Risk and Project Risk


Whenever we launch a project, the risk is inevitable, where projects make -. And when you change, it introduces uncertainty and risk

A risk is defined as uncertainty event should it occur, will affect the project meets its objectives. These conflicting events can be positive, but it would be called chance, when negative it is called the threat. Both have a common thread of uncertainty.

When the implementation of risk management in order to reduce the likelihood and impact of threats and to increase the likelihood of opportunities and / or positive effects. It is good to consider the risk of “an event that can be not occur in the future, but if it occurs it will affect the objectives of the project.”

The Business Case will contain information, the project cost and risk to the business benefits. Put simply, the aggregate project risk is worth the benefit. If this is so, then the Business Case still viable, desirable and achievable. This fact alone highlights the importance of proper risk management. Whenever identifies new risk, existing risk changes its properties, the issue is identified, or at critical control points as end assessment stage – Business Case should check the feasibility – and this includes the aggregated value of all the risks.

Effective risk management involves clearly defining each risk and evaluate it in terms of likelihood and impact and control by taking appropriate action and ensure such actions have, and continue to have, the desired effect.

Before entering information on the risks, the task will be to determine the risk management strategy that describes how risk management will be both used and implemented within the project. The risk should include, among other factors:

– especially tools and methods to use

– responsible for risk management measures

– procedures for risk management, such as the identification, evaluation, countermeasures / features, implementation and communication.

– scales to be used to standardize and evaluate the likelihood and impact

– reporting and timing risk activities, such as at the end of each work

– risk categories as to be defined, an application, the definition of risk as the risk turn indicators.

– for unpredictable or direct action, should also be approved risk budget. This budget is used to pay for any such actions risk should they be needed.

– when management by exception, risk tolerance or “risk-taking” should be agreed between the promoters and project board

It is worth discussing this last bullet in detail:


Tolerance tolerance is usually time and cost of the project can be “used” to allow for small deviations and estimate errors. Should at any point, the project or stage of wondering exceed this tolerance, the project will escalate the situation to the next level of management -. Who have to decide what to do next

However, tolerance is used may be risk tolerance. In such a case, the debate should be between the project board and project manager, about how much risk can be tolerated (“risk-taking”). Factors such as certain effects of the risk increases above a certain value, or how likely increase in the same way. There could be a risk of a certain category -. Such as those affecting the corporate image, which may be progressive triggers

The Risk Register should be created early in the project, and is used to capture all the details and status of each identified risk. Project Manager is responsible for ensuring that risks are managed properly and there will be a need for risk owners for all the risks and these owners can others involved in the project. They should be selected as the best person to keep an eye on risk. Owners can be the one who needs to perform a risk assessment activities, or to act as a “forward scout” to announce the status of the risk back to the project

The first step in the risk management process is to identify the risk, and this is usually made within risk workshop. Other useful sources of potential risk identification, is to review the lessons of previous projects. Even more sources are structural risk checklists or use industry-wide checklist or tables

Many people make the mistake of mentioning the risk as “there is a risk that the project will come later.” – – But this is wrong, because the statement is not to mention the risk itself, but its impact. This is where the “Fish-bone” or Ishikawa Diagrams can be useful in separating the risk, there is a cause and effect (the effects)

It is good to note that the source of risk is called risk cause ( potential trigger points for each risk) is the risk event describes the area of ​​uncertainty, and the risk impact that describes risk impact on project objectives.

The next step is to evaluate and assess each risk, and there are various methods of evaluation that can be used are:

Probability trees. These are graphical representations of possible events shown risks related rectangles, each with probability and impact. When they join, the aggregated value of project risks can be determined. These decisions help to determine possible outcomes, and ensure appropriate actions can be implemented.

expected value. This technology multiplies the cost of risk influenced by the probability of the risk occurring. For example, if the cost of risk was £ 10,000 and the odds as 40%, then the expected value would be £ 4000. Summing all this together will give the expected cumulative probability the expected value of the project. This is useful to determine the potential risk budget.

Pareto publications. This is often called the 80/20 rule, from the observation that 20% of the risk will have the most impact on the project and allows management to focus their attention on managing and controlling risks. It gives the best “Risk profitability”

probability impact grid. This is a board with a vertical axis scaled the probability and the horizontal axis scaled in influence. Suitable scales are determined, typically a 10% chance that very low through to very high between 70 to 90% of capacity. The effect of the measure is generally from very low to very high. The grid is used to provide estimates of the severity of the risk and a risk to be arranged so that management efforts can be given priority.

The summary risk. This again is a grid of potential resistance effects, but instead measure the severity of the risk (probability times effect), it plots each risk speak much as scatter diagram so that the spread and severity of the risk can be directly seen. For example, there is a risk that highly influential and likely would be seen as a serious threat and this will take the appropriate steps or measures against determined.

The next step is to organize the appropriate response for both threats and opportunities. There are many ways to describe such actions, but the following are typically used:

for threats

avoided. Action is planned for the project to do something different, so the threat can either no longer affect the project and / or its probability is zero.

reduced. Action is expected to either reduce the likelihood of the risk occurring and / or to reduce the impact if it should occur.

Alternate (often called contingency). Surgery but only implemented should be related to the risk out.

Transfer. The action is expected to reduce the financial impact of the threat. Usually, the function of any security, or the relevant provisions in the contract so that the other party is financially painful.

Accept. This is a “take no action” option. The threat should still be constantly monitored to ensure that it is acceptable. This function is often chosen because the risk to potential and / or low impact or cost and effort for any actions outweigh the seriousness of the threat

threat or opportunity :.

Share. Often within contracts with third parties, work / profit formula is approved, the threat or opportunity presented


Exploit. To take action to ensure that the opportunity will happen and that the positive effects to be realized.

Extra. Take the initiative actions either increase the probability and / or impact of the event.

Reject. Decision to exploit or enhance opportunities.

All of the above actions are taken and recorded in the risk register, and project or phase level programs have the above activities and resources to.

It is useful to hide the presence of each risk. This is the time frame of the risk events of the present. This is useful to concentrate resources on operational risk in the near future. But it is also useful to determine each risk event will occur, as this will affect the severity of the impact.

Allan projects, new risks can be identified, and existing risks can change their position – in this risk management should therefore be seen as continuing operations in the entire project. It should also be borne in mind that when issues arise, they may in itself affect the existing risks or cause new risks.

At the end of each stage of the project, the total risk situation needs to be calculated, and used as part of the data for management to make an informed decision about whether to proceed with the project or not. At the end of the project, as part of the closure, any outstanding risks that would affect the life of the final product should find a new owner, so as to continue to be managed and controlled.


Leave a Reply

Your email address will not be published. Required fields are marked *