View
219
Download
0
Category
Preview:
Citation preview
8/3/2019 Assignment PM0016 Set 1
1/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q 1. Describe the five phases of risk management process
Ans:
Figure 1: Risk Management Process
8/3/2019 Assignment PM0016 Set 1
2/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
The five phases of risk management process are:
1) Establish the context: It establishes the boundaries within which risks will beevaluated and develops a structure for rest of the risk management process.Establishing the context is categorised into the following:
o Strategic Context.o Organisational Context.o Risk Management Context.o Project Context.o Risk Appetite.
Strategic context: This context is usually operated by the company. Theelements that support or weaken the ability of risk management must be
determined by the company.
Few areas that will help to activate the strategic context are:
Identify the strengths and weaknesses of the organisations. Identify the objectives of internal stakeholders. Identify the objective of external stakeholders. Establish communication between stakeholders. Specify the relationship between the organisation and its environment
The strategic context consists of financial, political, social and legal aspects of
the organisations functions.
Organisational Context: It is necessary to recognize the organisationsstructure, functions and goals and find out the ways to achieve it. These goals
help to determine whether risk is acceptable or not as well as provide options to
handle it.
To establish organisational context, you must:
Determine relationship between service delivery and governmentoutcomes.
Find out whether legislative and statutory requirements are fulfilled. Determine conformance to Whole-Of-Government policy and to the
agency policy.
8/3/2019 Assignment PM0016 Set 1
3/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
The reasons to establish the organisational context are:
Risk management occurs within the structure of companys objectives,goals and strategies.
Manage the set of risks which is due to failure to accomplish certain targetor specific activity. The company policy helps in determining criteria, which in turn help you
to decide whether a risk is tolerable or not. This also forms an option for
treatment of risk.
Risk management context: The activity to be examined is defined in this context.The objectives, scope and boundaries involved is also included in it.
The risk management process establishes boundaries of activity which involves:
Defining parameters and scope of project risk. Defining project risk extent in terms of time and location. Identifying the need for any studies or resources. Identifying the need for risk budget to balance costs and benefits. Determining any issues related to special roles and responsibilities or any
risk project dependences.
The analysis in risk management context is done on the basis of type of risk and
the information that need to be communicated and the methods of
communication.
Analysis required can be determined by the combination of the following:
Level of complication in the activity. Interaction with stakeholders to convey required information. Type of project risks. Activities which are important to achieve project goal.
Project context: The business need of the proposed project must be clearlyoutlined. To understand the project context the below mentioned areas must be
evaluated, that are:
Relationship between risk project and government outcomes. Relationship between risk project and company output. Changes in business process, management teams and any other related
procedures.
8/3/2019 Assignment PM0016 Set 1
4/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Risk appetite: Before taking any actions that you find necessary to handle therisk, you must first determine the amount of risk the company will be ready to
tolerate. The risk that is considered as tolerable depends on the perceived
significance of particular risks. For example, the tolerable financial loss in anorganisation depends on a range of features which include budget, source of loss
and other risks related to poor publicity or image issues. This particular risk can
cause number of effects. An effect of financial loss may tolerable, however, the
associated effect that is related to harm to health or damage to safety may not be
tolerable.
2) Identify risks: After establishing the context the next step is to identify the possiblerisks. This step helps you to identify the sources of risk in an organised way.
There are two levels to risk identification process, which include:
o Risk Stageo Risk Register
Risk stages: To undertake a project, there are several stages.For example, stages for an asset will include:
Validate extra sites Identify extra assets Approval to dispose assets Register sites in Government Land Register (GLR) Find out methods of disposal Contract and negotiation Maintenance and settlement.
Risk register: Records all the risks present in each project. These risks can bedue to natural disaster, political issues, commercial and legal issues, technical
issues or issues raised due to economic circumstances. Experts knowledge helps
to easily identify risks in a project.
The primary goal of risk identification is to have a detailed list of risks that
affects the organisations objectives.
8/3/2019 Assignment PM0016 Set 1
5/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
3) Analyse risks: Risk analysis helps to distinguish minor risks from the major risks.It also helps in evaluation and treatment of risks. Analysing risks involves finding
out sources of risks, possibility of risks and the outcomes.
