6.0 Risk Management

CHAPTER 6 : Risk Management
6.0
RISK MANAGEMENT
Risk management is the most extensive and indispensable part of project
management. The risk must be perceived by the task project manager
keeping in mind the end goal to distinguish the underlying drivers of risk of
the undertaking as to follow the results towards the achievement of the
venture. Furthermore, risk management is considered as a systematic way
of identifying, analyzing and responding to risks in order to achieve the
project objectives. It is essential from the early stages of a project as major
decisions such as choice of alignment and selection of construction
methods can be influenced. According to Smith (1999), the process of risk
management may be defined as identification of risk, analysis of the
implications, response to minimize risk and allocation to appropriate
contingencies. Risk management is an iterative process in which the
effectiveness of control actions is constantly evaluated, new risks are
discovered, and existing risks are reassessed. This process continues until all
the risks are closed or the project is completed. Risk management process
can give improvement of construction project management processes
and effective use of resources as well as minimizing cost impact, schedule
delays, other issues impact that could delay the project progress. Risk
management process is the basic principle of understanding and
managing risks in a project. It consists of the main phases which are
identification, assessment and analysis, and response (Smith et al. 2006) as
shown in Figure 1 below:
75
Risk analysis
Risk identification
Risk control
Risk review
Risk response
Figure 6.1 : the process of risks management by Smith etal, 2006

The other idea of risk management in the writing, risk management is described as
a procedure with some predefined methods. The extent of its definition contrasts
among the creators; however the core information is the same. From various
definitions which can be found in the administration writing Cooper et al. (2005)
clarification brings the substance of this idea:
The
risk
management
process
involves
the
systematic
application
of
management policies, processes and procedures to the tasks of establishing the

context, identifying, analyzing, assessing, treating, monitoring and communicating
risks (Cooper et al., 2005).
Therefore, generally risk management process involves four stages which are:
I.
Risk Identification- Risk projects, products and businesses that may be

identified
II.
Risk Analysis- The probability of the assessed
III.
Risk Planning- Plans to mitigate (avoid or reduce)
IV.
Risk Monitoring - Risks are assessed on an on-going basis
76
Risks
identification
List of potential
risks
Risk
analysis
Prioritized
risks list
Risk
planning
Risk
monitoring
Risk avoidance
& contingency
plans
Risk
assessment
Figure 6.2: the four basic stages in risk management process

These procedures are congruity and rehashed until the project is finished and
decision making from the risk management must be reported in the risk
management plan
Risk Management
Risk is the possibility of loss or injury. Project risk is an uncertain event or
condition that, if it occurs, has an effect on at least one project objective.
Risk management focuses on identifying and assessing the risks to the
project and managing those risks to minimize the impact on the project.
There are no risk-free projects because there are an infinite number of
events that can have a negative effect on the project. Risk management is
not about eliminating risk but about identifying, assessing, and managing
risk.
1. Risk identification that activity should occur throughout the project
management life cycle, but particularly during
a) Creation of the project definition, business case, and scope of work
77
b) Development of a detailed Work Breakdown Structure (WBS)

c) Preparation of resource, schedule, and cost estimates
d) Establishment of terms and conditions in contracts and subcontracts
e) Selection of subcontractors, vendors, and suppliers
f) Evaluation and execution of contract or technical change requests
2.
Risk quantification should be assigned only when there is reasonable
degree of certainty or confidence in the validity of those metrics.

3.
Risk response strategies applied to reduce or eliminate the
probability of occurrence of a risk event or risk impact.

4.
Risk
Management
Plan
is
prepared
to
document
the
risk
management process such as who is responsible for managing various

areas of project risk, how the initial risk identification, analysis and
prioritization output will be maintained; what the specific response
strategies are, including any contingency plans to be implemented; and
whether a management reserve will be allocated.
6.1
Aim
The purpose of risk management is to identify potential problems before we occur

so that risk-handling activities may be planned and invoked as needed across the
life of the product or project to mitigate adverse impacts on achieving objectives.
6.2
Objective:
Risk management has objectives before and after a loss occurs

1) Pre-loss objectives:
a) Prepare for potential losses in the most economical way
b) Reduce anxiety
c) Meet any legal obligation
2) Post-loss objectives:
a) Ensure survival of the firm
b) Continue operations
c) Stabilize earnings
78
d) Maintain growth
e) Minimize the effects that a loss will have on other persons and on
society
6.3
Risk Management Process
As said over, this segment will further clarify the Risk Management Process of its
four stages and how it can be utilized as a part of overseeing risks inside of this
project.
6.3.1
Risk Identification
The principal phase of Risk Management Process is fundamentally casual

and can be performed in different routes, contingent upon the association
of the task group. So as to locate the potential risks, an assignment should
be finished. For this situation, the system that has been utilized is to set up
the conceivable risks in this project.
The motivation behind distinguishing risks is to procure a rundown of
potential risks that should be overseen in an undertaking. The risks and
different risks are simpler to take activities and have control over them
once they have been recognized and dispensed before any issues
happened.
From the meeting to generate new ideas with the venture administrator
together with the undertaking group, it was found that under risk
identification method, there are risks that must take into control and
oversaw well. The table #### beneath demonstrates the risks that may
turn out from this project.
Table 6.1: The risks that may come out
Project Risk Aspects
Operational
Significant Risks
Need for making an advertising effort
High staffing costs
Lack of operational and financial
79
planning
Insufficiently skilled staff
Design
Design not cost effective

Design relies on immature technologies
to achieve performance objectives
Schedule
Schedule does not reflect realistic

acquisition planning
Funding profile not stable from budget
cycle to budget cycle
Schedule objectives not realistic and
attainable
Technology
Design not completed and not feasible

Low
level
of
technological
implementation and training

Technology
has
not
been
demonstrated in required operating

environment.
Cost
Realistic cost objectives not established

early
Fluctuations in cost of raw materials
Funding
profile
does
not
match
acquisition strategy
Supplier Capabilities
Exposure to changes in the price of

goods
Non-determination of the quality of the
service provided
Dispersion in the supply
Increase in power of negotiation
Management
Subordinate strategies and plans are

not developed in a timely manner or
based on the acquisition strategy.
Acquisition strategy does not give
adequate consideration to various
80
essential elements such as test and

evaluation.
Proper mix (experience, skills, stability)
of people not assigned to the project
Effective
performed
risk
and
assessments
not
the
not
results
understood and acted upon.

