Risks are an integral part of Developmental projects. The endeavour should never be to make it risk-free, which could be potentially high in cost. Instead, the focus and endeavour should be
(a) identify the risks correctly
(b) evaluate the risks
(c) determine who is in a better position to manage it and
(d) deploy suitable risk mitigation strategies or allow to price it.
So long, various possible scenarios are evaluated as “what if” situations and suitably strategised in the early stages of the project, there are lesser possibilities for surprises later or potential risks.
The mistake usually done by everyone is to push the risks on the other side. Client shall push the risks to the Contractors, and the Contractors would want the Client to assume all risks. The anomaly is in the gap in understanding of the scope. The Client always believes that everything not stated otherwise is in Contractors scope, and the Contractor believes what is stated is only in his scope. So, what about those not stated in the Contract? When eventually shows up in a project, some of those missed aspects become the point of contention. Force majeure situations should not be misconstrued in the above context, which is dealt contractually.
Following are the steps involved in risk management.
Step 1: Risk evaluation or assessment
Risk evaluation is identifying weak spots in the project that could be related to contract, vendor performance, site constraints, material availability, price of products, labour, PMV etc. and doing a “what if” scenario analysis and potential outcome of such scenarios. Care should be taken to evaluate the project, its components, its constituents and stakeholders. It should be like X-ray screening where we should focus on what it involves as processes and deliverables within each of them. We need a model to assess potential risks. Since risks are closely correlated to gaps, we shall be doing gap analysis in each of the above domains (what it makes it risk-free versus what it is now) and understand where the risks are and how much it can impact the project timeline & cost. The final evaluation should be computed in terms of cost & time. Without objective evaluation of risks (as much as possible), the evaluation cannot lead to possible mitigation strategies. Further, the accurate assessment will also highlight the areas to be focussed rather than chasing all the risks. It is not required to mitigate all the risks so long the impact is low, and probabilities are remote. Equally risk can be transferred or shared for a lesser impact.
Step 2: Assigning probability of occurrence
Assessing the probability of occurrence shall suggest the possible final impact on the project. While there are statistical models available to evaluate the probabilities such as Monte Carlo theorem, it is a specialised job. It requires an enormous amount of past data to arrive at the standard deviation. To make it simpler, while we may develop a model in future, one possible way is, arriving at relevant questions to be answered and breaking them up into multiple smaller questions in a way that we have answers to them in a binary manner (YES/NO) such that the summation of all questions and their answers lead to a reliable probability of occurrence.
Step 3: Risk mitigation strategies & pricing
Once the risks are assessed & probabilities are assigned, we need to translate them into values. Values in terms of net impact on the project cost and time such that we can devise possible strategies to mitigate them. In a perfect scenario, there has to be a single scale for measurement and the time impact due to risks, if possible, should be converted in terms of impact on budget/project cost. This gives us a listing of all potential risks and the values (impact on project cost) against them. Based on this listing, we can pick and choose those risks which we would like to mitigate. Once the same is assessed, the next step is to identify the mitigation strategies against each. There can always be more than one strategy, and each strategy has a cost associated with it irrespective of who incurs it (Phoenix/Contractor/third party risk assumer for a price). The only difference is that the cost associated with mitigation strategies will vary as to who is better positioned to manage the risks & mitigate it. Once the cost of each strategy is evaluated, we need to arrive at the cost-benefit analysis and decide whether it is worth incurring the cost to mitigate it or live with the risk by pricing it appropriately as a contingency.
A suitable model is under-development for risk management and shall be released as part of the process in the next version of this process document.
Back to Top