In finance, risk management is a technique for measuring, monitoring and controlling the financial risk on a firm's balance sheet. See value at risk.
In project management, a risk is a possible event or circumstance that can have negative influences on a project. Its influence can be on the schedule, the resources, the scope and/or the quality.
When a risk escalates, it becomes a liability. A liability is a negative event or circumstance that is hindering the project.
One method of managing risk to business projects is to perform a risk assessment. Some of the processes for assesing risk include the following (the parentheses contain some of the jargon used to refer to them).
- Choosing unique identifiers for refering to the same risk in company or project documents (identification).
- Describing the risk and how it could become a liability (description).
- Assessing the consequences of that (effect).
- Considering what precautions could be taken to prevent it (precaution).
- Drawing up contingency plans or procedures for handling it (contingency).
- Categorising the risk as new, ongoing or closed (risk status)
- Estimating the probability of the risk becoming a liability (Risk escalation probability, P)
- Estimating the consequences in terms of time for the project (Schedule impact, S)
In addition, every probable risk can have a pre-formulated plan to deal with it to deal with it's possible consequences (to ensure contingency if the risk becomes a liability).
From the information above and the average cost per employee over time, or Cost Accrual Ratio, a project manager can estimate
- the cost associated with the risk if it arises, estimated by multiplying employee costs per unit time by the estimated time lost (cost impact, C where C = CAR * S)
- the probable increase in time associated with a risk (schedule variance due to risk, Rs where Rs = P * S):
- Sorting on this value puts the highest risks to the schedule first. This is intended to cause the greatest risks to the project to be attempted first so that risk is minimised as quickly as possible.
- This is slightly misleading as schedule variances with a large P and small S and visa-versa are not equivalent. (The risk of the HMS Titanic sinking vs. the passengers' meals being served at slightly the wrong time).
- the probable increase in cost associated with a risk (cost variance due to risk, Rc where Rc = P*C = P*CAR*S = P*S*CAR)
- sorting on this value puts the highest risks to the budget first.
- see concerns about schedule variance as this is a function of it, as illustrated in the equation above.
Risk in a project or process can be due either to special causes of deviation or common causes of deviation and requires appropriate treatment. That is to re-iterate the concern about extremal cases not being equivalent in the list immediately above.
Limitations
On problem with the concept is that everything is a risk because everything could cause delays. Risks to a project potentially include hurricanes and earthquakes, everyone getting the flu, political unrest, and so on. Risk management has little ability to deal with these issues due to the finite time available to draw up plans. When these events happen, everyone usually must do planning again.
Nuisance risks sometimes mask important risks. Many business plans and financial statements point out that key corporate offices might die. That is a valid risk. But, dealing with the market is probably a bigger risk. And poor marketing is more likely to occur than the death of officers. The business plans use one risk to obscure the other risk.
See also
