FIT2002 Lecture Notes - Lecture 7: Project Risk Management, Risk Appetite, Risk Aversion
L7: Project Risk Management
Why is it important?
●Responding to risk throughout the life of the project means the project may meet its
objectives
●Helps project stakeholders understand the nature of the project
●To be aware of risks that may occur
●Avoid problems
●Reduce cost overruns
●Reduce schedule slips
Terms:
●Risk appetite
: degree of uncertainty an entity is willing to take on, in hopes of a reward
●Risk tolerance
: maximum acceptable deviation an entity is will to accept as the potential
impact
●Risk utility
: amount of satisfaction or pleasure received from a potential payoff
●Known risks
: risks that project team has identified and analysed and that can be managed
proactively
●Unknown risks
: risks that have not been identified and analysed and cannot be managed
Processes
1. Planning risk management: decided how to approach and plan the risk management
activities for the project
2. Identifying risks: Determining which risks are likely to affect a project and documenting the
characters of each
3. Performing qualitative risk analysis: Prioritizing risks based on their probability and impact
of occurrence
4. Performing quantitative risk analysis: numerically estimating the effects of risks on project
objectives
5. Planning risk responses: Taking steps to enhance opportunities and reduce threats to
meeting project objectives
6. Controlling risk: monitoring identified risks, identifying new risks, carrying out risk response
plans and evaluating the effectiveness of risk strategies throughout the project
Planning Risk Management
Risk Management Plan
: Documents the procedures for managing risk throughout a project
Topics addressed:
●Methodology
●Roles & responsibilities
●Budget & schedule
●Risk categories
●Risk probability & impact
●Revised stakeholders’ tolerances
●Tracking
●Risk documentation
Contingency Plans
Predefined actions that the project team will take if an identified risk event occurs
Fallback Plans
●Developed for risks that have high impact
●Put to effect if attempts to reduce the risk are not effective
Contingency Reserves/Allowances
●Cost or time
●Estimated reserve based on various risk management techniques
Management Reserves
Funds held for unknown risks that NOT part of the cost baseline but ARE part of the budget and
funding requirements
Identifying Risks
Understand what the potential risks are to the project.
Categories of Risk
●Market
●Financial
●Technology
●People
●Structure/process
Risk Breakdown Structure
●Hierarchy of potential risk categories for a project
●Used to identify and categorize risks
Tools & Techniques:
Brainstorming
●Group attempts to generate ideas or find solutions to problems
●Experienced facilitator should run this
Delphi Technique
●Used to derive a consensus among a panel of experts
●Systematic and interactive procedure with anonymous input from project risk experts
●Avoids biasing effect of an oral methods (like brainstorming)
Interviewing
●Fact finding in face-to-face, phone, e-mail discussions
SWOT analysis
(Strength, Weaknesses, Opportunities, Threats)
Helps identify the broad negative and positive risks that apply to the project
Root cause analysis
Document Summary
Responding to risk throughout the life of the project means the project may meet its objectives. Helps project stakeholders understand the nature of the project. To be aware of risks that may occur. Risk appetite : degree of uncertainty an entity is willing to take on, in hopes of a reward. Risk tolerance : maximum acceptable deviation an entity is will to accept as the potential. Risk utility : amount of satisfaction or pleasure received from a potential payoff. Known risks : risks that project team has identified and analysed and that can be managed. Unknown risks : risks that have not been identified and analysed and cannot be managed proactively. Processes: planning risk management : decided how to approach and plan the risk management of occurrence activities for the project. Risk management plan : documents the procedures for managing risk throughout a project. Predefined actions that the project team will take if an identified risk event occurs.