PROJECT MANAGAMENT (PROJE YÖNETİMİ) - (İNGİLİZCE) - Chapter 6: Project Risk Management Özeti :

PAYLAŞ:

Chapter 6: Project Risk Management

Project Risks and Planning Risk Management

Risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives (PMI®, 2017, p. 720). Project risks are divided into two categories: negative and positive risks. Negative risks are threats, positive risks are called opportunities. Negative risks can harm project objectives while positive risks can benefit the project objectives.

There are two types of risks: individual risk and overall project risk. Individual risks are specific events or conditions that may affect project objectives. Individual risks can positively or negatively affect one or more of the project objectives, elements, or tasks. Overall project risk demonstrates the impact of uncertainty on the project as a whole (PMI®, 2009, p. 10).

To reduce uncertainty in projects, you must first identify the likelihood, consequences, impact, and possible causes of the risk that needs to be taken:

  • The possibilities may be low, medium, or high. For example, you determine how likely it is that supply delays will stop the project. You make an estimate based on your experience. When you look at past projects, you will see a 50% chance of delay.
  • Risks can affect the scope, cost, time, and/or quality of projects. You need to determine how serious the impact is (impact on project objectives).
  • You can determine the effect by a specific number or percentage. You must determine a measure of the severity of the impact. For example, you can set the delay to be good if it is less than 5 days, moderate between 5-10 days, bad if more than 10 days.
  • It is important to standardize the impact of risks in a common language. You can ensure that the project team and stakeholders understand the impact of risk in the same way.

Risk management planning is the process of defining how to conduct risk management activities for a project. The key benefit of this process is that it ensures that the degree, type, and visibility of risk management are proportionate to both risks and the importance of the project to the organization and other stakeholders (PMI®, 2017, p. 401). The Project Risk Management Plan, which describes what the risk management activities will be, should include (Tekir, & Şakar, 2016, p. 407) the following:

  • The Project Risk Management Methodology
  • The roles and responsibilities of the persons performing the activities in the Project Risk Management Plan
  • The budget, the unexpected situation and the principles of using a management reserve are specified for Project Risk Management.
  • The timing of Project Risk Management (when, how often), the principles regarding the use of contingency reserves related to the schedule, and the risk management activities to be included in the project schedule are explained.
  • Potential cause groups (Risk Categories) are identified.
  • Risk probability and impact levels are defined. Stakeholder tolerances that are valid for the project being studied are indicated on the Probability-Impact matrix.
  • The content and format of risk reports, how to record risk activities and how to manage risk management processes are explained.

Identifying Risks

A risk cannot be managed unless it is first identified. It is, however, impossible to identify all the risks at the outset of a project. The purpose of risk identification is to identify risks to the maximum extent that is practicable. The fact that some risks are unknowable or emergent requires the Identify Risk process to be iterative, repeating the Identify Risks process to find new risks which have become knowable since the previous iteration of the process (PMI®, 2009, p. 25). The following are the risk identification tools and techniques:

Document analysis : Document analysis is a term used to review all relevant project documents that can help you identify risks. These documents are plans, assumptions, constraints, previous project files, contracts, agreements, and technical documentation (PMI®, 2017, p. 415).

Brainstorming: Brainstorming is to obtain a comprehensive list of individual project risks and sources of overall project risk (PMI®, 2017, p. 414). An efficient brainstorming session can help you to see the many risks associated with the project in a short time.

Interviews: You can engage with team members, stakeholders, customers and suppliers to uncover potential risks. Brainstorming and negotiations on identified risks can be made. In the interviews, additional risks will be identified and the existing risks can be classified. Interviews allow you to focus better on getting the information you need.

Root cause analysis: Root cause analysis not only helps you identify and manage potential risks, but also helps you develop preventive actions. The following questions should be asked for root cause analysis:

  • What can cause this risk?
  • Under what conditions can this risk turn into a problem or an opportunity?

SWOT analysis: SWOT analysis is one of the data analysis methods used to identify and classify risks. SWOT expresses Strengths, Weaknesses, Opportunities, and Threats. SWOT analysis can be done by brainstorming or interviews.

Assumption Analysis: Assumption Analysis is to examine the validity of assumptions to evaluate the possible impact of false assumptions on the project. Constraint Analysis is to identify potential risks to the project by analyzing constraints.