Competitors
Lack of operational and financial

planning
Customers
Increase in power of negotiation

Seasonality and decline in the demand
Delays in payment
Environmental
Weather and seasonal implications
Logistical
Availability of sufficient transportation

facilities
Availability
of
resources-particularly
construction equipment spare parts,

fuel and labor
6.3.2
Risk Evaluation
In this stage of risk management, risk evaluation are included the

quantitative and qualitative risks are needed to mention the risks are
involved at the final stages. This is included variety of technique and tool in
analysis of risk evaluation.
6.3.2.1
Qualitative Risk Analysis
This process analyses each risk from the risk register in terms of its probability
and impact on the project if it were to occur. It should be performed as
soon as possible after risks have been identified so that appropriate time
and resources can be allocated to the more serious risks. It uses the
probability and impact matrix (PIM) to rank and prioritize risks, and this
81
information is placed back on the risk register. Like all the processes within
risk management, this one should be performed regularly because new
risks will be identified and the characteristics of existing risks may change as
the project progresses.
The inputs, tools and techniques, and outputs of this process are
summarized in the table below.
Table 6.2: The inputs, tools and techniques, and outputs of this risk
management process
Inputs
Tools & Techniques
Risk management Plan
Data
gathering
Representation
Outputs
& Project
documents
updates
techniques
Cost management plan
Quantitative risk analysis & modeling techniques
Schedule
management Expert judgment
environment -
plan
Risk register
Enterprise
factors
Organizational
process -
assets
a. Input of Qualitative risk analysis

This process of qualitative risk requires the following inputs:
82
Risk management plan
This is developed during process and will explain the overall approach that
needs to be taken to risk management on this particular project. It will detail
the amount of risk is acceptable and who should be involved in carrying out
the qualitative analysis of the known risks.
Element of risk
management plan
Budget
Definition of
probability &
Impact
Roles & responsibilities
Risk
management
activities
schedule
Definition risk
categories
Probability &
impact matrix
Stakeholder risk
tolerances
Figure 6.3: Risk management plan

The key elements of this plan used in this process are roles and responsibilities
for conducting risk management, budget, schedule for risk management
activities, definition of risk categories, definition of risk probability and impact,
probability and impact matrix, and stakeholders risk tolerances.
Risk Register
This is the central repository of all of the known risks that are to be analyzed.
Enterprise Environmental Factors
These include industry studies of similar projects by risk specialists and risk
databases from industry or proprietary sources.
Organizational Process Assets

83
These will include the tools needed to carry out qualitative risk analysis,
policies, procedures and guidelines for risk management, and historical
information including lessons learned from previous projects.
Tool and techniques of Qualitative risk analysis
There are six tools and techniques that can be used:
Risk probability & impact assessment

Probability & impact matrix
Risk data quality assessment
Risk categorization
Risk categorization
Risk urgency assessment
Expert judgment
Risk Probability and Impact Assessment
Risk probability assessment investigates the likelihood that each specific risk will
occur, whereas risk impact assessment investigates the potential effect on a
project objective such as schedule, cost, quality, or performance.
Risk probability= likelihood each risk will occur
Risk impact = looks at potential effect on schedule, cost, quality or performance
Both the likelihood and impact are given a score according to the definitions
given in the risk management plan and these can be considered together to
provide a risk score. Risks with a high score will be given high priority while those
with a low score will be included on a watch list for future monitoring.
Probability and Impact Matrix
Evaluation of each risks importance and, hence, priority for attention can be
done using a probability and impact matrix as shown in table 6.3 below:
84
Table 6.3: Probability and impact matrix table

Probability and impact matrix
Probability
Threats
Opportunities
0.90
0.05
0.18
0.54
0.72
0.72
0.54
0.18
0.05
0.75
0.04
0.15
0.45
0.60
0.60
0.45
0.15
0.04
0.50
0.03
0.10
0.30
0.40
0.40
0.30
0.10
0.03
0.25
0.01
0.05
0.15
0.20
0.20
0.15
0.05
0.01
0.10
0.01
0.02
0.06
0.08
0.08
0.06
0.02
0.01
Impact
0.05
0.20
0.60
0.80
0.80
0.60
0.20
0.05
This specifies combinations of probability and impact that lead to rating the risks
as low, moderate, or high priority. The type of management response should be:
a)
Threats
I.
High-risk (shown in red boxes) are priority and need a hard line response.
II.
Low-risk (pink boxes) needs to have a contingency made for them & monitored
b)
Opportunities
I.
Red boxes show ones to pursue first as they offer the most benefit & are more easily
achieved.
II.
Pink boxes indicate the ones to be monitored.
It is conceivable to rate a risk independently for expense, time, scope and quality.
Furthermore, it can create approaches to focus one general rating for every risk.
A general rating plan can be produced to mirror the association's inclination for
one target over another and utilizing those inclinations to add to a weighting of
the risk that are evaluated by goal.
85
Risk Data Quality Assessment
This involves examining how well the risk is understood and the accuracy, quality,
reliability, and integrity of the data regarding it. If data quality is unacceptable, it
may be necessary to gather higher-quality data
Risk Categorization
The risk breakdown structure (RBS) is the normal way to help structure and
organize all identified risks into appropriate categories, and these will assist in
determining which aspects of the project have the highest degree of uncertainty.
Risk Urgency Assessment
Risks that are likely to occur in the immediate future require more urgent attention
than those that may occur later on in the project. Indicators of priority should
include the time required to affect a risk response. In some qualitative analyses
the assessment of risk urgency can be combined with the risk ranking determined
from the probability and impact matrix to give a final risk severity rating.
Expert Judgment
This would relate to experience of the probability and impact of typical risks for
projects of this type and could come from anyone with relevant experience.
Output of Qualitative risk analysis
This process will create the following output:
Qualitative risk
analysis output
Project
document
updates
Project Documents Updates
The risk register can be updated with the following information.

