MGT8024: PROJECT, QUALITY, RISK & PROCUREMENT …...Jul 25, 2008 · document relationships and...

MGT8024: PROJECT, QUALITY, RISK & PROCUREMENT MANAGEMENT

Module 6: Project risk analysis and evaluation

DR AHMAD FAISAL

Doc: MGT8024 – M6 July 2008 Dr Ahmad FaisalNon-Commercial Use Only

2

The information is merely for informative purposes and any statements made or issues highlighted in this document shall not in any circumstances constitute or be deemed to constitute a guarantee or warranty by the author and the publisher as to the accuracy of such statements or issues. Copyrighted materials provided in this document belongs to the respective individuals and or entities. The material is issued in non-commercial confidence and must not be produced in whole or in part for any reason to any third party by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without the prior written consent. The information is merely for informative purposes and without any contractual obligations whatsoever. The author and the publisher shall not be liable for any loss, expenses, damage or claim arising out of statements and or issues and expressly disclaims all responsibility for the material in this document and all liability to any person in relation to any action that person may take or fail to take in reliance, whether in whole or in part, on this document.

Disclaimer and copyright notices


3

Module Objective

On successful completion of this module, you should be able to:

•define the process ‘risk assessment’

•carry out a qualitative risk analysis

•carry out a risk assessment on a project

•utilise some quantitative risk analysis methods.


4

Introduction

This module discuss AS/NZS 4360:2004 Risk Analysis. There are a number of stepswithin this sub-process:

• risk analysis,

• risk evaluation, and

• risk acceptance or rejection.

Accepted risks are monitored and reviewed during the project’s life-cycle; those that are rejected are passed on for risk treatment.

Many views and recommendations that best suited for particular industry or risk.

Risks can be analysed qualitatively, quantitatively or semi-quantitatively. The intent is to gain sufficient familiarity on availability and usage. Simple analysis allows you to become proficient and more complex ones would require separate courses for each.

Important: Read the materials suggested for better comprehension of the subject.


5

Risk analysis

The main goal – establish the ‘level of worry’

• Not everything to be worried – need a process to differentiate, trivial and cannot be ignored.

• Module 5 discussed likelihood, consequence and perception; risk analysis is to give us an indication of the level of risk and guide the way to manage each risk – “feel”.

Commonly, risk are analysed either Quantitatively or Qualitatively or mix of both.


6

Qualitative Risk Analysis

The AS/NZS HB 436:2004;

• Illustrates a range of matrices to represent the estimated level of risk or opportunity. An indication as to how ‘dangerous’ a risk is and logically this should influence your reaction to it – or should it?

• a number techniques including brainstorming; structured interviews/questionnaires; evaluation using multi-disciplinary groups; and specialist and expert judgement, the Delphi technique.

• more often than quantitative techniques as appropriate data is not available and less complex.


7

Qualitative Risk AnalysisDoD 2001;

in this context ‘risk assessment’ covers risk identification and analysis. The section discusses eight of them, most of which can be considered qualitative techniques, though some have a quantitative component.

• Product (WBS) Risk Assessment, involves identifying and analysing the project’s products or deliverables

• Process Risk Assessment, focuses on risks pertaining to the processes that will be used to produce the deliverable

• Program Documentation Evaluation Risk Identification, relevant in any project where there can be complex document relationships and there is risk of a mismatch

• Threat and Requirements Risk Assessment, designed to identify aspects of the project requirement and the project environment (the source of threats) that may produce risks.

• Cost Risk Assessment and Quantified Schedule Risk Assessment, classified as semi-quantitative as they involve Monte Carlo simulations. Cost Risk Assessment is based on the WBS – more detailed WBS, more accurate risk assessment.

• expert interviews, necessary but be aware of biasness.

• Analogy Comparison/Lessons-Learned Studies, uses previous experience and lessons to indicate possible risks in the project being considered. Although uniqueness exit, there are bound to have some commonality that can be shared, unless a totally new frontier.

