<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en-GB">
	<id>http://13.50.150.85/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=S141543</id>
	<title>DTU ProjectLab - User contributions [en-gb]</title>
	<link rel="self" type="application/atom+xml" href="http://13.50.150.85/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=S141543"/>
	<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php/Special:Contributions/S141543"/>
	<updated>2026-07-14T18:07:59Z</updated>
	<subtitle>User contributions</subtitle>
	<generator>MediaWiki 1.43.3</generator>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Management_of_risk&amp;diff=17674</id>
		<title>Talk:Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Management_of_risk&amp;diff=17674"/>
		<updated>2015-09-28T22:03:06Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Reviewer 2: Jacob&lt;br /&gt;
&lt;br /&gt;
*Before the final deliverance, I would suggest a thorough spell- and gramma check, as well as revamping where you set full stops, since there are many unnecessarry and wrongfully placed full stops, which severely limits the readability (Example: &amp;quot;&amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could&amp;quot; - the full stop should in this case have been a comma, if anything)&lt;br /&gt;
*Secondly, parts of a website is called sections, not chapters, for the unwritten reference you have. You also have a few other references that haven&#039;t been created yet - I would suggest removing the references and possibly just giving a short description of what you&#039;re referring to instead (For instance, COntingency in the &amp;quot;For Projects&amp;quot; section).&lt;br /&gt;
*Next, you&#039;re not following the structure of the article as supposed - I&#039;m not sure how much of a problem that is, though, since the alternative structure you have used make sense to me, and also includes many of the requirements from the description (i.e. Introduction, limitations, Big idea (although renamed)). &lt;br /&gt;
*I would also suggest a few more figures, for instance of Fault Trees, or some of the other methods, just to give a different visual effect.&lt;br /&gt;
*Finally, I would elaborate on the subjects of the General methodology, the Important principles and the benefits, making them more than just a set of bullet points.&lt;br /&gt;
&lt;br /&gt;
Response from author:&lt;br /&gt;
Thank you for providing me with very valid points!&lt;br /&gt;
* I change the subject of my article just before the deadline of version 1. The grammar and spelling was therefore very bad as it was written in a rush. I hope it is OK now.&lt;br /&gt;
* Noted and changed&lt;br /&gt;
* Changed the structure&lt;br /&gt;
* Was not finished at the time of version 1, has much more text now&lt;br /&gt;
&lt;br /&gt;
Reviewer 1: Lea&lt;br /&gt;
*You are following the Method-article type. The general outline of your article gives good guidance to the topic. I am missing a bit of the application or implementation part.&lt;br /&gt;
*Structure: There is a good structure but the “abstract” in the beginning and the first heading introduction are not very clear. A short summary of the article would be good. Also an abstract should not exceed 200 words. &lt;br /&gt;
*Introduction. It is said that one ISO guide complements the other. Is this information relevant? Maybe an explanation of why you start out with the ISO guide.&lt;br /&gt;
* There are a few spelling mistakes, but your sentences are short and can be easily read. &lt;br /&gt;
*The figure in the beginning cannot be read. Maybe change the pixel size. If you do not have more complimentary figures, I think it is fine. Otherwise one or two more pictures would give a better overview. &lt;br /&gt;
*The subject is interesting and definitely corresponds to the course subject. Since there are still some Headings without text, I guess you are not done writing yet. For the further progress I would suggest to try and get more “grip” on the topic. Narrow it down in the end to maybe one tool. &lt;br /&gt;
*Sources are unfortunately a little sparse. I would suggest to get more information from relevant articles or books. &lt;br /&gt;
*Annotated bibliography has not yet been added. &lt;br /&gt;
*Some words are highlighted in the text but they are just linked to a blank page. Maybe you wanted to link the text to other wiki articles?&lt;br /&gt;
&lt;br /&gt;
Response from author:&lt;br /&gt;
Thank you for pointing out what had to be changed!&lt;br /&gt;
* the structure has changed from version 1, hope the application and implementation is clear now&lt;br /&gt;
* Changed this part&lt;br /&gt;
* Found a better image&lt;br /&gt;
* Correct!&lt;br /&gt;
* Found relevant references as most of the article was changed after version 1&lt;br /&gt;
* Links to other wiki articles added&lt;br /&gt;
&lt;br /&gt;
Reviewer 3: s141569&lt;br /&gt;
&lt;br /&gt;
