Risks and Uncertainty in Operations and Projects

Question 1

What is the orthodox definition of risk?

Answer 1

The probability that a particular ADVERSE EVENT occurs during a stated period of time, or results from a particular challenge. An adverse event is an occurrence that produces HARM. Harm is the loss to a human being consequent upon damage.

Question 2

What is the orthodox definition of risk management?

Answer 2

Systematic process of identifying, analysing and responding to uncertainty as project-related (or operations) events or conditions which are not definitely known with the potential of adverse consequences (for an operation) or on a project objective.

Question 3

What are the two key risk concepts?

Answer 3

1. The LIKELIHOOD that some problematic event will occur
2. The IMPACT of the event should it occur

Question 4

What does the management of failure depend on?

Answer 4

Its likelihood of occurrence and the negative consequence of failure

Question 5

What does operations and process resilience involve?

Answer 5

• Failure prevention
• Mitigating the negative consequences of failure
• Failure recovery

Question 6

What is the goal and approach to the nature of risk/ uncertainty?

Answer 6

Goal = what are we trying to achieve?
Approach = changes in ways of working or the project environment

Question 7

What are the risks to outputs?

Answer 7

• Technical targets (explicit and implicit)
• Time targets
• Cost targets

Question 8

What are the risks to outcomes and objectives?

Answer 8

• Business objectives
• User or stakeholder needs
• Long-term use and relevance

Question 9

What is the relationship between probability and cost/ impact throughout the project lifecycle?

Answer 9

There is generally an inverse relationship.
- generally speaking, most risks are reduced or eliminated towards the start of a project, but their impact increases the later they occur

Question 10

What are the aims of risk management?

Answer 10

• Comprehensive identification
• Objective assessment and understanding
• Current diagnosis of position
• Effective strategies
• Focused management attention

Question 11

What are the aims of risk management process?

Answer 11

• Eliminate uncertainty AVOIDANCE
• Transfer liability/ ownership TRANSFER
• Reduce to acceptable MITIGATION
• Accept and manage residual CONTROL

Question 12

What is Step 1 of the risk management flow chart?

Answer 12

Risk Management strategy & planning
- Analyse the operations and project to identify sources of risk

Question 13

In Step 1 (identify risk), what is risk strategy?

Answer 13

• How will risk management be undertaken
• Must be integrated with overall operations and project strategy

Question 14

In Step 1 (risk management strategy & planning), what is the risk plan?

Answer 14

• Scope & objectives of risk process
• Roles & responsibilities of participants
• Approach, process and tools to be used
• Deliverables
• Estimate effort and resource requirements
• Review & reporting cycle
• Risk management is a continuous process so plan for frequent reviews
• Integrate risk management into operations and overall project plan

Question 15

What is Step 2 of the risk management flow chart?

Answer 15

Risk Identification
- Analyse the project to identify sources of risk

Question 16

In Step 2 (risk identification) how should a list of possible risks be generated?

Answer 16

• Should be a team based activity
• Risk identification workshop (whole team, outside experts, brain storming techniques)
• Ask: what can possibly go wrong? (internal/ endogenous or external/ exogenous)
• Concentrate on identifying causes, not just effects (e.g. ‘fishbone’ type cause and effect analysis etc.)
• Can use the WBS or PBS as guides

Question 17

What is Step 3 of the risk management flow chart?

Answer 17

Risk analysis
- Assess risks in terms of:
- Severity of impact
- Likelihood of occurring
- Controllability

Question 18

In Step 3 (risk analysis) how does this occur?

Answer 18

• Which risks can be managed
• Which take priority for management attention
• When should we invest in contingency arrangements

QUALITATIVE:
Each identified risk is scored on 2 dimensions:
1. LIKELIHOOD that the risk will occur (high, medium, low)
2. IMPACT if the risk does occur (high, medium, low)
= the risk matrix + risk factors table

QUANTITATIVE:
- Express likelihood of a risk occurring as a PERCENTAGE
- Express impact as a VALUE (aed/ £/ $) equal to the cost if the risk happens (time impact must be expressed as a cost)
- Multiplying likelihood by impact allows each risk to be expressed as a single number

Question 19

What is Step 4 in the risk management flow chart?

Answer 19

Risk Response Planning
- Implement risk strategy
- Monitor/ adjust plan for new risks
- Change management

Question 20

In Step 4 (risk response planning) what steps should be taken?

Answer 20

Having identified and analysed a risk the question arises: How should we react to a specific event?

1. Mitigation - reducing the risk
   - Reduce the probability that a risk will occur, and/ or
   - reduce the impact such an event would have on a project should it occur
2. Avoidance - preventing the risk
   - changing the project plan to eliminate the risk or condition
3. Transference
   - paying premium to pass risk to another party e.g. insurance
   - option to use PPP-type contracts for certain risky projects
4. Retaining risk
   - making a conscious decision to accept the risk

Question 21

What are the risk mitigation actions?

Answer 21

MITIGATION PLANNING - is the activity of ensuring that all possible failure circumstances have been identified and the appropriate mitigation actions identified

ECONOMIC MITIGATION - includes actions such as insurance against losses from failure, spreading the financial consequences of failure

CONTAINMENT (SPATIAL) - means stopping the failure physically spreading to affect other parts of an internal or external supply network

CONTAINMENT (TEMPORAL) - means containing the spread of a failure over time

LOSS REDUCTION - covers any action that reduces the catastrophic consequences of failure by removing the resources that are likely to suffer those consequences

SUBSTITUTION - means compensating for failure by providing other resources that can substitute for those rendered less effective by the failure

Question 22

What is Step 5 of the risk management flow chart?

Answer 22

Risk monitoring & control
- Implement risk strategy
- Monitor/ adjust plan for new risks
- Change management

Question 23

What does Step 5 (risk monitoring & control) include?

Answer 23

• Define a ‘risk management group’
• Integrate the risk plan into the main project plans
• Define & implement mechanisms for monitoring & reporting risks, progress against the risk plans, and updating the risk management plans
• Agree the monitoring intervals (weekly, fortnightly, monthly etc.)
  
  • Check the risk log - is it being maintained?
  • Check that execution of the planned actions is having the desired effect
  • Watch for early warning signs of risks developing
  • Identify trends to help predict risks = ‘2 points make a trend!’
  • Check that risk management is being applied effectively

Question 24

Who is responsible?

Answer 24

ALL are, as a team, each stakeholder must management risks in their area of responsibility:
- Client/ sponsor
- Project manager
- Project team

= business benefits, project objectives, tasks