Checklists: Checklists are used to identify important issues to consider and ensure that they are not omitted. In the process of determining risks, checklists compiled from th

Qualitative Risk Analysis

Qualitative Risk Analysis is the process of prioritizing individual project risks for further analysis or action by assessing their probability of occurrence and impact as well as other characteristics. There are seven different tools and techniques that you can use to perform qualitative risk analysis:

  • Expert Judgement: When conducting qualitative risk analysis, you will rely on the expert judgment of individuals and groups with expertise and knowledge about the project.
  • Interviews: Interviews are conducted to collect the data needed to conduct a qualitative risk analysis.
  • Interpersonal and team skills: Interpersonal and team skills to increase the effectiveness of qualitative risk analysis as they enable the project team and stakeholders to reach consensus and express their views. This ensures that the disputes between the participants are resolved and the process is carried out correctly.
  • Meetings: In the qualitative risk analysis process, the project team can organize risk workshops and meetings to review, evaluate, categorize, and prioritize project risks.
  • Risk categorization : includes technical, external (suppliers, legal, etc.), and internal (infrastructure, resources, etc.) risk groups. It identifies the areas that may affect the project the most and provides the right risk response plan.
  • Risk data quality assessment: If the information collected about the risks is incorrect, biased, or incomplete, the results of the qualitative analysis will not be reliable. Therefore, risk data quality assessment is performed during the qualitative risk analysis process. The source of the data, the accuracy of the data, its relevance to your project, and its specific conditions are evaluated. You may need to collect better quality data if the current data quality is not sufficient to perform a comprehensive analysis.
  • Risk probability and impact assessment: As another data analysis technique, risk probability and impact assessment (See Figure 1.1) is performed to determine the likelihood of a particular risk occurring in your project.

Quantitative Risk Analysis

Performing Quantitative Risk Analysis is the process of numerically analyzing the combined effect of identified individual project risks and other sources of uncertainty on overall project objectives (PMI®, 2017, p. 428). In order to realize this process effectively, it will also be necessary to use assumption log, cost and time estimates, bases of estimates, milestone list, resource requirements, and so on. Some important tools and techniques are:

Interviews: Interviews allow you to get the information you need by referring to expert judgements. Experts may be members of the project team, as well as professionals, academicians, consultants, experienced senior executives from outside the project team.

Expert Judgement: The purpose of taking expert judgement is to collect data on the likelihood of achieving project objectives by addressing the impacts of risks. The questions to be asked to the experts are explained in the following sections.

Assumption analysis: In addition to seeking expert judgement, it is necessary to record assumptions on which the information is based. Are there some factors that experts assume when assessing the impact of risk on the project? Are these factors likely to change over time? When you make these queries, you usually reach the three point prediction method. The three points are: optimistic, most likely, and pessimistic.

Sensitivity analysis: Sensitivity analysis is an analysis technique used to determine which variables in a system affect the system more. By fixing other variables, the effect of a variable on the system is tested by changing the values.

Decision Tree Analysis: The importance of risk in a project is not only related to the magnitude of its damage. The likelihood of risk is also effective. Based on this principle, it is possible to evaluate the threat value on the project as time and money with decision tree analysis. It is called a decision tree because it allows the presentation of a diagram representing the choices between at least two or more options.

Simulations: The aim of the simulation study is to simulate a system. Thus, you measure how the system reacts under various conditions. By modeling the project, the impact of risks on targets can be analyzed. The most commonly used modeling example is Monte Carlo Simulation.

Responding to Risk

Plan Risk Responses is the process of developing options, selecting strategies, and agreeing on actions to address overall project risk exposure, as well as to treat individual project risks. For risk response strategies, expert opinions are important. Sometimes, a negative risk is so costly and so likely that taking that risk will cause great damage to the project. In this case, it should be avoided. The following strategies can be used to avoid risk according to the situation of project and risk:

  1. Removal
  2. Transferring risk and insurance
  3. Mitigation
  4. Acceptance

There are also some strategies for positive risk for opportunities, which are:

  1. Share
  2. Enhance and opportunity
  3. Accept

Monitoring Risks

Monitoring Risks is the process of monitoring the implementation of agreed-upon risk response plans, tracking identified risks, identifying and analyzing new risks, and evaluating risk process effectiveness throughout the project (PMI®, 2017, p. 453). The following activities are carried out in the risk monitoring process; Monitor warning signs that risks may arise, control risks using identified responses, identify and analyze emerging risks. Moreover, there are also some risk monitoring tools and techniques:

Risk Audits and Meetings: Meetings are the most effective means of information exchange. For risk management, the project should be carried out regularly according to the workload. At regular status meetings, discussing risks should always be an agenda item. The benefit of doing so is to make all risks in the project identifiable and traceable. It will also help to keep risk management.

Data analysis: Two data analysis techniques are very important in the risk monitoring process: technical performance analysis and reserve analysis.

  • Technical performance analysis
  • Reserve analysis