PMKI Index
Download
the PMKI
Taxonomy

Advanced Risk Management


Location:  PMKI > Project Controls and Scheduling > Advanced Risk Management. 

Risk management topics that extend beyond the basic requirements for the PMP examination.

The PMKI Library

Advanced Risk Management:

- TBA - Temporary link to old page
- Useful external web-links

Other related sections of the PMKI:

- Risk management for the PMP examination
- Schedule risk assessment


 
 


 


Temporary Subject List - this page is being built:

Mosaic's Risk Training:

Our 1 Day Risk Management Workshop will provide trainees with the framework needed to effectively manage risk in a project environment. 

This course includes calculations based on Decision Trees, EMV, PERT, etc and an in-depth analysis of the case study using Mosaics Excel templates for the Risk Register and Risk Management Plan.

Project Risk Overview:


Each risk is something in the future which might or might not occur. This is vital to a proper understanding of risk and planning its management. Risks do not yet exist, indeed they may never exist at all. This makes them quite different from things which have happened in the past or which currently exist in the present. They are different from issues, problems or constraints; past and present events can be analysed and measured, but future events can only be imagined or estimated by people and these estimates will be influenced by the people's perceptions and past experiences. To manage risk effectively you need to deal with both the positive and negative uncertainties that matters by following a structured process that takes into account the affected people's risk tolerance. 

The PMBOK® Guide focuses on the Probability of a risk occurring and its likely Impact if it happens. Practical risk assessments expand on these basic elements to define a more complete range of criteria and the effect of cognitive bias on peoples ability to make rational assessments of any potential gain or loss. In addition to these known unknowns that can be assessed, there are also two types of unknown unknown; knowable unknowns and unknowable unknowns (or Black Swans).  Knowable unknowns can be identified and brought into an effective risk management process but there will always be some Black Swans waiting to surprise you.

The ultimate aim is to manage the risk affecting your project, not to simply list and analyse them; therefore, 
a risk process which does not lead to the implementation of actions to deal with the identified risks is incomplete and useless. The resources on this page focus on practical risk management. We define this as applying sufficient effort to achieve a realistic modification in the risk exposure of your project (or program) whilst recognising it is impossible to remove all risk and any effort spent on risk minimisation should be offset by an increase in the likely value of the project. 
   
For a simple explanation of many statistical calculations, including probability, see: http://www.khanacademy.org/ 


Practical Risk Management Tools

Download Sample Spreadsheet
Price:
- Australian    $20.00
Risk Register:  RiskWS - Excel Template
A practical template for identifying and prioritising the risks associated with a project or program. For each risk:
-  Define the risk category and short name.
-  Describe the risk using an effective 'risk meta language'. All you have to do is 'fill in the gaps'.
-  Prioritise the risk using a powerful qualitative assessment process developed for a US1 billion oil project.
-  Determine the optimum response.
  

The spreadsheet compiles the risk data for transfer into the risk management plan. 
  
The spreadsheet contains a comprehensive 'help' page focused on implementing effective risk management (included in the Sample).
  
This is a very robust, easy to use tool that ensures that all of the identified risks are effectively managed (maximum number of risks per spreadsheet = 200). 
  
Download a free sample: Download Sample Spreadsheet 

Buy the full version

Download Sample Spreadsheet
Price:
- Australian    $20.00
Risk Management Plan:  RMP - Excel Template
A practical template for pro-actively managing the risk treatments outlined in the risk register. For each risk you:
-  Copy the information from the risk register focusing on the urgent and important risks.
-  Define the actions needed to implement an effective risk treatment.
-  Allocate a responsible manager for each action (as well as for the overall risk).
-  Monitor the status of the action including the transfer of appropriate information into the project schedule and cost plan.
-  Keep notes to track decisions and sequence actions.
  

This is a simple tool that provides the critical link between identifying risks in the Risk Register and implementing the actions needed to treat the risks. 
  
