Report writing 674
1
Contemporary Approaches in Management of Risk in Engineering Organizations
Assignment-1
Literature review
Student name: Hari Kiran Penumudi
student id: 217473484
Table of Contents
2
INTRODUCTION………………………………………………………………………3-4
OBJECTIVES & DELIVERABLES…………………………………………………....4
REVIEW OF LITERATURE…………………………………………………………....5-13
Risk and Risk Management………………………………………………………5-6
Risk Management Frameworks……………………………………………….....6-10
Importance of Risk Management in Engineering………………………….........10-13
GENERAL PROBLEM STATEMENT…………………………………………………13-14
RESEARH STRATEGY…………………………………………………………………14-15
RESOURCES REQUIREMENTS……………………………………………………….16
PROJECT PLANNING…………………………………………………………………..16
REFERNCES…………………………………………………………………………….17-19
Contemporary Approaches in Management of Risk in Engineering Organizations
3
Introduction
The term, ‘risk’ as defined by the Oxford English dictionary is a possibility to meet with any
kind of danger or suffer harm. Risk is a serious issue that every organization has to deal with in
their everyday operations. However, nature and magnitude of risks largely vary from
organization to organization and often depend on the type of the organization. Therefore,
organizations irrespective of their type of operations keep a risk management team that looks
after every risk to which an organization is vulnerable. Organizations in the field of engineering
also have to come across some inherent risks that negatively impact their operations. Engineering
may be defined as the process of applying science to practical purposes of designing structures,
systems, machines and similar things. Therefore, like every other organization, risk assessment
and management is also an integral part of engineering organizations. Since the task of
engineering is mostly complex, the risks in this area are also very complicated. If risks in
engineering field are not mitigated effectively it may produce long-term danger that may affect
both the organizational services and the society in whole. Hence, the activity of risk management
within engineering organizations must be undertaken seriously and measured thoroughly in order
to reduce the threat of risks. Amyotte et al., (2006) simply puts it like within the engineering
practice, an inbuilt risk is always present. Studies have found that despite the knowledge of
inherent risks within the field and activity of engineering, organizations are not very aware in
imparting knowledge about risk management to their engineers. From this the need of education
regarding the risk management approaches arises. Therefore, this paper tries to find out
approaches to management of risks and importance of these approaches within the area of
engineering. Bringing on the contemporary evidence from the literature review related to risk
management approaches, the paper examines how those approaches can be helpful for
4
engineering organizations. Moreover, the paper puts focus into why risks must be mitigated in
order to bring the operational success. The paper tries to develop a theoretical framework of risk
management practices that have paramount value based on literature review and then proposes a
risk management framework for educational purposes.
Objectives and Deliverables
In order to examine the necessity of risk management, contemporary approaches to risk
management, and importance of these approaches within the area of engineering, the paper
frames out two significant research questions based on which the objectives of this study has
been developed. The two research questions are:
i) Why risk management is important for engineering organizations?
ii) What approaches to risk management should be taken by engineering organizations?
The first question, “Why risk management is important for engineering organizations?”tries to
examine the importance of risk management within the field of engineering. The argument is
made in support of the knowledge and necessity of risk management as an important factor for
all engineers as a part of their duty. Based on the findings of literature review, the importance of
management of risks for engineers is set on three directions: moral, legal, and financial.
The second question, “What approaches to risk management should be taken by engineering
organizations?” argues that engineers irrespective of their operational difficulties should have
risk management knowledge. The risk management should not be limited to only engineers, who
have high-risk duties but the whole organization should take approaches toward managing risks.
Among several discussed approaches, risk communication has given a particular attention.
5
Review of Literature
The first section of the literature review part provides an overview of existing knowledge and
identifies the gaps. Based on a methodical and in-depth review of available literature, this section
presents an overview of the existing knowledge-base relating to the risk management approaches
within the field of engineering. Besides providing a review of the important concepts pertaining
to the study, it will also demonstrate a review of the key findings of relevant research projects
that have already been accomplished locally and internationally.
