12/12/2022

MSc Mining Engineering course

MinE 5575 Project Management (PMt) (3) Part II Project Management
Engr. Dr. Ishaq Ahmad
Professor
Dept. of Mining Engineering
University of Engineering and
Technology,
Peshawar
Project Risk Management: Ch. 6
Fall Semester, 2022
Risk Management 1 Risk Management 2

1 2

Risk-Defined
 A situation involving exposure to danger;
Project Risk Management  “The combination of the probability of an event and
its consequences”

 “Effect of uncertainty on objectives”

(ISO 31000(2009) /ISO Guide 73:2002)

A DEVELOMENT INSTITUTION’s Uncertainties include events (which may or not happen);

PERSPECTIVE Uncertainties caused by ambiguity or a lack of information; and
Also includes both negative and positive impacts on objectives.
(developed by an international committee representing over 30 countries and is
based on the input of several thousand subject matter experts.)

Risk Management 3 Risk Management 4

3 4

PROJECT RISK Risk Management

MANAGEMENT (PRM)
 Is a Comprehensive System that includes:
 Art and science of planning, organizing, securing  Creating an appropriate Risk management environment
and managing resources (Management) to  Maintaining an efficient Risk Measurement
harness/control/manage the effects of uncertainties  Justifying and Monitoring Process
(Risk) on objectives of a temporary endeavor
 Establishing an Adequate Internal Control Arrangement
(project).
Core of the Strategic Management of the Company
 One of the nine knowledge areas defined in  It is the process whereby organizations methodically
PMBOK (Project Management Body of address the risks attaching to their activities with the goal of
Knowledge) achieving sustained benefit within each activity and across
the portfolio of all activities.

Risk Management 5 Risk Management 6

5 6

1
 12/12/2022

Why Risk Management:

 Sustainability:
OR
 To add maximum sustainable value to all the activities
Risk Management is the;
 Identification;  Factors:
 Assessment; and  To organizes the understanding of the potential upside
 prioritization of risks and downside of all those factors which can affect
 Monitoring  Probability of success: increase
 Probability of failure: reduces
• To minimize, monitor and control -→  Opportunities: to achieving the organization's
probability/impact
overall objectives.
• To maximize → the realization of opportunities
Risk Management 7 Risk Management 8

7 8

ROOTS OF UNCERTAINTY
▪ Stakeholders  Roots of Uncertainty are associated with
▪ Objectives  Who Who are the parties ultimately involved
▪ Variety of Resources, (human, capital, material..) (Executing Agencies, partners, etc..)
(stakeholder)
▪ Project Organizations  Why What do they want (motives,
▪ Scope of work objectives..)
▪ Cost  What What is it the parties interested in
▪ Time (design)
▪ Delivery of Quantified and Qualitative objectives  Which way How is to be done (activities)
▪ Technologies  Wherewithal (means) What resources are required
(resources)
▪ Environment  When when does it have to be done (Schedule,
▪ Regulators timetable)

Risk Management 9 Risk Management 10

9 10

Role of Risk Management

• Risk Identification
• Risk Appraisal/ assessment
• Risk Management
• Focus of downside of risk Types of Risks
• Exploit Opportunities arising from risks

Risk Management 11 Risk Management 12

11 12

2
 12/12/2022

Types of Risk
Systematic,
unsystematic, specific to firm non- SOURCES of RISKS
or assets, diversifiable diversifiable

INTERNAL EXTERNAL

Resources Processes
Project- Competitive
Specific Risks
Inadequate internal
Market Risk controls,
Risks
Political risk
Human errors
Country Risk
Industry- (incompetence,
International Systematic risk can not be Market Risk
specific inexperienced,
Risk diversified however parts Currency Risk
Risks corruption)
Political of the risk can be reduced Interest Rate Risk
IT failure
through risk mitigation and Counter-part Risk
Inadequate human
Legal transfering techniques. Credit or default Risk
Legal resources
Environmental Risk
Operational Risks
Risk Management 13 Legal Risks?? Risk Management 14

13 14

Risk Classification for Risk

Risk…
Management understanding
 Three Types of Risks  It must be integrated into the culture of the
organisation with an effective policy and a programme
Risk that can be eliminated led by the most senior management (i.e. the part of
Those that can be transferred project).
 It must translate the strategy into tactical and
Risks that can be managed operational objectives, assigning responsibility
by the institution throughout the organization with each manager and
employee responsible for the management of risk as
part of their job description.
 It supports accountability, performance measurement
and reward, thus promoting operational efficiency at all
levels.

