UNIT:11 PROJECT RISK MANAGEMENT

Objectives:
After studying this unit, you should be able to:
 Understand the meaning of project risk, its importance in the current scenario
 Identify the various risks in the projects
 Assess and prioritize various risks in the given project for resource allocation and
decision making
 Design the mitigation or control measures to reduce the effects of risks

Structure:
1. Introduction
2. Definition of Uncertainty and Project Risks
3. Risk Management Process
4. Risk Identification
5. Risk Categorization and Risk Breakdown Structure
6. Risk Assessment Methods
7. Risk Control Measures

1. Introduction
Globalization, hyper competition along with shorter technology and product life cycles are
forcing organizations to undergo changes.The current volatile (Changes are frequentand
unpredictable- example-fast technological changes), uncertain (impact of future eventsnot
known- example- pandemic-COVID 19; climate changes), complex (Many inter-connections
and levels- multiple stakeholders involvement, interdependencies example-cyber physical
systems ), and ambiguous (lack of knowledge, unclear whatto expect; example-fake news)
environmentis putting pressure on companies to innovateat a faster pace. Organizations
increasingly use projects (whether construction, product development or service
development) as a vehicle for transformation and implementation of strategic proposals with
the aim to stay competitive. A project is a series of tasks that need to be completed to reach
tospecific goal /outcome. It can also be said as a set of inputs and outputs needed to achieve
specific goal.
Some important characteristics of project are
1) It has a purpose, result normally in terms of cost, performance requirements and
schedule
2) Projects are temporary activities i.ethey have a fixed time frame
3) Every project is uniquethat some of the activities need to be modified due to change
in laws, location,time, people etc
4) The project possesses significant element of uncertainties and risk due to change of
circumstances and technology developments
5) Projects pass through several distinct phase called Project Life Cycle.

1
Thus, the role of the project manager is considered to be highly critical while defining and
shaping the desired targets of project execution. A project is considered successful only if it
achieves the specified project objectives.It is important to remember thatnot only – the within
time and within budget are the measures of project success but measuressuch as -efficiency,
impact on customer, impact on team, business success and future aspects which projects
create are critical to be considered.Project success is a multi-dimensional construct that
embraces long-term achievement, i.e.desired effectiveness and impact of project results; and
short-term success in terms of projectefficiency.

The Project Management Institute (PMI)Pulse of the Profession (2021) reports that still only
55% of the projects are completed on time with 12% of the projects as deemed failures.One
of the recent example of construction of Qatar stadium for FIFA World Cup 2020, a ground-
breaking architectural achievement, revealed unethical practices and mistreatment of migrant
workerson the part of contractors responsible for the various sites and developments.This
attracted severe criticism from human rights groups. Can it be classified as a successful
project?. Think about it.
The specificity of the project–more frequent changes, pressure to meet the project deadline,
budget, meeting customer expectation with limited resources, makes project teams more
challenging as compared to leading teams in traditional organizations.
Activity: List any 4 projects from the world (2 successful and 2 failed)
Project Name Success/ Failed Measures of Success /Failure
1.
2.
3.
4.
2. Definition ofUncertainty and Project Risks
The world and the environment in which the projects operate are not deterministic in
nature and many uncertainties are faced. Let us understand what do we mean by
saying- uncertainty. Uncertainty is a state of mind characterized by a conscious lack
of knowledge about the outcomes of an event.Uncertainty is a situation for which it is
not possible to specify numerical probabilities.

2
Uncertainty in the project may be associated with estimating, project parties and stages of the
project life cycle.
Risk is an uncertain event that matters, that if it occurs, has a positive or negative effect on a
project's objective.In other words, a risk in the project is one which creates a situation
impacting the project teams ability to achieve the projects outcome exactly as planned.It is an
event likely to occur in future during the project life cycle.The key element in this definition
is uncertainty, which refers to situations under which either the outcomes and/or their
probabilities of occurrences are unknown to the decision-maker.

