Assessing Risk

MGT 3302, Introduction to Project Management 1

Course Learning Outcomes for Unit VII Upon completion of this unit, students should be able to:

6. Summarize project management techniques. 6.1 Outline risk assessment strategies as a part of a simple project plan.

Course/Unit Learning Outcomes

Learning Activity

6.1 Unit Lesson Chapter 8, pp. 288–299 Unit VII Course Project

Required Unit Resources Chapter 8: Managing Risk, pp. 288–299

Unit Lesson In our past unit lessons, we have discussed the concept of project constraints. Of course, the three main constraints are time, budget, and scope. We could also add quality, schedule, and customer satisfaction. It is because of these constraints that we face potential risk in our project. These constraints represent points of failure, which means that if we do not achieve them, our project may suffer or even fail. As a project manager (PM), there are many uncertainties, and risk is all about uncertainty. Also, as a PM, we have to be able to identify risk and manage it as well. Managing risk means that we need to develop methods of mitigation for our risks. We cannot anticipate all potential risks, but we can do our best to plan for those risks that are most likely to happen. As Gido, Clements, and Baker (2018) note, “risk management involves identification, assessment, monitoring, and response to project risks to minimize the likelihood of occurrence and/or potential impact of adverse events on the accomplishment of the project objective” (p. 290). That one sentence sums risk up pretty well, does it not?

A part of managing risk means that you have to be proactive. The PM has to take action. Waiting and hoping that something adverse does not happen is not a smart way to manage risk. In other words, the PM has to plan for risk. Planning for Risk A part of planning for risk means that the PM has to have an open and meaningful discussion with team members and leaders to identify potential risks. What are the issues that may occur? The PM has to have an understanding of how likely the issues are to occur as well. With the team discussion, risks are identified as

UNIT VII STUDY GUIDE

Project Risk Management

Identify Risks

Assess Risks

Risk Response

Risk Monitoring

MGT 3302, Introduction to Project Management 2

UNIT x STUDY GUIDE

Title

well as the potential impact. For example, the customer or project sponsor may very well be able to discuss the impact of not meeting the project goals on time or exceeding the budget. What is the risk and impact if the customer is not satisfied with the quality of the product? There are also different potential categories of risk, which are discussed below.

 Technical: What happens if the technology we want to use is not available? What happens if we do not gather the user’s requirements accurately?

 Schedule: What if we do not take all of the constraints into consideration when we develop our schedule?

 Budget: What if we need more materials than we originally expected?

 Internal: What if we lose an employee resource?

 External: What if we have weather issues that delay building? What if our materials are delayed? What if there is an issue with getting permits?

 Customer: What if the customer adds more requirements? Thus, we risk delaying our schedule if the vendor cannot deliver equipment or materials as promised. We risk running over budget if the material quantities exceed expectations. From a technological standpoint, there are many kinds of risks. What if we do not meet the technical specs developed via user requirements gathering? What if technology advances faster than we can get our project completed? What if we cannot meet compliance for some reason? There are also external factors. For example, what if we cannot get the permits we need? What if we have bad weather? What if we were halfway through our project and government regulations changed? What are some internal factors? We risk delays to our schedule if we have staffing issues. For example, what if we lost one of our important employee resources? How long does it take to hire somebody new and bring him or her up to speed? Even when acquiring a consultant, there can still be a time delay. Can you think of any more potential risks? Let’s look at our fair project. During a team meeting, the PM would assign a task to an employee. James agreed to research activities and carnival games. James said it would likely take him 4 or 5 days. The next question from the PM should be something such as, “Do you foresee any risks with that timeframe?” James might indicate that his son and daughter-in-law are expecting their first child anytime, which means he would need to take a couple of days off when she goes into labor. The risk has been identified. Now, we need to assess the likelihood of that happening, what the response is should it happen, and then monitor from there. Assessing Risks When assessing risks, the PM will evaluate the list of potential risks and determine the likelihood that the event will occur. What is the likelihood that getting permits will be delayed? What is the likelihood that we will not have enough employee resources? What is the likelihood that the vendor will not be able to deliver the equipment or materials by the promised date? The PM will then evaluate the degree of impact. For example, what will be the effect if the vendor is not able to deliver the equipment or materials on time? Will the whole project be set back? Is there built-in slack time to accommodate the delay? Once we know this information, then the risk can be prioritized. Risks with a high likelihood of occurring that would have a high degree of impact should get a higher priority. Conversely, those risks with a low likelihood of occurring that have a low level of impact would get a lower priority. Similarly, those risks with a high priority will be monitored more closely. We have already mentioned slack time, so this is another consideration. Is there slack time for those resources associated with the risk? Or perhaps these activities are on the critical path. If there is a delay to activities on the critical path, this means that our end date is pushed further out unless we can make adjustments.

