Importance of Risk Management in Projects

Risk management and procurement management are very important for any project to become successful. As per the definition of ISO 31000, risk management is the identification, forecasting evaluation and prioritization of risk. Risk is the effect of uncertainty or occurrence if undesirable situation which may result to losses and probabilities can be attached to it. Uncertainly you cannot predict the outcome of the occurrence and hence cannot be managed. Therefore since the outcomes of risk can be predicted in advance, its important o put the right measures in place to manage risk in order to prevent the foreseen undesirable situations from occurring. This report evaluates and analyzes the risk in a project and discusses how these risks can be managed. The solution also evaluates and discusses the ranking of the risks that have been identified to find out which ones have a higher probability of occurrence (Hillso & Simon, 2012). A project risk management strategy is also constructed to show the road map that should be followed by a project manager when undertaking a project. Procurement is an important aspect for all projects. Procurement can be defined as the process of obtaining or buying goods and services on behalf of an organization. It involves many stages such as identification of need, assessment of required amounts and placing orders. This report also discusses the importance of procurement management in a project. This report examines all the processes and activities undertaken by an organization when procuring the materials needed in a project. The process and standards required to procure services in project management is also analyzed.

Risk management is very important for successful implementation of a project. To manage risks effectively in any given project, the project management team has to undertake a series of steps and actions. Different organizations have put in place different strategies to help them manage risk depending on the industry in which they are operating and the objectives of the organization (Kendrick, 2009). The effective risk management framework consists of the following components; Internal environment, risk assessment, risk response, control activities, communication and information as well as monitoring.

Risk management is an ongoing process on a project and it does not stop even after the completion of the project. The following are the steps taken when managing risk in an organization:

• Identification and characterization of threats
• Assessment of vulnerability of key assets to the specific threats identified
• Determine the expected likelihood and the consequences of the events happening
• Identify the ways in which the risk can be reduced
• Prioritization of ways in which the risks can be measured

According to the ISO 31000 the following are the guidelines that should be followed in risk management processes;

Components of a Risk Management Framework

The first step is establishing the context. This step involves the identification of the risk in a selected domain of interest. The domain of interest for example could be in a construction project and the domain of interest is that of risk of the prices of materials inflating. The project manager needs to identify the specific materials that can be inflated and hence leading to extra costs for the organization (Gray &Shahidi, 2011). The next step is planning the remainder of the process. This involves making arrangements and identifying all the resources that may be required to manage the risks identified. The social scope of the risks identified is also mapped out together with the identification of key stakeholders in the project. The basis of evaluation of the risk is also identified as well as the framework for activity and identification of the agenda of the business.

Identification of the risk is a very important stage in the process of managing risk for an organization. This is because, the stage of risk identification helps the project manager to identify what factors may lead to occurrence of the risk (Dobson & Dobson, 2012). Proper identification of risk ensures that the project is undertaken successfully until completion and even after completion of the project. Under risk identification, the project manager needs to identify the source of the risk. Sources of risk may be internal or external to the system that has been put in place by the project manager. Analysis of sources helps in mitigation of risk. Some examples of sources of risk include the stakeholders, employees or even whether conditions. To identify a risk within a project, it must be associated with a particular threat related to the project itself or one of its stakeholders. For example in an irrigation project, the threat of project sponsors withdrawing their sponsorship can be a big risk for the project. There are different methods that can be used to identify risk in a project. The decision on which method to use depends on the industry which the project is associated with and the goals and objectives of the project. The following are examples of the risk identification methods commonly used;

Objective based risk identification- this method identifies risk in a project based on the objectives set out by the project team. The team in charge of managing the project brainstorms to identify risks that could hinder the team from attaining the objectives set in advance (Ganttalot, 2012).

The Risk Assessment Process

Scenario-based risk identification- this is where the risks that are present in a project are identified by creating different scenarios that the project may find itself in. The scenarios can be alternative methods of achieving the objectives and while reducing the risk for the project.

Risk checking regularly is another method of identifying risks- in this method, the project areas that have experienced many risks in a particular industry (Dunne, 2013). Each risk is listed down and an analysis in done to evaluate whether or not its relevant in that particular project.

The identification of risk can also be made based on taxonomic units. This method breaks down possible risk sources based on the taxonomy and knowledge of best practices (Pather, Remenyi &Remenyi, 2011). Questionnaires are prepared and answered in order to identify the risky areas in the project.

The other method used in identifying project risk is the risk charting method. It lists all resources at risk in a project. The factors that may increase or decrease the level of risk are also identified and listed down.

