PM652: Project Selection and Initiation
Learning Module 6: Project Proposal Risk
Introduction to Risk
In PM650 you were introduced to some of the PM concepts. In learning module our focus is on project risk and
applied approach. Specifically, we will address some important risk management issues in the context of your
project proposals. Further, we will research and evaluate a variety of risk tools. Then each team will investigate
the use of those tools for assessing the potential risks of the project proposal from the previous learning mdule
and devise a strategy for managing those risks in a risk register.
According to the PMBOK, a risk is “an uncertain event or condition that, if it occurs, has a positive or negative effect
on the project’s objective.” Every project has risks that must be identified, assessed and managed throughout its
entire life cycle.
I included below a passage from one of my research articles:
Risk is generally seen as an exposure to a situation that leads to unfavorable outcome. However, a project risk is an
occurrence that can be either positive or negative. If left unaddressed or ignored, specifically, the negative risk, it could
potentially interfere with the successful completion of the project and may result in time and cost overruns. The project
manager and her team can evade pitfalls during project execution by identifying risks and then analyzing, and
developing strategies for minimizing the impact of risk during the project planning stage itself.
Project risk can occur from two sources; first, uncertainties and unknowns associated with the project, and second,
actions (or inactions) of people who are either directly or indirectly involved with the project. By definition, a project is
a new endeavor and thus, risk is inevitable due to uncertainties and unknowns associated with it. What makes it
challenging to deal with risks is that uncertainty is inherently a difficult topic; it can be computationally overwhelming
(Elmaghraby, 2005) unless simplified models are adopted to address risk.
Risks vary depending on the type of project, industry in which it is managed, previous experience in managing similar
projects and how effectively it is managed, and the scope and size of the project. Needless to say, project managers
must recognize that risk is integral to project and will have to make sure that a good risk management plan is in place.
A friend and a former colleague from the engineering industry argues that a project risk has its roots from three
levels: 1) inherent risk 2) owner’s risk, and 3) execution risk. It is important to identify and manage risks that
originate from all these three levels at the proposal stage itself. One should examine the inherent risk (nature
and complexity of the project) and to some extent, owner’s risk (owner’s ability to deal with the project risk) of
a project during the project selection process. Unfortunately, we identify more risks during the execution stage
if project proposal selection is not thorough that can lead to planning and implementation issues.
We begin the process by formulating an initial risk profile and a preliminary risk management strategy that can
be considered during the project proposal selection process. The input to this process includes nature of project
(uncertainty and unknown), enterprise environmental factors, organization process assets, and the preliminary
scope statement and the other elements of the project management plan.
Many of you do not have the industry experience and information for this project and will have to do some
research about the industry and the type of projects you have recommended. This actually puts you in the
position of having to consider the often-overlooked steps in risk management:
-
What are the standards in this industry?
What type of processes and procedures would you hope to have to identify potential risks?
Can the processes and procedures that you do have in hand be modified to fit your needs here?
PM 652: Project Initiation and Selection
Risk Strategy vs. Risk Management Plan
Even where strategic plans exist, a risk strategy itself is usually considered the tactical procedure that would be
put into place to actually execute the components of the risk management plan.
Risk strategy
It is the thought process about how conceptually we will deal with the project risk in an organization; the
strategy would depend on whether organizations and individuals could be risk averse or risk prone. For example,
certain organizations would not like to do business in some geographical locations and a few may not like to do
business in a nation due to political risks.
Risk Management Plan
Risk management plan is project-specific whereas Risk Strategy is developed at different levels: organization,
project portfolio management, programs, and projects.
Risk Management plan includes identification risks (brain storming, historical data, planning) and developing a
risk register with priority list based on qualitative analysis (probability and impact). Risks with higher priority are
subjected to further analysis using quantitative methods; then one of the four (avoid, transfer, mitigate, accept)
approaches will be considered in dealing with it. Risk management plan would also include allocation of
resources and development of action plan to manage risks.
A project plan would contain a number of documents including the WBS, scope statement, budget, schedule, as
well as human resources, communication, quality and risk plans as components of the comprehensive project
plan. Many elements of the plan would be organized around the WBS work packages. In fact, the best way to
identify all the risks associated with a project is by identifying risks for each WBS element, after the WBS is
completely and accurately developed.
Since you are not yet in the planning activities yet for this assignment, instead of focusing on detailed work
packages, you will be focusing on higher-level deliverables and address the project risks in a broader perspective
rather than developing an actual and comprehensive risk management plan. Also, it is practical to propose a risk
strategy that would follow a generic approach as opposed to developing specific tasks, which you will deploy to
manage project risks.
