Project Risk Management

By

Dr. M. L. Mittal
Department of Mechanical Engineering
Malaviya National Institute of Technology Jaipur

1
 What is Risk?
A situation or circumstance that is likely to
cause a harm or loss
Two things
– uncertainty or a lack of knowledge of future
event
– the negativity associated with the event
A situation or circumstance that is likely to
cause a profit is called “opportunity”

2
 Risk components
A probability (likelihood) of occurrence of
an event
Impact of the event occurring (amount at
stake)

Risk = f (likelihood, impact)

3
Risk as a function of its components

High
Probability

High
Risk

Moderate
Risk
Low
Low Risk
Probability

No Magnitude of impact High

Impact Impact
4
Risk Behaviors of a Decision Maker

Risk Averter Risk Neutral Risk Seeker

Stake Stake Stake

5
 Project risk?
Project risk is an uncertain event or
condition that, if occurs, has a positive or
negative effect on at least one project
objective such as time, cost, scope, or
quality.
May be
– External: outside the project manager’s control
– Internal: within the control of the project manager

6
 Common risks
Organizational:
– lack of clarity and procedures, lack of manpower,
withdrawal of key personal etc.
Technical:
– wrong assumptions, non-availability of technology and
materials, scope changes etc.
Financial:
– Non-availability of finances, price and tax hikes,
changes in exchange rates etc.

7
Social:
– non-cooperation/demonstrations/strikes by society etc.
Political:
– lack of political will, changes in government policies, failure to get
statutory permissions etc.
Legal:
– licenses, patent rights, lawsuits, regulatory requirements on safety
and environment etc.

8
 Risk over PLC
Initiation Planning Implementation Closure
Risk and uncertainty

9
 Project risk Management
Project risk management is the art and
science of identifying, analyzing, and
responding to risk throughout the life of a
project and in the best interest of meeting
project objectives.

10
 Risk management benefits
A proactive rather than reactive approach.
Reduces surprises and negative consequences.
Prepares the project manager to take advantage of
appropriate risks.
Provides better control over the future.
Instill confidence in the stakeholders
Improved decision-making process
Improves chances of reaching project performance
objectives within budget and on time.

11
 Risk Management Planning
The process of deciding how to approach and
conduct the risk management activities for a project
Factors affecting risk management plan
– Enterprise environmental factors: Attitudes towards risk and the risk
tolerance of the organizations and people
– Organizational process assets: Current approaches to risk
management such as risk categories, definitions of concepts and
terms, standard templates, roles and responsibilities, authority levels
– Project scope statement

12
Steps in Risk Management Process

Define objectives

Identify the risks

Risk analysis

Identify control measures

13
 Define Objectives
Determine from whose perspective the
exercise is to be done
Find answer to the questions
– What do you hope to achieve?
Improving control over the project
Prioritizing for selective attention
Making a choice between the alternatives
Demonstrating the feasibility of a plan/project

14
– Which control aspect to be considered?
Whether the focus is on time, cost, or quality or on more than
one of them
– Which phase/segment of the project is targeted?
Targeted to every phase/segment or only some of them
– Is qualitative or quantitative risks analysis required?
– What type of information is available/usable

15
 Risk identification
Identifying and documenting the events which might affect the project
Not only performed in early stage of planning but also throughout the life cycle of the project for new risks
Risk identification matrix

Technical Organizational Financial Social Political Legal

1
2
…
n

16
Risk formulation
– Clearly define what can go wrong (undesirable event)
– Result of what or whom (cause)
– Area(s) it can influence (effect)

Risk Causes Effects

17
Risk identification techniques
Brainstorming
Delphi technique
Interviewing
Root cause analysis
Diagramming techniques
– Cause –and –effect diagram
– System or process flow charts
– Influence diagrams

18
 Risk Analysis
Process of examining each identified risk in terms of
probability of occurrence and its impact on the
project objectives
Qualitative and Quantitative approaches
– Qualitative risk analysis makes use of subjective assessment of
likelihood and impact of risks
– Quantitative risk analysis is based on numerical assessment of
likelihood and impact of risks
– Quantitative analysis is more informative but requires great deal of
time and efforts
– Depending upon the requirement either or both of them can be used