Risk Management 15 Risk Management 16

15 16

Risk Management Process Steps

 According to the standard ISO 31000 "Risk management -- Principles and
guidelines on implementation," the process of risk management consists of
several steps as follows:
 Establishing the context involves:
1. Identification of risk in a selected domain of interest
RISK MANAGEMENT PROCESS 2. Planning the remainder of the process.
3. Mapping out the following:
 the social scope of risk management
 the identity and objectives of stakeholders
 the basis upon which risks will be evaluated, constraints.
4. Defining a framework for the activity and an agenda for identification.
5. Developing an analysis of risks involved in the process.
6. Mitigation or Solution of risks using available technological, human and
organizational resources.

Risk Management 17 Risk Management 18

17 18

3
 12/12/2022

RISK MANAGEMENT PROCESS (RMP)

Risk Management Principals DEFINE Association
of Project
ISO identifies the following principles of risk management: FOCUS Managers
Risk management should: (APM)
 create value - resources expended to mitigate risk should generally exceed the IDENTIFY Project Risk
consequence of inaction, or (as in value engineering), the gain should exceed the Analysis and
pain Management
STRUCTURE
 be an integral part of organizational processes (PRAM)
 be part of decision making
OWNERSHIP
 explicitly address uncertainty and assumptions
 be systematic and structured
ESTIMATE
 be based on the best available information
 take into account human factors
EVALUATE
 be transparent and inclusive
 be dynamic, iterative and responsive to change
PLAN
 be capable of continual improvement and enhancement
 be continually or periodically re-assessed
MANAGE

Risk Management 19 Risk Management 20

19 20

Define

Define
Focus
Identify
Focus  Define
 Focus
Structure
Ownershi Focus The Risk Management Process:  Identify
Define phase: Define the Project for Risk Management
p Define RMP scope and strategy e.g.  Structure
Purpose Estimate
• testing viability of a project, a qualitative approach may be  Ownershi
Evaluate p
1. Consolidate info about project, e.g., Plan appropriate;  Estimate
 Project Objectives clearly stated, Project scope, Manage • RMP used for budgets, costs, bid prices, a quantitative  Evaluate
Project Strategy approach may be required.  Plan
 Activity Plan (at higher level: Simple), Associated Scope covers issues like who is analyst, why is the formal  Manage
Timing, Resource usage implication specified, RMP required, what is the scope of the relevant risk
Underlying issues like design described, Stake Plan the Process- what time frame? What resources,
holders interest defined what models (techniques) to be applied, what
2. Uncover any gap in consolidation phase (gaps software etc..
shall not exist but in reality needs to be checked) Conclude – in a tactical plan for risk management
process
Document, verify, assess and report
Risk Management 21 Risk Management 22

21 22

 Define
 Focus
Identify  Identify Description of Risk
 Structure
Identify the Risk and Responses:  Ownershi
p
Sources of Risk and response
 Estimate
 Evaluate
Search for Sources of Risks by pondering,  Plan
brainstorming, checklist, surveys etc..  Manage

