Risk Management Flashcards

1
Q

Define risk.

A

A risk can be defined as an uncertain event or

a circumstance that, if it occurs, will affect the outcome of a programme/project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Does risk only refer to threats?

A

No, risk is widely accepted to define risks and opportunities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What guidance note does the RICS produce on risk?

A

RICS professional guidance, UK - Management of risk,
1st edition

Effective 25 September 2015

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an issue?

A

Issues are events that are happening now or imminently.

This differs from risks, which sit in the future.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What can lead to an issue?

A

Unmediated disputes, unaddressed concerns, unresolved decision making or risks that have evolved into issues

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How should you manage risks and issues?

A
  • Response plans
  • Agreed action dates

Hold people accountable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a risk register?

A

A document that can be adopted during the early stages of the project, showing:

  • Where the responsibility lies
  • Likelihood of risk occuring
  • Impact of risk should it occur
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the different measures that can be taken to mitigate risks?

A
  • Risk avoidance (serious, unacceptable, designed out)
  • Risk reduction (unacceptable, reduce chance of risk or impact)
  • Risk transfer to contractor (building programme risk better controlled by contractor, comes at risk premium)
  • Risk sharing (often provisional quants employer risk and provisional rates contractor risk)
  • Risk retained (risk allowance included in cost plan)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the general risk categories?

A
  • Political and business risk
  • Benefit risk
  • Consequential risk
  • Project risk
  • Programme risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is political and business risk? Give an example.

A

A risk that has an adverse impact on the business as an ongoing concern.

This risk could come as a result of a benefit, consequential, programme or project risk.

For example, if there is a severe delay the share price for the business may fall due to lack of confidence in the organisation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a benefit risk? Give an example.

A

The risk of failing to deliver the project to the performance required, undermining the long term business case (no benefit of the project).

For example, planning may limit size of scheme, reducing revenues through reduced net lettable space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a consequential risk? Give an example.

A

Risk occurs as a result from another risk.

They may occur within the project, and can affect operations inside or outside of the project.

An example would be the disruption of activities due to the interruption of power supplies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a project risk? Give an example.

A

A risk of something going wrong during the execution of the project. This may affect it’s successful delivery.

Generally described in terms of quality/time/cost, an example is a provisional sum for unknown excavation works below the ground.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a programme risk? Give an example.

A

Risks that affect the programme as a whole, rather than individual projects. These risks concern decisions that transform strategy into action.

Examples include funding, organisational/cultural issues, quality, business continuity.

When project risks exceed set criteria and affect programme objectives, then they
would be escalated to the programme level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What NRM document defines risk categories?

A

NRM1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the risk categories as defined in NRM1?

A
  • Design development risk
  • Construction risks
  • Employer change risks
  • Employer other risks

A risk allowance for each forms part of a cost estimate (if required)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are design development risks?

A

Risks associated with design development, changes in estimating data, third-party risks (e.g. planning, legal, environmental risks), statutory requirements, procurement methodology and delays in tendering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are construction risks?

A

The risks associated with site conditions (e.g. access restrictions/limitations, existing buildings, boundaries,
and existing occupants and users), ground conditions, existing services, and delays by statutory undertakers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are employer change risks?

A

The risks of employer-driven changes (e.g. changes in scope of works or brief, changes in quality and changes in time).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are employer other risks?

A
  • Early handover
  • Postponement
  • Acceleration
  • Availability of funds
  • Liquidated damages or premiums on other contracts due to late provision of accommodation
  • Unconventional tender action and special contract arrangements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What general risks can the project team control?

A

Project risks and consequential risks, however t it

should be ensured that the client is informed of other risks to enable development of their contingency plans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is risk exposure?

A

The potential effect of a risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the objectives of the risk monitoring and control process?