However, none of the projects are risk-free. In general the level of risk depends upon two
factors, one is uniqueness of project and the other is experience of the project team.
Uniqueness is usually linked with uncertainties and unknowns. Risks are present in all
projects whether big or small. One or the other risk will always be present from concept to
completion and operation of the project .For the success of the project it becomes important
to eliminate or reduce the effect of risk and therefore it requires attention and action at the
earliest.Sooner the better, that is before it leaves the project manager and other stakeholders
in a state to suffer with its negative impact on project objectives.
Thus, the purpose of risk management is to enable project progress towards organisational
goals and project objectives in an efficient and effective path through maximising the use of
available resources and deliver targets consistently in a sustainable manner. Thus, the
discipline of project risk management has beenrecognised as critical for the success of every
project.Project risk management seeks to increase the probability and impact of positive
eventsand to decrease the probability and impact of negative one’s. Project risksvaries with
project type, industry, experience in managing similar projects, as well asscope and size of
the project.

The risk management plan depends on your organization and stakeholders risk attitude,
which is to what extent the project manager and stakeholders are willing to take risks. There
are different kinds of organizations outlook towards risk.
Risk Averse- The organizations who are cautious in situations of large losses, they are
reluctant from project decisions even if such project decisions might also offer a possibility of
large gains associated with success. This behaviour is called “risk-averse.” For this
organization, the fear of losing $1 million far overweighs the benefit of gaining $1 million.
They prefer lower returns instead of higher ones, because the lower return investments have
known risks .The risk averse organization will not do a project if the chances are 50 – 50
between the two outcomes.

Risk Neutral– Such organizations keep a balance towards the utility and payoff. Such
organizations weigh all pros and cons before deciding to take risk or not.

Risk Seeker-They enjoy and find it challenging to deal with risks and accept risk as a normal
feature of the project and business. However, this excessive optimism may sometimes lead to
losses due to giving less importance to the potential effect of the risk on achievement of

3
objectives. As it is understood as a normal feature of the project, it means that risk are
underestimated (both in terms of probability and impact )andnot managed appropriately.

Figure 1 depicts the 3 types of attitude towards risk

Figure 1: Risk Attitude

3. Risk Management Process

Risk management is a "formally structured process for systemic risk identification, analysis
and response throughout the life span of the project in order to achieve an optimum level of
risk elimination or control”. The process of how to conduct /do risk management activities is
called risk management process. The process has the following phases:
1) Identifying as many risks as possible
2) Analysing risks in terms of impact on project goals and it's likelihood of occurrence
3) Responding to each potential risk if and when it occurs
4) Changes in project plan to acceptable (by stakeholders) levels to account for certain
risks
5) Monitoring and reviewing to have a check on risk control actions.

Figure2: Risk Management Process. (Source: Cooper, 2005)

4
Collective decision-making is very vitalin project management that can make or break this
part of the project. Almost all risk management activities will involve meetings between the
project manager, the team and other stakeholders in order to make decisions about
variousactivities, risks and associated estimates. Table 1 presents the responsibility of various
stakeholders involved in the project. Make a note that, it is not only the responsibility of a
project manager towards risk management.
Table 1: Risk Responsibility
Risk Activity Responsibility
Risk Identification All project stakeholders
Risk Registry Project Manager
Risk Assessment All project stakeholders
Risk Statements Project Manager’s, team communication
Risk Response options identification All project stakeholders
Risk Response approval Team Communication (recommendations);
project Directors
Risk Contingency Planning Project Manager
Risk Response Management Project Manager
Risk Reporting Project Manager

When dealing with the project and looking at uncertainties and risk, following questionsabout
a project should be looked at along with their answers.