Download a free sample: Download Sample Spreadsheet 

Buy the full version

PMI_Risk_Std The Practice Standard for Project Risk Management 

Price: $85.00


The Practice Standard for Project Risk Management covers risk management as it is applied to single projects only and is consistent with other PMI standards. Written for project practitioners, 
this practice standard can be used to validate the risk management process being employed in a specific situation, project or organization. Topics include:
 •  Plan Risk Management
 •  Identify Risks 
 •  Perform Qualitative Risk Analysis
 •  Perform Quantitative Risk Analysis
 •  Plan Risk Responses
 •  Monitor and Control Risks
Buy -Australian sales only

Practical Risk Management Papers

A full listing of all risk resources: Visit our Project Managment Knowledge Index.
  
Key Risk White Papers & Articles: 
Risk Published Papers: 
  • A Simple View of ‘Complexity’ in Project Management Complexity theory helps understand the social behaviours of teams and the networks of people involved in and around a project. This paper traces the development of ‘Complexity Theory’ from its origins in Chaos Theory and develops a range of practical suggestions for improving the effectiveness of both communication practice and risk management practice within project management practice based on insights derived from ‘complexity theory’. [View Abstract]
     
  • Construction - A Risky Business - The Australian construction industry is suffering from low and declining profits, this paper identifies some of the factors causing the decline and suggests ways to better align risk and reward by utilising modern forms of contract such as 'Collaborative Working Agreements'. [View Abstract]
     
  • (The) Meaning of Risk in an Uncertain World - Risk management is one of the least appreciated aspects of modern management with most organisations are excessively risk averse. This paper describes the key aspects of risk management needed from the client, the contracting organisation and the project to optimise overall risk management and places risk management within a 'Complexity Theory' and stakeholder management framework. [View Abstract]
     
  • Risk Attitudes in the Construction Industry - Avoidance Does Not Work Risk management is one of the least appreciated aspects of modern construction management with most client organisations are excessively risk averse. This paper describes the key aspects of risk management needed from the client, the contracting organisation and the project to optimise overall risk management. [View Abstract
     
  • Risk Management and Complexity Theory - The Human Dimension of Risk This paper describes the key aspects of risk management from 'complexity theory' and the human perspective. Particular focus is on the risk attitudes and competencies required at each level of management to optimise risk. The paper concludes by developing a range of practical suggestions for improving the effectiveness of risk management practice within projects based on an understanding of ‘complexity theory’ applied to the project environment. [View Abstract]
      
Schedule Risk Tools: Visit our Planning & Scheduling page. 

Risk Blog Posts:

  

