Project Risk Management

Project Risk
+
Opportunity
• Uncertain event
or condition that,
if occurs, has an
Cause
effect (impact) on
Impact at any of the
Event
(Condition)
project objectives
(Time, Cost,
Quality, Scope)
-
Threat • Impact could be
+ve or –ve
 Risk
➢ Can never be totally eliminated.

➢ Greatest in the beginning of a

project.

➢ Should be addressed proactively

and consistently throughout the
project

3
 Project Risk Management
➢ Is the systematic process of Identifying, Analyzing, and Responding
to project risks

➢ Maximizing the probability and consequences of positive events

(Opportunities) to Project Objectives
AND
➢ Minimizing the probability and consequences of adverse events
(Threats) to Project Objectives
6
 Plan Risk Management
➢ The process of deciding
how to approach and
conduct the risk
management activities for
a project
➢ Describes how risk
identification, qualitative
and quantitative analysis,
response planning,
monitoring, and control
will be structured and
performed during the
project life cycle
 Plan Risk Management
inputs Tools & techniques outputs

1. Project Management 1.Analytical techniques 1. Risk Management

Plan 2. Expert judgment Plan

2. Project Charter 3. meetings

3. Stakeholder register

4. Enterprise

environmental factors

5. Organizations process

assets
 Probability
Timing Impact
Matrix
Tracking & Reporting
Auditing Format

Budgeting Categories

Roles & Stakeholders’

Responsibility Tolerance

Definitions of
Methodology RM Plan P&I

How risk management will be structured and performed on the project

 Sample Risk Management Plan

Roles and
Required Work Responsibilities
Time Methodology Budget

Identify Risks Abdo 3 weeks Brainstorming $2000

Perform Omar 2 weeks P & I assessment $4000

Qualitative Risk
Analysis

Perform Salma 1 week Monte Carlo $2500

Quantitative Risk
Analysis
Plan Response to Ali 2 week Response $6000
Risks strategies

Monitoring & Ahmed All Project Audit $18,000

Control Risks period
Risk Categories
Definition of Risk Probability and Impact
 P & I Matrix
Probability Impact
Very Low Low Moderate High Very High

Very High

High

Moderate

Low

Very Low
Probability Impact
Very Low Low Moderate High Very High
0.05 0.10 0.20 0.40 0.80

Very High .045 .09 .18 .36 .72

90%
.035 .07 .14 .28 .56
High 70%

.025 .05 .10 .20 .40

Moderate
50%

.015 .03 .06 .12 .24

Low 30%

.01 .01 .02 .04 .08

Very Low
10 %
 Identify Risks
➢ Involves determining

which risk events might

affect the project and
documenting their
characteristics.

➢ Everyone should be

involved in risk
identification
 Identify Risk
inputs Tools & techniques outputs
1. Risk Management Plan 1. Risks register
1. Documentation reviews
2. Activity Cost Estimates
3. Activity Duration Estimation
2. Information-gathering
4. Scope Baseline techniques
5. Stakeholder Register
3. Checklists analysis
6. Cost management Plan
7. Schedule Management Plan
4. Assumptions analysis
8. Quality Management Plan 5. Diagramming technique
9. H R Management plan
6. SWOT Analysis
10. Procurement documents
11. Project Documents
7. Expert Judgment
12. Enterprise Environmental
Factors
13. Organizational Process Assets
 Brainstorming
• Objective is to
obtain a LIST of
project risks.
• Done by TEAM with
outside experts.
• Use RBS as a
guideline
• An expert facilitator
leads the
discussions.
 SWOT Analysis
➢ Examines project
from all SWOT
perspectives:
➢ Strength
➢ Weakness
➢ Opportunity
➢ Threats
 11.3. Perform Qualitative Risk Analysis
➢ Method for
prioritizing the
identified risks for
further actions.
➢ The process of
assessing the
impact and
likelihood of
identified risks.
➢ Should be revised
during the project
life cycle.
Perform Qualitative Risk Analysis
inputs Tools & techniques outputs

1. Scope baseline 1. Risk probability & impact Project documents

(updates
2. Risk Management Plan assessment
3. Risk register
2. Probability & impact matrix
4. Enterprise
3. Risk data quality
environmental factors
assessment
5. Organizations process
assets 4. Risk categorization
5. Risk urgency assessment
6. Expert Judgment
 Perform Risk Quantitative Analysis

