About Risk Management
In order to understand the importance of risk management, the report will provide an overview of risk management principles. This report will look into the responsibilities of a project manager and the development of a risk management plan that will mitigate the impact of risks encountered during the various stages of the project’s life cycle (Taylor, 2005).
Overview of a Risk Management Plan
The following table provides an overview of the common terms found in a risk management plan.
|Defining risk and risk management plan||Source|
|A risk is an uncertain or unpredictable event that can cause a positive or negative impact on a particular project.||Strauch, 2004|
|A risk has an element of uncertainty and it has an impact on the project’s objectives.||Taylor, 2005|
|Risk management is the application of skills, knowledge, tools, and techniques to mitigate the impact of unpredictable and uncertain events.||Haddow, 2008|
Mitigate the Impact of Risk Through a Risk Management Plan
The failure to anticipate potential risks can lead to significant losses for the company. The same thing can be said if the risk event was not properly identified and a risk a management plan is not in place. However, the reverse is true if potential risks were identified in the early phase of project implementation and steps were taken to mitigate the impact of a particular risk (Verma, Ajit, & Karanki, 2010).
A well-coordinated risk management plan will help the company decide if there are enough resources to handle a specific project. An effective risk management plan enables corporate leaders to make a decision to cancel or vote against a particular project, if they know that there is not enough time to complete it. An effective risk management plan can help corporate leaders realize the company’s ability to provide access to the right resources, and talent pool necessary for project completion.
Other Advantages of a Risk Management Plan
A risk management plan is an effective tool to determine major impediments in all the stages of the project’s life cycle. A risk management plan helps corporate leaders to realize that availability of resources, and a favorable window of opportunity cannot guarantee the success of a project in the long run. In most cases, potential sources of risks are not obvious in the early stage of project implementation but may become evident at the middle or latter stages of the project lifecycle.
These are sources of risks that are not yet quantifiable based on available information. Project duration, project cost, and project requirements are types of information that are easily obtainable without the help of a dedicated risk planning committee. However, there are certain sources of risks that must be quantified using probability measures, in order to determine if the potential gains of the project is worth pursuing based on the probability of risks involved.
Thus, an effective risk management plan has two major advantages. First, it enables corporate leaders to make the correct decision, whether to go on with the project or not. Second, it helps mitigate risk by creating plans and procedures that will help the company protect human resources, and other assets in a crisis event.
Risk Management Process
Basic Risk Management Process
The following table outlines the basic risk management process.
|1.Identify and document |
potential risks in the
|In order to develop an effective risk management plan, a project manager must focus on the three components of risk: |
|2.Analyze and assess |
the identified risks.
|The project manager and members of the risk planning team must collect pertinent information from the following documents: |
|3.Develop strategies to |
to eliminate or mitigate the impact of risks.
|Once the risks are identified, and described on the basis of severity and probability, the team begins to prepare an appropriate response in the event that a crisis occurs within the duration of the project implementation. For example, if a project calls for the establishment of a satellite office in an earthquake prone area, what has to be done to ensure the continuity of the project in the event of a 7.0 magnitude earthquake?|
|4.Implement and monitor risk management plans.||When project managers implement the plan, they are able to identify new risk and develop appropriate measures to counteract its impact on the project. This is also the time to evaluate the effectiveness of risk response plans.|
|5.Review risk response plans.||At the end of the project, risk plans must be evaluated. It is important to document all the lessons learned.|
The following graphical representation illustrates the risk management process.
Collect Data, Analyze and Implement Risk Plans
According to Stephen Lagerfeld, “A logical, consistent, and disciplined approach to the future’s uncertainties will allow us to live more prudently and productively, avoiding unnecessary waste of resources. It goes beyond faith and luck, the former twin pillars of managing the future, before we learned to measure probability” (Fraser & Simkins, 2010, p.21).
A project charter is an important source of information, because it immediately identifies various limitations in terms of the authority of the project manager, project priority, and support requirements (Dekker, 2005).
In order to initiate the process of risk identification and impact mitigation, project managers require reliable information. Data regarding potential pitfalls based on location of the project, the laws governing a particular region or area, and resources needed to complete the project must be gathered before the creation of the project plan (Stoltman, 2004).
In addition, the team must send questionnaires to a pre-approved list of experts. This is an application of the Delpi Method, a forecasting technique based on the responses of experts in the field of geology, atmospheric science, political science, and economics. Thus, there is no need to gather these experts in one place, they can send their opinion and the project manager can use it to develop an improved risk management framework.
After data collection, the project manager will not be able to identify all potential risks just by reading the reports. Thus, brainstorming techniques must be applied to flesh out the potential risks. After the identification of risks, the team can proceed with quantitative analysis tools, such as:
- Sensitive and Scenario Analysis;
- Probability Analysis;
- Expected Value and Decision Tree; and
- the use of simulation software.
In terms of using simulation software, “it can incorporate dynamic changes in the external environment, as well as internal management decisions … this allows the simulation method to quantify risk exposures that are time and path dependent” (Lam, 2003, p.285). For example, the computers running the software can be programmed to quantify risks involved when interest rate changes. In another example, the computer can be programmed to quantify risks involved when a registered patent expires and competitors are able to copy the product (Lam, 2003).