Classify: Provide suitable structure for defining risks and

responses, aggregating/ disaggregating variables

Document, verify, assess and report

Key Deliverables: Threats and Opportunities

Risk Management 23 Risk Management 24

23 24

4
 12/12/2022

 Define  Define
 Focus  Focus
Analysis Develop the Analysis Structure:
 Identify  Identify
Test Simplifying Assumptions and Provide more complex structure
 Structure when necessary.  Structure
 Ownershi 1. Refine Classification- Review and develop existing classification:  Ownershi
p p
ANALYSIS  Estimate
new classification structure may be defined distinguishing specific
and General responses.
2. Explore Interactions- Review and explore interdependencies or
 Estimate
 Evaluate  Evaluate
 Plan links between project activities, risks, responses and understand  Plan
the reasons of interdependencies;
 Manage  Manage
Structure Ownership 3. Developing ordering- possible revision to the precedence
relationships from project activities assumed in Define Phase.
Needed for setting priorities for project and process planning and
presentation. Also developing ordering of responses.
Document, verify, assess and report; picture, graphs, mathematical
Estimate Evaluate models, etc.

Key Deliverables: Clear understanding of implications of any

important, base plan activities.
Risk Management 25 Risk Management 26

25 26

 Define  Define

Ownership  Focus
 Identify
Estimate  Focus
 Identify
Clarify Ownership Issues: Estimate in Terms of Scenario and
 Structure  Structure
Numbers :
1. To distinguish the ownership and responses that  Ownershi  Ownershi
the client is prepared to own and manage from p 1) Identify areas of the project “reference plan” p
those of other organizations (contractors,  Estimate which may involve significant uncertainty and  Estimate
guarantors…)  Evaluate need more attention in terms of data and  Evaluate
 Plan analysis  Plan
2. To allocate responsibility for managing risks and
 Manage 2) To identify areas of the project reference plan  Manage
responses owned by the client to named which clearly involve significant uncertainty and
individuals; clearly require careful decisions , judgments by
3. To approve ownership/ management allocations the tem,
controlled by contractors, third parties.
Document, verify, assess and report

Document, verify, assess and report Key Deliverables: Select an appropriate risk; scope
and uncertainty (probability, numbers, etc.); refine
Key Deliverables: Scope of policy and plan for earlier estimates.
contracts. Risk Management 27 Risk Management 28

27 28

 Define  Define
Evaluate  Focus Plan  Focus
Evaluate the Numbers and Scenarios:  Identify  Identify
 Structure Plan the Project and the Management of its Risk-  Structure
May be coupled with Estimate Phase
Plans are nothing, planning is everything. Napoleon Bonaparte
 Ownershi  Ownershi
Deliverable highly depends on preceding phases, looping p p
Three main tasks:
back to the earlier phases, before proceeding further is the  Estimate  Estimate
Consolidating and explaining the reference plans and risk analysis.
key decision at this stage.  Evaluate  Evaluate
Writing final report. Involve a lot of craft-based on experience.
 Plan Selecting and evaluating action horizon, other purposes for plans,  Plan
 Manage base plans and contingency plans. Expertise skills, clear grasp of purposes  Manage
Document, verify, assess and report
and possibilities.
Support and convince-what can or can not be done.
Key Deliverables: Diagnosis of any and all difficulties,
Abstraction of analyses, to reach joint decisions. An ultimate
and comparative analysis of the implications of responses
test of risk analyst’s skills.
to these difficulties
Uses all proceeding RMP processes to produce:

Risk Management 29 Risk Management 30

29 30

5
 12/12/2022

 Define

Key Deliverables:
RPM  Focus
 Identify
1) Project Base Plan ready for implementation  Structure
2) Associated risks  Ownership
3) Associated tasks are in relation with the deliverables  Estimate

 Project Base Plan activities, at the detailed level required for  Evaluate

implementation, with timing, precedence, ownership and associated  Plan

resource usage/ contractual terms clearly specified, including milestones  Manage
initiating payments, other events or processes definig expenditures, and
an associated plan expenditure profile;

 Risk assessment in terms of threats and opportunities,

positioned, assessed in terms of impact given no response if viable and
potentially desirable, along with an assessment of alternative potential
proactive and reactive responses;

 Recommended proactive and reactive

contingency plans in activity terms, with timing, precedence, ownership,
and associated resources usage/ contractual terms where appropriate
clearly specified, including trigger points, initiating reactive contingency
Risk Management 31 Risk Management 32
response, and impact assessment