Risk and Risk Management
The term risk as defined by Amoyette et al., (2006) is the possibility of loss, harm, or any kind
negative consequences arising out of a hazard. The importance of risk involves both the
possibility of an unwanted condition and the severity of its outcome. This definition of risks
brings up three significant features of risk that organizations could face. They are: a) risk is an
outcome of an unidentified hazard; b) risk can arise in four major areas- people, environment,
assets, and production; and c) risk has two aspects- probability and severity. Gandhi (2010) finds
out nine major constituents of systematic risks, which includes schedule, technical, financial,
vendor, culture, reputation, intellectual property, compliance, and quality.
The definition of Risk management as put by Amoyette et al., (2006) involves the entire process
of understanding a risk, assessment of a risk, decision-making to control the risk effectively etc.
and they must be implemented in a proper way. The first step towards the risk management is
active identification of prospective hazards. Effective hazard identification leads to a proper
management of those risks in order to turn them acceptable. This definition is developed based
on the functional definition of risk management from the study of Wilson & McCutcheon,
6
(2003). In relation with this definition, the cycle of risk management-risk analysis, risk
assessment, and risk management- as presented by Bird & Germain (1996) is established again.
In the area of engineering, organizations should also analyze the risk at first to know the risk
probability and consequences, and then should assess the risk in order to take proper risk
management method.
Risk Management Frameworks
Amoyette et al., (2006) in their risk management framework have presented the following risk
management approach, which represents best practices within organizations across the world.
The steps in their risk management framework are:
i) Planned Reviews: This step that usually includes functions such as, investigation of
incidents, reviews of insurance company, reviews of regulatory activities
(environmental reporting, inspection of pressure vessels, renewal needs of assets, law
changes, code updates etc.) is generally conduced to obtain necessary information to
monitor organizational operations and develop new designs for projects accordingly.
ii) Hazards Identification: By utilizing various hazard identification tools, such as
Hazard and Operability Study (HAZOP), Hazard Checklists (HCI), What-if-Analysis,
Fault Tree Analysis (FTA) etc. the management team needs to determine factors by
means of risk analysis.
iii) Risk Assessment/Analysis: Risk analysis is necessary to gain insight into the
components of risk- risk probability and risk consequences. While probability of risks
is related to failure of system, human resources, or environment etc., consequences of
7
risks related to engineering services are mainly thermal radiation, smoke, explosions,
toxic exposure, environmental pollution, lethality, toxic cloud dispersion etc.
iv) Acceptability of Risk: According to the study of Amoyette et al., (2006) the risk
acceptability can be measured depending on the level of risks- low-level risks, which
are acceptable; medium-level-risks, which are acceptable only after certain
modifications; and high-level-risks, which are unacceptable. This is also found in
Kathryn Bingham’ (2012) report that focuses on general contemporary approaches to
risk management.
v) The Residual Risk Manage: An acceptable risk must be managed in order to
prevent undesirable effects Safety management such as, health and occupational
safety, process safety, equipment reliability etc. is one key tool to manage such risks.
(Amoyette et al., 2006).
vi) Risk Reduction: An unacceptable risk can often be reduced to acceptable level by
employing such techniques like further control, protective features etc. However, in
cases of engineering organizations, they may often face increased operational risks
due to the changes made.
vii) Discontinuation of Activity: If the risk is too high to take, the management of
engineering organizations must discontinue an activity in standard of engineering
ethics.
8
Source: Amoyette et al., 2006
Mohamed Noordin Yusuff in his report presents four general approaches to risk management.
i) Risk Identification: This includes identifying both internal and external risks to any
project.
ii) Risk Quantification: This includes risk assessment and their connection to each other.
iii) Development of Risk Response: This step may include either of risk avoidance, risk
mitigation, or risk acceptance.
9
iv) Control of Risk Response: This involves implementation of the risk management
plan.
Information technology (IT) is a significant field within the domain of engineering. Therefore,
upon successful accomplishment of IT projects and software management, the success of
engineering organizations largely depend. Therefore, risk management in this field is another
crucial direction.
Pimchangthong and Boonjing (2017) in their study developed research framework to examine
the effect of organizational factors (type and size of organizations) along with practices of risk
management (risk identification, analysis, response planning, and monitor and control) to the
success of IT projects. The study identified two essential factors- risk identification and risk
response planning- that largely influence the performance of process and success of IT projects.
The study found negative effect of risk analysis on the performance of product.