A strategy is necessary at the proposal or initiation phase to set the tone for risk management and create enough
awareness for decision makers to act on the project. You will identify major risks areas and what set of actions
and tools you would want to deploy in managing them. When you get into planning phase you will plan for
specific risk management tasks, incorporate them in the WBS, schedule as many or them as possible, and, you
will assign resources to accomplish them.
Types of Risk
Note that the PMBOK address both positive and negative effects of risk. Positive risk is an opportunity in my
vocabulary.
Just as you want to plan how to reduce the likelihood of negative impacts to your project, you also want to be
in a position to leverage any positive impacts into beneficial outcomes.
Risk assessment and management are concerned mainly with the identification of uncertainties that threaten a
project’s cost, schedule and scope parameters. Consequently, project managers may occasionally compromise
with meeting the customer’s acceptance criteria.
© Master of Project Management, Western Carolina University
2 of 5
PM 652: Project Initiation and Selection
Risk identification
You may adopt different approaches to identify project risk:
•
•
•
While documenting your assumptions and constraints for the project, you may consider listing your
assumptions as negative statements rather than positive statements (for example, resources may not be
available for the activity YY) and to determine project risks.
Another approach could be ‘planning for project failure rather than success.” Does it make sense?
One of the most reliable tools to use in the determination of the risk, even at this high level, is the WBS. All
deliverables reflected in the WBS are within the scope of the project (and conversely, if it’s not within the
WBS, it’s not within scope). You have a relatively simple approach to systematically analyzing all parts of a
proposed project for risk identification.
Risk Analysis
You will realize from your readings that there are both qualitative and quantitative methods for assessing risks.
Two components of a risk assume importance: probability and impact. What is the likelihood that this event will
happen (probability)? And what will be the impact on project?
You may consider a combination of various approaches to strengthen the validity of your analysis. Whenever
possible, the analysis of risk should be a collaborative effort of the project team.
Once these initial risks have been identified and analyzed, preparing a high-level strategy for managing those
risks during the initiation phase of the project ensures that at least some attention will be focused on the
project’s risk profile during the project selection process. This strategy will form the foundation for the further
elaboration of a risk management plan as the project moves into the planning phase.
The International Journal of Risk Assessment and Management states, “project-based industries should
integrate the “strategy of risk management” (Leopoulos, p. 67) during the bidding process in order to invest in
bids leading to profitable projects.
In fact, I advocate for pre-bid risk assessment to make a decision whether to bid or not.
© Master of Project Management, Western Carolina University
3 of 5
PM 652: Project Initiation and Selection
PM652 Learning Module 6 Assignments
Reading Assignments:
-
A presentation made by Dr. Anantatmula to the Corporate Risk Management Cell of a $14 billion global
engineering company
PMBOK Chapter on Risk Management
Gray and Larson’s Chapter on Managing Risk in Project Management
Leopoulos Article: Applicable Methodology for Strategic Risk Assessment
As a Team:
Assignment 6:
This assignment requires each team to research and prepare a 7-10 slide PowerPoint presentation on at least 3
risk management process tools. Your audience: the other teams who want as much in-depth, relevant
information about your risk tool as they will need to have to identify risks in their projects. The slides themselves
should not contain extensive information – just talking point bullets for the presenter. The Notes area of each
slide should contain the extensive information – the meat of the report to be given by a presenter (not within
the scope of this assignment.)
Required PowerPoint Presentation Format (one for each tool):
-
Name of the Risk Management Tool or Technique
What is it?
What does it accomplish?
How do I use it?
Why is it appropriate?
Example(s) (with interpretation)
References
You may consider any three of the following Risk Tools:
1.
2.
3.
4.
5.
6.
7.
8.
9.
Documentation Reviews - Expected Monetary Value.
Information Gathering – External (outside the organization) Expert Judgment/Delphi.
Variance and Trend Analysis.
Information Gathering – Root Cause Analysis, Ishikawa Diagram.
Checklists and Assumptions Analysis.
RBS and Risk Register
Analytical Hierarchy Process
NTCP Model by Shenhar
Knowledge Management
Notes:
-
-
You are also expected to draw on outside research sources to supplement the information provided in the
notes area of your report. Be sure to cite any articles used in creating the presentation in the slides (if
appropriate) and certainly in the Notes area - in APA format of course. Put an alphabetized list of References
in the last slide (not included in the 7-10 slides limit.) If you do not use a reference (within parentheses) in
your slides, the source should NOT be listed in the list of References.
You may embed graphs, charts, short video clips, etc. within the slides themselves for in-depth information
or for illustration. Again, the embedded information does not count against the number of slides.
Create a one-document Meeting Log for this assignment and post it in your week 6 team discussion space
as meeting log.
© Master of Project Management, Western Carolina University
4 of 5
PM 652: Project Initiation and Selection
© Master of Project Management, Western Carolina University
5 of 5