YOM POST GRADUATE COLLEGE

Department of Project
Planning and Management
Project Risk Management
Individual Assignment

Prepared by: Wajana Sorsa

ID No: GSEH/214/2014

Submitted to: Tesfaye B. (PhD)

June, 2022
Acknowledgement
Project risk management as a science uses to identify, assign and respond to various risks
throughout the life of project and in the best interest to meet objectives of a certain project. To this
end the Wright ups has supported by reference book of project risk management and teaching
materials provided from by lecture. To this end; I would like to give my deep appreciation and
gratitude to the instructor Dr. Tesfaye for sharing knowledge with brief understanding on the
subject matter and giving the opportunity for all of us on preparing individual and group work
assignments on the subject to intensify basic understanding on project risk management so we
thank you & wish best.
Individual Assignment -Project Risk Management

1. You are on the call with clients. They say the vendor team they hired to create designs is
behind schedule. What should you do? Choose from the following option and explain why
you prefer it;
a. State that your project is also behind the schedule because of it.
b. Log the risk into the Risk Register to assess impact.
c. Do nothing. It’s not your problem.
d. Contact the vendor to help them out.
The right choice is: B
Without proper analysis, you can’t state that a risk has an impact on the project. Likewise,
you should not assume that the risk has no impact at all. Therefore, always log all possible
risks first then decision come latter.
2. Who should be involved in Risk Management activities? Explain
a. Only Project Team.
b. Only Project Manager.
c. As many stakeholders as practical.
d. All stakeholders except clients.
The right choice is: C
You, as a project manager, need to collect as much input and feedback is time and resources
for Risk Management allows. Each stakeholder may have a unique point of view on the
challenges and project risks. By including all possible stakeholders, you identify more
risks.
3. You acquired an expensive piece of equipment for your project. It is known to be sensitive
and fragile in work. Several tasks that require this equipment are on a critical path. What’s
the BEST action you can do to improve the project’s chances for success? Explain
a. Buy insurance to cover the costs of repairs.
b. Hire a technical support team to quickly fix the equipment if needed.
c. Find a good expert to operate the equipment.
d. There’s nothing you can do.
 The right choice is: B
Answers A and B are good solutions. Buying insurance will help to avoid budget overrun.
Finding a good expert will help reduce the probability of breakdown. However, we have
tasks on a critical path. It means they tolerate little risks to the Project Schedule. So, having
a team on standby to keep the equipment working is the best option here.
4. Discuss the relationship between risk avoidance and elimination?
Answer:
Risk avoidance and risk reduction are two strategies to manage risk in project management
sector. Risk avoidance deals with eliminating any exposure to risk that poses a potential
loss, while risk reduction or mitigation deals with reducing the likelihood and severity of
a possible loss. Avoidance and elimination are related, however, avoidance takes place
before the risk exposure, while risk elimination takes place when the risk is already in
place.
5. Give one reason why do we do not transfer all risks by using insurance?
Answer:
We do not transfer all risks by using insurance, because some risks may occur frequently
but have a low severity and no potential for a high severity. These risks would be too
expensive to insure because the price required by the insurer would be too high. This is
because the insurer will require a reward sufficient to make a profit and this may exceed
the expected impact of the loss during a specific period. It is not cost-effective to spend
thousands of dollars in insurance premiums to avoid risk valued in hundreds of dollars.
6. How does the risk management process start?
Answer:
The risk management process starts when the board of directors sets the policies and
philosophy of risk management for the organization.
7. Name two items covered in a risk management statement.
Answer:
The risk management statement constitutes the following items;
 Properly stated policies of the board
 Organizational risk objectives
 Properly set details of the organization’s risk tolerance attitude
8. The project team uses qualitative risk analysis most of the time, however quantitative risk
analysis is done when it is possible. Distinguish between these two approaches and explain
two quantitative risk-analysis tools.
There are two types of risk analysis: qualitative and quantitative. When it comes to project
management, they both sit in the planning stage, but the qualitative analysis comes after
the quantitative if you’re doing both.
Answers:
Qualitative risk analysis
Is subjective tool, the goal is to work out risk severity by predicting the likelihood and
impact of a risk. It usually be performed on all identified risks within a project, as well as
for all types of projects. Risks are usually presented in a risk assessment matrix, which is
then used to explain risks to relevant stakeholders. This risk assessment method is the most
effective but is typically difficult to fund or budget for, due to their lack of numerical
estimates.
Quantitative risk analysis
It is an objective tool, that quantifies project risks which are usually prioritized during
qualitative risk analysis? It relies on data, which is used to analyze risk to budget, deadline
overruns, scope creep, and resource overruns. A quantitative risk analysis deals with
numbers and is therefore limited by the data available. While a full quantitative risk
analysis is always best (more on what that is a little further down), it’s not always possible
or practical to roll out the big guns for a small task.
Quantitative risk-analysis tools