  • Risk management:  
    • Mosaic's Risk Management home page
    • PMI's Practice Standard for Risk Management
    • Mosaic's list of annotated Risk web links
    • PP: The Meaning of Risk in an Uncertain World. This paper describes the key aspects of risk management needed from the client, the contracting organisation and the project to optimise overall risk management in a complex environment.  
    • Prs: Risk Management and Complexity Theory - The Human Dimension of Risk. The key aspects of risk management from the perspective of complexity theory and human interactions, with a view to optimising the overall risk management for a project and its host organisation.   
    • Prs: Portfolio governance and risk – it’s all about the stakeholder. There is no such thing as a ‘risk free’ project and the art of portfolio management is to balance the risks and rewards of investing in projects, whilst keeping the overall risk exposure at a level that is acceptable to the organisation, and still generate the expected rewards.   
    • PP: Construction - A Risky Business. This paper identifies some of the factors creating risk in the Australian construction industry and suggests ways to better align risk and reward.    
    • PP: Risk Attitudes in the Construction Industry - Avoidance Does Not Work. Most client organisations are excessively risk averse, and in their attempts to avoid ‘all risk’ expose themselves to more adverse outcomes than if they actively embraced and managed risk.  
    • WP: Risk Management. Managing risks is important because it focuses attention on the uncertainties that matter. This paper looks at the core elements of risk management.  
    • WP: Types of Risk. Risks fall into four broad categories and are created by a variety of factors outlined in this paper.     
    • WP: Risk Assessment. Risks always involve uncertainty, and matter because they have the potential to affect objectives. This means that each risk must be linked to at least one objective and its potential impact assessed objectively.  
    • WP: Probability. Modern risk management practices have developed analytical methodologies to determine the probability of events occurring (or not occurring) that allows contingencies to be calculated based on mathematical certainties.  
    • WPIssues Management. An issue is a current problem that will negatively impact the successful delivery of the project if it is not managed effectively, but issues are not all equally important.   
    • WP: Root cause analysis. Some valuable techniques for understanding the root cause of a problem or an issue in complex situations.  
    • Art: Predicting Future Project Outcomes - The power of uncertainty. Understanding the way Monte Carlo, Latin hypercube and Sampling work to inform risk management decisions. 
    • Art: Distributed -v- Consolidated Contingencies - The power of Portfolios. The effect of combining uncertainties into a ‘portfolio’ of risks is to reduce the overall level of uncertainty in the portfolio. 
    • Art: Risks don't add up.  Understanding that there difference between an individual project risks, the overall risk of a project and the risks associated with a portfolio of projects is complicated but essential for effective risk management.  
    • Art: Standard Deviation for Project Managers.  The concepts behind Standard Deviation and how it is used.  
    • Blg: Stakeholders and Risk. One of the interesting similarities between stakeholder management and risk management is the challenge of knowing what we know and more importantly understanding what we don’t or can’t know.    
    • Blg: Stakeholder Risk Tolerance. The skills that a mature organisation brings to the art of ‘risk management’ is to focus effort on managing risks that can be managed, providing adequate contingencies for those risks that cannot be controlled and deciding how much residual risk is sensible.    
    • Blg: Black Swan Risks. The key definition of a ‘black swan’ proposed by N.N. Taleb is that the ‘black swan’ was unpredicted and unpredictable, but in hindsight it appears that it should have been foreseeable.   
    • Blg: Real Risk Management.  Is any real difference between a bet on which raindrop will reach the bottom of the window first and responding to a bank’s suggestion to fix (or un-fix) the interest rate on your home mortgage?    
    • Blg: Resilience v Risks. Resilience is the ability of a system to return to its original state after being disturbed. Build resilience into you business unit or project team and you have the capacity to deal with the consequences of unforeseen risks.    
    • Blg: The Schedule Compliance Risk Assessment Methodology (SCRAM). SCRAM focuses on schedule feasibility and root causes for slippage. It makes no judgment about whether or not a project is technically feasible.   
    • Blg: Stakeholders and Reputational Risk. Your reputation is created in the minds of other people - creating it, managing it, and protecting it is hard work.  
    • Blg: The language used to define risks can contribute to failure. A corporate culture that prevents the honest description of a risk or allows imprecise definitions is a significant threat to pragmatic risk management.     
  • PERT and Monte Carlo:   
  • Contingencies and Reserves:   
    • Blg: The flaw of averages. The flaw of averages defined in a book of the same name states that any plan based on average assumptions is wrong on average!     
    • Blg: Averaging the Power of Portfolios. The interaction between dependent risk and independent risk is interesting and will significantly change the overall probability of success or failure of an endeavour or organisation.    
    • Art: Distributed -v- Consolidated Contingencies - The power of Portfolios. The effect of combining uncertainties into a ‘portfolio’ of risks is to reduce the overall level of uncertainty in the portfolio.   

Risk Management Planning
   

To manage risk effectively you need to deal with uncertainty that matters by following a structured process that takes into account the people aspects (eg, risk tolerance). Each risk is something in the future which might or might not occur. This is vital to a proper understanding of risk and planning its management. Risks do not yet exist, indeed they may never exist at all. This makes them quite different from things which have happened in the past or which currently exist in the present. This makes risks different from issues, problems or constraints; past and present events can be analysed and measured, but future events can only be imagined or estimated by people and these estimates will be influenced by the people's perceptions and past experiences. The general flow of processes needed for effective risk management are outlined in WP1047.
  
- PMI Practice Standard for Project Risk Management is available free of charge to PMI members

  
- Paper: The Meaning of Risk in an Uncertain World 
- Paper: Risk Management and Complexity Theory   

  
- Blog (Feb. 2009): Risky Business 
- Blog (July 2009): A Long Tail    

Risk Tools and Techniques
   
Decision Trees
:  One of the best guides to decision trees is at http://www.mindtools.com/dectree.html
  
Venn Diagrams: Show all hypothetically possible logical relations between a finite collection of sets. WP1040 describes there use.
    
   
Complex Decision Making: Many aspects of project management involve making complex decisions - this CSIRO paper provides valuable insights into how people make complex decisions: download the paper
   
Monte Carlo and Latin hypercube:  Predicting Future Project Outcomes - The power of uncertainty



Useful external web-links

Self-paced PMI-SP Training