1. Who are the parties ultimately involved?

2. What do the parties want to achieve?
3. What is it that each party is interested in?
4. Which way (how) is each party’s work to be done?
5. What resources are required?
6. When does it have to be done?
Use of the six questions mentioned above from the earliest stages of the project life cycle can
provide information on development of project design and logistics by clarifying key sources
of uncertainty

4. Risk Identification
“A stitch in time saves nine” is a proverb which means a prospective bigger harm can be
avoided by taking proactive remedial action in the initial stage of the problem.Thus the risk
identification needs to be done at the earliest. For this the project manager has tounderstand
the project objectives and understand specific priorities of the key stakeholders.To obtain
such understanding it is a good practice to have discussions between the project manager and
project stakeholders right from the early stages of the project life cycle.It is important to
uncover the maximum number of risks early before they occur and leave their negative
impact on the project objectives

5
There are a different risk identification techniques available based on following distinct
criterion (1) identification conducted solely by the risk analyst, (2) identification by the
analyst interviewing amember of the project team, and (3) the analyst leading a working
group. Based on them, the most commonly used techniques for risk identification are –
Documentation reviews, brainstorming, the nominal group technique and delphi technique.

Documentation Reviews-These are structured reviews of all project documentation up to

this point in time including plans, assumptions, previous project files, contracts, and other
information.

Brainstorming:Originated by Alex Osborn in the early 1950s, brainstorming was proposed

as a problem solving method which would produce a much larger quantity of ideas in less
time. Conducting a brainstorming session requires following set up-
 Prepare the Group: Make sure of tools, resources, and refreshments- Recorders,
white boards, Tea/coffee, Post it
 Small Group of Stakeholders- Full-time membersof the project team, have key
responsibilities, cover critical technologies and any commercial considerations
 Optimum Brainstorming group size – 7-12 members- leader, an associate leader,
about five regular or `core' members and about five guests.Panel should be composed
of people of the same rank
 Define the problem and the objective of the session; Give people plenty of quiet time
at the start of the session
 Reverse the problem or challenge by asking, "How could I possibly cause the
problem?" or "How could I possibly achieve the opposite effect?"
Example: "How do we improve patient satisfaction?"
Reverse problem statement:
"How do we make patients more dissatisfied?
However, during conducting the brainstorming session, always remember that- the purpose of
this session is to get large number of risksi..e Quantity is wanted. Evaluation of ideas must be
withheld until later. One of the drawback is that the some of the participants may be extrovert
and dominate others in terms of sharing opinions.
Nominal Group Technique (NGT)- NGT was developed by Delbecq in 1968 is amethod as
initiating with the group members (between 7-10) without discussion, writing ideas related to
the problem down on a pad of paper. Conducting a NGT requires:
 Silent generation of ideas in writing
 Round-robin feedback from group members torecord each idea in a short succinct
phrase on a flipchart
 Discussion of each recorded idea for clarificationand evaluation
 Individual voting on priority ideas with the group. Any suitable scale could be used
by participants for voting. For example- Using a scale of (Least important) 1 5
(Most important)
 Decision being mathematically derived throughrank-ordering or rating as mentioned
in Table 2.

6
 Table 2: Template of NGT

RANKS BY PARTICIPANT OF THE NGT SESSION

Participant 1 Participant 2 Participant 3 Participant 4 TOTAL
Risk 1
Risk 2
Risk 3
.
.
Risk n

Delphi Technique: Delphi developed at the RAND Corporation by Dalkey, Helmer and
others primarily for technology forecasting, is a method for the systematic collection and
collation of judgementsfrom isolated anonymous respondents on a particulartopic, through a
set of sequentialquestionnaires combined with summarised information and feedback of
opinions, derived from earlierresponses. Setting up of Delphi method involves following
 Selection of panel experts representing broad spectrum of opinion on the issue being
examined. There is no rule of thumb for the number of the panel members however it
depends on the complexity of the project.It is observed that the panel could range
from the 5-30 members. Exhibiting knowledge, considerable experience, readiness to
contribute to process along with good communication skills are essential elements
required in the Delphi panellist.
 Participants are usually kept anonymous
 The moderator or researcher (or the project manager) construct a series of structured
questionnaire and feedback reports for the panel over the course of Delphi
 Usually 3 to 4 iterations are involved till the consensus is achieved

The main advantage of Delphi is that the opinions are individually based and not biased asthe
members are kept anonymous and therefore interpersonal conflicts and communication
problems do not exist. Further the problem of bringing people to the same location does not
exist with travel cost reduced to minimal.

