Identification, Analysis, Response Planning, Monitoring and Controlling of Risk

5.4.2 Risk Identification

• It is defined as the process of identifying the risk associated with the project by analyzing various sources with the involvement of various participants of the project is known as risk identification. The participants can be the project team, risk management team, subject matter experts, customers, end users, outside experts etc.
• Risk identification process requires risk management plan and risk breaks down structures.
• Review of documents related to project files, checklists information gathering technique like brainstorming, Delphi technique, interviewing, SWOT analysis, assumption analysis, and diagramming techniques are used for risk identification process.
• The risk register is prepared after completion of the risk identification process.

Risk identification is done to determine the risks that may affect the project and also to document their characteristics.

Risk register

The risk register is a record to document the results of the risk management process. It contains the following information.

• List of identified risks with description
• List of potential responses
• Root causes of risk
• Updated risk categories

5.4.3 Qualitative Risk Analysis

• The application of methods for ranking the identified risks according to their potential effect on project scope and objectives is known as qualitative risk analysis. This process prioritizes risks according to their potential effect on project objectives.
• Qualitative analysis is one way of determining the importance of addressing specific risks and guides risk response measures. The RMP and RR are required for the qualitative risk analysis process. The risk probability and impact assessment are carried out.
• The risk probability and impact are rated and presented in the matrix known as probability-impact matrix.
• The risk register will be updated after completing the qualitative risk analysis. Updates on risk categories according to the impact scale and urgency is done.

5.4.4 Quantitative risk analysis

• It is a way of numerically analyzing the possibility or probability that a project will meet its scope or target (time, cost).
• Quantitative risk analysis analyzes numerically the effect a project risk has on an objective of a project. This process generally follows qualitative analysis and utilizes statistical techniques such as Monte Carlo simulation and decision analysis to:
  • Determine the probability of attaining a specific project objective.
  • Identify risks requiring the most attention by quantifying their relative contribution to project risk.
  • Identify and set attainable and realistic cost, schedule or targets.
  • Quantification of project outcomes and their probabilities.
  • Under conditions of uncertainty such as determination of the size of contingency, it guides project management decisions.
• The RMP, updated RR, Project scope statement and project management plan (cost, schedule plan) are required for the quantitative risk analysis.
• Interviewing and expert judgment is carried out for gathering and representation of data where as various modeling technique like Monte Carlo, simulation, sensitivity analysis, decision tree analysis are used for the quantitative risk analysis process. The risk register is again updated after the quantitative analysis.
• The updated information is added like the probability of the risk, forecast of potential impact, prioritized list of risk etc.

5.4.5 Risk Response Planning

• Risk response planning addresses the matter of how to deal with risk. Risk response must be proportional to the severity of the risk, cost effective, timely, realistic and accepted as well as owned by all concerned parties of the risk management.

Objective of risk response planning

• Develop options and determine actions to enhance opportunities and minimize threats to project objectives.
• Assign responsibility to individuals or parties for each risk response.

a) Risk avoidance

• Risk avoidance is the process to avoid the risk by changing the project plan to eliminate the risk. It can also be carried out by relaxing the relevant objectives by extending the schedule or increasing the cost of the project. All risk cannot be avoided, but some may. Examples of risk avoidance are: add resources, improve communication, avoid unfamiliar sub-contractor, adopt familiar approach etc.

b) Risk Transfer

• Risk transfer is the transfer of risk to the third party who will carry the risk impact and ownership of the risk response. Risk transfer is most effective in dealing with financial risk exposure. Examples of risk transfer include the transfer of risk liability to sub-contractor, the use of risk insurance and payment of risk premium, performance bonds, warranties etc.

c) Risk Mitigation

• Risk mitigation aims at reducing the probability and/or impact of a risk to within an acceptable limit or threshold. The probability/Impact should be mitigated before the risk takes place. Thus avoiding dealing with the consequences after the risk had occurred. Examples of risk mitigation are: adopting the less complex process, adding resources to the schedule, conducting more engineering tests and inspections etc.

d) Risk Acceptance

• Project manager and project team decide to accept certain risks. Acceptance indicates a decision not to make any changes to the project plan to deal with a risk, or not identifying response strategy. This strategy can be used for both negative and positive risks.

There are two types of acceptance:

a) Active acceptance: This includes developing a contingency plan to execute should a risk occur.

b) Passive acceptance: Passive acceptance requires no action. The project team will deal with the risk as it occurs.

5.4. 6 Risk Monitoring and Controlling

• Risk monitoring and controlling keep track of identified risk, residual risks, and new risks. It also ensures the execution of the risk plans and evaluates their effectiveness in reducing risk. It continues for the life of the project.
• The purpose of risk monitoring is to determine whether risk response actions are implemented effectively or not. And also to know about the change in risk exposure from its prior state if any, to check validation of project assumptions, and project policies and procedures are followed or not.

Bibliography:

IshwarAdhikari and Santosh Kr. Shrestha, “A text book of Project Engineering” 2011, Chandeshwori Publication, First Edition.

K. Nagarajan, “Project Management”, ISBN: 81-224-1340-4, New Age International (P) Limited, New Delhi, India, 2001.

E.R. Yescombe, “Principles of Project Finance” 2002, Yescombe-Consulting Limited.