An Overview of Project Risk Management
(If you need any information on the subject which is not answered by these pages please
Email us.)
In order to manage risks we have to understand what a risk is. In my view the best
definition is that given by Larry Krantz, Chief Executive of Euro Log Ltd here in the UK.
Larry says that 'A risk is a combination of constraint and uncertainty'. We all face
constraints in our projects, and also uncertainty. So we can minimise the risk in the
project either by eliminating constraints (a nice conceit) or by finding and reducing
uncertainty.
The illustration plots uncertainty
against constraint. The curved line indicates the 'acceptable level of risk', whatever
that may be in the individual case. The risk may be reduced to an acceptable level by
reducing either or both of uncertainty and constraint. In practice, few people have the
opportunity to reduce constraint, so most focus on the reduction of uncertainty. It is
also worth noting from the diagram that total elimination of risk is rarely achieved. So
we have to consider how to manage that remaining risk most effectively.
Effective Risk Management
There are two stages in the process of Project Risk Management, Risk Assessment and
Risk Control. Risk Assessment can take place at any time during the project, though the
sooner the better. However, Risk Control cannot be effective without a previous Risk
Assessment. Similarly, most people tend to think that having performed a Risk Assessment,
they have done all that is needed. Far too many projects spend a great deal of effort on
Risk Assessment and then ignore Risk control completely.
Risk Assessment has three elements:
- Identify Uncertainties
- Explore the entire project plans and look for areas of uncertainty.
- Analyse Risks
- Specify how those areas of uncertainty can impact the performance of the project, either
in duration, cost or meeting the users' requirements.
- Prioritise Risks
- Establish which of those Risks should be eliminated completely, because of potential
extreme impact, which should have regular management attention, and which are sufficiently
minor to avoid detailed management attention.
In the same way, Risk Control has three elements, as follows:
- Mitigate Risks.
- Take whatever actions are possible in advance to reduce the effect of Risk. It is better
to spend money on mitigation than to include contingency in the plan.
- Plan for Emergencies.
- For all those Risks which are deemed to be significant, have an emergency plan in place
before it happens.
- Measure and Control.
- Track the effects of the risks identified and manage them to a successful conclusion.
Project Risk Management Index
When to use Project Risk
Management
Project Risk Management
Principles
Planning a Project Risk
Assessment
Low Risk Project Management
Robert Tusler
To discuss the contents of this article, or for advice or information about project
risk management, write to us by clicking
here.
Robert Tusler
is a member of the Alliance of Business Consultants
[RETURN TO TOP]
This Page was created using WebEdit, 29 July 1996
Most recent revision 04 July 1998.
