Risk Event-what might happen to harm/benefit the project

Risk Probability-what is the likelihood for event to occur

Risk Impact-Extent of loss or amount at stake

What are the possible gains

What is the impact on cost, schedule, quality

• Magnitude dependent
• The greater the payoff, the more the risk is acceptable e.g. Fast Track vs. Conventional Project
• Value Based
• Everyone sees risks differently. Everyone has a different tolerance level for risk. e.g. experience, owner's loss:contractor's gain
• Time dependent
• Risk is a future event, time affects its perception. What is seen today as a risk may not be tomorrow. e.g. Labour Market

Risk can be measured and outcome can be described within established confidence limits

Uncertainty is state of nature characterized by absence of any information related to the desired outcome-complete absence of information or nothing is know about the outcome

Uncertainty can not be measured

Probabilities can not be assigned to uncertanity

Uncertainty can manifest throughout the project life cycle

• Variability
• Ambiguity
• Bias

Is associated with the lack of clarity becasue of:

• Behavior of stakeholder
• Lack of data (e.g. Geotechnical)
• Lack of details (e.g. Basis of Estimate)
• Lack of scope etc.

Known/Known

• Everything about the situation is known

Known/Unknown (one dimension is known)

• Identified, assessed and quantified risks covered by Contingency Plan
• Quantity Variations
• Changes in Labour/material rates

Unknown/Unknown (two dimensions are unknown)

• Not identified, impossible to predict

Covered by Management Reserve

• Owner put a hold on the project
• Major change of scope by owner
• Senior management changes the project objectives
• Change is technical specification due to changed Legislation

• A situation or condition that is likely to cause harm or a loss under certain circumstance
• Is a pre-existing condition not an event
• Has associated risks
• Can't eliminate but the risk associated with it can be mitigated or eliminated 

• provides an approach by which uncertainty can be understood, assessed, and managed with in projects
• objectives are to increase the probability and impact of positive events and decrease the probability and impact of negative events.
• process of conducting risk management plan, identification, analysis, response planning, and monitoring and controlling on a project

Practice Standard for Project Risk Management

ISO 31000 Risk Management Principals and Guidelines

HB 4360:2004 Risk Management Guidelines

1. Plan risk Management
2. Identify Risks
3. Qualitative Analysis of Risks
4. Quantitiative Analysis of Risks
5. Risk Response Planning
6. Monitoring & Control

• Methodology
• Describe the what will be used (approaches, looks, and data source)
• Roles and Responsibilities
• Define the lead, support, and team members for each type of risk activity and their responsibility
• What the role of the estimator will be
• Budgeting
• Estimated funds needed for risk management (based on assigned resources) for inclusion in the cost baseline, and
• Protocols to withdraw contingency
• Timing
• Define when and how often the risk management processes will be performed throughout the project to:
• Manage cost and schedule contingency reserves,
• Support project decisions
• Risk Categories
• Groups potential risk using a RBS (Risk Breakdown Structure)
• Helps the team to look at the many sources from which, project risk may arise in a risk identification exercise
• Probability and Impact Matrix
• Maps the probability of risk occurrence and its impact on project scope, schedule, cost and quality
• Reporting Formats
• Define how the outcomes of the risk management process will be documented, analyzed, and communication
• Describes the content and form of the risk register and risk reports
• Tracking
• Define how risk activities will be tracked and recorded, and how the risk management processes will be audited

• Risk Register
• List and describe the identified risks

(if CAUSE exists, EVENT may occur leading to EFFECT)

• identifies risks
• root causes of risks
• list of potential responses
• risk owners, symptomms and warning signs
• relative rating of list of risks
• risks requiring responses
• risks requiring further ananlysis and response
• Watch list (low risks)

1. Establish an understanding of level of risk and it's nature.
• Gather more information about project risks
2. Prepare a list of prioritized risks
• Not all risks demand same consideration
3. Identify risks for additional analysis and response planning

• where quantitative precision is not required
• to rank the risks according to their impact
• where numerical data is unavailable or data is inadequate to perform quantitative analysis
• where level of efforts to perform quantitative analysis cannot be justified

• Involves numerical analysis of probability of each risk and it's impacts on project objectives.
• Calculating the overall project risk
• It estimates the implication of all quantified risks on Project Objectives.

• Assess the probability of achieving specific Project Objectives
• Numerically identify Risks requiring greatest attention
• Evaluation of risks to assign Cost or Schedule Contigency.
• Identify realistic project completion costs and schedule

• After Qualitative Risk Analysis
• After Risk Identification

• Interviewing-Range Estimate
• Probability distributions 
• used to display possible outcomes of the decision tree
• Sensitivity analysis
• Expected monetary value analysis-Decision Tree Diagram
• Modeling and simulation
• simulation use the Monte Carlo Technique

• statistical approach for calculating the average expected outcome when the future is uncertain
• EMV - Value of Outcome x Probability of occurrence
• uses a number of uncertain possible scenarios
• Opportunities have positive values and Loss have negative values
• calculated for each scenario-values can be added to create EMV for total risks for a project
• Used as the basis for Decision Tree approach

• Process of developing options and actions to enhance opportunities and to reduce threats to scope, schedule, cost and quality

1. Risk Avoidance-project team eliminated the threat entirely and protect the project
2. Risk Transference-project team shifts the impanct of the threat to a third party, together with ownership and it involves payment of a risk premium to the 3rd Party to manage the risk
3. risk Mitigation-project team acts to reduce the probability of occurrence and/or impact of the risk
4. Risk Acceptance-project team acknowledges the risk, but do not take any action unless the risk occurs

Passive acceptance: If it happens, it happens

Active acceptance: Establish a contingency action plan for the risk

1. Exploit-selected for risk with potential positive impacts. e.g. assigning the most taleted resources to the project from the organization
2. Share- sharing a positive risks involves allocating some or all of the ownership of the opportunity to a 3rd Party e.g. joint ventures, risk-sharing partnerships
3. Enhance- used to increase the probability and positive impacts to opportunities
4. Accept- accepting an opportunity, and taking advantage of the opportunity if it arises, BUT not actively pursuing it