MGT 3302, Introduction to Project Management 3

UNIT x STUDY GUIDE

Title

Risk Response Now that we have identified the risks and have assessed them for their likelihood of occurring and degree of impact, we have to have a plan for responding to potential risk. As Gido et al. (2018) note, “a risk response plan may be used to avoid the risk, mitigate the risk, or accept the risk” (p. 293). In a best-case scenario, we would have actions to eliminate the risk, but more likely, we will reduce the likelihood of occurrence or reduce the impact. Risk Avoidance, Mitigation, or Avoidance Avoiding risk basically involves eliminating risk. What other course of action could we take to eliminate the risk? For our fair project, to avoid the risk of bad weather, we could decide to have our fair indoors. Mitigating the risk means that we do something to reduce the risk. For our fair project, to avoid the risk of not having enough chairs and tables, we could rent extra just in case. Accepting the risk means that we will just deal with the risk if and when it happens. As you can see, we are more likely to accept the risk if there is a low likelihood of it occurring or a low degree of impact. If there is a high degree of impact or a high likelihood of a risk occurring, then we will likely do what we can to avoid the risk. Risk Assessment Matrix Some organizations will use a risk assessment matrix to help manage potential risks. In a small project, the PM likely may not need a risk assessment matrix because it would not be hard to keep up with a small number of risks. A risk assessment matrix might include the following elements in a table for each potential risk:

 the risk description,

 description of the potential impact,

 the likelihood of occurrence (low, medium, high),

 the degree of impact (low, medium, high),

 the event that will trigger action,

 who is responsible, and

 action steps to mitigate. The likelihood of occurrence and degree of impact could be indicated in different ways. The PM could use low, medium, or high. The organization could use a numerical rating system. In some cases, the organization could use a more quantitative risk assessment system, which would assign a probability of occurrence, determine the cost of impact, and then calculate the expected value if the risk event actually occurs. The highest expected value would hold the highest priority. An event that triggers action would be a check that signals the need for some sort of mitigating action. For example, if the PM does not receive a promised confirmation e-mail regarding the delivery of materials, then he or she may need to make a phone call to determine what the delay is and why. Risk Monitoring Risk monitoring involves the PM consistently reviewing the risk assessment matrix during the lifetime of the project. The PM will need to regularly evaluate to make sure there are no changes to the likelihood of an event occurring or to the impact of the risk. One good method of helping to monitor risk is to regularly check in with team members to see how far they progressed with their work, to ask them if anything has changed, or to ask them if they foresee any changes to their original list of risks. It is helpful at different points during the project to make sure there are no new risks as well. Finally, the PM should track the risks and document any changes for future reference. It is helpful for any PM to be able to go back and review project documentation to help with planning future projects.

MGT 3302, Introduction to Project Management 4

UNIT x STUDY GUIDE

Title

Reference Gido, J., Clements, J. P., & Baker, R. (2018). Successful project management (7th ed.). Boston, MA:

Cengage Learning.

Suggested Unit Resources In order to access the following resources, click the links below. The following video provides an overview of the components of risk management. Project Management Videos. (2014, December 1). What is risk management in projects? [Video file].

Retrieved from https://youtu.be/x7A9idByPA4 Transcript for What Is Risk Management in Projects? video The following video provides insight into risk analysis. Project Management Videos. (2018, July 2). Risk analysis how to analyze risks on your project - Project

management training [Video file]. Retrieved from https://youtu.be/r5ZrPeQW8HQ Transcript for Risk Analysis How to Analyze Risks on Your Project - Project Management Training video

Learning Activities (Nongraded) Nongraded Learning Activities are provided to aid students in their course of study. You do not have to submit them. If you have questions, contact your instructor for further guidance and information. In each chapter, there are questions to “Reinforce Your Learning” found in the left margin on some of the pages. For example, in Chapter 8, questions are found on pp. 290, 292, 293, and 294. Answer the questions to check your knowledge. The answers may be found starting on page 487.