Relative ranking or priority list of project risks - the probability and impact matrix
can be used to classify risks according to their individual significance. Risks may be
listed by priority separately for schedule, cost, and performance since
organizations may value one objective over another. The project manager can
86
then use the prioritized list of risks to focus attention on those items of high
significance to the most important objectives.
Risks grouped by categories - this can point to common underlying causes of risk,
which may in turn suggest a holistic approach to dealing with them. Discovering
concentrations of risk may also improve the effectiveness of risk responses.
List of risks requiring response in the near-term includes those risks that require an
urgent response and those that can be handled at a later date may be put into
different groups.
List of risks for additional analysis and response - some risks might warrant more
analysis, including Quantitative Risk Analysis, as well as response action.
Watch lists of low-priority risks - those that are not assessed as important in this
process can be placed on a watch list for continued monitoring.
Trends in the analysis results - as this process is iterative, trends for particular types
of risk may become apparent. This information can be fed back into the risk
management process.
6.3.2.2 Quantitative risk analysis
This is the process of analyzing the effect of those risks identified in the previous
process as having the potential to substantially impact the project. It may be used
to assign a numerical rating to those risks individually or to evaluate their
aggregate effect. In some projects it may be possible to develop effective risk
responses without this process. The availability of time and budget, and the need
for qualitative or quantitative statements about risk and impacts, will determine
which method(s) to use.
The inputs, tools and techniques, and outputs of this process are summarized in
the table below.
87
Table 6.4: The inputs, tools and techniques, and outputs of this risk management
process
Inputs
Tools & Techniques
Risk management Plan
Data
gathering
Outputs
& Project
Representation
documents
updates
techniques
Quantitative risk analysis

& modeling techniques
Schedule
management Expert judgment
plan
Risk register
Enterprise
environment
factors
Organizational
process
assets
This process of quantitative risk requires the following inputs:
Quantitative risk analysis inputs
Risk management plan

Schedule management plan
Risk register
Enterprise environmental factors
Organisational process assets
88
Risk Management Plan
This is developed during process and defines the level of risk which is seen as
acceptable, how risks will be managed, who will be responsible for carrying out
risk related activities, the time and cost of each risk activity and how the
communication of risk is to occur.
Cost Management Plan
Costs are also quantifiable and can be used as an input for this process.
Schedule Management Plan
Schedule timings are presented in a quantifiable manner, which means that risks
that will impact time scales can easily be quantified within this process.
Risk Register
This is the central repository of all of the known risks that are to be analyzed. It was
updated in the previous process to include information on relative ranking,
categorization and urgency of responses.
Enterprise Environmental Factors
These include industry studies of similar projects by risk specialists and risk
databases from industry or proprietary sources.
Organizational Process Assets
These will include the tools needed to carry out qualitative risk analysis, policies,
procedures and guidelines for risk management, and historical information
including lessons learned from previous projects
Tool and techniques of Quantitative Risk analysis
There are three tools and techniques that can be used:
Perform quantitative risk analysis tools

Data gathering & representation techniques
Quantitative risk analysis & modeling
techniques
Expert judgment
89
Data Gathering and Representation Techniques
Structured interviews can be used to determine be probability and impact of risks

from subject matter experts. This information can then be used in the following
modeling techniques.
Quantitative Risk Analysis and Modeling Techniques
Several techniques can be used including:

Sensitivity Analysis - this involves analyzing the project to determine how sensitive
is to particular risks by analyzing the impact and severity of each risk.
Expected Monetary Value (EMV) Analysis - determining the expected monetary
value is to multiply the likelihood by the cost impact to obtain an expected value
for each risk, these are then added up to obtain the expected monetary value for
the project. A typical way of calculating EMV is using decision trees:
Decision Tree Analysis - these are in the form of a flow diagram where each node,
represented by a rectangle, contains a description of the risk aspect and its cost.
These rectangles are linked together via arrows each arrow leading to another
box representing the percentage probability.
Outcome 1
Event
A
Event
C
Decision
1
Outcome 2
Outcome 3
Outcome 4
Event
B
Decision
2
Outcome 5
90
Figure 6.4: Decision tree analysis
Expert judgment
Experts give a risk probability &

impact value for:
Optimistic view
Pessimistic view
Realistic view
Rather than ask each expert for a single value for each, the project manager
would normally encourage each experts to provide an optimistic, pessimistic and
realistic probability and impact value for each risk.
Output of Quantitative risk analysis
This process will create the following output:
Project document updates
Quantitative risk
report details:
Quantitative
approaches
Quantitative outputs
Quantitative
recommendations
The risk register is further updated to include a quantitative risk report detailing
quantitative approaches, outputs, and recommendations. Updates include the
following:
Probabilistic analysis of the project. Estimates are made of potential project
schedule and cost outcomes listing the possible completion dates and costs with
their associated confidence levels. This output, often expressed as a cumulative
91
distribution, can be used with stakeholder risk tolerances to permit quantification

of the cost and time contingency reserves.
Probability of achieving cost and time objectives. With the risks facing the project,
the probability of achieving project objectives under the current plan can be
estimated using quantitative risk analysis results.
Prioritized list of quantified risks. This list of risks includes those that pose the
greatest threat or present the greatest opportunity to the project. These include
the risks that may have the greatest effect on cost contingency and those that
are most likely to influence the critical path. These risks may be identified, in some
cases, through a tornado diagram generated as a result of the simulation
analyses.
Trends in the analysis results. As this process is iterative, trends for particular types
of risk may become apparent. This information can be fed back into the risk
management process.
6.4
Analysing and Prioritizing Risks
Risks analysis expands on the danger data produced in the identification step,
changing over it into choice making data. In the analysing step, three more
components are included to the risk's entrance the master risks list, the risk
probability, effect and impact, and also the exposure. These components permit
operations staff to rank risks, which thusly permit them to direct the most vitality
into dealing with the rundown of top risks.
6.4.1 Risk Probability
Risk probability is a measure of the likelihood that the results portrayed in
the risk statement will really happen and is communicated as a numerical
quality. Risk probability must be more noteworthy than zero, or the risk does
not represent a threat. In like manner, the probability must be under 100
percent, or the risk is a conviction as such, it is a known issue.
92
Table 6.5: Risk Probability Range - an example of a three-value division for

probabilities.
Probability range
Probability value Natural

used
for
Numeric score
language
calculations
expressions
1% through 33%
17%
Low
34% through 67%
50%
Medium
68% through 99%
84%
High
6.4.2
Risk Impact
Risk impact is an estimate of the severity of adverse effects, the magnitude

of a loss, or the potential opportunity cost should a risk be realized. Risk
impact should be a direct measure of the risk consequence as defined in
the risk statement. It can either be measured in financial terms or with a
subjective measurement scale. If all risk impacts can be expressed in
financial terms, use of financial value to quantify the magnitude of loss or
opportunity cost has the advantage of being familiar to business sponsors.
The financial impact might be long-term costs in operations and support,
loss of market share, short-term costs in additional work, or opportunity cost.
93
Figure 6.5: Risk impact chart

