PROJECT RISKS AND DISASTER MANAGEMENT

Risk is defined as the possibility of suffering harms, loss or danger. It can be

uncertainty of outcome, whether positive opportunity or negative threat, of
actions and events. The risk has to be assessed in respect of the
combination of the likelihood of something happening, and the impact which
arises if it does actually happen.
Strictly speaking risk involves only the possibility of suffering harm and loss.
Risk management is the systematic process of proactively managing
uncertainties, constraints and assumptions in order to increase the likelihood
of meeting the project objectives like quality, budget and schedules.
Risks should be related to objectives. Risks can only be assessed and
prioritised in relation to objectives and this can be done at any level of
objectives in the organisation. The individual risks which an organisation
identifies will not be independent of each other; rather they will typically
form natural groupings. For instance, there may be a number of risks which
can be grouped together as “resources” and further risks which can be
grouped together as “environmental”. It is necessary to adopt an appropriate
approach or tool for the identification of risk.
RISK AFFECTING THE PROJECT
There are several risks in engineering work, they include the following
Physical work risk: These are risk associated with the physical
work/activities carried out in the project like the existence of loose soli for
foundation work which might be identified after signing the work contract
and commissioning the project it may also include issues like poor
foundation construction, defective materials and workmanship
Delays and disputes like possession of site, late supply of information and
inefficient execution of work. These are delays outside the control of the
parties.
Direction and supervision risks like greed, unreasonableness,
inefficiency, incompetence-lack of illusion, compliance with the requirement
and inappropriate consultants and contractors

MWAKA ISAAC PHILLIP_DPPM Page 1

PROJECT RISKS AND DISASTER MANAGEMENT

Damages and injures to properties and persons like negligence or breach

of warranty, uninsurable matters like weather and death, accident,
consequential risks as a result of other happenings and exclusions (cars are
parked at owners risks)
External factors like government policies on taxes, labour, safety and other
laws, approval of plans and design by relevant authority, malicious damage
and industrial disputes.
Payment risk like delay in settling claims and certification, delayed
payment itself, legal limits on recovery of interests, exchange rates and
insolvencies that is no capacity to pay or funding constraints
Law and Arbitration like injustices, uncertainty due to lack of records,
ambiguity of the contract, new interpretation of common law and change in
statutes.
RISK MANAGEMENT STRATEGIES
Risk is unavoidable, and every organisation needs to take action to manage
risk to a level which is tolerable. Risk management is a term used for the
systematic approach and practice of managing uncertainty and potential
losses, involving risk assessment and analysis and the development of
strategies and specific actions to control and reduce risks and losses. The
resources available for managing risk are finite and so the aim is to achieve
an optimum response to risk, prioritised in accordance with an evaluation of
the risks. The amount of risk which is judged to be tolerable and justifiable is
the “risk appetite”.
Risk management includes identifying and assessing risks (the “inherent
risks”) and then responding to them.
Risk is uncertainty of outcome, and good risk management allows an
organisation to: have increased confidence in achieving its desired
outcomes; effectively constrain threats to acceptable levels; and take
informed decisions about exploiting opportunities.

MWAKA ISAAC PHILLIP_DPPM Page 2

PROJECT RISKS AND DISASTER MANAGEMENT

Good risk management also allows stakeholders to have increased

confidence in the organisation’s corporate governance and ability to deliver.
Response to risks, which is initiated within the organisation, to risk is called
“internal control” and may involve one or more of the following: tolerating
the risk; treating the risk in an appropriate way to constrain the risk to an
acceptable level or actively taking advantage, regarding the uncertainty as
an opportunity to gain a benefit; transferring the risk; terminating the
activity giving rise to the risk.
In any of these cases the issue of opportunity arising from the uncertainty
should be considered.
The management of risk is not a linear process; rather it is the balancing of a
number of interwoven elements which interact with each other and which
have to be in balance with each other if risk management is to be effective.
Furthermore, specific risks cannot be addressed in isolation from each other;
the management of one risk may have an impact on another, or
management actions which are effective in controlling more than one risk
simultaneously may be achievable.
There three components of managing risks, that is, classification,
identification and mitigation, however in the construction and or engineering
projects risk management can be looked at in two different ways, that is,
identification and mitigation.
Identification
Risk identification involves determining which risk might affect the project
and documenting their characteristics.
• External unpredictable risks like unexpected government intervention,
natural hazards, vandalism and sabotage, unexpected side effects and
failure to complete tasks as schedules
• External predictable uncertain like major changes in the market,
operational risks, environmental impact, social impact and inflation.

