|
|
|
| The principles of project risk management can be stated very
simply. Any project organisation is subject to risks. One which finds itself
in a state of perpetual crisis, is failing to manage risks properly. Failure to manage
risks is characterised by inability to decide what to do, when to do it, and whether
enough has been done. Risk Management is a facet of Quality, using basic techniques of
analysis and measurement to ensure that risks are properly identified, classified, and
managed. In order to manage risks we have to understand what a risk is. The official definition provided to me by Professor James Garven, University of Texas at Austin is from the American Risk and Insurance Association:
|
In my view the most helpful definition is that given by Larry Krantz, Chief Executive of Euro Log Ltd here in the UK. Larry says that 'A risk is a combination of constraint and uncertainty'. We all face constraints in our projects, and also uncertainty. So we can minimise the risk in the project either by eliminating constraints (a nice conceit) or by finding and reducing uncertainty. |
 |
The illustration plots uncertainty against constraint. The curved line indicates the 'acceptable level of risk', whatever that may be in the individual case. The risk may be reduced to an acceptable level by reducing either or both of uncertainty and constraint. In practice, few people have the opportunity to reduce constraint, so most focus on the reduction of uncertainty. It is also worth noting from the diagram that total elimination of risk is rarely achieved. So we have to consider how to manage that remaining risk most effectively. There are two stages in the process of Project Risk Management, Risk Assessment and Risk Control. Risk Assessment can take place at any time during the project, though the sooner the better. However, Risk Control cannot be effective without a previous Risk Assessment. Similarly, most people tend to think that having performed a Risk Assessment, they have done all that is needed. Far too many projects spend a great deal of effort on Risk Assessment and then ignore Risk control completely. |
 Risk Assessment has three elements:
Identify Uncertainties Explore the entire project plans and look for areas of uncertainty. Analyse Risks Specify how those areas of uncertainty can impact the performance of the project, either in duration, cost or meeting the users' requirements. Prioritise Risks Establish which of those Risks should be eliminated completely, because of potential extreme impact, which should have regular management attention, and which are sufficiently minor to avoid detailed management attention. In the same way, Risk Control has three elements, as follows:Mitigate Risks. Take whatever actions are possible in advance to reduce the effect of Risk. It is better to spend money on mitigation than to include contingency in the plan. Plan for Emergencies. For all those Risks which are deemed to be significant, have an emergency plan in place before it happens. Measure and Control. Track the effects of the risks identified and manage them to a successful conclusion. |
There is more information on this topic in The Elements of Project Risk Management
When
to use Project Risk Management
The
Elements of Project Risk Management
Planning
a Project Risk Assessment
To discuss the contents of this article, or for advice or information about project risk management, write to us by clicking here.
Robert Tusler
is a member of the Alliance of Business Consultants
This Page was created using WebEdit, 8 August
1996 and modified using Microsoft FrontPage.
Most recent revision 08 September 1998
Copyright details:Copyright © 1996 Robert Tusler You may read these pages on-line, and download them to read
later, for your own personal use.
|
Project Risk Management Index