Evaluate Risk Plans and Document Lessons Learned
It is also important to know the perception of the local population with regards to certain aspects of the project. If the project calls for the construction of a dam, the team needs to know if there is extreme resistance to such an idea. If the project calls for the construction of a mall in the middle of the city or in the suburbs, the team must know if the people will support the idea or not. This type of information is not available through historical information and records; the team must develop surveys and questionnaires to satisfy data requirements (Tierney, Lindell, & Perry, 2001).
If the project requires the deployment of a team in an area prone to forest fires, what has to be done to protect human lives and company resources so that there is still a high probability of achieving the objectives of the project?
Risk Management Benefits
Greater Demand for Risk Management Plans
This report will show why there is greater demand for risk management planning. Based on information gathered, it was revealed that the need to prepare for catastrophic events was one of the major reasons for its surge in popularity (Sadgrove, 2005). Researchers also discovered that shareholders are requesting risk management plans. Moreover, shareholders are requesting for risk management plan due to the cost of insurance. Aside from these three major reasons, researchers discovered growing concern over tougher legislations, especially when it comes to environmental protection.
In the absence of an effective risk management plan, there is now greater risk that the local and national government can effectively shut down a project because of willful violations of certain laws (Lindell & Perry, 2004). It is now apparent that legislation is getting tougher and is more stringent. Based on recent developments in corporate law, a significant number of executives and company directors are going to jail because of corporate offenses.
Increase the Probability of Success and Project completion
One of the major benefits of a risk management plan is to increase the likelihood of success. At the same time, it provides management the ability to develop a safety net that goes beyond the use of insurance. In the past, insurance is a relatively cheap option that companies can use to mitigate the impact of risk. However, in the 21st century, this assertion is no longer valid. Corporate executives are realizing the prohibitive costs of insurance, because insurers are putting up premiums on different categories of risk (Sadgrove, 2005).
In the past, a manufacturing firm dumping factory byproducts on a river system can mitigate the impact of a more stringent enforcement of environmental laws. They are able to accomplish this by using an insurance cover. However, this is no longer true in the present time because there is a significant number of insurance companies that are no longer willing to provide insurance cover if long-term pollution is imminent.
It is also important to consider that due to cutting-edge technology, specifically in telecommunication and the Internet, there are certain types of losses that businessmen are unwilling to report to authorities or to insurance companies. In the past, companies can avail of insurance cover to protect them against the impact of theft. But in the 21st century, cybercrime is underreported because of the perceived negative impact on the reputation of the company.
If the firm decided not to coordinate with law enforcement agencies, there is little chance that they can get the support of insurance firms, especially if they are not willing to make public the details involving the said cybercrime. Therefore, the solution to this potential risk is not to buy insurance cover, but to lower the probability that it will occur. Furthermore, insurance companies will not be able to protect the company from the negative impact of ruined reputation and loss of goodwill (Taylor, 2005).
A risk management plan is an effective way to increase investor confidence. The financial backlash of a product failure can cripple the company. As a result, shareholders are seeking more information in the company’s annual reports (Lam, 2003). Shareholders know that the company’s exposure to risk will directly affect company profits.
Reduce the Cost of the Project
Finally, an effective risk management plan can help reduce the overall cost of the project. Project managers can prevent runaway costs (Sadgrove, 2005). There are several ways to cut costs through risk assessments. First, the corporate leaders are compelled to solve problems at the earliest possible time (Hughes & Ferret, 2005).
Second, there is less likelihood to revise the procedure while in the middle of project implementation. At the same time, the project manager can avoid significant design changes. Third, the company can avoid costly impact of demoralized workers and disgruntled customers. Savings derived from the ability to reduce the impact of risks is easily converted to profit for the company.
Dekker, S 2005, Ten questions about human error: a new view of human factors and system safety, Routledge, New York, New York.
Fraser, J & Simkins B 2010, Enterprise risk management: today’s leading research and best practices for tomorrow’s executives, John Wiley & Sons, San Francisco, California.
Haddow, G 2008, Introduction to emergency management. Butterworth-Heinemann, Boston, Massachusetts.
Hughes, P & Ferret, E, 2005, Introduction to health and safety work, Butterworth-Heinemann, Oxford, UK.
Lam, J 2003, Enterprise risk management: from incentives to controls, John Wiley & Sons, San Francisco, California.
Lindell, M & Perry, R 2004, Communicating environmental risk in multiethnic communities, Sage Publications, Inc., San Francisco, California.
Sadgrove, K 2005 The complete guide to business risk management. Gower Publishing, Burlington, Vermont.
Stoltman, J 2004, Perspectives on natural disasters: occurrence, mitigation, and consequences, Kluwer Academic Publishers, Boston, Massachussetts.
Strauch, B, 2004, Investigating human error: incidents, accidents, and complex systems, Ashgate Publishing, London, UK.
Taylor, J 2005, A survival guide for project managers. AMACOM New York: New York.
Tierney, K, Lindell, M, & Perry, R 2001, Facing the unexpected: disaster preparedness and response in the United States, Joseph Henry Press, Washington, D.C.
Verma, A, Ajit, S, Karanki, D 2010, Reliability and safety engineering. Springer, London, UK.