There are many tools and techniques available to perform quantitative risk analysis.
Below are a few of them;

 Decision Tree Analysis: A visual technique that supports decision-making. It is

usually structured using a decision tree that describes a situation under
consideration, and the implications of each of the available choices and possible
scenarios, it also incorporates the cost of each available choice, the probabilities of
each possible scenario, and the rewards of each alternative logical path.
  Expected Monetary Value (EMV): A statistical technique that helps to compare
and evaluate risks. It can be used along with decision tree analysis. The EMV of
opportunities will generally be expressed as positive values, while those of risks
will be negative. EMV is calculated by multiplying the value of each possible
outcome by its probability of occurrence and adding them together.
 Monte Carlo Analysis: Monte Carlo Analysis is performed to model the
probability of various outcomes in a process that can’t handily be estimated because
of the intervention of random variables. The main output from a Monte Carlo
simulation is the s-curve, presenting a cumulative probability distribution of the
range of possible values for the parameter being analyzed (for example, total project
cost, overall duration, end date and so on).

9. Assume you've completed a case study. Explain the risk response strategies and risk owners
you would recommend for each of the potential risks you identified. What function does a
risk owner play in a risk response strategy?
Answer:
Risk Response Strategy is an action plan on that will be done on the project. The main
risk response strategies for threats are Mitigate, Avoid and Transfer in a risk.
The following are the 5 potential risk response Strategies
(a) Risk avoidance
 Changing the project management plan to eliminate the threat
posed by an adverse risk,
 To isolate the project objectives from the risk’s impact and
 To relax the objective that is in jeopardy, such as extending the
schedule or reducing scope.
(b) Risk Transfer
 Risk transference requires shifting the negative impact of a threat,
along with ownership of the response, to a third party.
 Transferring the risk simply gives another party responsibility for
its management; it does not eliminate it.
  Transferring liability for risk is most effective in dealing with
financial risk exposure.
 Risk transference nearly always involves payment of a risk
premium to the party taking on the risk.
(c) Risk Mitigation
 Risk mitigation implies a reduction in the probability and/or
impact of an adverse risk event to an acceptable threshold.
 Taking early action to reduce the probability and/or impact of a
risk occurring on the project is often more effective than trying to
repair the damage after the risk has occurred.
 Adopting less complex processes, conducting more tests, or
choosing a more stable supplier are examples of mitigation actions.
For Opportunities
(d) Risk Exploit
 This strategy may be selected for risks with positive impacts where
the organization wishes to ensure that the opportunity is realized.
 This strategy seeks to eliminate the uncertainty associated with a
particular upside risk by making the opportunity definitely happen.
 Directly exploiting responses include assigning more talented
resources to the project to reduce the time to completion, or to
provide better quality than originally planned.
(e) Risk Share
 Sharing a positive risk involves allocating ownership to a third
party who is best able to capture the opportunity for the benefit of
the project.
 Examples of sharing include, forming risk-sharing partnerships, teams,
special-purpose companies, or joint ventures, which can be established
with the express purpose of managing opportunities.
 (f) Risk Enhance
 This strategy modifies the “size” of an opportunity by increasing
probability and/or positive impacts, and by identifying and
maximizing key drivers of these positive-impact risks.
 Seeking to facilitate or strengthen the cause of the opportunity, and
proactively targeting and reinforcing its trigger conditions, might
increase probability.
For threat and opportunities
(g) Risk Accept
 A strategy that is adopted because it is seldom possible to
eliminate all risk from a project.
 This strategy indicates that the project team has decided not to
change the project management plan to deal with a risk, or is
unable to identify any other suitable response strategy.
 It may be adopted for either threats or opportunities.