Lytinen et al., (1995) set a framework for risk management in software. There are three levels of
software development environment- management environment, project environment and system
environment. At each level of the setting there are separate set of technology, task, actors, and
structures. The three environments are two-directional connected by risk-based management
process and development process. This model shows that the three distinct set of socio-technical
system are directly entwined by the above-mentioned two change processes that have common
bounded rationality (Lytinene et al., 1995).
Another study of Almeida et al., (2015), found that engineering risks at each stage of any
undertaken project are needed to be properly managed in order to fulfill specified performance-
based obligations. This can only be conveyed through demonstration of statement of technical
10
conformity, such as presenting reports of technical risks, or performance certificate of risks in
order to formulate informed decisions. The authors propose to utilize the risk management
framework throughout all phases of planning, programming, designing, constructing, and
building projects.
The study of Giradi et al., (2017) offers insight into the risk factors and their management related
to infrastructure projects. The findings of study suggest that although the risk factors influence
the performance of projects, it is depended on the intensity level of risk management. However,
it does not vary with increasing complexity of the projects. The study of Ibbs & Kwak (2000)
found out that since risk factors identification is the most critical part of infrastructure projects, it
may provide negative reflexes to the performance of the projects if not well managed (Shenhar et
al., 2005; Zwikael & Ahn, 2011).
MITRE recognizes that for enterprise engineering programs, risk management is necessary. it
help the decision makers to gain an enterprise-across understanding of various risks, their
possible outcomes, their interdependencies, and waving impact within the enterprise and beyond
it (MTRE).
Importance of Risk Management in Engineering
Engineers have to manage a wide variety of projects and therefore, generally they have to take
part in risk management activities related to those projects. So, risk management is an inherent
part of an engineer’s knowledge base. Apart from this, as Amoyette et al., (2006) suggested in
their studies are following:
i) Moral Direction: Since the primary objectives of all engineering projects is to
maintain the well-being of public, the risk related to each level of any project must be
11
well-managed in order to maintain organizational cultural approach to safety
(Hopkins, 2005). The need of ethical risk management education is also recognized
by Guntzburger et al. (2017) in order to advance the progressive change. Moral
evaluation of risk management in engineering profession is also studied by Colleen et
al., (2011) and sets criteria for scientific hypothesis evaluation.
ii) Legal Direction: Due to the factor of large scale of associated industrial hazards, the
engineering organizations must be bound with legal obligations and they must abide
by the legal requirements in order to avoid legal risks of any kind.
iii) Financial Direction: Financial motivation for risk management involves elements of
self-determination, major loss avoidance, corporate responsibility and value.
iv) Educational Needs: The need of education of risk management for engineers arises
out of the three above-mentioned directions. Engineering organization should take
special care in educating their in-job or trainee engineers about the risk management.
ABET (2012) makes recommendation for systematic risk management to be made for
accreditation.
The study of Amoyette et al., (2006) focused on another very significant side that is risk
management education for all engineers irrespective of their disciplines. As engineers are often
need to work as a team for a successful completion of any project, and the team comprises of
engineers coming from different fields, they all have to learn about the hazards and risks
associated with their tasks.
Although risk-management is a crucial part of responsibility for all engineering organizations,
there is not very vast area of knowledge related to this field. A few researches have put light into
creating risk-management frameworks; there is a lack of general approaches to it. Moreover, the
12
body of literature lacks an approach to educate engineers about the risk management process.
The study of Gandhi & Gorod (2012) signifies the lack of a systematic risk management
education within engineering organizations which often results into the failure of large projects
that have serious social, economical, environmental consequences.
The study of Djaferis (2004) finds out that in addressing systematic risks engineering education
for the most part lacks proper directional support and there is a lack of multidiscipline as they do
not give enough attention to integration of knowledge and risk management. In their systematic
literature investigation of risk management of product development projects
Ahmed et al., (2007) suggests that a further risk focused approach will likely result into an
integration of numerous risk-management techniques that will in turn increase the effectiveness
of outcome.
The project report of Koutha (2010) puts focus into the significance of risk management
knowledge including methodologies, tools, practices etc. due to the increasing number of
software projects.
The second section of this literature review part provides an overview of existing methodologies
and experimental designs applied to the relevant research projects that have been conducted
previously.