The probability and effects of the risk are combined to produce a level of risk.Statistical analysis and calculations are use to find out the probability and effects of
the risk. If no past record is available to determine the possible outcomes, then an
estimate is made about a particular event and its outcome.
There are three types of risk analysis, they are:
Qualitative analysis: Use descriptive scales to draw a level of possible effects ofrisks. The scale can also be adjusted to the extent most suitable to the
circumstances.
Semi-quantitative analysis: It provides more detailed prioritisation of the risksthat is obtained in qualitative analysis.
Quantitative analysis: Using information from a variety of sources, the effectsand probability of risk is represented using numeric value.
Below are some ways, which you can use for risk identification:
Based on objective: The event which prevents you from achieving an objectivecompletely or partially is identified as risk and every project and organisations
have these objectives.
Based on scenario: The scenarios are usually the ways to achieve an objective orto analyse the interaction of forces. Any scenario that activates an undesired
event is identified as risk.
Based on taxonomy: This risk identification is done by breaking down allpossible sources of risk.
Based on common-risk checking: Many industries list out their known risks andshare them. Each and every risk in the list can be evaluated for an application to
suite a specific situation.
Based on risk charting: This risk identification is done by listing resources atrisks and combining the above approaches. In this method of identification you
can start with threat and identify the resource that will be affected or you can
examine the consequences and then determine the combination of threat and
resource.
8/3/2019 Assignment PM0016 Set 1
6/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
4) Evaluate risks: Risk evaluation can be done by comparing approximate level ofrisks against pre-established criteria. Once the level of risks is estimated then you
can decide whether or not these risks require treatment. The risks with low prioritycan be monitored regularly without any treatment. However, high priority risks
must be dealt immediately.
5) Treat risks: The risks can be reduced by handling it effectively with propertreatment option. Avoiding, transferring and retaining the risks can also be
considered as risk treatment options.
The risk treatment plan must identify roles and responsibilities of project team and
the results obtained from the treatment of the risk. It must also perform budgeting
and reviewing of process.
8/3/2019 Assignment PM0016 Set 1
7/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q 2. Describe in brief the basic principles followed by the GMP principles
Ans: Good manufacturing practice (GMP) is considered as part of quality assurance. It
enables you to meet overall project quality, timeline, and cost objectives. This helps toconsistently produce the products and maintain the quality standards, suitable to their
specific use, as per the market authorisation. It helps the manufacturing organisations
to compete effectively in the world market. GMP mainly focuses on reducing the risks
present in production.
Below are a few basic principles followed by the GMP guidelines, which are adopted
by most of the manufacturing companies in the world:
Validation of critical manufacturing processes is made to ensure that theseprocesses are consistent with specifications.
Evaluation of the any changes in the manufacturing process is made in order tohave less impact on the quality of the product.
Instructions are well-written in an unambiguous language. Documentation of procedure and operator training are carried out. A detailed record of manufacture, which includes distribution, is maintained in acomprehensible and accessible form. Systems are configured for recalling of any manufactured product from sale or
supply. Investigation of causes of defect in quality of manufactured products and
examination of complaint received about the marketed products are undertaken
to prevent re-occurrence.
If the above guidelines are not correctly implemented by the manufacturingcompanies, then there will be the risks of poor quality products or defects in the
products, which will result in gaps in the services.
GMP guidelines do not provide any instructions on how to manufacture a product;
instead they provide a series of basic principles, which must be noted during
manufacturing process. When a company decides for manufacturing process, there are
many ways to meet the GMP requirements. The company must take initiative to
determine the most efficient quality process.
8/3/2019 Assignment PM0016 Set 1
8/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q 3. Write short note on the following risk categories: a. Operational risks b.