5. Risk Categorization and Risk Breakdown Structure

The purpose of risk identification is to create a long list of risks, but this list is many times
hard to understand or manage. The best way to deal with this list of risks is tostructure
themfor better comprehension and visual representation. Once the risks are identified, it is
critical to categorize those risks for better understanding. There are many ways to categorise
risks. Some are given below.
a) By considering when it occurs in the project life cycle

7
 The risks are categorised according to the phase of the project life cycle in which
they are likely to occur.Such phases can be initiation, design ,execution, closure
b) By considering which project objective
By considering which project objective is impacted, that is, cost, scope, schedule or
quality.
c) Based on the source of the risk (External or internal)
Internal :- They originate from inside the project and thus the project manager may
have a control over them , for example, market risk, technical risk and so on.
External :- These risks are generated from sources outside the project. Project
manager has little or no control over them, for example, competitors action ,
Government regulations, acts of God –(floods, rain, earthquake etc.)
d) Bywhat is known and what is not known about the risk.
Known- knowns :-That is we know the risk will happen and we know the time and its nature
of happening. Therefore we can have a plan and manage it with certainty and thus the risk is
not a risk.
Known- unknowns :-That is we know the event will occur but its level/ degree is unknown,
for example, rain will occur but when and for how long and its degree is not known.
Unknown- unknowns:-These are fully uncertain events and can't be thought in advance. No
mitigation strategy can be planned , for example -acts of God.
For example: Some of the risk categories located in International projects are:
Financial and economic: due to situations like sudden and drastic fluctuations in exchange
rate, inflation, financial shortage due to cost overrun and schedule overrun, financial failure
of the contractor or subcontractor, increments in tax payments due to reforms in taxation
policies, Changing market conditions
Contractual and legal: due to ambiguity in different regulations in different countries
Design-related: due to unclear scope of project, unfamiliarity with the design standards used
in the host country
Political: due to political instability, different foreign policies of the government
Cultural: due to different cultures, and communication languages of communication
Technical: due to different technology maturity and understanding levels, inadequate user
documentation,poor production system performance
Based on the risk categorization, a Risk BreakdownStructure (RBS)—a hierarchical
structuring of risks on theproject can be drawn.It defines the total risk exposure of the project.
RBS structures differs with respect to sources of risk, type of projects, the environment as
well as industry sectors. It is therefore necessary for any organisation wishing touse the RBS
as an aid to its risk management to develop its own tailored RBS.
The Figure3a, 3b, 3c showcase the RBS of different projects (oil refinery construction,
Vaccine development, Mining)

8
Figure 3a) Snapshot of RBS of a oil refinery construction project(Source: Gupta et al, 2021)

Figure 3b) Snapshot of RBS of a Vaccine development project(Source: Hillson, 2003)

9
 Figure 3c) Snapshot of RBS of a Mining project(Source: Banda, 2019)

6. Risk Assessment

Risk assessment is the process of estimating the likelihood of the occurrence of an event
(desirable or undesirable) and its impact on project objectives.