The corners of the chart have these characteristics:
Low impact/low probability Risks in the bottom left corner are low level,
and you can often ignore them.
Low impact/high probability Risks in the top left corner are of moderate
importance if these things happen, you can cope with them and move
on. However, you should try to reduce the likelihood that they'll occur.
High impact/low probability Risks in the bottom right corner are of high
importance if they do occur, but they're very unlikely to happen. For these,
however, you should do what you can to reduce the impact they'll have if
they do occur, and you should have contingency plans in place just in
case they do.
High impact/high probability Risks towards the top right corner are of
critical importance. These are your top priorities, and are risks that you must
pay close attention to.
The most ideal approach to estimate losses is by a numeric scale which the bigger
the number, the more prominent the effect to the business. The length of all risks
94
inside of an expert risks rundown utilize the same units of estimation, basic
prioritization methods will work. It is useful to make interpretation tables to change
over particular units, for example, time or cash into qualities that can be
contrasted with the subjective units utilized somewhere else as a part of the
investigation, as showed in the accompanying table. This specific table is a
logarithmic change where the score is generally equivalent to the log10 (RM loss)1.
High values indicate serious loss. Medium values show partial loss or reduced
effectiveness. Low values indicate small or trivial losses. The scoring system for
estimating monetary loss should reflect the organization's values and policies. A
RM 10,000 monetary loss that is tolerable for one organization may be
unacceptable for another.
Table 6.6: Score of Monetary Loss
Score
Monetory loss
Under RM 100
RM 100- RM 1,000
RM 1,000- RM 10,000
RM 10,000- RM 100,000
RM 100,000- RM 1,000,000
RM 1,000,000- RM 10 million
95
RM 10 million- RM 100 million
RM 100 million- RM 1 billion
RM 1 billion- RM 10 billion
10
Over RM 10 billon
When monetary losses cannot be easily calculated, it may be possible to develop

alternative scoring scales for impact that capture the appropriate services
affected. The following table illustrates a simple example.
Table 6.7: simple example of alternative scoring scales for impact that capture the
appropriate services affected
score
criterion
Schedule impact
Technical impact
Low
Slip 1 week
Slight
effect
on
performance
2
Medium
Slip 2 weeks
Moderate
effect
on performance
3
High
Slip 1 month
Severe effect on
performance
100
Critical
catastrophic
Slip more than 1 Mission cannot be

month
accomplish
Unable to deliver
Mission cannot be
accomplish
96
6.4.3
Risk Exposure
Most risk professionals define risk in terms of an expected deviation of an

occurrence from what they expectalso known as anticipated variability. In
common English language, many people continue to use the word risk as a
noun to describe the enterprise, property, person, or activity that will be exposed
to losses. In contrast, most insurance industry contracts and education and
training materials use the term exposure to describe the enterprise, property,
person, or activity facing a potential loss. So a house built on the coast near
Galveston, Texas, is called an exposure unit for the potentiality of loss due to a
hurricane. Throughout this text, we will use the terms exposure and risk to note
those units that are exposed to losses.
Risk exposure measures the overall threat of the risk, combining the likelihood of
actual loss (probability) with the magnitude of the potential loss (impact) into a
single numeric value. In the simplest form of quantitative risk analysis, risk exposure
is calculated by multiplying risk probability by impact.
Exposure = Probability x Impact
Risk exposure is the same thing as Risk score, so it is also can be calculated this
way:
RE=RP+RI-(RPxRI)
RE=0.5+0.3-0.5x0.3=0.65
Where:
RE= risks exposure
RP = Risk Probability (which is a number from 0 to 1, 0 means that the risk has no
probability of occurring and 1 means that the risk will definitely occur)
RI = Risk Impact (which is the impact of the risk, also from 0 to 1, 0 means that the
risk has no impact on the project whatsoever and 1 means that the risk has the
97
highest impact on the project. For example, if a risk has a 50% probability of
occurring and has impact of 0.3 over the project, then the risk Exposure will be
note that RE also ranges between 0 and 1. 0 means that the risk is not critical at all
and does not need to be managed, while 1 means that the risk is very critical.
Sometimes a high-probability risk has low impact and can be safely ignored;
sometimes a high-impact risk has low probability and can be safely ignored. The
risks that have high probability and high impact are the ones most worth
managing, and they are the ones that produce the highest exposure values.
At the point when scores are utilized to evaluate probability and effect, it is now
and then advantageous to make a matrix that considers the conceivable mixes
of scores and afterward doles out them to low-risk, medium-risk, and high-risk
categories. For the utilization of a tripartite lprobabilities score where 1 is low and 3
is high, the conceivable results may be communicated as a table where every
cell is a conceivable quality for risk exxposure. In this game plan, it is anything but
difficult to order risks as low, medium, or high relying upon their position inside of
the table. The accompanying table is a sample indicating probabilities and
impact.
Table 6.8: sample indicating probabilities and impact.
Low impact= 1
Medium impact= 2
High
impact= 3
High probability = 3
Medium probabilty= 2
2
Low probability
The advantage of this tabular format is that it is easy to understand through its use
of colours (red for the high-risk zone in the upper-right corner, green for low risk in
the lower-left corner, and yellow for medium risk along the diagonal). It also uses a
well-defined terminology; "High risk" is easier to comprehend than "high exposure."
98
Risk analysis provides a prioritized risk list to guide IT operations in risk planning
activities. Within the MOF Risk Management Discipline, this is called the master risks
list (described previously in Risk Lists). Detailed risk information including condition,
context, root cause, and the metrics used for prioritization (probability, impact,
exposure) are often recorded for each risk in the risk statement form.
Risk analysis gives an organized risk list to guide IT operations in risk planning
analysis. Inside of the MOF Risk Management Discipline, this is known as the expert
risk list (depicted beforehand in Risk Lists). Itemized risk information including
condition, context, root cause, and the metrics used for prioritization (probability,
impact, exposure) are frequently recorded for every riskr in the risk statement form.
6.4.4 Risk Factor Charts
A risk factor chart helps the group quickly determine the exposure it faces
for all general categories of risk. One line of such a chart might look like the
row in the following table.
Table 6.9 : Risk Factors
Risk Factors
Early
Aggressive
Domain
Protective Factors
Individual
Self-Control
Behaviour
Lack
of
Parental Family
Parental Monitoring
Supervision
Substance Abuse
Peer
Academic Competence
Drug Availability
School
Anti-drug Use Policies
Poverty
Community
Strong
Neighbourhood
Attachment
99
6.4.5
Measure financial impact
It is often helpful to roughly estimate impact in financial terms and record

