Upload
alex-iskandar
View
275
Download
1
Embed Size (px)
Citation preview
Project Risk Management
Basic Introduction
DefinitionsProject
Temporary endeavor with a defined beginning and end Risk
A possible future event which if it occurs will lead to an undesirable outcome.
ManagementArt and science of planning, organizing, securing and managing resources
Project RiskThe cumulative effect of the chances of an uncertain occurrence that will adversely affect project objectives.
Risk ManagementA systematic and explicit approach for identifying, quantifying, and controlling project risk.
Project Risk Management The art and science of –identifying, assessing, and responding to project–risk throughout the life of a project and in the –best interests of its objectives
The processes concerned with conducting:
PROJECT RISK MANAGEMENT
The objectives is:• To decrease the
probability and impact of events adverse to the project, and
• To increase the probability and impact of positive events
PMBOK : • Risk management
planning• Risk identification• Risk analysis• Responses to risks • Risk monitoring and
controlISO 3100:• Establishing the
Context• Identify risks• Analyze & Evaluate
risks• Treat risks
• Monitor and Review• Communication and
Consult
SCOPE TIME COST QUALITY
DeliverablesREPUTATION
PenaltyREPUTATION
Additional Cost LOWER PROFIT
RejectREPUTATION
PROJECT RISK• Effect or uncertainty on objectives (ISO), • Uncertain event or condition that, if it occurs, has
a positive or negative effect on a project’s objectives (PMBOK)
Establishing the contextExternal • To ensures that the relevant externally generated threats, and
opportunities are properly taken into account and the risk management framework is appropriate to the requirements of the Project
• To ensures that all Stakeholders and their objectives are considered when developing risk management criteria, – this helps to establish policies for communication with these parties.
Internal Requires the Project Team to consider, and align the risk management process with the: • Corporate risk management policy • Corporate and team culture• Internal stakeholder structure and capabilities (resource and
skill availability, etc.)• Project systems and processes (either available or planned)05/02/2023
5
• Establishing the Context
• Identify risks• Analyze & Evaluate
risks• Treat risks
• Monitor and Review• Communication and
Consult
Establishing the contextIn short - Establishing the Context includes of the activity of Risk Management Planning, Alignment of Project Objectives & Decision, Frameworks, Fact & Constraint and Communication to related stakeholders External and Internally
Policy Decisions
Strategic Decisions
Tactical Decisions
Decisions that have made
Decisions that need to be included the analysis
Decisions that can be made later
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
TECOP FRAMEWOR
KS
Risk Identification
Risk Register issuesgenerated by
multi-disciple team
Project Allowances
(Contingency)
Technical
Commercial
Economical
PoliticalGovernment
Community
Agreements
Drilling
Subsurface
Insurance
Valuation
Financing
Infrastr.
Brainstorming
OrganizationalSystems
Partners
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
RISK IDENTIFICATIONRisk Statement: Cause – Risk / Event – ConsequenceWhat is Cause?• Reason for ; result in ; the reason why something happenedWhat is Risk?• Effect or uncertainty on objectives (ISO), • Uncertain event or condition that, if it occurs, has a positive
or negative effect on a project’s objectives (PMBOK) What is Event?• Occurrence or change of a particular set of circumstancesWhat is Consequence?• Outcome of an event
As a result of a <definite cause>, an <uncertain Event / Risk > may occur, which would lead to < consequences for the project objective(s)>
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
The Uncertainty Spectrum
TOTALCERTAINTY
TOTALUNCERTAINTY
GENERALUNCERTAINTY
SPECIFICUNCERTAINTY
(Unknown - unknowns) (Knowns)
NOInformation
CompleteInformation
PartialInformation
(Known - unknowns)
SCOPE OF PROJECT RISK MANAGEMENT*
*Note: in this range the information to be known
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
ISSUEBLACK SWAN
RISK AND ISSUE
What is the different ?• Risk is an event that may occur on a project that will have a negative impact.
Risk is not a certainty. It may occur and have less than 100% probability of occurring.
• An issue is an event that the project will or currently faces that will/does have a negative impact. An issue has a 100% probability of occurring.
What is the similarity?•Both risk and issue management require planning. •A risk generally has a mitigation strategy and contingency plan.