19
 Risk analysis techniques
Probability /Impact matrix
Expected Monetary Value Analysis
Failure mode effects analysis
Fault tree analysis
Simulation

20
Probability/impact matrix

High Risk 1 Risk 10 Risk 6

Risk 9

Medium Risk 5 Risk 8

Risk 7

Low Risk 4 Risk 2

Risk 3

Low Medium High

Impact
21
Expected monetary value analysis
Expected monetary value (EMV) is the
average outcome when the something
may or may not happen
EMV= Payoff x Probability of occurrence
EMV of risk is negative where as EMV of
the opportunity is positive
Decision tree analysis

22
 Decision tree analysis
One year return on investment

Decision alternatives Bull Market Bear market

Company A stock 5000 -2000

Company B stock 1500 500

Probability of 0.6 0.4

occurrence

23
 Prob. of Bull market (0.6)
5000

2 Probability Payoff

Prob. of Bear market (0.4)

-2000
Invest in stock A

Prob. of Bull market (0.6)

Invest in stock B 1500

Prob. of Bear market (0.4) 500

24
Calculation of expected values
Expected value from alternative A
=5000*0.6+(-2000)*0.4=2200

Expected value from alternative B

= 1500*0.6+(500)*0.4=1100

25
 Prob. of Bull market (0.6)
5000
2200
2

Prob. of Bear market (0.4)

Invest in stock A -2000

Prob. of Bull market (0.6)

Invest in stock B 1500

3
1100 Prob. of Bear market (0.4)
500 26
 Failure Mode and Effects Analysis
(FMEA)
A tool for quantitative risk analysis which can be
applied for systems, designs, process, and
services
RPN (Risk Priority Number) is used as metric for
risk
RPN = O x S x D
where
S (Severity) is the seriousness of the effects of the failure
O (Occurrence) is the frequency of occurrence of the failure
D (Detection) is the ability to detect the failure before it reaches
the customer

27
 Important terms in FMEA
Failure mode:
– Physical description of a failure e.g. coil fails to produce EMF,
fails to open/close, no pressure
Failure effects:
– Impact of failure on the equipment, people e.g. inoperability of
the product/system, customer dissatisfaction, loss of life of the
operator/user
Failure cause:
– Refers to the cause of failure e.g. insufficient door seal, leakage,
wrong use of fastener

28
FMEA for Ball-Point Pen

29
 Fault Tree Analysis (FTA)
FTA is a technique similar to FMECA
FTA is basically composed of logic
diagrams that display the state of the
system and is constructed using fault tree
diagram
Starts with an effect at the top of the logic
diagram and add the events that cause
that particular effect (top-down approach)

30
A fault tree diagram

31
 Simulation
Monte Carlo simulation may be performed
to assess risks in time and costs
May use
– Network diagram along with the time estimates for
schedule risk analysis
– WBS with cost data for cost risk
Analysis may be done to estimate e.g.
– The probability of completing the project within 3
months
– The probability of the cost of the project be Rs. 10 Lac

32
 Identify Control Measures
Avoidance:
– not to carryout certain activities or to perform them in a
different way
– may lead to new risks or affect risks associated with other
activities
Reduction:
– Cause oriented: reducing the probability of occurrence
e.g. improving the maintenance of certain machines,
– Effect oriented: reducing the impact of the risks e.g.
providing backup machine

33
Acceptance:
– no concrete action except being aware of the same
Transferring:
– Transfer to another party may be more capable of
bearing e.g.
insurer
supplier or vendor
third party
– Often cost money and may involve some agreement
or contract

34
 Effective Risk Management
Top management commitment
Time and budget for carrying out risk management
Creating awareness within the project organization
Update at least in the event of changes/ modifications in
scope, phase transitions
Evaluate after occurrence and record results for future use
Presence of a method/procedure that is verifiable,
traceable, transferable
Monitoring, evaluating and improving the risk management
process

35