this in addition to the impact's numeric estimate. If several risks have the
same exposure value, then the financial estimate can help determine
which one is most important. Also, the financial data helps in the planning
step to ensure that the cost of preventing a risk is lower than the cost of
incurring the consequences.
It might seem that the financial estimate is preferable and could be used in
place of a numeric value. In practice, however, financial impact values
tend to be a much more labor-intensive way to produce the same top risks
list.
If you decide to use a monetary scale for impact, use it for all risks. If a
particular risk's impact uses a numeric scale and another's impact uses a
monetary scale, then the two cannot be compared to each other, so
there is no way to rank one over the other
6.4.6
Site Area Risk Analysis
1)
Known and Predictable Risk Categories
a) Product size risks associated with overall size of the software to be built
b) Business impact risks associated with constraints imposed by
management or the marketplace
c) Customer characteristics risks associated with sophistication of the
customer and the developer's ability to communicate with the customer
in a timely manner
d) Process definition risks associated with the degree to which the
software process has been defined and is followed
e) Development environment risks associated with availability and quality
of the tools to be used to build the project
f) Technology to be built risks associated with complexity of the system to
be built and the "newness" of the technology in the system
100
g) Staff size and experience risks associated with overall technical and
project experience of the software engineers who will do the work
Social capital development projects, including road projects, are subject to
various risks throughout their life cycle, from the planning and construction stage
to the maintenance stage, due to long construction and maintenance periods
and wide geographical coverage. For the proper execution of such projects, it is
essential to quantify these risks for their appropriate management.
The access for the residential project only can be assessed by one road that
passes the road of locals owner. From the analysis, the risks that have been
identified are:
a) During
the
construction
phase,
residents
may
be
disrupted
and
inconvenienced by detours, local road closures, dust, noise, and heavy

equipment traffic on existing roads, changes in the level of service, safety
hazards, and interference with emergency services. Occasionally, there is
vibration damage to near-by structures. However, residents may benefit
from construction employment.
b) When the roadway is operational, changes in traffic patterns may increase
or decrease the clients for some businesses and community services.
c) There may be negative impacts for some residents living near the roadway.
These include increased noise, pollution and aesthetic impacts. Some of
these impacts can be mitigated.
d) Residents displaced for the construction of a road may experience
additional impacts such as: economic impact resulting from acquiring new
housing at a new location; social and psychological impacts due to the
disruption of social relationships and establishing relationships in a new
social environment; and, changes in type and tenure of housing
e) Nature of Business. These risks to the enterprise stem from the nature of
business they conduct, the sector in which they operate, and the business
lines, services, and activities they perform. They could affect the top line in
terms of gross revenues or they could affect bottom line in terms of total
costs of business. Top line performance (i.e., total revenues) could be
affected by new competition, shifting demand, an economic recession,
inflation that erodes purchasing power of customers, changes in regulatory
101
restrictions, technological innovations that render products or services

obsolete, and rising costs that drive up prices and restrict demand. Bottom
line performance could be eroded by increasing operating costs,
increased taxes, increases in existing fees, creation of new fees, increased
labor costs, increased costs of capital that drive up interest payments.
There are involved the salary of worker in residential and commercial
project. Which is involved of several professional:
a) Project manager
b) Building surveyor
c) Construction management
d) Architect
e) Developer
f) Consultant
g) Interior design
h) Quantity surveying
i)
Estate management
f) Cash Solvency Risks. This is the risk that the revenues generated the business
activities and investments are not adequate to cover fixed operating
expenses of the enterprise. This insolvency may not be permanent if the firm
has adequate operating reserves, the ability to take out property or
portfolio level debt, or the ability to raise capital through secondary stock
offerings, asset dispositions or other means to cover short-term imbalances.
g) Interest Rate Risk. This risk is associated with the use of leverage at the
individual property level, at a division or business line, or at the enterprise
level. Depending on the term structure of debt, this risk might cause erosion
in net earnings, negative cash flows, or a capital crisis if refinancing existing
maturing debt at higher rates is not feasible
h) Static Attribute Risks. Real estate is comprised of a bundle of right which
can be enjoyed as a whole or split into parts and transferred, either
temporarily or permanently. Thus, one of the risks associated with the asset
is the risk of claims on those rights that can cloud the title. In addition to
rights, real estate is a physical asset and as such, it subject to risks ranging
from the quality of construction to the adequacy of maintenance.
102
i)
Linkages Risks. Similarly, the locational nature of real estate and its
dependence on conditions in its market or trade area as well as
connectivity to ancillary uses as part of a larger urban system exposes the
value proposition to changes affecting commuting and transit patterns.
j)
Management Risk. This risk stems from the fact that high cost housing and
commercial investments must be managed over time. In most cases,
property management activity must be proactive, responding to changing
market dynamics and competitive conditions, operating requirements and
rent rolls. In effect, real estate investments are enterprises which require a
continuous, on-going management and sufficient resource commitment
and expertise to maintain value and capture
k) Exit Risk. Exit risk occurs at the eventual point in time when an investor,
tenant or other party seeks to sell or transfer an asset and there is
insufficient demand to acquire the asset at the desired price. This could
occur for a variety of reason ranging from erosion in net income to an
increase in cost of capital and thus hurdle rates by potential investors
6.5
Risk Planning
6.5.1
Risk Identification
A risk is any occasion that could keep the project from going ahead as
arranged, or from fruitful consummation. Risks can be distinguished from
some distinctive sources. Some may be very clear and will be distinguished
before project kickoff.
Others will be distinguished amid the venture lifecycle, and a risk can be
recognized by anybody associated with the project. Some risk will be
manufactured into the project itself, while others will be the consequence
of outside impacts that are totally outside the control of the project group.
The Project Manager has general obligation regarding overseeing project
risk. Project colleagues may be allocated particular territories of obligation
regarding answering to the project manager. All through all periods of the
project, a particular subject of discourse will be risk identification. The
103
purpose is to educate the project group in the requirement for risk

