Risk Assessment in Project Management – Comprehensive Guide
Last updated on 11th Jul 2020, Blog, General
A project is a set of inter-connected tasks intended to attain a certain goal, with a particular series of resources, within a fixed duration and cost. Given that each project tasks have specific timelines and deliverables, there are always uncertainties considered as risks that are expected to happen and will affect the project’s success. Risk comprises two factors: the probability of its occurrence, and the consequences if it does so.
In order to enable the analysis of risks related with a project, the process of a project risk assessment and management is required. If the processes are undertaken appropriately, it will raise the probability of successful completion of a project to performance, cost and time goals. The overall process of managing uncertainties, which affects the achievement of project objectives, involves two activities: Risk Assessment and Risk Management.
Risk Assessment in Nutshell
Risk analysis settles on obtaining a deeper understanding on which project tasks, outputs, or events would influence its success. This requires project managers experience, knowledge of the project, and critical thinking to decide on what strategies should they embark, from where tactics and activities will be based upon.
Performing risk analysis features two options a project manager can use depending on the identified risk
source and its degree of detail: qualitative and quantitative analysis.
Qualitative analysis uses a descriptive set of attributes to qualify potential consequences and the possible chances that will occur. This approach, by practice, will need further explanation to justify a risk’s position in this type of assessment, albeit an easy practice to assert risks.
Quantitative analysis, on the other hand, provides a measurable level of understanding of risk by using a numerical set of attributes to determine its consequence and likelihood. In contrast to qualitative analysis, this may require extensive use of time and resources, which is one of the project constraints across all phases. This follows that the level of detail is dependent on the breadth of data used and the depth of the calculation applied to present either a single number or sets of patterns that will explain the impact and probability of analyzed risks. Experience has revealed that qualitative analysis typically leads to a primary level of quantitative analysis, as the latter present statistical evidence to the former, given its descriptive nature of detailing risks.
The risk evaluation stage includes both identification and analysis of project risks and assists the project team in making decisions to address the analyzed risks. The illustration shows the relationship between the impact and probability, which is also known as a Risk Map (or heat map). Risk Map analyzes values that are plotted across this chart based on their risk levels, which is the output of risk analysis. With the project’s risk criteria featured on the map, the project manager and his/her team are given a good visual on which risks should be given further attention. With mitigation strategies planned, based on evaluated risks, having an effective risk management framework implementation and risk treatment plans may not necessarily indicate the completion of risk treatment. Instead, it effectively minimizes the impact and it will allows clear decisions to be made.
The necessity on reacting to risks may be critical and it involves the following:
- Recognizing defensive and proactive actions to avoid risks or to reduce its effects,
- Initiating further analysis to decrease insecurity through monitoring and measurement of key metrics
The benefits of performing risk assessment in project management include reduction to project risk exposure, precise and clear decision making on key issues within every project phase, and clearer definition of risks related to particular projects with the risk assessment approach.
Identifying Project Risks – A Closer Look
Identifying project risks marks a challenging start for project managers and his/her team, particularly in the project’s planning phase. The Project charter, which marks a formal statement of initiating a certain project, is a good springboard to identify risk sources and factors as the identification stage generally covers three things to identify:
- The external context (e.g. the project’s impact to its external clients and market)
- The internal context (e.g. the key deliverables and controls at strategic, tactical and operational levels),
- The needs and expectations of the project stakeholders.
Methodologies such as SWOT analysis, Delphi Techniques, and Stakeholder analysis, to mention a few, may be useful, but should be meaningful and time-efficient to the project in terms of execution, resource allocation and decision making.
Nowadays, one of the major complexities faced by Project Managers is the difficulty of not covering a general risk register to refer to when identifying the project risk. For purposes of managing the execution of the project risk management, all project risks should be recorded in the risk register, which is an exhaustive list of all risks identified, their root causes and consequences, and what were the actions taken to address it. This should be updated constantly throughout the lifecycle of the project.
The process of identifying risks must engage all project team members so they can contribute in adding details and take part in the risk assessment process, while at the same time, manage and align the project’s scope, critical tasks, resources and timelines. In addition, when risks are fully assessed, a risk treatment plan is developed and should illustrate the level of risk which can be managed for the project, to achieve its objectives and optimize resource utilization, preferably in costs. Risk can also be identified by competent specialists and professionals as well, which in this case are project managers.
Risk Assessment and Project Management – Making a Good Pair for Project Success
The process of risk assessment updates and enhances the project’s risk profile, reflected in its project risk criteria, risk register, and risk treatment plans, done on a scheduled basis within the project timeline.
Similarly as with other projects and management systems on its continuous improvement initiatives, risk management and assessment should be executed continuously since new risks may be identified. A good risk management framework will clarify the overall approach in managing risks for any projects, regardless of size and scale. It will point how much risk is tolerable and who should be implicated in carrying out the qualitative analysis of the known risks. More importantly, the framework ensures there is always a backup plan to address challenges and opportunities to ensure project success, regardless of the number of uncertainties a project may face.