Risk and uncertainty are equivalent
A project risk that has occurred can also be considered an issue (PMBOK)
Common of Risk Management Process
Brainstorm Risk IdentificationRisk
Register
Risk Analysis
Risk Evaluation & Treatment
• Eliminate• Mitigate• Transfer• Accept
RISK EVALUATIONPoints of scales Consequences• Consequences are rated in term of potential impact to
on objective (Cost , Schedule, Health, Enviro, External / Company Image)
• Consequences are rated from slighted to massive.• Where risk has several consequences, the highest
consequence is used to generate the rating.
Likelihoods• Likelihoods are rated in terms of percentage / likely of
occurrence.• Likelihoods are rated from Improbable/Rare to
Frequent/Very Likely (to be happened).
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
Sample Risk Matrix
13
SETTING THE PRIORITIES
Rationale Agreed priorities are used to determine where the greatest attention, planning and detail risk assessment should be focus.
• Using the control effectiveness• (High Risk without control, High risk with control that are
not fully effective, etc.)• Using the potential exposure• Using Milestones
Using the level of risk
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
Risk TreatmentRisk Treatment / Response defines steps for : Enhancing opportunities Responding to threats
Risk Response Type: Avoidance - eliminate Mitigation
Reduce EMV by reducing probability Reduce Impact
Transfer buy insurance
Acceptance Active: develop plan to deal with risk if it occurs Passive: Accept risk (e.g., lower profit
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
Where is the Contingency Plan allocated in the Risk Management Process ?
CONTINGENCY PLAN
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
CONTINGENT PLANNINGContingent planning:
a means to address risks to the project through a formal process and provide resources to meet the risk events.
It is the establishment of management plans to be invoked in the event of specified risk events
Examples:The provision and prudent management of a
contingency allowance in the budgetThe preparation of alternatives work areas and work-
arounds.
• Establishing the Context
• Identify risks• Analyze & Evaluate risks• Treat risks
• Monitor and Review• Communication and
Consult
What is Contingency Plan• A Contingency plan is a plan devised for a specific situation when
things could go wrong. Contingency plans are often devised by governments or businesses who want to be prepared for anything that could happen. They are sometimes known as "Back-up plans", "Worst-case scenario plans", "Scrap Situation" or "Plan B" .
• Contingency plans include specific strategies and actions to deal with specific variances to assumptions resulting in a particular problem, emergency or state of affairs. They also include a monitoring process and “triggers” for initiating planned actions. They are required to help governments, businesses or individuals to recover from serious incidents in the minimum time with minimum cost and disruption.
http://en.wikipedia.org/wiki/Contingency_plan
• A Contingency Plan is fallback position, or workaround in the event of an adverse occurrence, or risk event, on the project.
• A plan that identifies key assumptions beyond the project manager's control, and their probability of occurrence. The plan identifies alternative strategies for achieving project success.
http://www.maxwideman.com/pmglossary/PMG_C07.htm
Probabilistic Planning • P10 Estimate – a 10% chance that the project
cost/schedule will be less than or equal to the estimate total and a 90% chance that the project cost/schedule will be greater than the cost estimate total.
• P50 Estimate – a 50% chance that the project cost/schedule will be less than or equal to the estimate total and a 50% chance that the project cost/schedule will be greater than the cost estimate total.
• P90 Estimate – a 90% chance that the project cost will be less than or equal to the estimate total and a 10% chance that the project cost/schedule will be greater than the cost/schedule estimate total.
Typical Life Cycle Profiles
Total project life cycleINCREASING
RISK
$
VALUE
TIME
Plan AccomplishPhase 1
ConceivePhase 2Develop
Phase 3Execute
Phase 4Finish
Opportunity & Risk
Amount at Stake
(period when highestrisks are incurred)
(period of highestrisk impact)
Risk versus Amount at Stake
COST ESTIMATE & CONTIGENCY• LEVEL PROBABILITY VS COST
ESTIMATE
A D B CE
P90
P70
P50
P35
P10
A : Value P10B : Value P50C : Value P90D : Deterministic EstimateE : Deterministic By PM
DeterministicEstimate
(IncludingAllowance)
ContingencyP50 –
Deterministic Estimate
COST
PSample
AACE COST ESTIMATE CLASSIFICATION
http://www.aacei.org/technical/rps/17r-97.pdf
Sample of Schedule Risk Assessment Result
Sample of Schedule Risk Assessment Result