PART II RELATED STUDIES

Risk management has been prioritized and concern in every projects of project managers, for them to be ready in coming of unexpected events. Risks are really dangerous that can lead the project to a big failure and can loss a project in just a blink of an eye. Project managers need to be aware on how to handle and surpass these risks and how they will plan this beforehand. In this part of the research, there are different other researchers had been studied the risk management. They discussed the definition of risks, the different kind of risk, preparation and handling during the project when the risk occurs. These related studies may able to help managers on how to deal with different risks. Definition of Risk Risks are problem that has not yet happened but which could cause some loss or threaten the success of the project if it did. Although, sometimes risk is not that bad it also can be a help, it is because failure is one of the tool in learning; mistakes that can be help to realize everything. But, of course, it has negative effect and that is losing a big chance that the project will succeed. Risk is unpredictable events. This is the reason why it is a big threat for a project to hinder the success of it. Even though it is unexpected, it can be planned beforehand with understanding of what are the possible risks that can be happen to a certain project. In defining risk, it can be understood in its advantage and disadvantages in a project.

Different Types of Risk Technology Risks Technology enables key processes that a company uses to develop, deliver, and manage its products, services, and support operations.

Understanding the role that technology plays in enabling core business operations establishes the framework for understanding where relevant technology risks lie.

By understanding the role that technology plays in supporting various business functions, company management is in a better position to determine the relative importance of these functions and prioritize the systems, applications, and data involved. Technology risks are present throughout the company and must be addressed as a whole. Technology risks are risk that can be result to a failure in meeting the systems target functionality and operations. Typical examples are: Problems with immature technology Use of the wrong tools Software that is untested or fails to work properly Requirement changes with no change management Failure to understand or account for product complexity Integration problems Software/hardware performance issuespoor response times, bugs, errors

Schedule Risks Schedule risk is the risk that the project takes longer than scheduled. It can lead to cost risks, as longer projects always cost more, and to performance risk, if the project is completed too late to perform its intended tasks fully. Apart

from the cost estimation and resource allocation used in CPM, most of the techniques used in quantitative cost risk analysis are different from those used in schedule risk analysis. Schedule risks can cause project failure by missing or delaying a market opportunity for a product or service. Such risks are caused by: Inaccurate estimating, resulting in errors Increased effort to solve technical, operational, and external problems Resource shortfalls, including staffing delays, insufficient resources, and unrealistic expectations of assigned resources Unplanned resource assignmentloss of staff to other, higher-priority projects

Cost Risks Because of the uncertainty of risk cost, the measure of risk cost is unclear. In the actual risk operation of operation institution, which has the preference to pursue accounting profit, the two-way uncertainty of risk cost always changes and becomes a single risk, that is, the loss cost measure is seriously in shortage. Little by little, lots of risks are amassed, which greatly threaten the operation, and these risks have not fully disclosed. As described above, to reduce risk cost, it is necessary to strengthen the control over risk cost. This is integral important method to reduce risk cost, but the control over the risk cost is not enough, the compensation mechanism of risk cost must be built and perfected. the compensation mechanism of risk cost has special sense in risk cost management, which is the problem discussed by academic circles in the future. Many of these types of risks are directly or indirectly under the project manager's control or within his or her area of influence. Examples of cost risks include those arising from: Cost overruns by project teams or subcontractors, vendors, and consultants

 Scope creep, expansion, and change that has not been managed Poor estimating or errors that result in unforeseen costs Overrun of budget and schedule

External Risks External events are mainly outside the control of the project manager and, in most cases, the corporation. Examples include: Marketplace developmentsrapid developments can cause an abrupt change of direction Government regulatory changes Industry-specific proceduresnew standards, issues Mergers/acquisitions Legal issuesdisputes, lawsuits, and court orders Change-driven factorsnew products, services, changes in market Corporate strategy and priority changes Disasters such as fire, flood, earthquake, or other natural disaster Interference from outside electrical sources, causing disruption Loss of power, heating, or ventilation; air conditioning failure Sabotage, hacking, and security breaches Communications systems and security sensor failures Viruses and other malicious attacks on information systems Emergency destruction of communications Most of these risks are very difficult to control at the project manager level but can be identified and, therefore, managed. This means that senior management must be involved in the risk management process and have input into risk control issues.

Operational Risks Operational risks are characterized by an inability to implement largescale change effectively. Such risks can result in failure to realize the intended or expected benefits of the project. Typical causes are: Inadequate resolution of priorities or conflicts Failure to designate authority to key people Insufficient communication or lack of communication plan Size of transaction volumestoo great or too small Rollout and implementation riskstoo much, too soon

Risk Management Risk management, according to Wikipedia, is s the identification, assessment, and prioritization of risks (whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities Importance of Risk Management All project must be manage the risk properly. If not, the project will have a high possibility of failing. For this reason, project managers should plan ahead to prevent the risk in every projects they are handling. It is important to be aware on what may happen in a certain project when you started it, to ensure the success of that project. The main reason of the risk management is for the companies, business or project managers will able to handle the risk or uncertainty that they will may face in the future. The risk identification, assessment and management are parts of strategic development. It must be planned and designed at the highest level by the project managers.

Scope of Risk Management

Figure 2.0 Scope of Risk Management Risk Identification The nature of risk identification phase is how the risk has defined in the project. Although the risk is the same but projects are different, the risk has a different impact in both projects. So, defining risk is depends on what project is and its effect or output. Identifying critical important asset is the first step, and part of analyzing the risk in project. In identifying critical important asset, analyzing the process and activities of the company or entity and looking for any process malfunctions that could have impact on the entity goals and the expected results. Looking for the asset and damage to these assets and damage could be the cause of risk or the malfunctions of a project. These are the approach that can be used.

Secondly, the risk can be defined by looking for: Threats that may damage, and vulnerabilities that could be exploited Damage that may affect, and the circumstances in which this damage may occur. Identifying threats to asset and vulnerabilities that these threats can exploit to affect that asset makes it possible to characterize a given type of risk, but does not aim towards, or in any case make possible. Improper Risk Management Learning to deal with and plan for risk is an essential piece of project management training. And risk tolerance is a desirable project manager trait - because projects rarely go exactly according to plan. Gathering input, developing trust and knowing which parts of a project are most likely to veer off course are all aspects of the project manager's job. Ambiguous Contingency Plans: It's important for project managers to know exactly what direction to take in pre-defined "what-if" scenarios. But if those contingencies are not identified, the entire project can become mired in an unexpected set of problems. Asking others to identify potential problem areas can lead to a much smoother and more successful project.