• Risk Prioritisation, not relying on likelihood and consequence alone, but also other factors.The AS/NZS 4360:1999 uses matrix and five point scales to establish likelihood and consequence, while DOD uses a process or technique Risk Prioritisation. It involves allocating a probability (likelihood) and consequence to each risk, AND any other factors considered relevant.


8

Quantitative Risk AnalysisYour text lists ten quantitative methods you can use for risk analysis. Some of these will be described in the following selected readings. As I have intimated above, all I expect from this module is that you are aware of the existence of the various techniques and have some idea where and when each could be used. To be able to apply them competently, you would need some special training, followed by an amount of practice.

Selected reading 6.3: Schuyler, JR 1996, Decision analysis in projects.

PMBOK® 2004 promoted the use of Statistical Methods in Quantitative Risk Analysis such as;

• Probability Distribution – normal, beta or triangular

• Modelling techniques – Sensitivity Analysis, EVM, Decision Tree

• Modelling and Simulation – Cost Risk Simulation using Monte Carlo


9

Risk Management – Other views

Apart from A/NZ Standards on Risk Management processes, there exist other proposition put forward by various practitioners. Visit their sites for more insights

KPMG on enterprise risk management http://kpmg.com/Global/Pages/Results.aspx?k=risk+management

Kepner Tregoe : see http://www.kepner-tregoe.com/TheKTWay/OurProcesses-PPOA.cfm using the concept of PPA and POA in Project Management and Problem Solving Decision Making

Project Management Institute (USA) promoted the Risk Management processes in Projects http://www.pmi.org/Pages/default.aspx

Ernst & Young on enterprise risk management http://www.ey.com/global/content.nsf/International/Global_Risk_-_Risk_Issues_-_ERM


http://kpmg.com/Global/Pages/Results.aspx?k=risk+management

http://www.kepner-tregoe.com/TheKTWay/OurProcesses-PPOA.cfm

http://www.pmi.org/Pages/default.aspx

http://www.ey.com/global/content.nsf/International/Global_Risk_-_Risk_Issues_-_ERM

10

Discussed in Module 1

Roles of Risk Analysis in PLC

Remember what we discussed on the various terms used by different practitioners concerning Project Life Cycle?

Please bear in mind of these differences when you read about Project Management. Chapman & Ward 2003


11

Risk Evaluation

This step is a list of risks in a priority for further action. It involves deciding whether a risk is acceptable or not.

Normally, negligible risks are accepted & intolerable risks will be treated.

Those that lies within the band, require cost-benefit assessment. Risks will only be accepted if too much cost in them, low in the band risks will only be treated if the benefit is greater than the cost.

Normally Accepted, may be existing controls are sufficient.

Calls for concerns and will be treated, enhancement of

existing controls or develop new one

Cost Benefit Analysis is required


12

Experiential SharingMatching Project Risk Management to Corporate EnterpriseRisk Management Framework (ERM).


13

Reflect

Activity 5.1

Think back to the definition of a project in module 1. Now think of an activity that you have been involved in that matches the definition – remembering that projects are not limited to construction, manufacturing, capital acquisition, information technology, etc. Any unique, finite activity that involved a team of some sort is appropriate.

Establish the context for this project. Using the descriptions in your text, establish what the strategic and organisational contexts were. Decide who the stakeholders were. What were their interests and attitudes as far as the project was concerned? Look at the description of ‘risk management context’. Was a risk management process used? Was it effective? Based on what you now know, what do you think should have been done?

Activity 6.1

Think back yet again to the project you considered in Activity 5.1(above). Consider the risks that were identified in the project and any risks that you consider were overlooked in the original risk management plan (assuming there was one done). What risk analysis techniques were used? Were they appropriate? What techniques do you think should have been used? Why?


14

End of Module 6

You are able to discuss:

• the process ‘risk assessment’

•qualitative risk analysis

• risk assessment on a project

•some quantitative risk analysis methods


MGT8024: PROJECT, QUALITY, RISK & PROCUREMENT …...Jul 25, 2008 · document relationships and...

Documents

Transcript of MGT8024: PROJECT, QUALITY, RISK & PROCUREMENT …...Jul 25, 2008 · document relationships and...