Schedule risks c. Budget risks d. Business risks e. Technical environment risk
Ans:a. Operational risks: Improper process implementation, system failure and other
external risks can lead to risks of loss. For example, loss can be due to insufficient
resource, improper subject training, inability to deal with high priority conflicts and
improper resource planning.
b. Schedule risks: Schedule is a plan for an activity or event. If the project schedule is
not addressed properly, then it gives rise to schedule risk which affects the project and
its economy and may also lead to project failure. For example, delay in the project
schedule is due to wrong estimation of project time, inability to track individual skills,
unforeseen expansion in the project scope and failure in identifying complex
functionalities and estimating the time required to develop those functionalities
correctly.
c. Budget risks: Budget is a sum of money allocated for a particular purpose. Budget
risk is mainly due to incorrect budget estimation. This risk is also due to project scope
expansion. For example, unresolved issue results in redoing the work within the given
timeframe. The changes must be maintained within the scope of the project and any
additional changes would require additional funding.
d. Business risks: Business risks are mainly due to delay in obtaining proper inputs
from the customers and business analyst. The non-availability of contracts and
purchase order at the beginning of the project also lead to business risks.
e. Technical environment risk: This risk relates to the environment, where the client
as well as the customer works. For example, the technical environment risk can arise
due to constant changes in a development, or production or testing environment.
8/3/2019 Assignment PM0016 Set 1
9/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q 4. Describe Risk assessment cycle.
Ans: Risk assessment consists of many different stages. These stages are explained in
a simple step-by-step process.
The risk assessment cycle has the following seven stages:
Set the limits / scope of the Analysis: The results of assessment are collected,analysed and reported to the management by the risk assessment team. Thus
assessment team identifies the scope of the project objectives, the
responsibilities of each member in the team, standards to be used, documents to
be reviewed and operations to be noticed.
8/3/2019 Assignment PM0016 Set 1
10/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Identify tasks and hazards: Hazards can be in form of violence, noise or anykind of pressure system. The identified hazards must not be ignored as this can
lead to many associated unknown risks. A task-based approach is found to be themost effective method to identify the hazards.
Assess risk (Initial): This risk assessment helps to find out the initial risks in theproject. Risk scoring system is used to rate risk at the initial stage of risk
assessment process. It helps to describe how risks are measured.
Reduce risk: The main aim of risk assessment is to minimise the risks to atolerable level. The efforts to gain tolerable risk must work within the constraint
of practicality and cost. Costing is the main factor to obtain tolerable risk.
Accessing risks of a project is worthless if an appropriate plan is not made to
reduce it. As risk reduction has already brought to an acceptable level, there is
no need to further reduce the residual risk. This shows that risk reduction is an
important part of risk assessment process.
Assess risk (Residual): Assessing any residual risk is necessary to complete riskassessment process. This process helps to mitigate any possible risks in the
project. It must be noted that the risk scoring system used is different for
different application. As the risk scoring system describes the possible ways to
assess risks, the risk assessment process continues to improve.
Subjective judgement: Subjective judgement is considered as the essential part ofrisk assessment process. Decision maker must be comfortable with the
subjective nature of risk assessment. Basically uncertainty enters risk assessment
as subjective judgments. Uncertainty must be accepted as the part of the risk
assessment process.
Document the results: To have good and continuous improvement in riskassessment process there is need for documenting the risk assessments. It is
recommended in every guideline to document the risk assessment process. This
helps to gain access to the previous process results (history information) for the
future reference and use. Thus upcoming projects find benefits from this
document.
8/3/2019 Assignment PM0016 Set 1
11/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q.5. Describe in brief the major risk handling strategies.
Ans: Risk handling simply means risk treatment. This involves identifying various
options for treating risk, analysing the different options for treating the risk, preparingrisk treatment plans based on the assessments made, and implementing the plans.
Retaining/accepting risk: When organisations identify potential risks, they puteffective measures to eliminate them. However, an element of risk can beretained if it is deemed acceptable to the organisation after putting controls in
place. Retaining/accepting risk is a good strategy only when it is impossible to
transfer the risk. Depending on an evaluation of the economic loss, it is
determined that a very small value placed on the risk can be safely absorbed.
Another situation where you can retain a risk is when the probability of loss is so
high that transferring the risk would cost as much as the cost due to the worst
loss that can occur. So to say, if there is a high probability of loss, it may be best
to retain the risk rather than transferring it to other involved party.
Now let us discuss the aspect of the organisation retaining/accepting a risk withan example.
G. K services are a service provider in telecom who had signed on many projects
which had to be completed in a short span of time. Initially, G.K services
planned to outsource the projects. It was found that outsourcing would cost them
much more than the income generated from the project. So they decided to retain
the risk of a delayed delivery rather than outsourcing the same.