31 32

 Define
RPM  Focus
Generic RMP Manage the Project and its Risk;
 Identify
 Structure
I have never known a battle plan to survive a first contact  Ownershi
• Table 4.1 Generic RMP Chris page 50-51 with the enemy. p
 Estimate
 Evaluate
 Plan
 Manage

Risk Management 33 Risk Management 34

33 34

 Define
PROJECT LIFE CYCLE (PLC)
 Focus

 Four main tasks:

 Identify CONCEPTULIZATION
 Structure • CONCEIVE
1. Manage planned actions; action phase,  Ownershi
implement planned project activities, p PLANNING
basis of project management, translating  Estimate • Design
plans into actions seldom straightforward.  Evaluate • Plan
Routine project planning meetings .  Plan • Allocate
2. Monitor; Formal and informal monitoring  Manage
at different levels and change control EXECUTION
process at various levels. End-of project • Execute
reviews involve higher level monitoing
3. Manage Crisis
4. Roll action plans forward TERMINATION
• Deliver
• Review
Risk Management 35 • Support Risk Management 36

35 36

6
 12/12/2022

Project Life Cycle

PLC Start

Abort Conceive

Design
Cumulative Cost

Plan

Allocate

Execute

KEY
Deliver
Primary Progression flow

Other Review Primary feedback loops

Projects

Concept Planning Execution Termination Secondary feedback loops

Support
Time Tertiary feedback loops

Risk Management 37 Risk Management 38

37 38

Application of Risk Management in PLC

Application of Risk Management in PLC
Stages Steps
Stages Steps Allocate Evaluating alternative procurement strategies
Conceive Identifying stakeholders and their expectations Defining contractual terms and conditions
Identifying appropriate performance objectives Determining appropriate risk sharing arrangements
Assessing the implications of contract conditions
Design Testing the reliability of design Assessing and comparing competitive tenders
Testing the feasibility of design Determining appropriate targets costs and bid prices for
Setting performance criteria contracts
Assessing the likely cost of a design Estimating likely profits following project termination
Assessing the likely benefits from a design
Assessing the effect of changes to a design Execute Identifying remaining execution risks
Assessing implications of changes to design or plan
Plan Identifying and allowing for regulatory constraints Assessing the Revising estimates of cost on completion
feasibility of plan Revising estimates of completion time of execution stage
Assessing the likely duration of a plan
Assessing the likely cost of the plan Deliver Identifying risks to delivery
Determining appropriate milestones Assessing feasibility of delivery schedule
Estimating resources required Assessing feasibility of meeting performance criteria
Assessing the effect of changes to the plan Assessing reliability of testing equipment
Assessing requirement for resources to modify project
Determining appropriate levels of contingencies funds and resources
deliverable
Risk Management 39 Assessing availability
Risk Management of commissioning facilities 40

39 40

PLC- Phases of RMP

Stage of Define focus Identify Structure Ownership Estimate Evaluate Plan Manage
Review Assessing effectiveness of risk management strategies PLC Project
Identifying of realized risk management strategies
Conceive
Support Identifying extent of future liabilities
Assessing appropriate level of resources required Design
Assessing profitability of the project Plan
Allocate

Execute

Deliver

review
Support

Risk Management 41 Risk Management 42

41 42

7
 12/12/2022

10 steps
Risk Matrix and Developing Methodologies
STEP-1 STEP-2
From WBS and interviews, Describe the risk in detail-
• Risk matrix: as a tool to risk management; identify project risk/ tasks what is about to happen
with inherent risks and why

• Risk matrix: NOT designed to establish

another list to do; and STEP-3 STEP-4
Determine impact on Estimate the chance that
schedule, cost quality, the risk will happen; what is
• Its purpose is to help plan and schedule so customer satisfaction the probability

that all contingencies are embedded into the

STEP-5
project core.
Rank risks in terms of
severity-overall how severe
is the risk