There are two ways of analysing the risk- qualitative approach and quantitative approach.The
qualitative risk analysis is generally performed on all risks, for all projects,
whereasquantitative risk analysis is based on the type of project, the project risks, and the
availability of data to use to conduct the quantitative analysis.
Qualitative Techniques:A qualitative risk analysis prioritizes the identified project risks
using a pre-defined rating scale. Risks will be scored based on their probability or likelihood
of occurring and the impact on project objectives should they occur. The impact scale is
defined by the organization (for example, a one to five scale, with five being the highest
impact on project objectives - such as budget, schedule, or quality). As the impact of risks
encountered in past projects are imprinted in the psyche of the project manager and will be
remembered in future projects, experts arerequested to give their judgement on probability
(P) of occurrence and thedegree of impact (I) for all the identified risks on the identified
project objectives-such as cost, time , quality, scope, team performance, efficiency etc. The
experts provide their inputs onprobability of occurrence of risks using the words: very high,
high, medium, low andvery low as well as inputs on degree of impact of risks using words -
critical, major, cautionary, minor, and negligible as shown in Figure 4. The risk are then
plotted in the probability -Impact matrix to understand which risk are most critical to be

10
looked at on priority as shown in Figure 5. Further, a Risk Score can be calculated as RS=
P*I.

Figure 4: Probability Impact scale

Figure 5: Probability Impact matrix

Quantitative Technique: A quantitative risk analysis is a further analysis of the highest

priority risks during a which a numerical or quantitative rating is assigned in order to develop
a probabilistic analysis of the project.Quantitative analysis allows to

 Quantify the possible outcomes for the project and assesses the probability of
achieving specific project objectives
 Provides a quantitative approach to making decisions when there is uncertainty
 Creates realistic and achievable cost, schedule or scope targets

Some of the quantitative techniques are:

Monte Carlo Simulation- Monte Carlo simulation which involves the random sampling of
uncertain variables based on defined probability distribution functions. Through this random
sampling a probability distribution of the output variable can be determined, and the
probability of failure calculated. The main criterion for selecting the appropriate probability
distribution for input variables is the knowledge of characteristics of risk factors. One critical
step in Monte-Carlo simulation is to develop a model of relationship between dependent
variable (example-objective/performance of project- in terms of cost or budget or schedule or
quality etc) and independent variables (risk factors). However, Monte Carlo simulation does

11
not determine the impact of risks and presents limitation in assessing political and social
risks.

Sensitivity Analysis-It is used to determine which risks have most potential impact on the
project. It aids to understand the extent to which variation of a project element affects a
project objective when all other uncertain elements are held at their baseline values.

Expected Monetary Value (EMV) -EMV is used to calculate the contingency reserve. It
calculates the costs of all the paths the project manager might take during the course of your
project.

Expected Monetary Value (EMV) = Probability * Impact

The impact is the amount that will be spend if a given identified risk occurs. The classical
way to calculate the EMV of a project is as follows -

 Take the cost estimate or the Net Present Value for the project as a Base value (BV);
 Calculate the sum of EMV of all threats (∑EMVT) and opportunities (∑EMVo);
 If cost as a base value is considered, sum the EMV of the threats and subtract the
EMV of the opportunities;
 If revenue as a base value is considered, subtract the EMV the threats and sum the
EMV of the opportunities.

EMV=BV± ∑EMVT ± ∑EMVo

After calculation of the expected monetary value of the project, it is addedto the work costs
estimate and generate the cost baseline. This amount is called the contingency reserve.

For example -The project’s total cost is 10,00,000 for a software project, and certain risks
have been identified as shown in table 3.
Table 3: EMV calculation
Risk Probability Impact (Rs) EMV (Rs)
Negative Risk 1 30% 30,00,00 90,000
(Threat 1)
Negative Risk2 10% 20,00,00 20,000
(Threat 2)
Positive Risk 1 20% 20,00,00 40,000
(Opportunity 1)
Positive Risk2 50% 10,00,00 50,000
(Opportunity 2)

EMV= Rs 10,00,000 + (30%*Rs30,00,00+10%*Rs 20,00,00)- (20%*Rs 20,00,00+50%*Rs10,00,00)

=Rs10, 20,000.