Most of the literature in this field is developed based on previous knowledge and case studies
associated with that knowledge. Depending on these two methods, some researchers have built
their own experimental risk-management frameworks. These frameworks are helpful to gain
perspective on how risk management is taken within the particular discipline of engineering. The
case studies conducted to this approach are helpful to understand what organizations are
13
necessarily applying in their risk management direction. Moreover, the simulation based studies
are helpful to set a model of problems in order to teach about the problem. The study of Gandhi
& Gorod is based on the literature review that includes survey distribution to faculty of
engineering management programs to assess courses, offered by the U.S on risk management.
The qualitative researches in this field present an understanding of opinions, reasons, and
motivations related to risk-management, while the quantitative analysis found in some of
literature takes a systematic approach towards investigation of problems in project management
in engineering. However, the methodologies lack to set a form of framework needed to educate
engineers about the risk management requirements. In order to fill this gap, the present study
takes an approach to set a framework for the education of risk-management within engineering
field.
General Problem Statement
Although depending on discipline of engineering, risks may vary from organization to
organization, there is a lack of general approach that should be taken into the field of
engineering. The risk-management within the engineering organizations should not be limited to
risk-management team or senior leadership, but every engineer should have knowledge of the
potential hazards. The importance of risk management education for engineers is not largely
covered by potential literature. Therefore, there lies a limitation in the approach toward the risk
management. This limitation has its own concerns. Without a proper knowledge of risk
management, engineers will not successfully accomplish any task. Therefore, to fulfill this
knowledge gap, this study looks for a general approach of risk management that should be taken
by all engineering organizations. This approach will identify the need of risk management
training and education for all engineers besides including a general framework to risk
14
management. Continuous training regarding hazard identification, assessment, planning,
managing, response, outcome determination etc. should be taken place within engineering
organizations. The general approach of every engineering organization should be to tackle those
risks with a well-grounded risk management approach that will not include strategies of risk
management only, but also emphasize on the need of education of the risk management.
Research Strategy
This section presents a framework that outlines the steps in which the proposed research project
will be carried out to achieve the research objectives. First of all, the research strategy applied to
this study is descriptive (Gill, 2011), qualitative (Yin, 2015), and inductive (Martins &
Theophilo, 2009). The methodological path developed for this research follows the following
direction: a) exploration of study topic, research objectives based on the development of research
questions, b) elaboration of existing literature in this field related to the topic and finding out the
literature gap in order to put more focus into it, c) development of the theoretical framework of
the study based on the literature review. This paper is mainly developed to review existing
literature in management techniques of risks in order to find out their applicability to various
processes of managing risks such as, context set-up, risk identification, risk analysis and
treatment.
Based on the existing literature, the present study will try to find out relevant data in the field and
utilize that data and information in order to develop both the theoretical framework of risk
management approaches as well as set a model for risk management education framework.
As demonstrated earlier that this study aims to answer two major research questions: Why risk
management is important for engineering organizations? And what approaches to risk
15
management should be taken by engineering organizations? Consequently, the main objective of
the study evolves from these questions; that is to gain better understanding to risk management
framework that organizations can apply to educate their engineers about the risks. To this end,
three particular objectives have been pursued: i) determine the existence of risk factors and their
relationship to performance, and ii) significance of risk management education and their positive
influence.
For this research, the literature review, chosen across different disciplines within the engineering
field in order to gain better insight how different engineering organizations manage and control
their risks. The researchers mainly include a wide variety of studies from peer-reviewed
engineering journals or professional engineering body, or individual authors, who have put their
own opinions into the matter. They are mainly searched through search engine across different
websites and journal publishers. The sources are mainly utilized to establish research studies for
a confirmation on division between industry and academic institutes in this field of engineering
risk management and to set up successful course design and methodology development that will
enhance the usefulness of the course objectives. A wide variety of researches helps to indicate
how the research processes have been conducted earlier. This understanding helps to find out the
lack in literature as well as develop the strategy for the present research.
After the development of risk management framework associated with the topic, the study will
emphasize on the significance of applying the framework with engineering organizations. This
will be conducted again through a descriptive way, putting recommendations for the application.
16
Resource Requirements
The project does not need much external resources like lab equipments or other such things. The
study is mainly depended on secondary sources. Based on the available data and information of
literature and existing knowledge in this field, the project has been developed. The study
supports the existing resources.
However, to find out the significance of the application of proposed framework further external
assistance may be needed, but this does not fall within the scope of this study. This must be
investigated through further researches.