awareness, identification, documentation and correspondence.
Risk awareness obliges that each project colleague be aware of what
constitutes a risk to the project, and being delicate to particular occasions
or variables that could conceivably affect the project in a positive or
negative way.
Risk identification comprises of figuring out which risks are liable to influence
the project and documenting the qualities of each. Risk communication
includes conveying risk variables or occasions to the consideration of the
project manager and project team. The project manager will recognize
and report known risk variables amid production of the Risk Register.
It is the manager's obligation to help the project group and different
stakeholders with risk identification, and to record the known and potential
risks in the Risk Register. Overhauls to the risk register will happen as risk
variables change. Risk management will be a theme of discourse amid the
routinely booked task gatherings. The project group will talk about any new
risk components or occasions, and these will be surveyed with the project
manager.
The project manager will figure out whether any of the recently
distinguished risk elements or occasions warrants further assessment. Those
that do will experience risk quantification and risk reaction advancement,
as fitting, and the activity thing will be shut.
Whenever amid the project, any risk components or occasions ought to be
conveyed to the consideration of the project manager utilizing Email or
some other type of composed correspondence to report the thing. The
project manager is in charge of logging the risk to the Risk Register.
Warning of another risk ought to incorporate the accompanying Risk
Register components:
Description of the risk component or occasion, e.g. clashing project or
operational activities that place requests on project assets, unforeseen
study results, delays, and so forth.
104
Probability that the occasion will happen. For instance, a 50% chance
that the seller won't have a creature state that meets the criteria
accessible.
Schedule Impact. The quantity of hours, days, week, or months that a risk
component could affect the timetable. As a case, the creatures require an
extra 3 months to meet age prerequisites.
Scope Impact. The effect the risk will have on the imagined
achievements of the venture. Postponed creature conveyance may bring
about a diminishment in the quantity of studies that can be finished inside
of the agreement time of execution.
Quality Impact. A risk occasion may bring about a lessening in the nature
of work or items that are created. As an illustration, absence of subsidizing
brought about by expense overwhelms may bring about the diminishment
of the study size and effect factual strengthening
Cost Impact. The effect the risk occasion, on the off chance that it
happens is liable to have on the project budget.
6.5.2
Risk Responsibilities
The obligation regarding overseeing risk is shared amongst all the

stakeholders of the project. Be that as it may, decision authority for
selecting whether to continue with moderation procedures and execute
possibility activities, particularly those that have a related expense or asset
prerequisite rest with the Project Manager who is in charge of illuminating
the subsidizing office to focus the necessity for an agreement alteration.
The accompanying tables subtle elements particular obligations regarding
the diverse parts of risk management.
1. Risk Identification: All project stakeholders
2. Risk Registry: Project Manager
3. Risk Assessment: All project stakeholders
4. Risk Response Options Identification: All project stakeholders
5. Risk Response Approval :
105
Table 6.10 Agencies that involved in project and its function

Agencies involved
Klang Municipal Council (MPK)
Function
Implementing sustainable development
at the local level through local Agenda
21
Klang District Land Office
Manage, plan, and administer the

district and the land and carry out
government
policy
efficiently
and
effectively, systematically according to

the laws in question in line with the
policy of regional development, state
and country.
Public Works Department (JKR)
Serves as a technical advisor in

managing
and
implementing
infrastructure projects in the area.

Planning, design and construction of
infrastructure projects.
Serves as the implementing agency and
technical
consultant
to
the
government.
The main services include technical
consultancy,
project
management
services and maintenance management

services which support the country's
construction
sector,
in
particular
infrastructure works.
Tenaga Nasional Berhad (TNB)
TNBs
core
generation,
activities
are
transmission
the
and
distribution of electricity.
Other activities include repair, test and
maintain the power plants, provide
engineering,
procurement
and
106
construction of the power plant related

products, installation and manufacture
of high-voltage switches and so on.
SYABAS
To manage, maintain and distribute

clean water around the concession
area.
Urban
and
Regional
Planning
Department (JPBD)
Identifying and ensuring that the

project would be carried out in
accordance with
the development
strategies provided in the RSN or

otherwise.
Monitor developments in the country
through the implementation of Act
172.
National Security Council (MKN)
To defend the country's sovereignty

and strategic interests by monitoring
controls on the zones of invasion.
The
management
disasters
inside
of
and
crises
and
outside
the
country which covers prevention and

mitigation, preparedness for response
and recovery and reconstruction.
Managing land borders, maritime and
air.
6. Risk Contingency Planning; Project Manager(s)

7. Risk Response Management; Project Managers
8. Risk Reporting; Project Manager
107
6.5.3 RISK ASSESSMENT

Risk assessment is the act of determining the probability that a risk will occur
and the impact that event would have, should it occur. This is basically a
cause and effect analysis. The cause is the event that might occur,
while the effect is the potential impact to a project, should the event
occur.
The last thing that any project will want to face is risks. Projects are
designed to take advantage of resources and opportunities and with
these, come uncertainty, challenges and risk. Hence risk management
becomes a very important key to all project success. The project risk
management plan addresses the process behind risk management and
the risk assessment meeting allows the project team to identify, categorize,
prioritize, and mitigate or avoid these risks ahead of time. Risk assessment is
a step in a risk management procedure. Risk assessment is the
determination of quantitative or qualitative value of risk related to a
concrete situation and a recognized threat. Risk assessment involves
measuring the probability that a risk will become a reality. But in any
project, risk assessment is not a project manager's sole responsibility. A
special meeting has to be conducted to bring in the ideas of the entire
team or at a minimum the following:
Project Manager: Acts as the chairperson and facilitates the risk

assessment meeting
Project Team: The project manager must assign members of the project
team the roles of recorder and timekeeper
Key Stakeholders: Those identified that may bring value in the

identification of project risks or mitigation and avoidance strategies
Subject Matter Experts: Those identified that may specialize in a certain

project activity but are not formally assigned to the project but may add
value
108
Project Sponsor: May participate depending on the size and scope of the
project
For each of the impact categories the impact assessment should include
consideration of the following areas of impact also:
cost
This impact is usually estimated as a dollar amount that

has a direct impact to the project. However, cost is
sometimes estimated and reported as simply additional
resources, equipment, etc. This is true whenever these
additional resources will not result in a direct financial
impact to the project due to the fact the resources are
loaned or volunteer, the equipment is currently idle and
there is no cost of use, or there are other types of
donations that wont impact the project budget.
Regardless of whether there is a direct cost, the
additional resources should be documented in the risk
statement as part of the mitigation cost
Scope
Whenever there is the potential that the final product

will not be completed as originally envisioned there is a
scope impact. Scope impact could be measured as a
reduction of the number of studies completed, or not
providing a deliverable such as an IND.
Schedule
It is very important to estimate the schedule impact of

a risk event as this often results is the basis for elevating
the
other
impact
categories.
Schedule
delays
frequently result in cost increases and may result in a

reduction of scope or quality. Schedule delays may or
may not impact the critical path of the project and an
associated push out of the final end date.
Performance or Quality
Performance or Quality is frequently overlooked as an

impact category and too often a reduction in quality is
the preferred choice for mitigation of a risk. Short cuts
109
and low cost replacements are ways of reducing

cost impacts. If not documented appropriately and
approved by the project sponsor, mitigation strategies
that rely upon a reduction in quality can result in
significant disappointment by the stakeholders.
Most risks will be assigned one category, but some might be assigned more than
one, or all.
6.5.4 Phases of Risk Assessment