One of the ways to calculate and represent EMV is decision trees which is explained as below

12
Decisionn Tree Analysis (DTA))—Decision tree analyssis uses EM MV analysis internally. A
decision tree, as the name suggeests, is abouut making deecisions wheen you’re faacing multiple
options. DTA takes future unceertain eventss into accouunt. The eveent names are a put insidde
rectanglees, from whiich option lines are draawn. There will
w be deciision points (or “decisioon
nodes”) and
a multiplee chance pooints (or “chhance nodes””) when youu draw the decision tree.
he node or a branch, wheereas the coost
The probbability value will typicaally be menttioned on th
value (im
mpact) is at thhe end.

For calcuulations, movve from righht to left on the tree. Th

he cost valuee can be on the
t end of thhe
branch orr on the nod
de. The best decision is tthe option thhat gives thee highest possitive value or
o
lowest neegative valuee, dependingg on the scennario.

For exam
mple:

Project Manager
M iss into new product deevelopment project, annd wants to t develop a
prototypee.If he does the prototyppe, it will cosst Rs100,0000; and if he and teamdoees notmake iit,
there willl be no costt. If he goess for prototype, there is 30 percent cchance that the prototyppe
might faiil, and for th
hat the cost im
mpact will bbe Rs50,000. However, if i the prototy
ype succeedds,
the project will makee Rs500,000. If hedo noot do any proototype, he issalready takking a risk, thhe
chance of
o which is 80 percent with a failuure impact of o Rs 250,0000. But, agaain, without a
prototypee, should heesucceed, thhe project w will make thee same monney as menttioned beforre.
What shoould hedo?

Example using decision tree is deemonstratedd in Figure 6..

13
 Figure 6: Decision Tree analysis using EMV

The net path value for the prototype with 70 percent success = Payoff – Cost:
= +Rs500,000 – Rs100,000 = +Rs 400,000
The net path value, for the prototype with a 30 percent failure = Payoff – Cost:
= -Rs 50,000 – Rs100,000= -Rs150,000
EMV of option 1 = [70% * (+Rs 400,000)] + (30% * (-Rs150,000)] = +Rs 235,000
On similar lines, the EMV of option 2 is also calculated

Looking at the EMV of the decision node, will aid in decision making. EMV of option 1 is
+Rs235,000 whereas with the other option — no prototyping — you’re losing money. Hence,
the project manager should go for the prototype development.

7. Risk Response Planning

The risk response planning involves development of responses to the identified risks which
are appropriate, achievable and affordable. Owners are also allocated to each risk response
who are to be held responsible for its implementation and for monitoring its effectiveness.
There are 4 risk response strategies as shown in Figure 7. Depending upon the severity of
risk, the strategy can be adopted

Figure 7: Risk Management Strategies

• Avoid –seeking to eliminate the uncertainty by making it impossible for the risk to
occur (i.e. reduce probability to zero), or by executing the project in a different way which
will achieve the same objectives but which insulates the project from the effect of the risk
(i.e. reduce impact to zero).Some examples of avoidance strategy are
-Changing the PM plan;
-Changing the project scope;

14
-Adopting proven technology
-Shutting down the project
-Dependence on national suppliers
• Transfer –identifying another stakeholder better able to manage the risk, to whom the
liability and responsibility for action can be passed.Some examples of transfer strategy are
-Establish JV with renowned local partners
-Obtain local government guarantee to adjust tariff or extend concession period
-Obtain payment and performance bonds from local and international banks
-Outsourcing
There are multiple models available catering to this strategy
BOOT-(Build-Own-Operate- Transfer)- grants to a private sector party the right to finance,
design, construct, own and operate a project for a specified number of years until the project
is completed and capabilities are proven.
BOO (Build-Own-Operate)
PPP(Public-Private Partnership)
• Reduce/Mitigate—reducing the size of the risk in order to make it more acceptable to
the project or organisation, by reducing the probability and/or the impact.Some examples of
mitigation strategy are
-Provide training to the member
-Testing and Prototyping
-Restructuring the contracts to include incentives for on time delivery
-Choosing high quality materials and equipment
-Adopting less complex process
• Accept –recognising that residual risks must be taken, and responding either actively
by allocating appropriate contingency, or passively doing nothing except monitoring the
status of the risk.