MWAKA ISAAC PHILLIP_DPPM Page 3

PROJECT RISKS AND DISASTER MANAGEMENT

• Internal non technical like schedule delays cost overruns, cash flow
interruptions
• Technical like changes in technology, operational performance, special
project technology, changes and suitability.
• Legal like licence can affect, patent rights/ copy rights, contractual
failure, law suits, and force majeure (for issues like things beyond
human control like floods, lightening etc).
Mitigation
• Insurable like direct property damage, indirect consequential loss, legal
liability, criticality and amount of assessment.
• Impact assessment/Analysis like baseline changes in or out of scope,
contingency planning and variation in the project lifecycle.
• Response planning looks at risk allocation, carryout mitigation through
revising scope , budget, schedule and insurance bonding.
• Response system looks at definition of risks and must be within
policies and procedures, responsibility must be clear. Design a risk
model that is the process how risk will be handled. the system must be
monitored and revised for its to manage risk
• Data applications historical data base is important, current project
data, post project assessment
The following strategies are helpful in management of project risks
Tolerate the risk: The exposure may be tolerable without any further
action being taken. Even if it is not tolerable, ability to do anything about
some risks may be limited, or the cost of taking any action may be
disproportionate to the potential benefit gained. In these cases the response
may be to tolerate the existing level of risk. This option, of course, may be
supplemented by contingency planning for handling the impacts that will
arise if the risk is realised.
Treat the risk: By far the greater number of risks will be addressed in this
way. The purpose of treatment is that whilst continuing within the

MWAKA ISAAC PHILLIP_DPPM Page 4

PROJECT RISKS AND DISASTER MANAGEMENT

organisation with the activity giving rise to the risk, action (control) is taken
constrain the risk to an acceptable level
Transferring the risk: The best way to manage some risks is to transfer
them to another party like the Insurance firms. This might be done by
conventional insurance, or it might be done by paying a third party to take
the risk in another way. This option is particularly good for mitigating
financial risks or risks to assets. The transfer of risks may be considered to
either reduce the exposure of the organisation or because another
organisation (which may be another government organisation) is more
capable of effectively managing the risk. It is important to note that some
risks are not (fully) transferable – in particular it is generally not possible to
transfer reputational risk even if the delivery of a service is contracted out.
The relationship with the third party to which the risk is transferred needs to
be carefully managed to ensure successful transfer of risk.
Terminate: Some risks will only be treatable, or containable to acceptable
levels, by terminating the activity. It should be noted that the option of
termination of activities may be severely limited in government when
compared to the private sector; a number of activities are conducted in the
government sector because the associated risks are so great that there is no
other way in which the output or outcome, which is required for the public
benefit, can be achieved. This option can be particularly important in project
management if it becomes clear that the projected cost / benefit relationship
is in jeopardy.
Take the opportunity: This option is not an alternative to those above;
rather it is an option which should be considered whenever tolerating,
transferring or treating a risk. There are two aspects to this. The first is
whether or not at the same time as mitigating threats; an opportunity arises
to exploit positive impact. For example, if a large sum of capital funding is to
be put at risk in a major project, are the relevant controls judged to be good
enough to justify increasing the sum of money at stake to gain even greater