Risk Management 43 Risk Management 44

43 44

STEP-8
STEP-7
STEP-6 Estimate schedule  Step-1: identify tasks with risks. The overall
Prepare
Identify root cause impacts using MS project risk is the sum of the individual risks
contingenc plan
for each risk Project PERT associated with product development plus the risk
for high risks
analysis
associated with the market for the product.
STEP-10  Work Breakdown Structure (WBS) at each level
STEP-9  Each task/component is reviewed and ranked in
Identify triggers
Incorporate all for applying terms of potential risks
contingencies into
schedule; establish
contingencies  All risks racked up for risk matrix.
buffers
buffers  Some risks disappear when intensities are
dimensioned, other are ranked high and addressed
with contingency planning.
Risk Management 45 Risk Management 46

45 46

STEP-2: Describe risk: A statement covering what could go

wrong with the task.
 What-if analysis
STEP-3: Determine Impact: is the change that could occur in
key project indicators when risk occurs.

STEP-4: Estimate chance/ probability of risk event:

 Ranking risk in terms of 25, 50, 75 percent chance of
occurrence
 Mathematical probabilities
 Stakeholders views/ perceptions of risk ranking , past history
of similar projects

Risk Management 47 Risk Management 48

47 48

8
 12/12/2022

Probability of Occurrence-threat Probability of Occurrence-Opportunity

e.g. Rebate in
e.g. Flood tax rate in a
particular
regime

e.g.
Earthquake

e.g. Marshal
Law in
Pakistan

Risk Management 49 Risk Management 50

49 50

STEP-5: Rank Risk by Severity:

Risk may be high in probability but with minimal
severity, thus cost of contingency is low.
Low-probability risk may have high severity, eg., a key
supplier go out of business

STEP-6: Identify root-cause:

Analytic exercise that can eventually help manage risk
Identifying rot causes in schedules and task
definitions.

STEP-7: Prepare contingency plan:

A schedulable task addresses the likelyhood that a
linked task will not work.
Designed to correct an event or action that delays the
schedule or impacts the quality of work. Risk Management
Risk Management 51 52

51 52

STEP-8: Estimate schedule impacts using MS Project

software:
• Apply theory of constraints
STEP-10: Identify triggers for applying buffers:
Identify events or indicators that will trigger a buffer action
• When a predictable source or bottleneck is identified in based on risk.
the planning process, creating a risk, the scenario Symptoms and trigger action
planning is done (worst case-pessimistic; optimistic;
expected) Risk may trigger a buffer
How decisions will be made to help avoid last minute “crisis
management.
STEP-9: Incorporate risk in schedules and establish
buffers/barriers:
• New pessimistic risk-based schedule is not base-lined into
project but buffertime equal to difference between the
expected and pessimistic durations is withheld for later
use.
Risk Management 53 Risk Management 54

53 54

9
 12/12/2022

SAMPLE MATRIX Building a Risk Management Culture

Risk Item Description of Impact Severity Contingency plan Ranki
Risk (technical, (high, ng
schedule, medium ,  Prepare the organization
cost, quality low)  Risk: the Organizational Culture Issue
 A culture of risk management competencies
Testing Critical function Technical High Formal testing plan 5  Link corporate and project planning
needed by new Test plan
 Training and Development in Risk
system may be Test cases
overlooked if Testing schedule  Project Experience
not tested Method to log test  Learning Organization
properly results
 Strong Functional managers Addresse Quality
Termination, Project Cost/ Quality Low Enough research 1
if applicable termination should have been  Building the Culture
needs to be done to terminate the  Addressing Risk with scenarios
done earl as not project before it got to  Performance incentives
lose money and far
time  The Risk of “Blinders”
 Personal, Project and Organization Risk
Risk Management 55 Risk Management 56

55 56

Culture-Internal risk to projects Preparing the Organization

• Building culture is a process of developing: • Culture is the way of doing work
• People in Organization who thinks and plan
• Risk management is likely to fail if organization
projects effectively
does not address risk the way work is done;
• Support by company systems
• Risk management/ risk matrix is part of
• Encourage people to think and plan effectively
planning process in organizations.
• Culture of what-if approach
• Inculcating a culture of theoretical (could
happen) and practical risks (likely to happen)

