Project Risk
Management
Presented by
Harold Dorbin, Marsh Risk Consulting
Co-sponsored by
Project Risk Management
Agenda
1. Owner and Contractor Risk Perspective
2. Project Risk Governance and Systems
 Owner Considerations & Structure
 Contractor/Vendor Considerations & Structure
 Observations/Recommendations
3. What is a Project Risk?
 Project Specific Risk Identification
 Observations/Recommendations
4. Managing Project Risk Through the Project Life Cycle
 Considerations for a Workable Plan
 Observations/Recommendations
5. Wrap-up & Questions
1
Section 1
OWNER AND CONTRACTOR RISK
PERSPECTIVE
2
Owner and Contractor Risk Perspective
Owner’s Project Perspective
 Owner’s make money from the completed project.
 Project objectives are longer term.
 On-Stream reliability.
 Usable life.
 Cost of use/operation.
 Schedule and cost may or may not be critical.
 Project is “the asset.”
 Funding structure/equity exit.
 Industry/business needs.
 Success for the project defined by both:
 Corporate objectives.
 Business justification for project.
3
Owner and Contractor Risk Perspective
Contractor’s Project Perspective
 Contractor’s make money by completing the project:
 Project objectives are usually shorter term.
 Defined by contract compliance.
 Longer term objectives are real.
 Execution reputation.
 Technology supplied/experience.
 Success for the project defined by both:
 Contract compliance.
 Corporate objectives.
4
Section 2
PROJECT RISK MANAGEMENT AS A
RISK GOVERNANCE SYSTEM
5
Project Risk Governance and Systems
Project Risk Governance Objectives
 “Capacity of a management organization to positively influence the
project toward a successful outcome.”
Information – engage and make decisions.
Accuracy - acceptable to make decisions.
On-Time – late decision or assumptions.
6
Project Risk Governance and Systems
Project Risk Governance Objectives
 This is easy ….




What decisions do I need to make?
When do I need to make them?
What information do I need to make them?
How accurate does the information need to be?
7
Project Risk Governance and Systems
Project Risk Governance Objectives
8
Project Risk Governance and Systems
Project Risk Governance Objectives
 Systematic (“Stage Gate”) identification of the what and when of decision
making:




Define stages in planning/bidding when key decisions need to be made.
Identify the Information needed to make the decision.
Define the level of accuracy
.
Timeline set around what is required.
9
Project Risk Governance and Systems
Owner Considerations & Structure