A project management risk owner:

Is the individual responsible for observing each potential risk area and also executing a risk
response should a risk event occur. Risk ownership is a key part of a risk response plan; it
assures that all identified risks are accounted for and appropriately monitored. Also, by
assigning responsibility for each specific risk, it is possible avoid finger-pointing and other
unproductive responses to threats and business interruptions that may occur.
What function does a risk owner play in a risk response strategy?

It is the person responsible for monitoring the risks and for selecting and implementing an
appropriate risk response strategy; The functions of the risk owner are to ensure that: Risks
are identified, assessed, managed and monitored,

 Risks are clearly articulated in risk statements

 Appropriate level of risk tolerance is determined
 Various internal stakeholders are assigned responsibility for each of the sub-risks
identified within an enterprise risk
  Risk management is integrated into operational activities
 Gaps in mitigation and monitoring activities are remediated
 The status of mitigation and monitoring efforts are communicated to the Strategic
Enterprise Risk Management Committee
 The internal and external environments are scanned for emerging risks and
opportunities

10. The type and perceived severity of each risk are decided by the degrees of risk monitoring
and control, according to the case study you assume you completed, and only the project
risk register is utilized as an input. Following the project’s “lesson learned” procedure
included a rare official debriefing.
I. Discuss the risk monitoring and control process inputs, tools, and
outputs.
II. How would you advise the project team on how to conduct the lesson
learned process and how important it is in project risk management?
Answers
Risk Monitoring and Control is the process of; identifying, analyzing, and planning for;
• Newly arising risks,
• Keeping path of the identified risks and for those on the watch list risks.
• Reanalyzing existing risks,
• Monitoring trigger conditions for contingency plans
• Monitoring residual risks
• Reviewing the execution of risk responses while evaluating their
effectiveness.
I) Discuss the risk monitoring and control process inputs, tools, and outputs.
Monitoring and Control Inputs
Risk Management Plan
This plan has key inputs that include the assignment of people (including
the risk owners), time, and other resources to project risk management.
Risk Register; The risk register has key inputs that include;
 Identified risks and risk owners,
 Agreed-upon risk responses,
  Specific implementation actions,
 Symptoms and warning signs of risk,
 Residual and secondary risks,
 A watch list of low priority risks, and
 The time and cost contingency reserves.
Approved Change Requests
Approved change requests can include modifications such as work methods,
contract terms, scope, and schedule.
Approved changes can generate risks or changes in identified risks, and
those changes need to be analyzed for any effects upon the risk register,
risk response plan, or risk management plan.
Monitoring and Control Tools & Techniques
Risk Audits
Risk audits examine and document the effectiveness of risk responses in
dealing with identified risks and their root causes, as well as the effectiveness of
the risk management process.
Risk Reassessment
Risk Monitoring and Control often requires identification of new risks
and reassessment of risks, using the processes of this chapter as
appropriate.
Variance and Trend Analysis
Trends in the project’s execution should be reviewed using performance
data collected during monitoring and control.
Outcomes from these analyses may forecast potential deviation of the
project at completion from cost and schedule targets.
Deviation from the baseline plan may indicate the potential impact of
threats or opportunities.
Technical Performance Measurement
Technical performance measurement compares technical
accomplishments during project execution with the project management
plan’s schedule of technical achievement
Contingency Reserve Analysis
 Contingency Reserve analysis compares the amount of the contingency
reserves remaining to the amount of risk remaining at any time in the
project, in order to determine if the remaining reserve is adequate.
Status Meetings
Status meeting may take no time or a long time, depending on the risks
identified, their priority, and difficulty of response.
Monitoring and Control Outputs

