cost benefit analysis.
o Reduce/Enhance: aims to reduce threat’s probability and/or impact; enhancing an opportunity seeks to increase it.
o Accept: proactive action is either not possible or not cost-effective, acceptance is the last resort e.g. unknown unknowns have to accept it, it’s how you deal with it.
- Define risk response (e.g. duration, budget, resources, risk owner)
- Monitor risk/opportunity effectiveness of each response strategy
- Risk communication, review and post-project review
Communication: risk reports at various levels and for different stakeholders
• What have we found?
• What should be done?
Review
• Are planned responses achieving what was expected?
• Have new risks arisen?
• Is plan effective to deal with risks
• Risk management is an ongoing process going through the project life cycle phases.
Post-project review
• Capture lessons learnt
Crisis Management
Unknown unknown blows up into something huge e.g. BP oil spill
Crisis management, failure and recovery
Failure detection and analysis involves:
- failure prevention
- mitigation
- recovery
Atkinson et al, 2006?
Sources of uncertainty:
- lack of information
- ambiguity
- varying agendas in different stages of life cycle
- characteristics of project parties
- trade off between control and trust mechanisms
Meyer et al, 2002?
Uncertainty in project:
- Variation e.g. cost, time, performance vary but in predictable range
- Foreseen uncertainty e.g. influential factors that are predictable.
- Unforeseen uncertainty e.g. major influences that cannot be predicted.
- Chaos e.g. unforeseen events that invalidate a projects target, planning and approach.