8/3/2019 Assignment PM0016 Set 1
12/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Risk abatement: Risk abatement can be used as a process for combining lossprevention or loss control to minimise a risk. Organisations may include any one
of the following plans to reduce the risk. Those plans include risk policies andprocedures, testing, technical controls, training of staff, preventative
maintenance, supervision, contract conditions, quality assurance programs, audit
compliance programs and so on. This strategy helps to reduce the loss potential
and decrease the frequency or severity of the loss. Risk abatement is preferably
used in conjunction with other strategies, since using this risk management
method alone will not totally eliminate the risk.
Mitigating consequences of risk occurrence: It is important to mitigate theconsequences of the risk occurrence if it cannot be eliminated altogether. Some
of the risk mitigating measures include effective contingency plan, disaster
recovery and business continuity plans, off-site back-up, public relations,
emergency procedures and staff training and so on.
Transferring risk: Organisations can distribute the perceived risks to anotherinvolved party by the use of contracts, insurance, outsourcing, joint ventures or
partnerships and so on.
Avoiding risk: Organisation can avoid risks completely, wherever practicallyposible, by deciding not to proceed with the activities which are likely to throwrisks.
For example: following the review of a contract, if a client determines that a
project is just too risky then the client may decide not to bid the work at all, or
remove that element of the work from their bid, sometimes using an alternate
deduct to describe the exclusion.
Risk avoidance is strictly a business strategy, and sometimes an astute strategy if
supporting documents are unclear, ambiguous or incomplete.
There are various factors that must be considered in choosing a risk handling
strategy.
Some of the factors include:
Payoff(orgains)forundertakingtherisk Costsofriskmanagement. Extentoftheimpactofrisk.
8/3/2019 Assignment PM0016 Set 1
13/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Q6.DefinechangeandthevarioustypesofchangesAns:Changeinorganisationsdemandschangesinskills,andmanyfeelthattheywillnot be able to make the conversion very well. As pointed out by behavioral scientists,people cannot accept change, since it is a fear that they seldom like to admit. This fear
makes them resist the change consciously or subconsciously.
In many cases, their fears are baseless, for change brings about progress. Indeed, a
successful change campaign to accept change through an effective motivator, efficient
new training programs is necessary. Training programs must be planned and executed
in phases. In this way, you can reduce the early fear of a lack of personal capability to
embrace change by showing how competence can solve the fear of acceptance.
One popular model of change management is the ADKAR model which is developed
by Hiatt (2006) whose observation is that the individuals acceptance to change is the
key to success of change. The elements (ADKAR) here include the following:
Awareness (knowing the need for change)
Desire (the individuals eagerness in the change process)
Knowledge (understanding)
Ability (to implement ones skills and attitude)
Reinforcement (to sustain the change).
Organisational change management is an important aspect of almost every project.
The attributes of this change management include the following: A change control policy which is a set of guidelines should be developed to
streamline the change management process.
The workflow of change is set by breaking the difficult activities of change tosmaller elements.
The resource requirements including the cost estimates, infrastructure andhuman are identified. Where necessary, outsourcing possibilities are also
considered.
Roles and responsibilities of change personnel are identified. An environment ofacceptance of change is built with their support.
Analysis of the various dependencies of the project based on the type of changeis carried out and the approval process is set in. The steps are clearly
documented and also communicated to the affected departments.
Risk assessment based on the scope of the effects of change is well-defined.Change management should also provide emergency change mechanism.
8/3/2019 Assignment PM0016 Set 1
14/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Metrics should be defined and reported to the board of management. They helpin the performance analysis of change.
Types of Changes:Different types of change require different strategies and plans to effectively gain
employee engagement and acceptance of change.
According to Ackerman (1997), there are three types of change that occur most
frequently in organisations, they are: developmental, transitional, and transformational.
Organisational change management theories effectively support how to deal with
developmental and transitional change, but are less effective at dealing with
successfully implementing transformational change. The organisation is first evaluated
on the type of change it is experiencing. Then accordingly, the change approach is
employed to overcome resistance.