A

• review (monthly) the current risk profile and identify
changes in risk probabilities and impacts

• monitor (monthly) the implementation of risk responses
and implement any necessary changes

• update (quarterly) the risk register with any new risks
and associated responses based on changes in
project scope, project progress and changing risk
generators

• review (quarterly) the level of project risk management
maturity of each project in the programme.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Give an example of a major consequential event?

A

If there was a minor event that required the redecoration of a room, which had a knock-on effect of delaying PC and losing rental income for the client

25
Q

What is a procurement strategy?

A

The procurement strategy identifies the most effective
approaches in successfully delivering a construction
project.

The strategy entails measuring the risks, benefits and cost, time and quality constraints to conclude and establish the most suitable procurement route and what contractual factors should be considered.

26
Q

What is the difference between procurement strategy and procurement route?

A

The procurement strategy identifies what is required in terms of time/cost/quality/risk for a successful project delivery.

The procurement route will be chosen based on the procurement strategy.

27
Q

List some factors that will affect a procurement strategy

A
  • client type
  • risk allocation
  • time available
  • cost certainty
  • design development
  • design responsibility
  • specialist input
  • BIM
  • complexity of project
  • change accommodation and
  • contract administration.
28
Q

Why might you want to quantify risk?

A

• to build a risk allowance that could be part of a
project contingency
• where clients need to report upwards in their organisation or to a third party
• where the project forms part of a larger programme of
projects
• to motivate people into following through management
actions
• where clients insist on it as part of their procedures or
have capped funds
• where it is desirable to link risk to contingency
• where it is required or provides comfort to funders or
other third parties

29
Q

What is a probability tree?

A

A probability tree is a technique for determining the overall risk associated with a series of related risks.

30
Q

What is the central limit theorum?

A

This is a mathematical technique used to provide a 90%

confidence level for a project contingency fund

31
Q

What is the monte carlo simulation?

A

This is a computer-generated simulation used to model

outcomes

32
Q

What is a fault tree analysis?

A

A deductive approach to determining the causes contributing to a designated negative outcome, beginning with the definition of a top (undesired) event, and branching backwards through intermediate events until the top event is defined in terms of basic events

33
Q

What is an event tree analysis?

A

Finding possible outcomes from an initial event, and in this way is the opposite of a fault tree analysis

34
Q

What is percentage addition?

A

Percentage addition is based on a percentage of the cost plan and should only be used for preparing rough and initial order cost estimates.

35
Q

What is the “simple method” of assessing risk?

A
  • Basic quantitative method of calculating risk allowances
  • Cost is assigned to each risk
  • Probability of risk occuring (%age, often subjective) assigned to each risk
  • Cost is multiplied by likelihood, giving an “expected value”
  • Total of all expected values gives risk allowance
36
Q

What is the “probabilistic method” of risk assessment?

A
  • More detailed than simple method
  • Often called 3-point estimating
  • Cost assigned to each risk
  • Probability of risk occuring assigned to each risk into 3 categories, usually “best/likely/worst” case (total = 100%)
  • Expected value against each assumption produced
  • Total of all expected values gives risk allowance
37
Q

What is a sensitivity analysis?

A

A practical method of investigating risks on a building
project by varying the values of key factors and measuring the outcome. This does not give a mathematical result but highlights the key factors that may affect the project outturn, should they be varied

38
Q

When should risk management be implemented?

A

Throughout the project lifecycle, from inception to use

39
Q

What should a risk management strategy cover?

A
  • details of the client’s risk appetite
  • a definition of who is responsible for risk management

• a description of how risks will be identified, analysed
(qualitatively/quantitatively), managed and reviewed

  • the frequency of risk review meetings
  • the software tools and techniques that will be used
  • reporting forms and structures

• if required, identification and reporting of trends,
providing appropriate mitigation actions and advising
on the decisions.

40
Q

What considerations would you make in developing a risk management strategy?

A

• an understanding of the link between corporate and
project requirements

• the identification of current maturity level and any gaps

• a development of the risk approach that may include
training and specific tools

• the implementation of the risk-management process

• how to improve the process and monitor its
effectiveness.