➢It is the process of

numerically assessing
the probability and
impact of each risk and
determining the extent
of the overall project
risk.
 Perform Risk Quantitative Analysis

inputs Tools & techniques Outputs

1. Risk Register 1. Quantitative Risk 1. Project document
2. Risk, Cost, Schedule analysis and Modeling updates
mgmt plans techniques
3. OPA 2. Data Gathering and
4. E E F Representation
techniques
3. Expert Judgment
 Plan Risk Response
➢ The process of
developing
options and
determining
actions to
enhance
opportunities
& reduce
threats to the
projects
objectives.
 Plan Risk Response
inputs Tools & techniques outputs

1. Risk management 1. Strategies for negative 1. Project

plan risk or threats management Plan

2. Risk register 2. Strategies for positive Updates

risk or opportunities 2. Project Documents
3. Contingent response Updates
strategy
4. Expert Judgment
 Response strategies for threats
Avoidance
(Prevention)

Transference
(Shift Responsibility)

Mitigation
(Corrective action)

Acceptance
(Accept consequences)
 Response Strategies for Opportunities

Exploit

Share

Enhance

Accept
➢Secondary Risk:
risks that arise as a direct result of
implementing a risk response.

➢Residual Risk:
risks that remain after avoidance,
transfer or mitigation responses
have been taken. This also
includes minor risks that have
been accepted.
Is the process of Control Risks
responding to
identified and
unforeseen risk. It
involves tracking
identified risk ,
identifying new risks ,
implementing risk
response plans, and
monitoring their
effectiveness.
 Control Risks
inputs Tools & techniques outputs
Project Management Risk audits Work performance
Plan information
Risk Reassessment
Change requests
Risk Register Variance & Trend Analysis
Project
Technical Performance management plan
Work Performance
Measurement updates
data
Reserve Analysis OPA updates
Work Performance
Reports Meetings Project docs updates
 Project Risk Response Audit
➢ An examination of the effectiveness of risk response plans and
the performance of the risk owner.

➢ Project Risk Response Audit Process

➢ Gather relevant project data regarding work results including
risk database.
➢ Review the risk response plans and implementation of the
plans.
➢ Prepare a report of the findings and distribute to the project
team and key stakeholders.
➢ Workaround Plans
➢ Unplanned responses to emerging risks that were previously
unidentified or unexpected.
QUESTIONS?
Risk transference nearly always involves:

A) Eliminating risk through beta testing.

B) Policies and procedures for a response system.

C) Accepting a lower profit if some activities overrun their budget.

D) Payment of a risk premium to the party taking on the risk.

 To be successful, the organization should
be committed to address risk
management:
A) Just in time before a meeting with major stakeholders
of the project.

B) Proactively and consistently throughout the project.

C) As soon as time and cost estimates are ready.

D) As early as possible in the execution phase.

The Delphi technique has all of the
following characteristics EXCEPT

A) It is a way to reach a consensus of experts on a subject such as

project risk.

B) It is a technique in which project risk experts participate

anonymously.

C) It helps reduce bias in the data and keeps any one person from
having undue influence on the outcome.

D) It is based on an ancient Greek technique to insure that actions

of subordinates are aligned with the vision of senior executives.
The risk rating :
A) Is calculated by multiplying the probability of the occurrence of a
risk times its impact (relative scale) on an objective(e.g., cost, time,
scope, or quality) if it were to occur.

B) Is the sum of squares of the scale values assigned to the estimates

of probability and impact.

C) Cannot be used to determine whether a risk is considered low,

moderate, or high.

D) Is a commonly used technique for risk avoidance.

 The risk management plan generally
includes all of following EXCEPT

A) Methodology.

B) Definitions of risk probability and impact.

C) Responses to individual risks.

D) Probability and impact matrix.

If a project has a 60 percent chance of a US $100,000
profit and a 40 percent chance of a US $100,000 loss,
the expected monetary value for the project is:

A )$100,000 profit.
B )$60,000 loss.
C )$20,000 profit.
D )$20,000 loss.
All of the following are ALWAYS input to the risk
management process EXCEPT:

A )Historical information.
B )Lessons learned.
C )Work breakdown structure.
D )Project status reports.
Workarounds are determined during which risk
management process:

A )Identify Risks.
B )Perform Quantitative Risk Analysis.
C )Plan Risk Responses.
D ) Control Risks.
During which risk management process is a
determination to transfer a risk made?

A )Identify Risks.
B )Perform Quantitative Risk Analysis.
C )Plan Risk Responses.
D ) Control Risks.
Monte Carlo analysis is used to:

O A )Get an indication of the risk involved in the project.

O B )Estimate an activity’s length.
O C )Simulate the order in which activities occur.
O D )Prove to management that extra staff is needed.
Thank you