The next step in risk management is the assessment of risk. Risk assessment involves examining how severe the impact that the risk may have on the project. The negative impact that the risk can have in the project in case it occurs is analyzed and the probability of the risk occurring is determined (Ganttalot, 2012). The potential impact on the project if the risk occurs should be easily measurable. For example in case the case of an irrigation project,the drying out of the water reservoir can result in all the crops drying up and hence the loss can be estimated to be the investments entered in the project. In the assessment stage, the project manager needs to be very careful since it is critical in making decisions in order to properly the risk strategy drawn at the end of the process. The challenge experienced in this stage of risk management in projects is that it is difficult to determine the rate of occurrence how often the risk is likely to occur. This is because, it is difficult to find statistical information on the past incidents and they may vary from the potential future situation depending on different factors such as weather in an agricultural project or in a road construction project(Bissonette, 2016). Determine how severe the consequences of the risk are difficult especially for intangible assets.

Options for Mitigating Risks

There various options available to help mitigate risks in a project. They include:

Risk avoidance- This involves choosing not to do an activity or a project that carry high levels of risk (Ainsworth, 2016). For example, an individual or organization may avoid building a dam to avoid the risk of flooding the surrounding area in case of heavy rains. A school may avoid implementing the project of a 5 floor classrooms to avoid the risk of children falling over from the building and instead seek alternative. It involves avoiding taking the legal liability that may come with occurrence of the risk. The disadvantage of using this technique is that risk avoidance also means that the benefits that could have been derived from implementing the project are lost. Not starting an highly profitable business project because it is risky means that the entrepreneur will lose out on the profits that they could have derived from implementing the project.

Risk reduction is also known as risk optimization. It involves reducing the severity of loss or the likelihood of occurrence of the loss (Yeomans, 2016). For example in construction of a science complex for a university, the project manager can decide to put sprinklers in every room to help in reducing the loss in case fire breaks out in the building. The sprinklers will work by spraying water when they detect fire and they sprinkle water and hence putting off the fire. Fire suppression systems can also be installed in the building to help mitigate the risk if it occurs. Risks can be positive or negative. Risk optimization is about finding a balance negative consequences and the benefits of the risk taking place(Bissonette, 2016).One of the most common method of reducing risk in a project is outsourcing. Outsourcing is where an organization or an individual decides to delegate the performance of some tasks to a third party by entering into a legal agreement with the organization. For example, an IT project in a university may outsource development of software to another company. An airplane building project may also outsource the building of airplane engine in order to reduce the risk of failure or financial losses to the organization.

This is dividing the risk of loss or the benefit of gain between the owner of the project and another third party (Charrel &Galarreta, 2007). This considerably helps in reducing the burden of loss on the part of the project owner in case the risk occurs. It mostly occurs through outsourcing or insurance. For example, an organization undertaking the construction of a building may decide to insure the building against the risk of damage through fire. In case the fire occurs under the terms agreed in the policy with the insurance company, the project owner will be compensated for the loss. This however does not mean insuring is transferring risk since the risk will still lie with the person or organization who are the legal owners of the project.

Procurement Management in Projects

Risk retention involves accepting the loss or benefit that may come as a result of occurrence of the risk. This option can also be referred to as self insurance. This option of risk management is only favorable for small projects or businesses where the risk involved is very minimal. If a project manager decides not to transfer or avoid risk, it means that they have decided to retain the risk by default(Bender,2013). Insuring of risks for some projects can be so large that the premiums are very high and not feasible for the management. Due to this reason, the project owners may decide to retain the risk and be ready to bear the loss or benefit that may be consequences of the risk.

Risk measuring is the process of determining the likelihood of occurrence of a risk. It is difficult to quantify risk and this makes it impossible to measure risk accurately and numerically. The following are the steps taken to measure and rank potential risk in a project:

The first step is making a list of risks. A good project plan should have a lot of potential risk that may interrupt or interfere with the project. The second step is identifying a standard risk profile with which comparison will be made. This can be done by carrying out literature review to identify the risks that were of high threat to a similar project. This list can then be compared with the risk that have been listed in the current project and hence enabling the project manager to rank the risk in order of probability of occurrence(Chapman, 2014). The project manager can also rank the risks depending on the potential loss or damage that may be incurred in case the risk occurs. The project manager needs to determine the amount of money they would lose by not mitigating the risk and compare it with the cost of mitigating the risk. It is unreasonable to spend more than in mitigating the risk than the cost of the event itself occurring. This process aids in decision making by the project management team. Projects that are found to have low or high impact needs to be monitored continuously to make sure the probability of risk does not change and if it changes, the project management can take the right steps to manage the risk at the new level.

When the project is ongoing and even after the completion of the project, it is important for the project management team or the project monitoring team to put measures in place to ensure that risks are managed for the entire period of the project. The monitoring of risk helps to avoid project failure due to risks occurring after the project has started or has completed. It involves continuous assessment of the project to determine new threats that have emerged and then putting the right measures in place to manage the risk. This eventually helps the project management team to meet its objectives.

