Search the Community
Showing results for tags 'faq'.
Introduction ‘Risk’ is defined by the International Standards Organisation (ISO) 31000:2018 as “effect of uncertainty on objectives”. This is a common definition in risk literature. An alternative definition is “an event, situation which may influence an entity’s ability to achieve desired objectives successfully”. Risk management can therefore be defined as the proactive control of risk in a manner that promotes positive outcomes. For example, for a commuter with the objective of driving a car to work and arriving on time, risks could include: high traffic, a traffic accident, roadworks, and poor driving of the person trying to get to work or other commuters. In order to manage these risks, the commuter would assess the barriers to him or her arriving on time, and come up with a proactive solution, eg. leaving home earlier or deciding to ride a bicycle or park the car and catch public transport to avoid traffic delays. Sources The content on this page was primarily drawn from: Webinar titled ‘Perspectives on Risk: Engineers, frameworks and new ways of thinking', delivered to REBOK Community on 29 May 2018 by Warren Black, Principal and Founder, Complexus
Introduction In order to effectively manage the risks associated with complex, high profile projects, project managers need a set of tools tailored to a project context. Project management decision-making, including the level of contingency set aside for budget and schedule overruns, can be affected by the cognitive biases of stakeholders. Several well-established project management frameworks have risk management modules which can provide project managers with guidance in this area. Elements of project risk management Typical elements of a project risk management framework include: Project governance Project assurance Cost risk management Schedule risk management Contingency risk management Scope risk management Change control Benefits management Many disciplines contribute to project risk management, including risk engineering and safety. Managing risks for individual projects also needs to take into account risks that may be introduced by related projects and areas within the project management organisation, and at the program and portfolio levels. Standards and Frameworks Some of the standards and frameworks specific to project risk management are: PMBOK - The US-based Project Management Institute’s (PMI) Project Management Body of Knowledge (PMBOK) framework includes a module on how risk management should be performed in a project context. This standard is used across a range of industries. PMI has also published a risk-specific standard: The Standard for Risk Management in Portfolios, Programs, and Projects PRINCE2 - Projects In Controlled Environments (PRINCE2) is a popular, UK-based project management standard. It was originally developed as a government standard for information systems projects and includes a risk management approach including a risk register COBIT 5 - Is a recent standard for project management which includes a risk management module. This standard links risk management to governance and insurance, where PRINCE2 and PMBOK treat them as individual modules. and is used extensively in projects to implement information technology solutions such as SAP and Oracle. Challenges A particular challenge for complex projects is building the maturity of internal control systems to increase resilience in the event of unpredictable risks. For this reason, momentum is building in emerging risk management methods including complexity sciences and organisation-wide resilience. Further reading Click this link for a list of related pages Sources: The content on this page was primarily sourced from: Webinar titled ‘Perspectives on Risk: Engineers, frameworks and new ways of thinking’, delivered to REBOK Community on 29 May 2018 by Warren Black, Principal and Founder, Complexus
Introduction Because risk has many forms, sources and contexts, there are numerous branches of risk management. Some examples which engineers may come across in their careers include enterprise risk management, project risk management and risk engineering. This page describes some basic general concepts as an introduction to risk management. The Mechanics of Risk Management The standard process reflected in most conventional risk management environments generally follows a four-step process: Identify the risk: This could involve predicting, forecasting or documenting risks Quantify the risk: This could involve assessing, measuring or prioritise risks. eg. material vs. immaterial risks, immediate vs. non urgent Control the risk:This involves planning for and executing risk treatment or mitigation to do something about identified risks according to how they have been quantified Review the risk: This is an ongoing process of reviewing the progress of the risk, monitoring and recording it until the risk is either either completed or the risk profile has been downgraded. Key concepts in determining the degree of risk are: its probability (likelihood) of occurrence (P) its perceived impact (I) eg. low-level, high-level the strength of the control environment eg. how mature is the system, and how well will it control the risk at hand? These factors can be related in the basic risk management formula: R=(P x I) / C For example, if a risk’s probability and impact are high, and the control environment is weak or has a low effectiveness then the risk could be a major or even extreme threat. If a risk’s probability and impact are low, and the control environment is strong, then the risk is likely to be an insignificant threat. Risk Management Framework When building a risk management solution, the framework required can be divided into six key factors as shown in the diagram below. Diagram courtesy of Warren Black, Complexus Sources The content on this page was primarily drawn from: Webinar titled ‘Perspectives on Risk: Engineers, frameworks and new ways of thinking', delivered to REBOK Community on 29 May 2018 by Warren Black, Principal and Founder, Complexus