Project Risk and Control
Management
Week 1 lecture 1
�Introduction
• The course is divided into two portions
1. Project Risk Management
Reference books:
• Practice Standard for Project Risk Management, Published by Project Management Institute
(PMI), 2009
• Project Risk Management: A Practical Implementation Approach by Michael M. Bissonette
(Chapter 12, 13 and 14) Project Management Institute © 2016 (300 pages) Citation
2. Project Control Management
• PMBOK 6th Edition chapter 5,6, 7, 11
• Case studies in project, program, and organizational project management Dragan Z.
Milosevic, Peerasit Patanakul & Sabin Srivannaboon Copyright 0 2010 by John Wiley & Sons,
Inc. All rights reserved.
�Risk?
• In simple terms, risk is the possibility of something bad happening.
Risk involves uncertainty about the effects/implications of an activity
with respect to something that humans value, often focusing on
negative, undesirable consequences.
• Difference between risk and disaster?
• Difference between risk and assumption? Discussion
• Difference between risk and issues?
�Project Risk Management Definition
• “Project Risk Management includes the processes concerned with
conducting risk management planning, identification, analysis,
responses, and monitoring and control on a project.”
�Objective ?
• “The objectives of Project Risk Management are to increase the
probability and impact of positive events, and decrease the
probability and impact of negative events in the project.”
• “Project risk is an uncertain event or condition that, if it occurs, has a
positive or negative effect on a project’s objectives.” Project
objectives include scope, schedule, cost, and quality.
�Role of Project Risk Management in Project
Management
• Project Risk Management is not an optional activity: it is essential to
successful project management…. in every phase and in every process
group.
• Project Risk Management addresses the uncertainty in project estimates
and assumptions.
• Quantitative risk analysis explores the uncertainty in the estimated
durations and may provide alternative dates and critical paths that are
more realistic given the risks to the project.
• Project Risk Management adds the perspective of project risk to the
outputs of those other processes and adds to their value by taking risk
into account.
�Cont..
• There is a paradox about project risk that affects most projects. In the
early stages of a project, the level of risk exposure is at its maximum
but information on the project risks is at a minimum. This situation
does not mean that a project should not go forward because little is
known at that time. Rather, there may be different ways of
approaching the project that have different risk implications. The
more this situation is recognized, the more realistic the project plans
and expectations of results will be.
�Cont…
• A risk management approach is applicable throughout a project’s life
cycle. The earlier in the project life cycle that the risks are recognized,
the more realistic the project plans and expectations of results will be.
• It is true that as the project plan becomes set with fundamental
decisions, agreements, and contracts in place, the options for making
substantial changes to capture opportunities or mitigate threats are
reduced.
�Critical Success Factors for Project Risk
Management
�Specific criteria for success of each Project
Risk Management process
• Recognize the Value of Risk Management
• Individual Commitment/Responsibility
• Open and Honest Communication
• Organizational Commitment
• Risk Effort Scaled to Project
• Integration with Project Management
�Principles and Concepts
• Definition of Project Risk
• This definition includes two key dimensions of risk: uncertainty and
effect on a project’s objectives. When assessing the importance of a
project risk, these two dimensions must both be considered. The
uncertainty dimension may be described using the term “probability”
and the effect may be called “impact” (though other descriptors are
possible, such as “likelihood” and “consequence”).
� Individual Risks and Overall Project Risk
• It is useful to consider project risk at two levels: individual risks and overall project risk.
• Individual risks
• Individual risks are specific events or conditions that might affect project objectives. An
individual risk may positively or negatively affect one or more of the project objectives,
elements, or tasks. Understanding individual risks can assist in determining how to apply
effort and resources to enhance the chances of project success. Day-to-day Project Risk
Management focuses on these individual risks in order to enhance the prospects of a
successful project outcome.
• Overall project risk
• Overall project risk represents the effect of uncertainty on the project as a whole. Overall
project risk is more than the sum of individual risks on a project, since it applies to the
whole project rather than to individual elements or tasks. It represents the exposure of
stakeholders to the implications of variations in project outcome. It is an important
component of strategic decision-making, program and portfolio management, and project
governance
�Stakeholder Risk Attitudes
• The risk attitudes of the project stakeholders determine the extent to
which an individual risk or overall project risk matters
• Factors influencing
• scale of the project within the range of stakeholders’ overall activities,
• strength of public commitments made about the performance of the project
• the stakeholders’ sensitivity to issues such as environmental impacts,
industrial relations, and other factors.