The cost of the project is also within the budget. It is not too much as it needs only a little
expense.
Project Planning
The proposed tasks in order should be presented in timelines for accomplishing the research
activities and project deliverables. The planning of the project involves:
Existing literature search and sorting out relevant studies. This should take one day.
Making the theoretical analysis of relevant information and developing the theoretical
part of the study. This should take one to two days.
Developing risk management education framework based on existing and new
knowledge. This may take a few hours.
Presenting other relevant parts of the project. This will take another few hours.
17
References:
1. ABET. (2012, January 4). ABET Accreditation Available:
http://www.abet.org/DisplayTemplates/NewsAndPubs.aspx?id=57
2. Ahmed, A., Kayis, B., Amornsawadwatana, S. (2007). A review of techniques for
risk management in projects. Benchmarking: An International Journal, Vol. 14 Issue:
1, pp.22-36, https://doi.org/10.1108/14635770710730919
3. Almeida et al., (2015). Engineering risk management in performance-based building
environments. Journal of Civil Engineering and Management, Volume 21, - Issue 2
4. Amoyette et al., (2006). Risk Management: An Area of Knowledge for All Engineers.
The Research Committee of the Canadian Council of Professional Engineers
5. Bingham, K. (2012). Contemporary Practices in Risk Management: Implementation Ideas
from Leading Companies. Audit Executive Centre.
6. Djaferis, T. E. An Introduction to Engineering: Complexity in Engineered Systems,"
presented at the 43rd IEEE Conference on Decision and Control, Atlantis, Paradise
Island, Bahamas, 2004.
7. Gandhi, S. J. & Pinto, C. A. (2010). AN EVALUATION OF RISK MANAGEMENT
COURSES OFFERED IN ENGINEERING MANAGEMENT PROGRAMS ACROSS
THE UNITED STATES, presented at the American Society of Engineering Management
(ASEM), Annual Conference Fayettville, AR.
8. Gandhi, J. & Gorod, A. (2012). The Importance of Understanding Systematic Risk in
Engineering Management Education. American Society for Engineering Education.
18
9. Girardi et al., (2017). Characterization of risk factor management in infrastructure
projects, Gest. Prod. vol.25 no.1
10. Guntzburger, Y., Pauchant, T.C. & Tanguy, P.A. (2017) Science Engineering Ethics,
23: 323. https://doi.org/10.1007/s11948-016-9777-y
11. Koutha, P. (2010). Objectives and Outcomes in Risk Management Education. College of
Technology Directed Projects. Paper 26. http://docs.lib.purdue.edu/techdirproj/26
12. Ibbs, C. W., & Kwak, Y. H. (2000). Assessing project management maturity. Project
Management Journal, 31(1), 32-43.
13. Lytinene et al., (1995). A Framework for Software Risk Management. Scandinavian
Journal of Information Systems, 1996, 8(1):53–68.
14. The MITRE Institute, n.d. Risk Management Approach and Plan. Retrieved from:
https://www.mitre.org/publications/systems-engineering-guide/acquisition-systems-
engineering/risk-management/risk-management-approach-and-plan
15. Murphy, Colleen, Paolo Gardoni and Charles E. Harris. 2011. Classification and Moral
Evaluation of Uncertainties in Engineering Modeling. Science and Engineering Ethics.
17(3): 533-570.
16. Yusuff, M. N. Contemporary Approaches to Project Risk Management: Assessment &
Recommendations.
17. Pimchangthong, D. and Boonjing, V. (2017). Effects of Risk Management Practice on the
Success of IT Project. Procedia Engineering, 182, 579 – 586.
18. Shenhar, A. J., Dvir, D., Milosevic, D., Mulenburg, J., Patanakul, P., Reilly, R., Ryan,
M., Sage, A., Sauser, B., Srivannaboon, S., Stefanovic, J., & Thamhain, H. (2005).
19
Toward a NASA-specific project management framework. Engineering Management
Journal, 17(4), 8-16. http://dx.doi.org/10.1080/10429247.2005.11431667.
19. Zwikael, O., & Ahn, M. (2011). The effectiveness of risk management: an analysis of
project risk planning across industries and countries. Risk Analysis, 31(1), 25-37.
PMid:20723146. http://dx.doi.org/10.1111/j.1539-6924.2010.01470.x.