Risk is a function of the possibility of something occurring and the extent of losing in

consequence to it. Losses can be direct or indirect. For example, an earthquake can cause the
direct loss of buildings. Indirect losses include lost reputation, lost customer confidence, and
increased operational costs during recovery. The chances of something occurring will influence
the attainment of project goals (Partnerships BC, 2005 and NIST, 2004). “Risks are usually
defined by the adverse effect on profitability of various sources of uncertainty. While the nature
and extent of risks in company may be unveiled to a number of aspects such as its size,
complexity business activities, volume etc (SBP, 2003)

Running a business can be unsafe occupation with various types of risk. Some of these possible
threats can destroy a business, while others can be a reason of serious harm that can be expensive
and time consuming to overhaul. Inspite of the inherent risks implicit in business, CEOs
and/or risk management team can brace themselves no matter the size of the business, from small
to corporate giant - can prepare for them if they know what they are.

Risk Management is the execution of proactive approach to plan, lead, organize, and handle the
wide variety of risks that are rushed into the dynamics of an organization. Risk management
plays significant role in accomplishment of project objectives thus getting overall project
success. (Khan T., Ahmed, H, 2001. Risk management permits a balance to hit between taking
risks and reducing them. Effective risk management can complement value to any organization.
Specifically, companies working in the investment industry depend heavily on risk management
as the base that permits them to withstand market crashes. An effective risk management
framework seeks to protect an organization's capital base and earnings without obstructing
growth. Furthermore, investors are more eager to finance in companies with good risk
management practices. This generally results in lesser borrowing costs, easier access to capital
for the firm and improved long-term performance (Investopedia, Feb 2015). There are six crucial
components that must be considered when creating a risk management framework; they are:

 Risk identification
 Risk assessment/measurement
 Risk mitigation/controlling
 Risk reporting & monitoring
 Risk governance

Effective risk management approaches permit companies to recognize project’s strengths,

weaknesses, opportunities and threats. By planning for unanticipated events, companies can be
ready to reply if they arise. Successful project managers recognize that risk management is vital,
as achieving project’s objectives rely on planning, preparation, outcomes and assessment that
contribute to attaining strategic goals. Even though risk management is one of the main needs in
project management, it is identified that little has been done in this respect. (Junior.R. R, 2013).
Every project is different, and includes some degree of improbability. Still, many organizations
are inclined to assume that all their projects will succeed, and usually fail to consider and
examine their project risks, and formulate if some- thing goes wrong. This approach usually
leads to project failure and unsatisfactory results and as many studies have shown, project
success rates are less than acceptable. (Raz. T, March 2002). To escalate the chances of a
proposed project succeeding, it is necessary for the organization to have knowledge of potential
risks, to analytically and quantitatively evaluate these risks, expecting likely causes and effects,
and then choose suitable methods of handling them. (Kishk. M, 2008).

Running a business shows inherent risks that cannot be evaded. However, a complete risk
management strategy can reduce or evade the financial exposure, or the risk itself, through
insurance and avoidance wayouts. The conventional wisdom says that going into depth of risk
management slows your business, but a new report from PwC finds the contrary is true:
Companies that put a premium on risk management are seeing improved growth and amplified
profit margins. (Olavsrud, T, Apr 2015). While business risks exist in large number, their
consequences can be damaging, there are methods to protect against them, to avoid them and to
reduce their damage when they hit. Finally, hiring a risk management consultant may be a
cautious step in the avoiding and management of risks. (Davis, M. 2015).

Risk management is the method to manage the probable risks by identifying, analyzing and
addressing them. The method can assist to decrease the negative effect and emerging
opportunities. The consequences may assist to reduce the possibility of risk and its negative
effect when it occurs (Partnerships BC, 2005). Risk management includes identifying,
measuring, monitoring and controlling risks. It confirms that the individual evidently
understands risk management and accomplishes the business approach and goals (SBP, 2003).
Risk management is mostly about handling improbability, according to Steven Minsky, CEO
of LogicManager being conscious about the root cause of adverse outcomes assists organizations
anticipate and manage events that might affect reputation. (Lamont,J. 2015). All organizations
large and small should have a risk management team in place, but the bigger the organization,
more the possibility of risks. Therefore, plans must be complete in order to guard against those
risks. Regardless of the size of the business, each risk needs to be ranked. This permits rapid
execution if a risk arise in actual because project team will know which risks should be dealt
with first if two or more were to occur at the similar time. (Moskowitz,D. July 2015).

Risk management approaches have recently been published in a few papers. It is established
by reading previous publications that the risk management process is elaborated differently by
different authors. According to SBP (2003), a risk management framework outlines the
scope, the process/system/procedures to handle risks and the roles and responsibilities of the
individual related to risk management. The effective risk management framework includes the
risk management policies and procedures which cover risk identification, acceptance,
measurement, monitoring, reporting and control.

The National Institute of Standards and Technology (NIST, 2004) reviews the risk management
procedures in three parts: risk assessment, risk mitigation and evaluation and assessment. The
risk assessment process comprises identification, evaluation of risk impact and
recommendation of risk-reducing measures. Risk mitigation encompasses prioritizing,
maintaining and executing the appropriate risk-reducing controls suggested by the risk
assessment. Finally, evaluation and assessment focuses on continuous evaluation process and
the crucial factors for a fruitful risk management program.
Grabowski and Roberts (1999) studied the problem of risk mitigation and recommended a
process intended to support the high level of performance in an organization. They recognized
following four important factors:

 Organizational Structuring and Design

 Communication
 Organizational Culture
 Trust

The objective of a risk management framework is to guarantee that risk management principles
are applied and integrated all over the organization and that information acquired from the risk
management process is properly reported. Consequently, the main purpose of the framework is
to generate a steady foundation for the risk management work and to project the organisational
arrangements correctly in order to have a vibrant approach and a basis for decision making
throughout the organisation. (ISO, 2009). Effective risk management plays vital part in any
company's hunt of financial steadiness and greater performance. The acceptance of a risk
management framework which implants best practices into the firm's risk culture can be the
foundation of an organizations' financial prospect. (Investopedia, Feb 2015).