Risk Management 57 Risk Management 58

57 58

Culture Manag Train

CHAPTER 7
e
• Risk is our • Require • Train
way of risk in people to
doing planning see risk
business documents

BUDGETING
Vision Policy Priority Method Educate

Establish vision of risk Write manuals Develop online risk

based decisions Use risk to help select training program
Connect to businesses Use risk to help manage Use electronic
success Identify acceptable template for
methods training and cases
Risk Management 59 Risk Management 60

59 60

10
 12/12/2022

Budgeting
Budgeting Continued
• A plan for the costs of project resources • The budget for an activity also implies
• A budget implies constraints management support for that activity
• Thus, it implies that managers will not get • Higher the budget, relative to cost, higher the
everything they want or need managerial support
• The budget is also a control mechanism
– Many organizations have controls in place that
prohibit exceeding the budget
– Comparisons are against the budget

7-61 Risk Management 7-62 Risk Management

61 62

Estimating Project Budgets Estimating Project Budgets Continued

• On most projects • Like any forecast, this includes some
– Material + Labor + Equipment + Capital + uncertainty
Overhead + Profits • There is uncertainty regarding usage and price
• In other words – Especially true for material and labor
– Resources + Profits • The more standardized the project and
components, the lower the uncertainty
• So we are left with the task of forecasting
• The more experienced the cost estimator, the
resources
lower the uncertainty

7-63 Risk Management 7-64 Risk Management

63 64

Rules of Thumb Estimating Budgets is Difficult

• Some estimates are prepared by rules of • There may not be as much historical data or
thumb, e.g. none at all
– Construction cost by square feet
• Even with similar projects, there may be
– Printing cost by number of pages
significant differences
– Lawn care cost by square feet of lawn
• These rules of thumb may be adjusted for • Many people have input to the budget
special conditions
• However, this is still easier than starting the
estimate from scratch

7-65 Risk Management 7-66 Risk Management

65 66

11
 12/12/2022

Types of Budgeting Top-Down Budgeting

• Top-down • Top managers estimate/decide on the overall
• Bottom-up budget for the project
• Negotiated • These trickle down through the organization
where the estimates are broken down into
greater detail at each lower level
• The process continues to the bottom level

7-67 Risk Management 7-68 Risk Management

67 68

Advantages Disadvantages
• Overall project budgets can be set/controlled • Lower level management thinks that the top
very accurately management might under estimate the
– A few elements may have significant error project cost
• Management has more control over budgets • Leads to low level competition for larger
• Small tasks need not be identified individually shares of budget

7-69 Risk Management 7-70 Risk Management

69 70

Bottom-Up Budgeting Advantages

• Project is broken down into work packages • Greater buy in by low level managers
• Low level managers price out each work • More likely to catch unusual expenses
package
• Overhead and profits are added to develop
the budget

7-71 Risk Management 7-72 Risk Management

71 72

12
 12/12/2022

Disadvantages Work Element Costing

• Constructed as per WBS elements
• People tend to overstate their budget – Straightforward but tedious process
requirements – Each element is evaluated for its resource
requirement
• Management tends to cut the budget
• Labor rates include overhead and personal time
• Direct costs usually do not include overhead
• General and administrative (G&A) charge

7-73 Risk Management 7-74 Risk Management

73 74

An Iterative Budgeting Process– Category Budgeting Vs

Negotiation-in-Action Program/Activity Budgeting
• Most projects use some combination of top- • Organizations are used to budgeting (and
down and bottom-up budgeting collecting data) by activity
• Both are prepared and compared • These activities correspond to “line items” in
the budget
• Any differences are negotiated – Examples include phone, utilities, direct labor,…
• Projects need to accumulate data and control
expenses differently
• This resulted in program budgeting

7-75 Risk Management 7-76 Risk Management

75 76

Typical Monthly Budget

Project Budget by Task & Month

7-77 Risk Management 7-78 Risk Management

Table 7-1 Table 7-2

77 78

13