8. Risk Monitoring
The final phase of the risk management process aims to monitor the status of identified risks,
identify new risks, ensure the proper implementation of agreed responses and review their
effectiveness, as well as monitoring changes in overall project risk exposure as the project
progresses. This section focuses on assessing project risk management performance and
identifying whether a project is on track or straying from the original plan. Once the risks
have been identified, assessed and possibly analysed, as shown they are placed into the Risk
Register. Risk register serves the purpose to help the project team review project risks on a
regularbasis throughout the project. Risk Register should contain the following information in
the form of table (as shown in Figure 8), excel sheet or any form of database as convenient to
the organization.
1. The area of the project in which the risk may materialise
2. Risk Identification Number.
3. Brief description of the risk.

15
 4. Probability or likelihood of the risk occurring, determined within the risk assessment
phase.
5. Impact value (impact of the risk, often in separate terms of time, cost, quality or other
related project objectives framed )
6. Total impact value
7. Risk Score (combination of the probability and total impact values).
8. Ranking of the risk within the project (ranked risks are those with a high severity and
are active within the project).
9. Track of the risk (i.e. has the risk increased, remained the same or decreased in
severity since the previous month).
10. Risk Response strategy
11. Risk owner.
12. Whether the risk is active on the register.
13. Whether the risk has been solved

 Project title:
 Documented by:
 Revised date:

Risk Identification Risk analysis Risk resolution

ID Reported Date of Description Risk Description Severity Occurrence Risk Preventive Action Risk Date Date of Note
by report of risk type of risk rating rating rating action taken priority of action
(D/M/Y) impact by no. action completed
taken

Figure 8: Sample template of Risk Register

Risk review meetings may be held to assess the current status of risks to the project, and
project review meetings should include status reports from the project team on key risks and
agreed responses.

Further it is also important to identify the residual and secondary risk after implementing the
risk management strategies. The residual risk are the risk that remain after all of the response
strategies have been implemented whereas secondary risk are a direct result of implementing
a risk response.

Summary and Conclusion

All projects have risks. To be successful, the organization should implement risk
management proactively and consistently throughout the project. A deliberate attempt must
be made at all levels to actively identify and pursue effective risk management during the life
of the project. Risk exists the moment a project is envisaged. Moving forward on a project
without a proactive focus on risk can potentially lead to project failure.
Keywords: Project Failure, risk, probability, Impact

16
Self-Assessment Questions
Q1. Why majority of the projects fail? And what needs to be done to avoid those failures?
Q2.How risk is different with respect to uncertainty. Think about some uncertain events
which turned to be risk for your project and some which did not converted to risk.
Q3. What is Risk management?
Q4. What is the difference between brainstorming session and nominal group technique
Q5. When should the brainstorming session be used and what the rules of the session?
Q6. What is a Risk Score? And what does it indicates?
Q7. What are different risk management strategies. As a project manager, what will be your
course of action if the risk score is minimal?

Further Readings
David Hillson, (2003) ‘Using a Risk Breakdown Structure in project management’, Journal
of FacilitiesManagement, Vol. 2 Issue: 1, pp.85-97.

Gupta, R., Das, B. and Jain, K. (2021) ‘Risk management of oil refinery construction project:
an Indian case study’, Int. J. Project Organisation and Management, Vol. 13, No. 3, pp.218–
244.

Webby Banda (2019) ‘An integrated framework comprising of AHP,expert questionnaire

survey and sensitivity analysis for risk assessment in mining projects’, International Journal
of Management Science and Engineering Management, 14:3, 180-192,

17