OPSM 639, C. Akkan1 Defining Risk Risk is –the undesirable events, their chances of occurring and their consequences. Some risk can be identified before.

OPSM 639, C. Akkan 1

Defining Risk

• Risk is– the undesirable events, their chances of occurring and

their consequences.

• Some risk can be identified before the project starts, whereas some others cannot be imagined.

• Risks can have negative effect on the main objectives of the project: – cost, schedule and performance (quality)

OPSM 639, C. Akkan 2

Risk Planning

• Risk Planning involves– Identification of risks.– Analysis and assessment of risks.– Contingency planning.

• One advantage of risk planning:– Helps project manager to take risks when there is a

potential advantage.

OPSM 639, C. Akkan 3

Risk Information

• For each risk the following information must be developed– The event forming the risk.

– All outcomes of the event.

– The magnitude (severity) of the event’s impact.

– Probability of the event occurring.

– The time(s) at which the event might occur.

OPSM 639, C. Akkan 4

Risk Information

• Example:– Activity ‘A’ might take twice as long.,– Outcomes: project delayed, cost increased, a critical

resource will be overburdened for some time.– Magnitudes: delay could be anywhere between 5% to

10% of total planned project duration. Total project cost can go up by 4%.

– Chances: 10% probability estimated.

OPSM 639, C. Akkan 5

Managing Risk –Identification of Risks

• Identification of risks:– The entire management team should be involved.– First focus on macro risks that might affect the entire

project. Some useful questions:• Are the core competencies of the firm adequate for the

challenges of the project?• What is the degree of novelty in the project?• Which one is the biggest risk: cost, time or performance?

– After the macro risks, more specific risks can be identified using the WBS.

– Risks can be classified based on their source• External and internal risks

OPSM 639, C. Akkan 6

Risk Analysis and Assessment

• Risk analysis attempts to quantify the severity of the impact of an identified risk event.

• By doing risk analysis, you can select potential risk events that need attention because there is a high chance of occurrence and/or large impact.

• Developing a “Risk Assessment Matrix” is a useful first step.

OPSM 639, C. Akkan 7

Risk Analysis and Assessment

• Risk assessment matrix for “switching to a new e-mail software.

Risk event Chance - LMH Severity - LMHDetection difficulty - LMH When

System freezing Low High High StartupUser complaint High Medium Medium Post-installationHardware failure Low High High Installation

• Assessments could either be subjective or quantitative.

OPSM 639, C. Akkan 8

Semi-quantitative Scenario Analysis

• Obtain three estimates (the team members must be 90% confident that the three estimates will be accurate):– Baseline duration: there is 50% chance of project being complete

in this time.– Best-case duration: there is 10% chance of project being complete

in this time.– Worst-case duration: there is 90% chance of project being

complete in this time.

• Once the three estimates are made, it would be very useful to– Graph the three schedules– Document time estimates, costs and assumptions

OPSM 639, C. Akkan 9

Probabilistic Risk Analysis Techniques

• Decision trees to assess alternative courses of action, using expected value criterion.– Covered in OPSM 632 Management Science

• Monte Carlo simulation– Covered in OPSM 633 Business Simulation

– Some applications:• NPV calculations with statistical variations.

• PERT simulation to identify project schedule risk.

OPSM 639, C. Akkan 10

Sensitivity Analysis

• Sensitivity Analysis:– Main idea: see the effect of changing values for project

parameters on the outcomes.– For example:

• Effect of changing project durations on total project time.• Effect of changing certain cost categories (or variables that

affect cost) on total project cost.

– Easily done by Monte Carlo simulation.

OPSM 639, C. Akkan 11

Establishing Contingency Reserves

• Because plans seldom materialize as estimated, it is common practice to have a contingency funds.– These should be agreed upon before the project starts.

• The amount typically depends on the uncertainty and risk of schedule and cost estimates.– A low risk project might have a contingency reserve of

1 to 2% of the total cost.

– This percentage might be up to 20% in high risk projects.

OPSM 639, C. Akkan 12

Responding to Risk

• After a risk is identified and assessed there are four types of actions:– Reduce risk:

• In software development parallel innovation processes are used in case one fails.

– Transfer risk• Passing risk to another party (almost always results in paying a

premium).• Examples:fixed price contracts; insurance.

OPSM 639, C. Akkan 13

Responding to Risk

– Retain risk• Some very large risks (e.g. earthquake) cannot be reduced or

retained. The chances are quite lowç so you accept it.• Sometimes you accept the risk and place a budget reserve for

it, in case it materializes.• Sometimes you just ignore the risk.

