Quantitative

risk analysis
submitted by

TEJ PANDYA 80303160091

SVKM’S NMIMS
School of Business Management, Hyderabad
PGDM 2016-18
Quantitative risk analysis –
and how to perform it
Quantitative risk analysis assigns a projected value(usually this value is stated in terms
of cost or time) to the risks that have already being ranked by the previous process
‘perform qualitative risk analysis’.
People often confuse these two processes which are normally performed at the same
time. Perform quality of risk analysis however is determining the probability and impact
of the risks to the project and going on to prioritise and rank them on the risk register.
The outputs from this process will be used to plan risk responses and also to monitor
and control risks.

There are five inputs to perform quantitative risk

analysis:
The risk register. This contains a list of all of the identify risks so far on the project, and
includes information on each such as their responses, their records is an categories.
The risk management plan. This document is in fact the risk management strategy
because it defines the level of risk which is seen as tolerable, how such risks will be
managed, who will be responsible for carrying out the risk activities, the time and cost
aspects of each risk activity and how the communication of risk is to occur.
Schedule management plan. Because the schedule timings are presented in a
quantifiable manner then risks concerned with timing and time scales can easily be
quantified within this process.
Cost management plan. Similar to the above, costs are also quantifiable and can be
used as an input for this process. Note that the scope management plan is not
quantifiable and is therefore normally used within the qualitative risk analysis process.
Organisational process assets. These may consist of risk templates, policies
procedures or guidelines, lessons learned from previous or similar projects, and any
quantitative risk tools.
There is only one output from Quantitative risk analysis:
Risk register updates.
It is worth mentioning here are the risk is anything that may impact the objectives of a
project, and this therefore must include positive and negative impacts. A negative
impact risk is defined as a threat, and a positive impact risk is defined as an opportunity.
Risk responses for threats should act two reduce the probability or impact, whereas risk
response is for opportunities would want to maximize both the probability and impact
should such a risk still occur.

With this in mind the risk register is updated as a result of Quantitative risk analysis in
terms of its risk and probability along with the priority of each risk plus any trends that
have been observed.
Tools used in Quantitative risk analysis:
Probability distributions.
These are usually presented on my table or graph and represent mathematically the
probability of a risk events occurring. These probability distributions aid decision-making
by considering the real probability of it happening and using this determine the best way
to approach each risk.

Data gathering and representation techniques.

This covers the tool and techniques of carrying out a structured interview to determine
be probability and impact of risks from subject matter experts. These experts must have
the knowledge skills and experience sufficient to form a realistic view of such probability
and impacts.

Rather than ask each expert for a single value for each, the project manager would
normally encourage each experts to provide an optimistic, pessimistic and realistic
probability and impact value for each risk.
Quantitative risk analysis and modelling techniques.
There are five tools and methods that can be used here:
Sensitivity analysis.
This involves analysing the project to determine how sensitive is to particular risks by
analysing the impact and severity of each risk.

Expected monetary value analysis.

In broad terms, determining the expected monetary value is to multiply the likelihood by
the cost impact to obtain an expected value for each risk, these are then added up to
obtain the expected military value for the project. A typical way of calculating EMV is
using decision trees;

Quantitative risk analysis – Decision tree analysis.

These are in the form of a flow diagram where each node, represented by a rectangle,
contains a description of the risk aspect and its cost. These rectangles are linked
together via arrows each arrow leading to another box representing the percentage
probability. These totals are calculated by multiplying the risk costs by the probability
and adding that value to the initial cost.

Tornado diagrams.
These are named because of their funnel shaped and portray graphically the project
sensitivity to cost or other factors. Each tornado diagram will represent the impact of
risks in terms of particular aspects. These aspects may be the stages of phases of all
project, and are ranked vertically and represented by a horizontal bar showing plus or
minus cost impacts.

Modeling and simulation.

The most common form of this is Monte Carlo analysis which is normally calculated by
computer by analysing many scenarios for the project schedule and calculating the
impact of particular the risk events and is helpful in identifying risks and the effect they
have on the project schedule.
Expert judgement.
In a similar way to carrying out a structured interview, this would normally involve asking
experts to review your risk data and the manner in which it has been gathered. As a
consequence these experts may also identify additional risk areas.