MWAKA ISAAC PHILLIP_DPPM Page 5

PROJECT RISKS AND DISASTER MANAGEMENT

advantages? The second is whether or not circumstances arise which, whilst

not generating threats, offer positive opportunities. For example, a drop in
the cost of goods or services frees up resources which can be re-deployed.
Preventive controls: These controls are designed to limit the possibility of
an undesirable outcome being realised. The more important it is that an
undesirable outcome should not arise, the more important it becomes to
implement appropriate preventive controls. The majority of controls
implemented in organisations tend to belong to this category. Examples of
preventive controls include separation of duty, whereby no one person has
authority to act without the consent of another (such as the person who
authorises payment of an invoice being separate from the person who
ordered goods prevents one person securing goods at public expense for
their own benefit), or limitation of action to authorised persons (such as only
those suitably trained and authorised being permitted to handle media
enquiries prevents inappropriate comment being made to the press).
Corrective controls: these controls are designed to correct undesirable
outcomes which have been realised. They provide a route of recourse to
achieve some recovery against loss or damage. An example of this would be
design of contract terms to allow recovery of overpayment. Insurance can
also be regarded as a form of corrective control as it facilitates financial
recovery against the realisation of a risk. Contingency planning is an
important element of corrective control as it is the means by which
organisations plan for business continuity / recovery after events which they
could not control.
Directive controls: These controls are designed to ensure that a particular
outcome is achieved. They are particularly important when it is critical that
an undesirable event is avoided - typically associated with Health and Safety
or with security. Examples of this type of control would be to include a
requirement that protective clothing be worn during the performance of

MWAKA ISAAC PHILLIP_DPPM Page 6

PROJECT RISKS AND DISASTER MANAGEMENT

dangerous duties, or that staff be trained with required skills before being
allowed to work unsupervised.
Detective controls: These controls are designed to identify occasions of
undesirable outcomes having been realised. Their effect is, by definition,
“after the event” so they are only appropriate when it is possible to accept
the loss or damage incurred. Examples of detective controls include stock or
asset checks (which detect whether stocks or assets have been removed
without authorisation), reconciliation (which can detect unauthorised
transactions), “Post Implementation Reviews” which detect lessons to be
learnt from projects for application in future work, and monitoring activities
which detect changes that should be responded to.

CHALLENGES IN MANAGING RISKS

The economy: Both domestically and internationally, is another important
element of the risk environment. Whilst for most organisations the general
economy is a given, it does affect the markets in which they have to function
in obtaining or providing goods and services; in particular the economy can
have an effect on the ability of an organisation to attract and retain staff with
the skills which the organization needs (ESPON Folke, C., et al. 2002).
Laws and regulations: These can have an effect on the risk environment.
It is important for an organisation to identify the ways in which laws and
regulations make demands on it, either by requiring the organisation to do
certain things or by constraining the actions which the organisation is
permitted to take. For example, the way in which an organisation handles
the risk of staff performing inadequately is constrained by employment
legislation (UNDP 2004; Girot, P. (2002)).
Government: A particular aspect of the risk environment which is important
for organisations is Government itself. In principle, government organisations
exist to deliver the policies which the Government and its Ministers have
decided upon. There is a particular strand of risk management which is

MWAKA ISAAC PHILLIP_DPPM Page 7

PROJECT RISKS AND DISASTER MANAGEMENT

important in providing Ministers with risk based policy advice. Nevertheless,

officials in government organisations may be constrained in the risks which
they do or do not take by policy decisions (Heltberg, R., P.B. Siegel. S.L.
Jorgensen (2010; Schmidt-Thomé, P. 2005).
Stakeholder expectation: Every organisation is also constrained by
stakeholder expectation. Risk management actions, which appear good
value and effective in the abstract, may not be acceptable to stakeholders.
For government organisations this is especially important in respect of
relationships with the public actions that would be effective at dealing with a
specific risk may have other effects that the public are unwilling to accept
(Girot, P. (2002; Rennie, J.K. and N. Singh 1996).
Risks from drought and climate change are poorly understood: This
is quite a new subject in Uganda and not considered in government policy
and planning. Lack of information on water resource to know sustainable
yield or on which to base government planning
No long-term data showing trends in risk management: This kind of
information would become useful in 10 or 20 years time for long-term
planning for example; we don’t know how groundwater contamination in
urban areas is thought to be an increasing problem. What are the sources
and causes of groundwater contamination in rural and urban areas?
Mismanagement of natural resources: Some key threats to watersheds
are: illegal logging, forest fire, slash and burn farming practices, overgrazing
and confusion over land tenure. What is the relative and cumulative impact
of each of these pressures? Communities are willing to put significant effort
into risk mitigation (e.g. groins on rivers for flood prevention), but there isn’t
any mechanism for coordination or early warning system from top of
catchment to bottom.
National coordination, capacity building and knowledge
management: The activities of the various Ministries are not coordinated
toward National risk management objectives at present. Lack of