Risk Register (Updates)

Outcomes of risk reassessments, risk audits, and periodic risk reviews.
These outcomes may include updates to probability, impact, priority,
response plans, ownership, and other elements of the risk register.
Outcomes can also include closing risks that are no longer applicable.
Requested Changes
Implementing contingency plans or workarounds frequently results in a
requirement to change the project management plan to respond to risks.
Requested changes are prepared and submitted to the Integrated Change
Control process as an output of the Risk Monitoring and Control process.
Recommended Corrective Actions
Recommended corrective actions include contingency plans and
workaround plans.
The latter (workaround) are responses that were not initially planned,
but are required to deal with emerging risks that were previously
unidentified or accepted passively.
Recommended Preventive Actions
Recommended preventive actions are used to bring the project into
compliance or requirement with the project management plan.
Project Management Plan
If the approved change requests have an effect on the risk management
processes, then the corresponding component documents of the project
management plan are revised and re-issued to reflect the approved
changes.
II) How would you advise the project team on how to conduct the lesson learned
process and how important it is in project risk management?

Primarily the lessons learned process in project management enables organizations

to create a culture of sharing knowledge. This process also promotes use of existing
knowledge to achieve project goals and contribute to organizational learning.
How to conducting a lessons learned process;

If there is getting started with lessons learned, the following five steps need to be
stipulated for ensuring accurately capturing, documenting, and sharing the project’s
information in a way that everyone can access.
1. Identify
This is where the lesson learned steps can be identified from the project to document
in step two. The identify phase is made up of three steps:
1.1: Lessons learned survey
Immediately after the project is completed—or at the end of a significant project phase
for larger initiatives—send a lessons learned survey to every project team member.
This way, you’re capturing feedback while it’s still fresh in everyone’s mind. Then,
aggregate that information to get a general picture of what everyone learned from the
project.
The lessons learned survey is one of the most important parts of the lessons learned
process. Below, we have a template you can use. This survey is typically general to
any project, though you can adapt the questions to suit your project’s needs.
1.2: Schedule the lessons learned session
Before the lessons learned session, select a session facilitator. Ideally, find a facilitator
who isn’t the project manager, so team members feel comfortable speaking freely.
Ask the team lead or an adjacent team member to run the session. After scheduling
the lessons learned session, the facilitator shares any pre-reading information to make
sure project team members are on this same page. This could include re-sharing
project planning documentation like the project plan or project objectives. Depending
on the complexity of the project, you could also share a timeline of the project and
accomplishments.
1.3: Conduct the lessons learned
In addition to the lessons learned survey, host a live brainstorming session for all
team members. This is a chance for team members to expand upon their lessons
learned. In particular, there are three main questions to ask during the lessons
learned brainstorming session:
What went right?
What went wrong?
What could be improved?
2. Document

The main point of running a lessons learned session is to share these lessons with the
entire team. Plan to create a detailed lessons learned report with all of the project
information and discussion notes, as well as an executive summary of the lessons
learned for relevant project stakeholders to review.
3. Analyze

Analyze and apply the lessons learned so other teams and future projects can benefit
from it. This is especially relevant if you’re conducting a lessons learned session mid-
project. Analyze the information from the lessons learned survey in order to
effectively improve your project for the upcoming phases. Alternatively, if you’re
running a lessons learned at the end of a project, use the Analyze phase to glean
insights and opportunities before beginning your next project.
4. Store

Store the lessons learned in a central repository that everyone can access, like a project
management tool. With a central source of truth, as project leads can access shared
information to best prepare for their projects.
5. Retrieve

If you’re running a similar project, search for a lessons learned report from a past
project to avoid making the same mistakes from a previous project. These reports
should be shared in a central source of truth that all project managers can review
before beginning the project planning process.
How important it is in project risk management

As responsible professionals we will wish to take advantage of our experience

on this project to benefit future projects.
This means we will spend time thinking about
• what worked well
• what needs improvement, and recording our conclusions in a way that can
be reused by ourselves and others.

Thank You!