In many projects, risks are identified and analyzed in a random, brainstorming,
fashion. This is often fatal to the success of the project, as unexpected risks arise,
which have not been assessed or planned for and have to be dealt with on an
emergency basis, rather than be prepared for and defended against in a
planned, measured, manner. It is essential that potential risks are identified,
categorized, evaluated and documented. Rather than look at each risk
independently and randomly, it is much more effective to identify risks and then
group them into categories, or, to draw up a list of categories and then to identify
potential risks within each category. In general, the following are the usually
followed phases in Risk Assessment.
Identifying Risks
The risk assessment process begins with the identification of risk categories. An
organization most likely will have several risk categories to analyze and identify
risks that are specific to the organization. Examples of risk categories include:
Technical or IT risks.
Project management risks.
Organizational risks.
Financial risks.
110
External risks.
Compliance risks.
For instance, technical risks are associated with the operation of applications or
programs including computers or perimeter security devices (e.g., a computer
that connects directly to the Internet could be at risk if it does not have antivirus
software). An example of a project management risk could be the inadequacy of
the project manager to complete and deliver a project, causing the company to
delay the release of a product to the marketplace. Organizational risks deal with
how the company's infrastructure relates to business operations and the
protection of its assets (e.g., the company does not have clear segregation of
duties between its production and development environments), while financial
risks encompass events that will have a financial impact on the organization (e.g.,
investing the company's cash reserves in a highly speculative investment
scheme). External risks are those events that impactthe organization but occur
outside of its control (e.g., natural disasters such as earthquakes and floods).
Finally, a compliance risk occurs when a company does not comply with
mandated federal regulations, which often results in fines or legal sanctions.
6.5.5
RISK RESPONSE
Risk response is the process of developing strategic options, and

determining actions, to enhance opportunities and reduce threats to the
projects objectives. A project team member is assigned to take
responsibility for each risk response. This process ensures that each risk
requiring a response has an owner monitoring the responses, although the
owner may delegate implementation of a response to someone else.
There are a number of possible responses to risks and as risks can be threats
or opportunities these include responses that are suitable for potential
opportunities. The responses are summarized in the table.
Threats
Opportunities
Avoid
Exploit
111
Risk can be avoided by removing the
The aim is to ensure that the opportunity
cause of the risk or executing the
is realized. This strategy seeks to eliminate
project in a different way while still
the
uncertainty
associated
with
aiming to achieve project objectives. particular upside risk by making the

Not all risks can be avoided or
opportunity definitely happen. Exploit is
eliminated,
this
an aggressive response strategy, best
approach may be too expensive or
reserved for those golden opportunities
timeconsuming
having high probability and impacts
Transfer
Share
Transferring
and
risk
for
others,
involves
finding Allocate risk ownership of an opportunity
another party who is willing to take
to another party who is best able to
responsibility for its management, and
maximize its probability of occurrence
who will bear the liability of the risk
and increase the potential benefits if it
should it occur. The aim is to ensure
does occur. Transferring threats and
that the risk is owned and managed
sharing opportunities are similar in that a
by the party best able to deal with it
third party is used. Those to whom threats
effectively. Risk transfer usually involves
are transferred take on the liability and
payment of a premium, and the
those
costeffectiveness of
this must be
considered when deciding whether to
to
whom
opportunities
are
allocated should be allowed to share in

the potential benefits.
adopt a transfer strategy. Some or all

of the risk is transferred to a third party
for example insurance.
Mitigate
Enhance
Risk mitigation reduces the probability
This response aims to modify the size
or impact of an adverse risk event to an of the positive risk. The opportunity is

acceptable
threshold.
Taking
early enhanced by increasing its probability
action to reduce the probability and/or
and
impact,
thereby
maximizing
impact of a risk is often more effective
benefits realized for the project. If the

112
than trying to repair the damage after
probability can be increased to 100
the risk has occurred. Risk mitigation percent, this is effectively an exploit
may require resources or time and thus
response.
presents a tradeoff between doing

nothing versus the cost of mitigating the
risk.
6.5.6
RISK MITIGATION
The risk mitigation involves development of mitigation plans designed to manage,

eliminate, or reduce risk to an acceptable level. Once a plan is implemented, it is
continually monitored to assess its efficacy with the intent of revising the course-ofaction if needed. Risk mitigation includes:
1) Assume/Accept: Acknowledge the existence of a particular risk, and make
a deliberate decision to accept it without engaging in special efforts to
control it. Approval of project or program leaders is required.
2) Avoid: Adjust program requirements or constraints to eliminate or reduce
the risk. This adjustment could be accommodated by a change in funding,
schedule, or technical requirements.
3) Control: Implement actions to minimize the impact or likelihood of the risk.
4) Transfer:
Reassign
organizational
accountability,
responsibility,
and
authority to another stakeholder willing to accept the risk.

5) Watch/Monitor: Monitor the environment for changes that affect the
nature and/or the impact of the risk.
After the risk has been identified and evaluated, the project team develops a risk
mitigation plan, which is a plan to reduce the impact of an unexpected event.
The project team mitigates risks in the following ways:
Risk avoidance
Risk sharing
113
Risk reduction
Risk transfer
Each of these mitigation techniques can be an effective tool in reducing
individual risks and the risk profile of the project. The risk mitigation plan captures
the risk mitigation approach for each identified risk event and the actions the
project management team will take to reduce or eliminate the risk.
Risk avoidance usually involves developing an alternative strategy that has a
higher probability of success but usually at a higher cost associated with
accomplishing a project task. A common risk avoidance technique is to use
proven and existing technologies rather than adopt new techniques, even
though the new techniques may show promise of better performance or lower
costs.
Risk sharing involves partnering with others to share responsibility for the risk
activities. Many organizations that work on international projects will reduce
political, legal, labor, and others risk types associated with international projects
by developing a joint venture with a company located in that country. Partnering
with another company to share the risk associated with a portion of the project is
advantageous when the other company has expertise and experience the
project team does not have. If the risk event does occur, then the partnering
company absorbs some or all of the negative impact of the event.
Risk reduction is an investment of funds to reduce the risk on a project. On
international projects, companies will often purchase the guarantee of a currency
rate to reduce the risk associated with fluctuations in the currency exchange rate.
A project manager may hire an expert to review the technical plans or the cost
estimate on a project to increase the confidence in that plan and reduce the
project risk. Assigning highly skilled project personnel to manage the high risk
activities is another risk reduction method. Experts managing a high risk activity
can often predict problems and find solutions that prevent the activities from
having a negative impact on the project. Risk transfer is a risk reduction method
that shifts the risk from the project to another party. The purchase of insurance on
114
certain items is a risk transfer method. The risk is transferred from the project to the
insurance company.
6.5.7
RISK CONTINGENCY PLANNING
Contingency planning is a process of developing advance arrangements and