MWAKA ISAAC PHILLIP_DPPM Page 8

PROJECT RISKS AND DISASTER MANAGEMENT

Government capacity to gather and store data on risk management:

Project information and research on risks is currently dispersed with no
central repository or way of disseminating/accessing information within
Uganda (UNDP 2004; Schmidt-Thomé, P. 2005).
Know-how to make use of certain risk-management tools: (e.g.
futures and options markets) can be acquired only at high start-up
transaction costs and is, therefore, not always available to farmers.
Poor perception: Most people in the construction industry perceive risks
they face as being smaller than they actually are, resulting in low demand
for risk-management tools (“Cognitive failure”). Events of low probability,
which are associated with high potential losses (catastrophes), are very likely
to be neglected in individual decision making (Kasperson, J.X., R.E.
Kasperson and B.L. Turner 1996).
Re-insurance is often necessary in order to cover big natural hazard
risks: However, re-insurance can be very expensive, especially after
catastrophes have happened, making an insurance product commercially in-
viable. Furthermore, agricultural reinsurance markets are limited, because of
the special know-how involved and because the expected returns for
covering the high set-up costs might not be attractive enough (Girot, P.
(2002).
Complexity: Changing demands and necessary programme adjustments
increase complexity and decrease transparency. This makes it easier for the
various stakeholders to engage in rent-seeking.
Limits of comprehensiveness: Even insurance systems benefiting from
considerable public support do not have universal take-up rates. Farmers´
needs vary widely and no system can be tailored to meeting everyone’s
needs. Therefore, the political demand for providing ad-hoc aids remains
considerable (Rennie, J.K. and N. Singh 1996; Schmidt-Thomé, P. 2005).
Equity and influence on production: Since premium subsidies are
normally set as a percentage of premia, farmers and regions facing the

MWAKA ISAAC PHILLIP_DPPM Page 9

PROJECT RISKS AND DISASTER MANAGEMENT

highest risk receive the highest subsidies. Due to these subsidies, producers
might not abandon production in high-risk areas, which can result in
significant costs for society as a whole (Rennie, J.K. and N. Singh 1996).
Limited resources: The resources available for managing risk are finite
making it hard to achieve an optimum response to risk. This makes us more
reactive than proactive to risk management. Most disasters in Uganda are
the responsibility of international organizations.

BIBLIOGRAPHY
1. Cutter, S. L., Boruff, B. J. & Shirley, W. L. (2003). Social Vulnerability
to Environmental Hazards. Social Science Quarterly 84 (2), 242–
261.

2. Rennie, J.K. and N. Singh (1996). Participatory Research for

Sustainable Livelihoods. Winnipeg: IISD.

3. UNDP (2004). “Reducing Disaster Risk.” A Challenge for

Development. United Nations Development Programme, Bureau for
Crisis and Recovery. The World Bank: Washington, D.C.

4. ESPON Hazards project (2005). The spatial effects and

management of natural and technological hazards in general
and in relation to climate change. Finland.

5. Geneva: IPCC, 2001.

6. Girot, P. (2002) “Scaling up: Resilience to hazards and the

importance of cross-scale linkages.” Paper presented at the UNDP
Expert Group Meeting on Integrating Disaster Reduction and
Adaptation to Climate Change, Havana, Cuba, June 17–19, 2002.

MWAKA ISAAC PHILLIP_DPPM Page 10

PROJECT RISKS AND DISASTER MANAGEMENT

7. Heltberg, R., P.B. Siegel. S.L. Jorgensen (2010). “Social Policies for
Adaptation to Climate Change.”

8. Intergovernmental Panel on Climate Change. Climate Change 2001:

Impacts, Adaptation and Vulnerability, Summary for Policymakers
and Technical Summary of the Working Group II Report.

9. Kasperson, J.X., R.E. Kasperson and B.L. Turner (1996). Regions at

Risk: Comparisons of Threatened Environments. New York:
United Nations University Press,

10. Schmidt-Thomé, P. (2005). The Spatial Effects and Management

of Natural and Technological Hazards in Europe – final report of
the European Spatial Planning and Observation Network (ESPON)
project 1.3.1. Geological Survey of Finland.

MWAKA ISAAC PHILLIP_DPPM Page 11