41
Q

What does a Risk Breakdown Structure (RBS) identify as project risk potential risk generators?

A
  • natural
  • economic
  • government
  • societal
  • client
  • construction and
  • project.
42
Q

List some risk identification methods

A
• brainstorming
• cause and effect diagrams
• checklists
• delphi technique (anonymous polling)
• force-field analysis
• historical information
• industry knowledge base
• influence
• interviews
• lessons learned
• list of assumptions and constraints
• project document review
• questionnaire
• root-cause analysis
• strengths, weaknesses, opportunities and threats
analysis
• team workshops
• value improvement processes.
43
Q

Risk events identified in the risk identification

process are allocated into 5 risk categories. What are they?

A
  • external – uncontrollable
  • external – influenceable
  • internal – client operations (controllable)
  • internal – user requirements (controllable)
  • internal – project processes (controllable).
44
Q

What response would be suitable for an “external - uncontrollable” risk?

A

Provide contingencies to cater for the impact of the event should it occur

45
Q

What response would be suitable for an “External –

influenceable” risk?

A
  • Plan actions to influence the probability of the event
    occurring.
  • Provide contingencies to cater for the residual impact of the event should it occur
46
Q

What response would be suitable for an “Internal – client

operations” risk?

A
  • Project team draws the client’s attention to the
    ramifications of planned or implemented actions
  • Project team should act to reduce impact of event
  • Define contingencies to cater for the residual impact of the event should it occur
47
Q

What response would be suitable for an “Internal – user requirements” risk?

A
  • Plan actions for the client and project team to implement that reduce the probability of the
    event occurring and its impact
  • Provide contingencies

[This risk can come from client of project team]

48
Q

What response would be suitable for an “Internal – project processes” risk?

A
  • Plan actions for the project team to implement that reduce the probability of the event occurring and its impact
  • Provide contingencies

[This risk can come from only project team]

49
Q

What are stats and who holds the risk on them?

A

Statuatory installations such as power, gas etc.

Employer

50
Q

What were your risk allowances on your project in Dulwich?

A

I wasn’t involved in precontract, by the time I was appointed there was one all-encompassing risk pot of c. 10%

Because it was listed existing building, high risk

51
Q

What were the risk allowances on project in Central London Stage 1?

A

Client - 2.5% design dev, 5% construction risk

Contractor - 2.5% cont design risk on design portion

52
Q

What were the risk allowances on project in Central London Stage 4?

A

Client - 5% construction risk

Contractor - 2.5% cont design risk on design portion

53
Q

Would the contractor not also have other risk allowances?

A

Within contract sum agreed with us, the design dev risk pot was the only one agreed

No doubt within the contractor’s own project costs they held risk for things

54
Q

What were the risk allowances on project in South London at Stage 1?

A

7.5% “design reserve and contingency” (+ 2.5% cont. design risk + 4% OHP + 17% prelims)

The 7.5% = 5% construction/employer change + 2.5% design dev

55
Q

What were the risk allowances on project in South London at Stage 2?

A

We will review shortly as cost planning now.

  • Design reserve will likely reduce.
  • Construction risk will be reviewed with risk register
56
Q

How might you reduce risk in quality when you’re tendering at stage 3 in a DB?

A
  • Develop parts of the design to Stage 4, fix say substructure
  • Tender parts early such as demolition of an existing building
  • Bring on sub-contractor during PCSA to fix price
57
Q

What’s the difference between NRM risk categories and the general risk categories?

A

NRM is geared towards construction

Many of those in general e.g. political/benefit would feed into “Employer other”

58
Q

What’s EMV?

A

Expected Monetary Value (simple method)

Probability of risk X impact of risk = EMV for risk

59
Q

Why would you not use the monte carlo simulation?

A

We do not have the software or skillset to model risk in that way