Procurement Processes and Activities

A risk management strategy is a plan of action that is designed to help in managing risks I a project in case an adverse risk occurs. It is a contingency to the main plan that the project manager prepares to manage risk. A risk management plan helps the team to think in advance the actions they should take in case a risk event occurs even after doing everything necessary to prevent the risk (Tomczyk,  2013). A project risk management strategy for a construction plan would follow the following steps;

The first step is to identify the steps that can be taken to ensure the risk is mitigated. For example in a construction project, the project manager can enter into an agreement with a single supplier to mitigate against the fluctuation of construction material prices in future.

The next step is identification of the necessary resources that are needed to mitigate the risk. These resources may include human resources, financial or technological resources (Cretu,Stewart, &Berends, 2011). The resources required are procured on time to ensure that the project is not delayed due to lack of enough materials in the store. The project manager needs to identify the cost of availing all these resources while accounting for a error of rise in prices.

The project strategy should contain a contingency schedule. This helps in planning the activities that should take place to correct manage the damage or the losses resulting from the occurrence of the event. Since it is a future event and it is not known when the risk can occur, the plan should be prepared as shown in the following example:

Day	Activity
1	Identification of the source of the risk
2	Identifying the extent of damage or loss
3	Measuring the loss
4	Taking the steps to seal the loopholes and stop the damage if it was still taking place.
5	Prevention of future occurrence of the same risk

 The next step in developing a risk strategy is defining the emergency notifications and procedures for escalation. The safety precautions are listed and printed and posted in strategic positions where all stakeholders can read.

Develop a train program if it’s necessary to carry out training and then revision of the plan to ensure that it meets the objective (Bonham, 2008). The final step is publication and distribution of the plan to everyone who is involved in the project.

Conclusion

The report analyzes and evaluates the risk management concept and how it’s important in project management. Risk management involves identification, measurement and ranking of potential risk situations in an organization or project to reduce the probability of an event from happening. The report identifies the risk management steps and procedures proposed by various theorists. The assessment also identifies the importance of risk management for the project manager. Risk management methods such as risk avoidance, risk sharing and risk mitigation are discussed in detail with examples given for each case. The project management strategy helps the project management team to plan the course of action that should be taken in case the risk identified happens and how the risk can be prevented in future (Raydugin, 2013). This report also discusses the significance of procurement in making a project successful and in management of project risk.

References

Ainsworth, h. (2016). Navigatiing change, managing project risk.

Bender, m. B. (2013). Project risk management – simplified! Cork, bookbaby.

Bissonette, m. (2016). Project risk management: A practical implementation approach.

Bonham, s. S. (2008). Actionable strategies through integrated performance, process, project, and risk management. Boston, artech house. Http://www.books24x7.com/marc.asp?Bookid=32799.

Cretu, o., stewart, r. B., & berends, t. (2011). Risk management for design and construction. Hoboken, john wiley & sons. Http://www.123library.org/book_details/?Id=18765.

Chapman, r. J. (2014). The rules of project risk management: Implementation guidelines for major projects. Http://www.books24x7.com/marc.asp?Bookid=64379.

Charrel, p.-j., & galarreta, d. (2007). Project management and risk management in complex projects: Studies in organizational semiotics. Dordrecht, springer. Http://public.eblib.com/choice/publicfullrecord.aspx?P=301367.

Dunne, e. S. (2013). Project risk management: Developing a risk framework for translation projects. Http://rave.ohiolink.edu/etdc/view?Acc_num=kent1368700402.

Dobson, m. S., & dobson, d. S. (2012). Project risk and cost analysis. [place of publication not identified], american management association. Http://site.ebrary.com/id/10579812.

Ganttalot, s. (2012). Project risk management – a rapid rollout methodology. [place of publication not identified], lulu com.

Gray, m., & shahidi, a. (2011). Applying the principles of system dynamics in project risk management [electronic resource]: “The domino effect”. Newtown square, pa, project management institute.

Hillson, d. (2011). Managing risk in projects. Managing risk in projects. Farnham, surrey [u.a.], gower.

Hillson, d., & simon, p. (2012). Practical project risk management: The atom methodology. Tysons corner, va, management concepts.

Kendrick, t. (2009). Identifying and managing project risk: Essential tools for failure-proofing your project. New york, amacon. Http://www.books24x7.com/marc.asp?Bookid=28421.

Pather, s., remenyi, b., & remenyi, d. (2011). Managing risks of ict projects. Kidmore end, academic publishing.

Project management institute. (2009). Practice standard for project risk management. Newtown square, pa, project management institute.

Raydugin, y. (2013). Project risk management: Essential methods for project teams and decision makers. Http://www.books24x7.com/marc.asp?Bookid=58192.

Tomczyk, c. A. (2013). Project manager’s spotlight on planning. San francisco, calif, jossey-bass. Http://rbdigital.oneclickdigital.com.

Yeomans, d. C. (2016). Passing the risk management professional (pmi-rmp)certification exam the first time!: Second edition. [s.l.], dog ear publishing.