• Stakeholder risk attitudes usually result in a desire for increased
certainty in project outcomes
�Iterative Process
• Project Risk Management processes should be repeated and the
corresponding plans progressively elaborated throughout the lifetime
of the project.
• The development of an initial risk management plan and risk
assessment is the start of the process, not the end.
�Communication
• Project Risk Management cannot take place in isolation. Success relies
heavily on communication throughout the process.
�Project Manager’s Role for Project Risk
Management
• Encouraging senior management support for Project Risk • Applying project contingency funds to deal with identified risks
Management activities. that occur during the project.
• Determining the acceptable levels of risk for the project in • Overseeing risk management by subcontractors and suppliers.
consultation with stakeholders. • Regularly reporting risk status to key stakeholders, with
• Developing and approving the risk management plan. recommendations for appropriate strategic decisions and
• Promoting the Project Risk Management process for the actions to maintain acceptable risk exposure.
project. • Escalating identified risks to senior management where
• Facilitating open and honest communication about risk within appropriate: such risks include any which are outside the
the project team and with management and other authority or control of the project manager, any which require
stakeholders. input or action from outside the project, and any for which the
release of management reserve funds might be appropriate.
• Participating in all aspects of the Project Risk Management
process. • Monitoring the efficiency and effectiveness of the Project Risk
Management process.
• Approving risk responses and associated actions prior to
implementation. • Auditing risk responses for their effectiveness and documenting
lessons learned.
�Project Risk Management Processes
• Scalable elements of the process include:
• Available resources,
• Methodology and processes used,
• Tools and techniques used,
• Supporting infrastructure,
• Review and update frequency, and
• Reporting requirements.
�precondition for a successful Project Risk
Management implementation
• Clear understanding of the risk thresholds that define the key
stakeholders’ views on acceptable levels of risk.
• Project Risk Management activities, resources, and attention should
be appropriate to the project since different projects warrant different
levels of risk management application.
• The main actions to provide the required tailoring are as follows:
• Define those objectives against which risks will be identified,
• Define how the elements of the Project Risk Management process will be
scaled for this project, and
• Define risk thresholds, tolerances, and the assessment framework
� Initiation step.
• This is required to ensure a common understanding and agreement of the
team and other stakeholders on the approach and parameters that will be
applied in managing risk in this project, as well as the scope and objectives of
the Project Risk Management process itself.
• The outputs from this initial step should be documented, communicated, and
then reviewed by the stakeholders to ensure a common understanding of the
scope and objectives for the Project Risk Management process. The document
should be formally approved at a senior level.
Identifying risks
• Once the Project Risk Management scope and objectives are agreed upon, it is
possible to start identifying risks, being careful to distinguish genuine risks from
non-risks (such as causes, effects, problems, issues etc.).
�Risk evaluation
• Risk evaluation can be performed using qualitative techniques to
address individual risks, using quantitative techniques to consider the
overall effect of risk on the project outcome, or using both in
combination.
• Following risk identification, it is necessary to evaluate the
importance of each risk, in order to prioritize individual risks for
further attention, evaluate the level of overall project risk, and
determine appropriate responses.
� Project Risk Management process. These are
detailed in subsequent chapters, as follows:
• Plan Risk Management (Chapter 4) — Defines the scope and objectives of the Project
Risk Management process, and ensures that the risk process is fully integrated into
wider project management.
• Identify Risks (Chapter 5) — Identifies as many knowable risks as practicable.
• Perform Qualitative Risk Analysis (Chapter 6)— Evaluates key characteristics of
individual risks enabling them to be prioritized for further action.
• Perform Quantitative Risk Analysis (Chapter 7)— Evaluates the combined effect of
risks on the overall project outcome.
• Plan Risk Responses (Chapter 8) — Determines appropriate response strategies and
actions for each individual risk and for overall project risk, and integrates them into a
consolidated project management plan.
• Monitor and Control Risks (Chapter 9) — Implements agreed-upon actions, reviews
changes in project risk exposure, identifies additional risk management actions as
required, and assesses the effectiveness of the Project Risk Management process.
