Project Risk Management

Introduction to Risk Management

Outline
What is Risk?
What is Project Risk?
Causes of Risk
Risk Attitude
Risk Optimization
Need for Risk Management
Risk Management Process
Project Risk Management
Role of Project Manager
4

What is Risk?
The ISO 31000 (2009) / ISO Guide 73:2002 definition of
risk is the 'effect of uncertainty on objectives'. In this
definition, uncertainties include events (which may or
may not happen and uncertainties caused by ambiguity
or a lack of information.
It includes both positive and negative impacts on the
objectives.
Risks with negative consequences are called threats
Risks with positive consequences are called
opportunities (Yes, risk can be good!)
5

What is Project Risk?

According to the 5th Edition of the PMBOK Guide,
project risk is
an uncertain event or condition that, if it occurs, has a
positive or negative effect on one or more project
objectives such as scope, schedule, cost, or quality.

Project Management Triangle

6

Project Risk
Uncertain events: Unknown at point in time, in future when materialized will have
positive or negative impact on the project objectives:
A risk may have one or more causes and if it occurs may have one or more
impacts.
Some Examples of risks:

Environment availability takes longer than planned (-)

Environment non availability (-)
Non delivery of design specifications as per schedule (-)
High quality design specifications (+)
Stakeholders acceptance of process change (+)

Project Risk is generally characterized by Probability and Impact measures: The

probability of risk being materialized(High, Medium, Low) and Impact of risk on
project objectives if it gets materialized(High, Medium, Low)
Once the risk occurs, it is no longer a Risk, it is turned into an Issue
7

Causes of Risk
Cause
May be a requirement, a constraint, assumption or a condition
Results into possibility of positive or negative outcome

Examples of causes:

Requirement of environment availability

Environment breaks down
Limited resources availability
Skilled resource become available
A requirement, such as legal requirement imp0sed by laws or regulations
An assumption, such as the conditions in the market
A constraint, such as number of personnel available to work on any given phase of the
project
A condition, such as the maturity of the organizations project management practices

Either uncertain event occurring will have impact on project cost, schedule,
scope, quality or performance
8

Risk Attitude
Uncertaint
y

Organizati
on
objectives

Risk
s

Risk Appetite: Degree of uncertainty

an organization is willing to take in
anticipation of a reward
Risk Tolerance: The degree or volume
of risk an organization will withstand

Consistent Approach

Open & Honest

Risk Taking
Risk Avoidance
Risk Responses

Risk Threshold: Refers to the level of

uncertainty or level of impact, the
threshold below which an organization
will accept the risk. Above this
threshold, the organization will not
tolerate the risk.
9

Risk Attitude

Risk Tolerance Specific Example

Risk Attitude Key Questions

What risks will the organization accept? (e.g.,
environment vs. quality compromises)
What risks will the organization will take on new
initiatives? (e.g., new product lines)
What risks will the organization will accept on
competing objectives? (e.g., gross profit vs. market
share)
What capital buffer is the organization ready to invest?

Risk Optimization
Consider both pros and cons of
risk taking
When threats and opportunities
are better understood, risk taking
is optimized and managers, in
turn, will make more informed
business decisions
Improved
decision
making
enables
an
organization
to
quickly
meet
emerging
marketplace challenges
12

Need for Risk Management

Risks exists the moment the project is conceived
There needs to be a proactive approach for risk management
consistently throughout the project for the project to be successful
Risks must be actively identified and effectively managed at all levels
of the organization during entire life of the project
Lack of proactive focus on Risk Management
Increase the impact of risks that are realized
Potentially lead to project failure

Reactive response to risks result into

The projects paying heavy penalty in terms of cost, schedule, quality or scope
Increased rate of project failures

13

Risk Management Process

Communication

Communicate

14

Project Risk Management

Risk Management is the identification, assessment, and
prioritization of risks followed by coordinated and economical
application of resources to minimize, monitor, and control the
probability and/or impact of unfortunate events and/or to maximize
the realization of opportunities.
Project Risk Management is an important aspect of project
management.
Risk management is one of the ten knowledge areas defined in PMBOK.
Project risk can be defined as an unforeseen event or activity that can impact
the project's progress, result or outcome in a positive or negative way.
Project Risk Management includes the processes of conducting risk
management planning, identification, analysis, response planning, and
controlling risk in a project.
15

Project Risk Management

Monitoring & Control
Planning

Project Start

Initiation

Closure

Project End

Execution

Plan Risk Management : Define how to conduct risk management in the

project

Identify Risk Management: Determine risks that affect the project and
document their characteristics

Perform Qualitative Risk Analysis: Prioritize the risks for further analysis or
action by assessing their probability of occurrence and impact
Perform Quantitative Risk Analysis: Numerically analyze the effect of risks
on overall project objectives.
Plan Risk Responses: Develop options and action plan to enhance
opportunities and reduce threats to project objectives

Monitor & Control Risks: Implement risk

response plans, track identified risks, monitor
residual risks, identify new risks & evaluate
risk process effectiveness

16

 Risk Management is iterative

process carried out throughout
the life of the project.
Existing risks need to be assessed
and any new risks need to be
identified periodically.

17

Role of Project Manager

Project Stakeholders:
Senior Management
External Entities:
Customer
Project team
Employees

Plan
Create Risk Management
Plan

Risk Tolerance
Threshold

Tools & techniques to

be used

Risk Categorization &

Severity

Roles & Responsibilities

of Stakeholders

Outline of contingency
budget

Review & Escalation

plan

Identif
y

Analyze

Identify risks

Document risks in
Risk Register

Likely cause & Effect

Qualitative Analysis

Prioritize project
risks for
assessment based
on probability and
impact
Quantitative Analysis

Assign numeric
rankings to risks
and highlight for
further
management

Plan
Risk
Respons
e
Develop options

Monitor
&
Control

for enhancing
opportunities &
reducing threats
Incorporate in
project plan

Effective Risk Management

SMEs
Other PMs
External knowledge centers

Continuous monitoring of
existing risks for

Any triggers for their

occurrence

Taking proactive measures

for handling them

Assessment for change in

scores and hence any
update required for risk
responses
Identification of any new risks
Closure of risks which are past or
18
which have not occurred

On lighter note
https://youtu.be/WHGoCybrX1k
https://youtu.be/bTbonpb6hZE

19