Risks and Uncertainty in Operations and Projects Flashcards
What is the orthodox definition of risk?
The probability that a particular ADVERSE EVENT occurs during a stated period of time, or results from a particular challenge. An adverse event is an occurrence that produces HARM. Harm is the loss to a human being consequent upon damage.
What is the orthodox definition of risk management?
Systematic process of identifying, analysing and responding to uncertainty as project-related (or operations) events or conditions which are not definitely known with the potential of adverse consequences (for an operation) or on a project objective.
What are the two key risk concepts?
- The LIKELIHOOD that some problematic event will occur
- The IMPACT of the event should it occur
What does the management of failure depend on?
Its likelihood of occurrence and the negative consequence of failure
What does operations and process resilience involve?
- Failure prevention
- Mitigating the negative consequences of failure
- Failure recovery
What is the goal and approach to the nature of risk/ uncertainty?
Goal = what are we trying to achieve?
Approach = changes in ways of working or the project environment
What are the risks to outputs?
- Technical targets (explicit and implicit)
- Time targets
- Cost targets
What are the risks to outcomes and objectives?
- Business objectives
- User or stakeholder needs
- Long-term use and relevance
What is the relationship between probability and cost/ impact throughout the project lifecycle?
There is generally an inverse relationship.
- generally speaking, most risks are reduced or eliminated towards the start of a project, but their impact increases the later they occur
What are the aims of risk management?
- Comprehensive identification
- Objective assessment and understanding
- Current diagnosis of position
- Effective strategies
- Focused management attention
What are the aims of risk management process?
- Eliminate uncertainty AVOIDANCE
- Transfer liability/ ownership TRANSFER
- Reduce to acceptable MITIGATION
- Accept and manage residual CONTROL
What is Step 1 of the risk management flow chart?
Risk Management strategy & planning
- Analyse the operations and project to identify sources of risk
In Step 1 (identify risk), what is risk strategy?
- How will risk management be undertaken
- Must be integrated with overall operations and project strategy
In Step 1 (risk management strategy & planning), what is the risk plan?
- Scope & objectives of risk process
- Roles & responsibilities of participants
- Approach, process and tools to be used
- Deliverables
- Estimate effort and resource requirements
- Review & reporting cycle
- Risk management is a continuous process so plan for frequent reviews
- Integrate risk management into operations and overall project plan
What is Step 2 of the risk management flow chart?
Risk Identification
- Analyse the project to identify sources of risk
In Step 2 (risk identification) how should a list of possible risks be generated?
- Should be a team based activity
- Risk identification workshop (whole team, outside experts, brain storming techniques)
- Ask: what can possibly go wrong? (internal/ endogenous or external/ exogenous)
- Concentrate on identifying causes, not just effects (e.g. ‘fishbone’ type cause and effect analysis etc.)
- Can use the WBS or PBS as guides
What is Step 3 of the risk management flow chart?
Risk analysis
- Assess risks in terms of:
- Severity of impact
- Likelihood of occurring
- Controllability
In Step 3 (risk analysis) how does this occur?
- Which risks can be managed
- Which take priority for management attention
- When should we invest in contingency arrangements
QUALITATIVE:
Each identified risk is scored on 2 dimensions:
1. LIKELIHOOD that the risk will occur (high, medium, low)
2. IMPACT if the risk does occur (high, medium, low)
= the risk matrix + risk factors table
QUANTITATIVE:
- Express likelihood of a risk occurring as a PERCENTAGE
- Express impact as a VALUE (aed/ £/ $) equal to the cost if the risk happens (time impact must be expressed as a cost)
- Multiplying likelihood by impact allows each risk to be expressed as a single number
What is Step 4 in the risk management flow chart?
Risk Response Planning
- Implement risk strategy
- Monitor/ adjust plan for new risks
- Change management
In Step 4 (risk response planning) what steps should be taken?
Having identified and analysed a risk the question arises: How should we react to a specific event?
- Mitigation - reducing the risk
- Reduce the probability that a risk will occur, and/ or
- reduce the impact such an event would have on a project should it occur - Avoidance - preventing the risk
- changing the project plan to eliminate the risk or condition - Transference
- paying premium to pass risk to another party e.g. insurance
- option to use PPP-type contracts for certain risky projects - Retaining risk
- making a conscious decision to accept the risk
What are the risk mitigation actions?
MITIGATION PLANNING - is the activity of ensuring that all possible failure circumstances have been identified and the appropriate mitigation actions identified
ECONOMIC MITIGATION - includes actions such as insurance against losses from failure, spreading the financial consequences of failure
CONTAINMENT (SPATIAL) - means stopping the failure physically spreading to affect other parts of an internal or external supply network
CONTAINMENT (TEMPORAL) - means containing the spread of a failure over time
LOSS REDUCTION - covers any action that reduces the catastrophic consequences of failure by removing the resources that are likely to suffer those consequences
SUBSTITUTION - means compensating for failure by providing other resources that can substitute for those rendered less effective by the failure
What is Step 5 of the risk management flow chart?
Risk monitoring & control
- Implement risk strategy
- Monitor/ adjust plan for new risks
- Change management
What does Step 5 (risk monitoring & control) include?
- Define a ‘risk management group’
- Integrate the risk plan into the main project plans
- Define & implement mechanisms for monitoring & reporting risks, progress against the risk plans, and updating the risk management plans
- Agree the monitoring intervals (weekly, fortnightly, monthly etc.)
- Check the risk log - is it being maintained?
- Check that execution of the planned actions is having the desired effect
- Watch for early warning signs of risks developing
- Identify trends to help predict risks = ‘2 points make a trend!’
- Check that risk management is being applied effectively
Who is responsible?
ALL are, as a team, each stakeholder must management risks in their area of responsibility:
- Client/ sponsor
- Project manager
- Project team
= business benefits, project objectives, tasks