Types of changes are:
Developmental change
It is a method applied to maintain a competitive edge in business. It enhances orcorrects existing aspects of an organisation, often by focusing on the
improvement of a skill or process. This type of change could be either planned
or emergent (unplanned) or incremental (continual). When an organisationdecides to improve its processes, methods or performance standards, then this
process is considered.
This type of change should cause little stress to current employees as long as therationale for the new process is clearly conveyed and the employees are
educated on the new technique. The key focus here is to strengthen or correct
what is already present. There is no change in the culture, values or mindset of
the organisation.
Transitional change
It replaces existing processes or procedures of the organisation with a new one.This type of change could be planned, episodic or radical. It is, therefore, more
intrusive than developmental change. The process involves dismantling of an old
state and a clear new state being created. This is carried out over a period of time
and is called the transition state.
8/3/2019 Assignment PM0016 Set 1
15/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
Few examples of transitional change are: corporate reorganisation, merger,
acquisition, creating new products or services, and implementing new
technology. This model can be episodic, planned and second order.
It creates a level of discomfort in employees because the outcome of the changeis unknown. Employees may feel insecure about their job but proper training
given to employees on the new policies and procedures will motivate them to be
a part of the change thereby reducing the resistance to change.
Lewin (1951) coined changes as a three-stage process which involves:
Unfreeze - Move refreeze approach. Here he explains how people are frozen totheir existing organisational equilibrium and have to be unfrozen(made ready to
change), move to the change journey and finally refreeze (have to stabilise
themselves to change)
Schein in 1987 suggested that the unfreeze approach involved the provision ofpsychological safety, moving needed a cognitive restructuring and finally
refreeze involves total integration of the change with the self.
Transformational change
Organisations sometimes face emergence of radically different technologies,significant changes in supply and demand, unexpected competition, and lack of
revenue or other major shifts in business. Developmental or transitional changemay not offer the solution they need to stay competitive. Instead of methodically
implementing new processes, the organisation would prefer to radically
transform the existing process, structure, culture, mindset or strategy. It may
involve both developmental and transitional change. Also referred as quantum
change. It is common for transitional and transformation change to occur in
turns. Business process reengineering is an example. Transformational change
requires competent leaders to manage and is one of the most complex changes.
Categorising change
There are a number of ways in which change can be categorised. Most of them
are related to the extent of the change.
Planned versus emergent change
Sometimes change is intentional with reasons that support it. This type ofchange is called planned change.
8/3/2019 Assignment PM0016 Set 1
16/16
NNIIRRAAJJSSHHAAHHMM..BB..AA..AASSSSIIGGNNMMEENNTT::SSEEMMIIVV
Assignment 1 : PM0016 Project Risk Management, Set 1
In contrast, change could happen in an apparently spontaneous and unplannedway. This type of change is known as emergent change.
Emergent change results in the following cases: Managers make decisions which are not planned. However these decisions
are based on unconscious hypothesis about the organisation, its environment
(Mintzberg 1989) and the future and are, therefore, not as unrelated as they
initially seem.
External factors such as the economy, competitors behaviour, and politicalclimate or internal features such as the relative power of different interest
groups, distribution of knowledge, and uncertainty influence the change in
directions beyond the control of managers. Even the most carefully planned
and executed change programme can have some emergent impacts.
Thus the two important aspects of managing change are to identify, exploreand if necessary challenge the assumptions that underlie managerial
decisions.
Episodic versus continuous change
Another difference between episodic and continuous change is:
Episodic change, according to Weick and Quinn1 (1999), is infrequent,irregular and intentional Occasionally termed radical or second order
change, episodic change often engross replacement of one strategy or
programme with another.
Continuous change, in comparison, is ongoing, developing and cumulative.Also referred to as first orderor incremental change, constant change is
characterised by people constantly adapting and editing ideas they acquire from
different sources.
The difference between episodic and continuous change helps clarify thinkingabout an organisations future development and evolution in relation to its long-term goals. Few organisations decide unilaterally that they adopt an exclusively
continuous change approach. They can, however, capitalise upon many of the
principles of continuous change by being elastic to contain and experiment with
everyday contingencies, breakdowns, exceptions, opportunities, and unintended
consequences that interrupts organisational life.
Recommended