First Question:
10
Project Risk Governance and Systems
Owner Considerations & Structure
 Stage Gate I – Concept:
 Decision: fund feasibility study.
 Information:
 Risk assessment.
 OOM estimate of project.
 Scope and feasibility estimate.
 Market and ROI assessment.
 Regulatory overview (high level).
 Class 4 project schedule.
 Schedule to accumulate sets the timeline.
11
Project Risk Governance and Systems
Owner Considerations & Structure
 Stage Gate II – Feasibility:
 Decision: fund preliminary engineering.
 Information:
 Risk assessment/gaps closed.
 +/- 50% estimate of project.
 Major equipment resourced.
 Resource availability.
 Scope and pre-engineering estimate.
 Refined market and ROI analysis.
 Regulatory analysis (mid level).
 Class 3 project schedule.
 Insurance/finance/currency.
 Schedule to accumulate sets the timeline.
12
Project Risk Governance and Systems
Owner Considerations & Structure
 Stage Gate III – Preliminary Engineering:
 Decision: fully funded/committed project.
 Information:
 Risk assessment/gaps closed.
 +/- 20% estimate of project.
 Major equipment committed quote.
 Resources confirmed.
 Scope, work breakdown structure.
 Confirm market and ROI analysis.
 Regulatory analysis/permits.
 Class 2 project schedule.
 Insurance/finance/currency.
 Schedule to accumulate sets the timeline.
13
Project Risk Governance and Systems
Contractor/Vendor Considerations & Structure
 Contractors have a “bid cycle” to respond within so they do better if they
understand.
14
Project Risk Governance and Systems
Contractor/Vendor Considerations & Structure
 Stage Gate I – Bid/No Bid:
 Decision: fund the bid/respond to RFB.
 Information:
 Proposal schedule.
 Preliminary risk assessment.
 Go/get vs. proposal budget.
 Resource/technology availability.
 +/- 30% execution estimate.
 Scope statement/contract plan.
 Regulatory analysis/permits.
 Class 2 project schedule.
 Insurance/finance/currency.
15
Project Risk Governance and Systems
Contractor/Vendor Considerations & Structure
 Stage Gate II – Schedule/Budget/Scope/Risk Update:
 Decision: continue with proposal.
 Information:
 Proposal schedule update.
 Risk assessment update.
 Proposal budget update.
 Resource/technology confirmed.
 +/- 20% execution estimate.
 Scope/contract plan defined.
 Regulatory/permits defined.
 Class 1 project schedule w gaps.
 Insurance/finance/currency.
16
Project Risk Governance and Systems
Contractor/Vendor Considerations & Structure
 Stage Gate III – Bid Close Out:
 Decision: submit bid.
 Information:
 Risk assessment update.
 Proposal budget update.
 Resource/technology availability.
 +/- 10 % execution estimate.
 Scope statement/contract plan.
 Regulatory/permits confirmed.
 Class 1 project schedule.
 Insurance/finance/currency.
17
Project Risk Governance and Systems
Contractor/Vendor Considerations & Structure
 Stage Gate IV – Contract Signing/Execution:
 Decision: contact signing.
 Information:
 Risk assessment update.
 Contract exceptions/acceptance.
 Terms impact on execution.
 Insurance/finance/currency.
18
Project Risk Governance and Systems
Observations/Recommendations
 In order for management to have project governance and manage project
risk effectively; project procedures and how they are implemented must
be:




Industry Best Practice.
Consistent – remove approach/application variation.
Accountable – know who is to do what.
Transparent – allows management intervention.
19
Project Risk Governance and Systems
Observations/Recommendations
Consistent
Accountable
Transparent
Processes
Industry
Best
Practice
Processes
Develop Required
Information for
Timely Decisions
20
Project Risk Governance and Systems
Observations/Recommendations
 Each Stage Gate is defined by all the decisions that must be made before
the next stage can proceed.
 Contractors must consider bid cycle and information delivery schedule –
early in the bid process.
 Bid exception?
 Best Procedures define requirements broadly.
 For smaller/less complex projects, it states “not applicable.”
 Keep submissions at each Stage Gate for audit.
21
Project Risk Governance and Systems
Observations/Recommendations
 Track exceptions to procedure and close out as a priority.
 Generally an exception cannot go through two Stage Gates without being
resolved.
 All assumptions – treated as a risk in risk register.
22
Section 3
WHAT IS A PROJECT RISK?
23
What is Project Risk?
Definition
 “A Project outcome of a probability less than ‘1’ that results in something
other than Plan.”
 Risks can yield positive or negative variation from plan.
24
Sources of Project Specific Risks
Success for the Project
Owner Sources
Contractor Sources




Business justification for the project.
Corporate objectives.
Contract compliance.
Corporate objectives.
25
Sources of Project Specific Risks
Risk to Project Specific Goals
Risk is something that prevents the goal from occurring:
Example: Owner Concern
Example: Contractor Concern



Maintain the relationship with the
aboriginal communities in zone.
Corporate objective driven.