procedures that enable an organization to respond to an event that could occur
by chance or unforeseen circumstances. Contingency plan is a plan used by an
organization or business unit to respond to a specific systems failure or disruption of
operations. A contingency plan may use any number of resources including
workaround procedures, an alternate work area, a reciprocal agreement, or
replacement resources. A contingency plan is a set of procedures that defines
how a business will continue or recover its critical functions in the event of an
unplanned disruption to normal activities. A contingency plan consists of six main
sections:
Executive Summary
Risk Management Goals
Risk Assessment
Business Impact Analysis
Risk Management Strategies
Plan Maintenance
The project risk plan balances the investment of the mitigation against the benefit
for the project. The project team often develops an alternative method for
accomplishing a project goal when a risk event has been identified that may
frustrate the accomplishment of that goal. These plans are called contingency
plans. The risk of a truck drivers strike may be mitigated with a contingency plan
that uses a train to transport the needed equipment for the project. If a critical
piece of equipment is late, the impact on the schedule can be mitigated by
making changes to the schedule to accommodate a late equipment delivery.
115
Contingency funds are funds set aside by the project team to address unforeseen
events that cause the project costs to increase. Projects with a high risk profile will
typically have a large contingency budget. Although the amount of contingency
allocated in the project budget is a function of the risks identified in the risk
analysis process, contingency is typically managed as one line item in the project
budget.
Some project managers allocate the contingency budget to the items in the
budget that have high risk rather than developing one line item in the budget for
contingencies. This approach allows the project team to track the use of
contingency against the risk plan. This approach also allocates the responsibility to
manage the risk budget to the managers responsible for those line items. The
availability of contingency funds in the line item budget may also increase the use
of contingency funds to solve problems rather than finding alternative less costly
solutions. Most project managers, especially on more complex projects will
manage contingency funds at the project level with approval of the project
manager required before contingency funds can be used.
Contingency may also be reflected in the project budget, as a line item to cover
unexpected expenses. The amount to budget for contingency may be limited to
just the high probability risks. This is normally determined by estimating the cost if a
risk occurs, and multiplying it by the probability.
6.6
RISK MONITORING
According to Winch, 2002 this final step of Risk Management is vital since all
information about the identified risks is collected and monitored. The continuous
supervision over the Risk Management helps to discover new risks, keep track of
identified risks and eliminate past risks from the risk assessment and project.
6.6.1
The objectives of risk monitoring are to:
1. Systematically track the identified risks

2. Identify any new risks
3. Effectively manage the contingency reserve
116
4. Capture lessons learned for future risk assessment and allocation efforts
The risk monitoring process occurs after the risk mitigation and planning processes.
It must continue for the life of the project because risks are dynamic. The list of risks
and associated risk management strategies will likely change as the project
matures and new risks develop or anticipated risks disappear.
Occasional project risk reviews repeat the tasks of identification, assessment,
analysis, mitigation and planning. Regularly scheduled project risk reviews can be
used to ensure that project risk is an agenda item at all project development and
construction management meetings. If unanticipated risks emerge or a risk's
impact is greater than expected, the planned response or risk allocation may not
be adequate. At this point, the project team must perform extra reaction wanting
to control the risk.
Risk monitoring and updating tasks can vary depending on unique project goals,
but three tasks should be integrated into design and construction management
plans:
1. Develop consistent and comprehensive reporting procedures.
2. Monitor risk and contingency resolution.
3. Provide feedback of analysis and mitigation for future risk assessment and
allocation.
There are tools and techniques used to risk monitor and control may be:
Risk reassessment identification of new potential risks. This is a constantly

repeated process throughout the whole project.
Monitoring of the overall project status are there any changes in the
project that can effect and cause new possible risks
Status meetings discussions with risks owner, share experience and helping
managing the risks.
Risk register updates
117

6.0 Risk Management

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

6.0 Risk Management

Uploaded by

Copyright:

Available Formats

CHAPTER 6 : Risk Management

CHAPTER 6 : Risk Management

Figure 6.1 : the process of risks management by Smith etal, 2006

management policies, processes and procedures to the tasks of establishing the

Risk Identification- Risk projects, products and businesses that may be

Risk Analysis- The probability of the assessed

Risk Planning- Plans to mitigate (avoid or reduce)

Risk Monitoring - Risks are assessed on an on-going basis

CHAPTER 6 : Risk Management

Figure 6.2: the four basic stages in risk management process

CHAPTER 6 : Risk Management

b) Development of a detailed Work Breakdown Structure (WBS)

Risk quantification should be assigned only when there is reasonable

degree of certainty or confidence in the validity of those metrics.

Risk response strategies applied to reduce or eliminate the

probability of occurrence of a risk event or risk impact.

management process such as who is responsible for managing various

The purpose of risk management is to identify potential problems before we occur

Risk management has objectives before and after a loss occurs

CHAPTER 6 : Risk Management

Risk Management Process

The principal phase of Risk Management Process is fundamentally casual

CHAPTER 6 : Risk Management

Design not cost effective

Schedule does not reflect realistic

Design not completed and not feasible

implementation and training

demonstrated in required operating

Realistic cost objectives not established

Exposure to changes in the price of

Subordinate strategies and plans are

CHAPTER 6 : Risk Management

essential elements such as test and

understood and acted upon.

Lack of operational and financial

Increase in power of negotiation

Weather and seasonal implications

Availability of sufficient transportation

construction equipment spare parts,

In this stage of risk management, risk evaluation are included the

Qualitative Risk Analysis

CHAPTER 6 : Risk Management

Tools & Techniques

Risk management Plan

Quantitative risk analysis & modeling techniques

management Expert judgment

a. Input of Qualitative risk analysis

CHAPTER 6 : Risk Management

Risk management plan

Roles & responsibilities

Figure 6.3: Risk management plan

Enterprise Environmental Factors

Organizational Process Assets

CHAPTER 6 : Risk Management

Risk probability & impact assessment

Risk Probability and Impact Assessment

Probability and Impact Matrix

CHAPTER 6 : Risk Management

Table 6.3: Probability and impact matrix table

Pink boxes indicate the ones to be monitored.

CHAPTER 6 : Risk Management

Risk Data Quality Assessment

Risk Urgency Assessment