– Share risk• Allocate portions of risk to different parties. • Example: Airbus R&D is done by several countries.

OPSM 639, C. Akkan 14

Responding to Risk

• Contingency planning– Without a contingency plan, a manager cannot react to

a risk event quickly. This results in• Panic• Crisis mismanagement• Acceptance of first solution suggested.

• Conditions for activating (or triggering) a contingency plan must be decided and documented.

OPSM 639, C. Akkan 15

Responding to Risk

• Risk response matrix

Risk eventAccept, reduce, share, transfer

Contingency plan Trigger

System freezing Reduce Reinstall OS Frozen for 1 hrUser complaint Reduce Increase staff

supportCall from top management

Hardware failure Transfer Order different brand

Replacement doesn't work

Use a supplier with a warranty

Experiment with a prototype

OPSM 639, C. Akkan 16

Managing Risk – Schedule Risks

• Use of slack– Recall that total slack is shared by multiple activities.– A manager should not use the slack available for his

activity irresponsibly. It may be needed by activities later on the path.

– Managing slack can reduce schedule risks!• Incentive systems to report early completion of activities?

OPSM 639, C. Akkan 17

Managing Risk – Schedule Risks

• Problem with imposed deadlines– Since imposed by upper management, typically too

tight for the normal activity durations.

– Results in increased cost, higher probability of being late.

– Fundamental question: Are these deadlines due to poor planning or are they really necessary?

OPSM 639, C. Akkan 18

Managing Risk – Schedule Risks

• Compressed project schedule– Increases the number of critical paths.

– The more the number of critical (or near critical) paths, the higher the chance of a late project.

• Much harder to manager and control a large number of critical activities.

OPSM 639, C. Akkan 19

Managing Risk – Cost Risks

• Most cost risks are due to errors in schedule and technical estimates.

• Other issues: exchange rate and inflation risks.• An objective of minimizing net present value of

costs would make a late-start schedule more attractive.– This would reduce slacks and increase schedule risks.

OPSM 639, C. Akkan 20

Example: Cost Risk Analysis

• File: CostEstimating.xls

• Using Excel’s

• Data-Subtotal functionality, which creates an outline automatically.

• @RISK for performing simulation.

OPSM 639, C. Akkan 21

Example: Cost Risk Analysis

• Some questions:– Will the contingency funds be enough?

– What is the expected cost of the project?

68 72 76 80 84

5% 90% 5% 71,1 79,4

Mean=7,465574E+07

Distribution for PROJECT TOTAL/L40

Val

ues

in 1

0 ̂-

7

Values in Millions

0,000

0,200

0,400

0,600

0,800

1,000

1,200

1,400

1,600

Mean=7,465574E+07

68 72 76 80 84

@RISK Student VersionFor Academic Use Only

Minimum $69,361,820.00

Maximum $82,174,300.00

Mean $74,655,740.00

Std Dev $2,570,983.00

OPSM 639, C. Akkan 22

Example: Cost Risk Analysis

• To which cost component is the total project cost most sensitive? – In other words, how much of the variance in total project cost is

due to variance of cost components.

Regression Sensitivity for PROJECTTOTAL/L40

Std b Coefficients

CENRTC/L17 ,04

SAFETY & ENVIRONMENTAL/L38 ,083

PROJECT MANAGEMENT/L5 ,083

OTHER PROJECT COST/L31 ,119

ENGINEERING/L12 ,243

CONSTRUCTION/L26 ,96@R

ISK

Student V

ersion

-1 -0,75 -0,5 -0,25 0 0,25 0,5 0,75 1

OPSM 639, C. Akkan 23

Example: Schedule Risk Analysis

• Filename: CriticalPath.xls

• We will determine the probability distribution for the project duration and probability of each activity being on the critical path for the following project network.

OPSM 639, C. Akkan 24

Example: Schedule Risk Analysis

OPSM 639, C. Akkan 25

Example: Schedule Risk Analysis

OPSM 639, C. Akkan 26

Example: Schedule Risk Analysis

CriticalActs (N5 to N24)

0,00

0,25

0,50

0,75

1,00

N5 N6 N7 N8 N9 N10 N11 N12 N13 N14 N15 N16 N17 N18 N19 N20 N21 N22 N23 N24Cell:=Mean,+1/-1SD =+95%,-5%

@RISK Student VersionFor Academic Use Only

The yellow line gives the estimated probability of each activity being on the critical path.