Shared Flashcard Set


Risk and Risk Management
Undergraduate 1

Additional Management Flashcards




What is Risk?
Project risk is an uncertain event or condition that, if it occurs, has a positive or a negative impact on projects's objectives (PMI)
What are the 2 dimensions/attributes of the risk?
Will have a positive or negative impact.
What are some risk characteristics?

Risk Event-what might happen to harm/benefit the project

Risk Probability-what is the likelihood for event to occur

Risk Impact-Extent of loss or amount at stake

What are the possible gains

What is the impact on cost, schedule, quality

Risk is generally?
  • Magnitude dependent
    • The greater the payoff, the more the risk is acceptable e.g. Fast Track vs. Conventional Project
  • Value Based
    • Everyone sees risks differently. Everyone has a different tolerance level for risk. e.g. experience, owner's loss:contractor's gain
  • Time dependent
    • Risk is a future event, time affects its perception. What is seen today as a risk may not be tomorrow. e.g. Labour Market
What are the difference between Risk and Uncertainty?

Risk can be measured and outcome can be described within established confidence limits

Uncertainty is state of nature characterized by absence of any information related to the desired outcome-complete absence of information or nothing is know about the outcome

Uncertainty can not be measured

Probabilities can not be assigned to uncertanity

Uncertainty can manifest throughout the project life cycle

What are the three sources of uncertainty?
  • Variability
  • Ambiguity
  • Bias
What is Varability?
It is the deviation in the performance measures or project success goals e.g. Cost, duration, Safety etc. Nothing is known about the outcome.
What is Ambiguity?

Is associated with the lack of clarity becasue of:

  • Behavior of stakeholder
  • Lack of data (e.g. Geotechnical)
  • Lack of details (e.g. Basis of Estimate)
  • Lack of scope etc.
Risk types are?


  • Everything about the situation is known

Known/Unknown (one dimension is known)

  • Identified, assessed and quantified risks covered by Contingency Plan
    • Quantity Variations
    • Changes in Labour/material rates

Unknown/Unknown (two dimensions are unknown)

  • Not identified, impossible to predict

Covered by Management Reserve

    • Owner put a hold on the project
    • Major change of scope by owner
    • Senior management changes the project objectives
    • Change is technical specification due to changed Legislation
What is Risk Tolerance?
The amount of risk that is acceptable to the individual, organization or client.
What is a hazard?
  • A situation or condition that is likely to cause harm or a loss under certain circumstance
  • Is a pre-existing condition not an event
  • Has associated risks
  • Can't eliminate but the risk associated with it can be mitigated or eliminated¬†
What is Project Risk Management?
  • provides an approach by which uncertainty can be understood, assessed, and managed with in projects
  • objectives are to increase the probability and impact of positive events and decrease the probability and impact of negative events.
  • process of conducting risk management plan, identification, analysis, response planning, and monitoring and controlling on a project
Project Risk Management Standards are?

Practice Standard for Project Risk Management

ISO 31000 Risk Management Principals and Guidelines

HB 4360:2004 Risk Management Guidelines

What are the SIX STEPS of Project Risk Management?
  1. Plan risk Management
  2. Identify Risks
  3. Qualitative Analysis of Risks
  4. Quantitiative Analysis of Risks
  5. Risk Response Planning
  6. Monitoring & Control
What is Plan Risk Mangement?
Process of defining how to conduct risk management activities for the project.
What are the outputs of Plan Risk Management (Step 1)?
  • Methodology
    • Describe the what will be used (approaches, looks, and data source)
  • Roles and Responsibilities
    • Define the lead, support, and team members for each type of risk activity and their responsibility
    • What the role of the estimator will be
  • Budgeting
    • Estimated funds needed for risk management (based on assigned resources) for inclusion in the cost baseline, and
    • Protocols to withdraw contingency
  • Timing
    • Define when and how often the risk management processes will be performed throughout the project to:
      • Manage cost and schedule contingency reserves,
      • Support project decisions
  • Risk Categories
    • Groups potential risk using a RBS (Risk Breakdown Structure)
    • Helps the team to look at the many sources from which, project risk may arise in a risk identification exercise
  • Probability and Impact Matrix
    • Maps the probability of risk occurrence and its impact on project scope, schedule, cost and quality
  • Reporting Formats
    • Define how the outcomes of the risk management process will be documented, analyzed, and communication
    • Describes the content and form of the risk register and risk reports
  • Tracking
    • Define how risk activities will be tracked and recorded, and how the risk management processes will be audited
What are the Identify Risk Outputs (Step 2)?
  • Risk Register
    • List and describe the identified risks