Meet Performance Test Criteria
within 60 days of turnover.
Contract compliance driven.
26
Sources of Project Specific Risk
Risk to Project Specific Goals
 Manage risk to project specific goals:
 Yields more key goal focused risk assessment than “checklist.”
 Provides alignment of stakeholders needs (JV partners, lenders, regulators,
governments).
 Provides a framework to make future key project decisions.
27
Sources of Project Specific Risk
Risk Sources/Management
28
Sources of Project Specific Risk
Definitions
 Scope relationships:
 Risk that evolves from how the project contracts are organized (project delivery
method).
 Risk that evolves through non-contractual parties (government agencies, special interest
groups, etc.).
 Contracts:
 Mechanism used to influence the performance of another party.
 Environment:
 Site specific, resource availability, financial condition, etc.
29
Observations/Recommendations
Project Scope & Relationship Diagram
Principal
Test and Inspection
Employer
Regulators, Agency and
Local, Governmental
Employers and
Contractors
Contractor
Subcontracts
Material Supplies
Principal
Structural Steel
Turbine
Electrical I&C
Boilers
Mechanical
Others
Civil
Others
30
Observations/Recommendations
Risk Management Fundamentals
 Project risk management should embrace all of the key corporate and
business/contract goals for each undertaking – not just cost and schedule.
 Risk management processes that are focused on the project goals allow
for early development of project strategy “best risk fit” decisions.
 Simple tools – PCSRD, contract overview, etc., provide a consistent
baseline for those participating in identifying project risk.
31
Section 4
MANAGING PROJECT RISK THROUGH THE
PROJECT LIFE CYCLE
32
Managing Project Risk Through the Project Life Cycle
Considerations for a Workable Plan
 “Snap shot project risk management.”
 Project risk management systems must be updated.
 Frequency depends on what stage the project is in.
 “Quantitative models vs. qualitative assessments.”
 The need for numbers vs. strategy.
 Do not put all of the obligations on the project manager, the proposal
manager or executive team.
 Executive management must “captain the ship” not “row the boat.”
33
Considerations for a Workable Plan
Risk Committee
 Reports to executive management only.
 Make-up:




Project manager.
Counsel.
Project controls expert.
Other experts part time.
 Set up risk screening tests at each stage gate.
 If a “high risk” condition exists:
 System engages risk committee.
 Defined interaction between project and risk committee.
 Risk committee makes recommendations to project and executive management – at
each stage.
34
Example
Proposal
Decision
Flow Chart
LEVEL 3
Preliminary decision
made on Proposal
Level 1, 2, 3
LEVEL 1 AND 2
PM completes Pre RA
Form and submits for
comment/approval
REJECT
PM includes pre
approved Liability Limits
etc.
ACCEPT
END
Commitment made to
providing proposal
Bid/No Bid
Assessment
BID
LEVEL
3
PM completes
Pre RA Form
Pre RA
approve/reject and
comments via procedure
123
Proposal Level
Confirmed via procedure
123
1 or 2
Notify Risk Review
Group based on Pre RA
Responses
NO
YES
Notify Risk Review
Group immediately after
bid decision
Risk Review Group
provided the Pre RA &
Proposal Documents
GATE ONE
~
~
~
35
~
~
Proposal Management
Plan Updated
Example
Proposal
Decision
Flow Chart
GATE THREE
Proposal Management
Plan updated and sent to
RRG
Gate 3 Risk Checklist Forms
completed, All documents
required via Procedure 123
completed
Do Gate 3
Risk Checklist Forms or updates
to the Procedure 123 Risk Documents
require
RRG engagement
Gate 3 Risk Checklist Forms
completed, All documents
required via Procedure 123
completed
YES
PM provides Gate 3 Risk
Checklist Forms and all
documents per procedure
123.
NO
Project Risk Analysis
completed and
contingencies defined by
procedure 234
PM submits Project Risk
Analysis and other bid data
Risk Review Group
provides remarks to PM
for consideration
Project Risk Analysis
completed and contingencies
determined per procedure
234, then provided to RRG.
Risk Review Group
provides recommendations
on specific Risk Action
Plans and RA
PM determines which
RRG recommendations
to include
Continued
PM supplies revised Project
Risk Analysis and
contingencies to RRG
RRG accepts revised
Project Risk Analysis
NO
Risk Review Group
recommends No Proposal
YES
PM submits contingencies,
PRA and other data
36
Considerations for a Workable Plan
Lessons Learned
 Spending more on resources does not guarantee better results.
 Simple lessons learned system aids with risk identification.
 Sort able risk data for easy identification of project specific risks.
 Project risk management will tell you what worked and what did not.
 Link project risk management with project controls.
37
Observations/Recommendations
System Usage
 Considerations when deciding how often the project risk management
system should be updated:
 How often risk assessment output is needed?
 How much risk is changing?
 During execution – as often as project controls is updated/at least monthly.
 Let managers manage and let the experts apply their expertise.
 Engage risk committee only when well defined screening processes
indicate the project is high risk – this includes execution.
38
Observations/Recommendations
System Usage
 Retain all screening tools filled out by planning/proposal team and by
project execution teams.
 These are subject to audit and should be reviewed for learning purposes if a project
goes wrong.
 Focus executive time on the projects that present the largest risk.
 Not always the largest projects.
 Will help ensure project risk governance over the entire operation.
39
Section 5
WRAP-UP
40
Wrap-up
Conclusion
 Owners and contractors have different perspectives on projects.
 Why rely on a contractor to manage your project risk management system with his
concerns?
 Project risk management, in order to be project specific, should be:
 Project goal oriented.
 Use simple tools focusing on:
 Scope relationships.
 Contracts.
 Project environment.
 Well-structured project risk governance processes:
 “Stress test” each project.
 Focus executive time toward the critical few.
 Provide risk committees that apply independent expert analysis through procedures.
41
DISCLAIMER
K&L Gates includes lawyers practicing out of 38 offices located in North America, Europe, Asia and the Middle East, and represents numerous GLOBAL 500, FORTUNE 100, and FTSE 100
corporations, in addition to growth and middle market companies, entrepreneurs, capital market participants and public sector entities. For more information, visit www.klgates.com.
K&L Gates comprises multiple affiliated entities: a limited liability partnership with the full name K&L Gates LLP qualified in Delaware and maintaining offices throughout the United States, in
Berlin and Frankfurt, Germany, in Beijing (K&L Gates LLP Beijing Representative Office), in Brussels, in Dubai, U.A.E., in Shanghai (K&L Gates LLP Shanghai Representative Office), in Tokyo, and in
Singapore; a limited liability partnership (also named K&L Gates LLP) incorporated in England and maintaining offices in London and Paris; a Taiwan general partnership (K&L Gates) maintaining
an office in Taipei; a Hong Kong general partnership (K&L Gates, Solicitors) maintaining an office in Hong Kong; a Polish limited partnership (K&L Gates Jamka sp.k.) maintaining an office in
Warsaw; and a Delaware limited liability company (K&L Gates Holdings, LLC) maintaining an office in Moscow. K&L Gates maintains appropriate registrations in the jurisdictions in which its offices
are located. A list of the partners or members in each entity is available for inspection at any K&L Gates office.
K&L Gates has offices in: Anchorage, Austin, Beijing, Berlin, Boston, Brussels, Charlotte, Chicago, Dallas, Doha, Dubai, Fort Worth, Frankfurt, Harrisburg, Hong Kong, London, Los Angeles, Miami,
Moscow, Newark, New York, Orange County, Palo Alto, Paris, Pittsburgh, Portland, Raleigh, Research Triangle Park, San Diego, San Francisco, Seattle, Shanghai, Singapore, Spokane/Coeur
d’Alene, Taipei, Tokyo, Warsaw, and Washington, D.C.
This publication/newsletter is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts
or circumstances without first consulting a lawyer.
©2011 K&L Gates LLP. All Rights Reserved.
This document and any recommendations, analysis, or advice provided by Marsh (collectively, the “Marsh Analysis”) are not intended to be taken as advice regarding any individual situation and
should not be relied upon as such. This document contains proprietary, confidential information of Marsh and may not be shared with any third party, including other insurance producers,
without Marsh’s prior written consent. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are
not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modeling, analytics, or projections are subject to inherent
uncertainty, and the Marsh Analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change.
The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Except as may be set forth in an agreement between you
and Marsh, Marsh shall have no obligation to update the Marsh Analysis and shall have no liability to you or any other party with regard to the Marsh Analysis or to any services provided by a
third party to you or Marsh. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or reinsurers. Marsh
makes no assurances regarding the availability, cost, or terms of insurance coverage.
Marsh is one of the Marsh & McLennan Companies, together with Guy Carpenter, Mercer, and Oliver Wyman.
Copyright 2013 Marsh Inc.
All rights reserved.
42