Project Risk Management SESW 108: Program Development and Management Dr. Kazi Abdur Rouf Instructor Settlement Services Worker Certificate Social Service Worker Part-Time Diploma Program School of Social and Community Services Humber College Institute of Technology and Advanced Learning Building C, Lakeshore Campus, Toronto Tuesday, November 13, :30 - 9:30 PM (11 th class lesion)

Project Risk Management Project Risk Management Definition, Objectives and Process Components of Risk Management Project Risk Continuum Risk Management Model Risk through the Project Life Cycle Risk Management Responsibility Develop Risk Assessment Criteria Risk Identification Process of Risk Identification Misinterpreting the Scope of Work

Project Risk Management Definition, Objectives and Process It is process concerned with identifying, analysing and responding to uncertainty (throughout the project cycle). It includes maximizing the results of positive events and minimizing the consequences of adverse events. The purpose of Project Risk Management is to provide an outline of project risk and opportunity, and a methodology for reducing risk to an acceptable level. A key component of project management is making decisions with a high degree of certainty of the outcome. However, in real world most decisions are based on incomplete information with an associated level of uncertainty about the outcome. Agency success has typically been setup to take advantage of these opportunities-to make new, or change an existing facility.

Project Risk Management Definition, Objectives and Process So risk has always been an intrinsic part project management. The risk continuum indicates the boundaries of risk management between certainty and uncertainty. Risk, uncertainty and opportunity are closely related. When risk occurs, this may open up an opportunity and conversely when pursuing an opportunity there will be associated risks.

Project Risk Management Total RiskUncertaintyNo Risk Scope of Risk Management Unknown, Unknowns Unknowns, UnknownsKnowns No informationPartial informationComplete information Enter new marketFeasibility study identifies unknown issues Closeout report, project successfully completed Risk Continuum

Risk Management Model Risk Control Monitor and Review Document Risk Management Define ObjectivesIdentify RiskQuantify RiskDevelop Responses

Components of Risk Management Define Objectives: Define the content of the work and the plan for success. Identify Risk: identify areas of risk and uncertainty which may limit or prevent you achieving your agency objectives Quantify Risk: Evaluate and prioritize the level of risk and uncertainty and quantify frequency of occurrence and impact Develop Response: Define how you are going to respond to the identified risks; eliminate, mitigate, deflect or accept Document: the risk management plan documents how you propose to tackle risk on your project Risk Control: the risk control function implements the risk management plan. This may involve training and communication. And as the risks and the work environment are continually changing, it is essential to continually monitor and review the level of risk and your ability to effectively respond.

Risk through the Project Life Cycle Project Cycle INCREASINgRISkINCREASINgRISk ValuesValues PlanAccomplish Phase 1 Concept Conceive © Phase-2 Development Develop (D) Phase-3 Implementation Execute (E) Phase-4 Termination Finish (F) Time Period of Highest Risk Impact Amount at stake Risk and opportunity

Risk Management Responsibility Who is responsible for managing risk? The GM and managing director are ultimately responsible to the board of directors and the shareholders for managing risk within the agency. However, this responsibility is usually delegated through the corporate hierarchy with the project managers responsible for project risk and the functional managers responsible for their department’s risk. The respective mangers then be responsible for developing a risk management plan to identify, quantify, respond and control risks that affect their scope of work. Disaster Recovery The ultimate unplanned catastrophe could results significant damage or loss of the organization, which needs to develop a disaster recovery plan. The objective of disaster recovery planning is to reduce the consequence of a disaster to an acceptable level. The responsibility for developing and implementing the disaster recovery plan should be assigned to a particular manager as part of the organization’s risk management.

Risk Management Responsibility General Manager Disaster Recovery Manager Civil ManagerMechanical Manager Electrical Manager PM-1 PM-2 F u n c ti o n a l R is k Project Risk External Risk

Risk Management Integrated Project Risk Quality Scope Time Cost Project Management Integration Information Communications Human Resources Contract Procurement Feasibility Life cycle Ideas data Forecast Availability Services suppliers Budget cash flow Schedules Requirements standards

Develop Risk Assessment Criteria Develop Risk Assessment Criteria against which risks can be assessed and decisions made. These criteria may be based on operational, technical, financial, legal, social and humanitarian requirements. There will be internal, external constraints. Internal project Internal corporate External It is important to understand the environment of the project or the nature of the problem.

Risk Identification It is needed to plan to prevent failure Risk identification is probably the hardest and most important part of the risk management process, because if you cannot identify a risk, it will be executed from further analysis and probably find no respond to it. The process of risk identification is not a one time event, but rather a continuous process, its frequency depending on the level of risk on the project and schedule of meetings. Cause and Effect Preform WBSObjectivesCauseEffect

Process of Risk Identification RI should be a systematic process to ensure nothing significant is over looked. By adding another column, combinations of risk can also be considered. Techniques for identifying risk include: Analysing historical records- closeout reports Structured questionnaires Structured interviews Brainstorming Structured check list Flow chart Judgement based on knowledge and experience System analysis Scenario analysis (what-if)

Misinterpreting the Scope of Work Misinterpreting the Scope of Work is a common cause of project failure. Others include: Mixing and confusing; tasks, specifications, approvals and special instructions Using imprecise or vague language, example; nearly, optimum, about or approximately No pattern, structure, or chronological order. The WBS and CPM techniques have not been used. Wide variation in size of tasks and work packages Wide variation in how to describe work details Failing to get third-party review or verification Source: Rory Burke (1999). Project Management: Planning and control techniques. Chapter 22. Toronto: Willey.

Other Common Reasons for Project Failure Not working closely with the client Poor estimating Inadequate planning Insufficient reviews and control Lack of commitment buy all stakeholders Incomplete information Incomplete design o the project Little information, wrong information

Disaster Recovery Planning A disaster is a sudden, unplanned catastrophe. The objectives of disaster recovery management is to reduce the consequence of a disaster to an acceptable level. This is the ultimate contingency plan! Disaster recovery planning is essentially a contingency response from the risk management planning, but due to the unique nature and size of the problems it is probably best managed separately-as a project. The Management of the disaster recovery plan should be assigned to a manager with responsibility to set up a team to: develop the disaster recovery plan Control the disaster plan And when the time comes- implement the disaster recovery plan quickly and effectively

Disaster Recovery Implementation When a disaster happens, now is the time to implement carefully developed and updated disaster recovery plan. The fist step is to mobilise the disaster recovery team, set an office with necessary equipment, information, and communications are ready. Communicate the disaster recovery plan to all the key people and stakeholders. This includes Employees, clients, suppliers, and media It is necessary relocate the office near the catastrophe area Recover the critical data which should have been regularly backed up and stored off site Develop recovery plan and disseminate it to the related staffs. Accurately tell clients how long it will take to go back to offer normal services Reference: Burke, Rory (2001). Project Management: Planning & Control Techniques. Chichester: John Wiley & Sons Ltd.