(if CAUSE exists, EVENT may occur leading to EFFECT)

What does the Risk Register consist of?
  • identifies risks
  • root causes of risks
  • list of potential responses
  • risk owners, symptomms and warning signs
  • relative rating of list of risks
  • risks requiring responses
  • risks requiring further ananlysis and response
  • Watch list (low risks)
What is the Perform Qualitative Risk Analysis?
Is process of prioritizing risks for further analysis or action by assessing and combining their probability of occurrences and impact.
What are the goals of Qualitative Risk Analysis?
  1. Establish an understanding of level of risk and it's nature.
    • Gather more information about project risks
  2. Prepare a list of prioritized risks
    • Not all risks demand same consideration
  3. Identify risks for additional analysis and response planning
When do you use Qualitative Risk Analysis?
  • where quantitative precision is not required
  • to rank the risks according to their impact
  • where numerical data is unavailable or data is inadequate to perform quantitative analysis
  • where level of efforts to perform quantitative analysis cannot be justified
What is Perform Quantitiative Risk Analysis(Step 4)?
  • Involves numerical analysis of probability of each risk and it's impacts on project objectives.
  • Calculating the overall project risk
    • It estimates the implication of all quantified risks on Project Objectives.
What the goals of Quantitative Risk Analysis?
  • Assess the probability of achieving specific Project Objectives
  • Numerically identify Risks requiring greatest attention
  • Evaluation of risks to assign Cost or Schedule Contigency.
  • Identify realistic project completion costs and schedule
When do you perform Quantitative Risk Analysis?
  • After Qualitative Risk Analysis
  • After Risk Identification
What are some of the Tools & Techniques of Perform Quantitative Risk Analysis?
  • Interviewing-Range Estimate
  • Probability distributions¬†
    • used to display possible outcomes of the decision tree
  • Sensitivity analysis
  • Expected monetary value analysis-Decision Tree Diagram
  • Modeling and simulation
    • simulation use the Monte Carlo Technique
What is the definition of Expected Monetary Values (EMV)?
  • statistical approach for calculating the average expected outcome when the future is uncertain
  • EMV - Value of Outcome x Probability of occurrence
  • uses a number of uncertain possible scenarios
  • Opportunities have positive values and Loss have negative values
  • calculated for each scenario-values can be added to create EMV for total risks for a project
  • Used as the basis for Decision Tree approach
What is Plan Risk Responses?
  • Process of developing options and actions to enhance opportunities and to reduce threats to scope, schedule, cost and quality
What are the 4 Strategies for dealing with negative risks or threats?
  1. Risk Avoidance-project team eliminated the threat entirely and protect the project
  2. Risk Transference-project team shifts the impanct of the threat to a third party, together with ownership and it involves payment of a risk premium to the 3rd Party to manage the risk
  3. risk Mitigation-project team acts to reduce the probability of occurrence and/or impact of the risk
  4. Risk Acceptance-project team acknowledges the risk, but do not take any action unless the risk occurs
What is Passive acceptance and Active acceptance?

Passive acceptance: If it happens, it happens

Active acceptance: Establish a contingency action plan for the risk

What the 4 stategies for positive risks or opportunities?
  1. Exploit-selected for risk with potential positive impacts. e.g. assigning the most taleted resources to the project from the organization
  2. Share- sharing a positive risks involves allocating some or all of the ownership of the opportunity to a 3rd Party e.g. joint ventures, risk-sharing partnerships
  3. Enhance- used to increase the probability and positive impacts to opportunities
  4. Accept- accepting an opportunity, and taking advantage of the opportunity if it arises, BUT not actively pursuing it
What is Control Risks?
Process of implementing risk response plans, tracking identified risks, monitoring residuals risks, identifying new risks, and evalusting the risk process effectiveness.
Supporting users have an ad free experience!