To reduce the chances that something unpleasant will occur it's vital for organizations to have a
thorough risk management strategy in place. Risk management did play a part proceeding to
the Financial Crisis of 2007-2008. Back then, if an organization didn’t find a way to avoid risk, it
could still get back on path. This wouldn’t be a pleasing experience, but in most circumstances,
there was no upsetting blow. That is surely not the case in current era. If an organization fails to
avert or at least mitigate risk via risk management approaches, it could very well fail.
(Moskowitz,D July 2015).

A literature survey disclosed that other studies had come to analogous conclusions. For example,
a study by IBM5 found a cleat association between company success and the existence of risk
management principles. Their set of high performing organizations had greater return on
investment of (9.3% vs. 7.9%) and a higher yearly development rate (18.7% vs. 16%). 35% of
their outperformers had formal risk identification procedures versus 8% of under performers and
35% of their outperformers routinely monitored risk factors versus 10% of their
underperformers.

Achieving project success requires not just good front end definition and a well integrated
project team. Project success also hinges on good management of project risks. This requires
teams to:

 Identify, evaluate, and register risks and key informa-tion

 Assess risk severity/manageability
  Develop mitigation and contingency plans
 Actively track the risks and mitigation plans

Arranging a risk identification session timely in a project, as part of the front end growth process
will advance the project teams likelihoods of having a successful project. (Schroeder, B et.al.,
Jan 2011). Now a day’s risk management has become necessity in terms of management in every
sector. Akintoye and MacLeod said that in project profession, risk management plays a vital role
because of its effectiveness. Bernstein proposed a saturated historical outlay of risk and its
importance to the project managers. The dual characteristics of risk is the another aspect, from a
negative prospective which can be considered as a threat but can also be considered as a positive
point of view (opportunity) (Hillson,2001, Word and Chapman, 2003). For them risk is usually
related to the uncertain events that can impact on objectives of project negatively or positively.
They elaborated that the complete risk management should focuses on dealing uncertainties as
risk is always subjected with threats of unplanned events of projects. In addressing the inherit
risk, tactical approach is on top because it identifies all risk that have an impact on program
performance and issuing statements, whereas systematic approach is top-down that is an
altogether view of risk presentable by top management.

The employees of different organization need to be trained or need to be given some basic
training related to the risk in their current environment of the organization that make them
capable enough to inform top hierarchy of the organization about the expected risk. Furthermore,
even if an organization built a team in order to fulfill the responsibility of managing and dealing
an organization’s risk, the team should be collaborating with other non risk management
employees in order to have an improved communication from both ways. Usually it is noted that
in organizations most of the project failures occurred because of the unbalanced and badly
managed communication and also because of the lack of risk communications (Bronte-Stewart,
2009; Jutte, 2010). Employees should be given the basic information about the risk moreover
they should be encouraged to identify or point out any risk, this will surely help to increase the
effectiveness of managing the risk.

In current environment there are various type of risks which includes operational risk, strategic
risk and financial risk. Credit risk, liquidity risk, foreign exchange rates and derivative are some
economic condition which can cause loss and refer to the financial risk (Jones,2006; Benston et
al, 2003). LI and LIU 2002 describes the strategic risk on the basis of uncertainty loss of the
overall organization, technological advancement, regulatory policies and political
implementation may be the reason of strategic risk. Operational risk is more concerned towards
the internal problem for example product flows information risk and employee fault. (Carvalho.J,
2013)

“Understanding the impact of Project Risk Management on Project Performance’ an empirical

study”, Junior and Carvalho ( 2013), Volume 8.
When we talk about risk management it is an integral part of every organization strategic
management. Tactical approach is one which is designed for the identification of all risk that can
impact a project performance and allowing statement separately for each risk; while systematic
approach is one which is allocated for a broad view of risk identification by top management
Risk Management can be synergized by joining both the tactical and systematic approaches for
effective risk management. Ahmad and elkhalek, ( 2011)

Critical Factors of effective information systems risk management, Ahmad abd elkhalek, 2011
Master’s degree project.

When it comes to engineering sector it is considered as a wide area which rely on heavy
investment moreover, the rate of risk in engineering sector is higher than other sectors. Risk
management in engineering sector is implemented to comprehend the possible future risks rather
than being reactive. Its purpose us to estimate the major and common risks, which cause bad
effect on the execution of project. The risk management concept is very less popular technique in
the engineering sector, and then it is obligatory to extent awareness of the same risk. As of now
compared with other industries the engineering sector suffers a chronic shortage of experienced
and trained staff to deal with risks, nonetheless unskilled workers are available in large amount
from different part of the country. In some companies the problem of improper project planning
and budgeting, poor relation with government departments, lack of teamwork, change of top
management further enhance the problem on unattended risk management. To overcome these
problems, those factors of severity must be recognized and condensed to solve the problem.
Some of these factors are;

 Lack of Team Work

 No Past Experience in Similar Projects
 Improper project planning and budgeting.
 Change of top management.
 Sub-contractor related problem.
 Poor relation and disputes with partner.
 Poor relation with government departments.
 Internal management problem.