The topic of the article is really interesting. It is obvious that there are lots of modifications that they need to be done because the article is under construction.&lt;br /&gt;
&lt;br /&gt;
I would suggest (maybe the author has the same thoughts, I do not know) that it would be very engaging the usage of figures and a video for this kind of topic.&lt;br /&gt;
*Some spelling errors found and some other syntax. Probably they are due to momentum because they do not seem to be so significant.&lt;br /&gt;
*Figures are not illustrated but I hope that there is going to be few of them&lt;br /&gt;
* The article is properly formatted under the typical wiki-article structure. It would be awesome to add some hyper-links leading to other wiki-pages related to the topic.&lt;br /&gt;
*I think that the final version is going to be very interesting for a practitioner&lt;br /&gt;
*The article is highly related to a project, program or portfolio management topic&lt;br /&gt;
*The length at this time is at the 1/3 of what it should be, however I suppose that at the finishing it is going to be at the appropriate standards.&lt;br /&gt;
*The structure seems to follow a logical flow among the chapters of the article.&lt;br /&gt;
*The starting summary is appropriate for the article until now&lt;br /&gt;
*There are three references, but I consider that there are going to be some more until the finish.&lt;br /&gt;
*There are no links to other relevant pages in appp wiki yet.&lt;br /&gt;
&lt;br /&gt;
Response from author:&lt;br /&gt;
Thank you very much for a good review!&lt;br /&gt;
* fixed spelling&lt;br /&gt;
* added figures&lt;br /&gt;
* added links to wiki pages&lt;br /&gt;
* thank you!&lt;br /&gt;
* added references&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17552</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17552"/>
		<updated>2015-09-28T21:27:14Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Figure 1: Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained in detail and risk assessment tools explained. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|500px|thumb|center|Figure 2: Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context. &#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [https://en.wikipedia.org/wiki/Quantitative quantitative] or [https://en.wikipedia.org/wiki/Qualitative qualitative] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;Klinke Andreas and Renn Ortwin. A New Approach to Risk Evaluation and Management: Risk-Based, Precaution-Based, and Discourse-Based Strategies. Risk Analysis, Vol. 22, No. 6, 2002. PP 1070  http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Risk assessment tools==&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Hazard_and_operability_study Hazard and operability study (HAZOP)]===&lt;br /&gt;
&lt;br /&gt;
Was initially developed to analyse chemical systems, but has been extended to other types of systems and complex operations. It is a technique to identify risks to people, equipment, environment and/or organizational objectives. The technique is qualitative and uses guide words which question how the design intention or operating conditions might not be achieved in the design, process, procedure or system. Lastly, it identifies failure modes of a process, system or procedure, their causes and consequences.&lt;br /&gt;
&lt;br /&gt;
HAZOP guide words and meanings: &amp;lt;ref&amp;gt;https://cdn.auckland.ac.nz/assets/ecm/documents/Hazard-Operability-Studies.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Guide word&lt;br /&gt;
! Meaning&lt;br /&gt;
|-&lt;br /&gt;
| NO OR NOT&lt;br /&gt;
| Complete negation of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| MORE&lt;br /&gt;
| Quantitative increase&lt;br /&gt;
|-&lt;br /&gt;
| LESS&lt;br /&gt;
| Quantitative decrease&lt;br /&gt;
|-&lt;br /&gt;
| AS WELL AS&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| PART OF&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| REVERSE&lt;br /&gt;
| Logical opposite of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| OTHER THAN&lt;br /&gt;
| Complete substitution&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Structured_What_If_Technique Structured What-IF technique (SWIFT)]===&lt;br /&gt;
&lt;br /&gt;
Originally developed as a simpler alternative to HAZOP. It uses standard &#039;what-if&#039; type phrases in combination with the prompts to investigate how a system, plan item, organization or procedure will be affected by deviations from normal operations and behaviour. It is normally applied at a more of a system level with a lower level of detail than HAZOP.&lt;br /&gt;
&lt;br /&gt;
The SWIFT tool is easy to use and has a simple template. The template and an example of an event are for example: &amp;lt;ref&amp;gt;http://activeriskcontrol.com/tools-and-templates/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! What if&lt;br /&gt;
! Answer&lt;br /&gt;
! Likelihood&lt;br /&gt;
! Consequences&lt;br /&gt;
! Recommendations&lt;br /&gt;
|-&lt;br /&gt;
| Brakes on a car stop working&lt;br /&gt;
| Car won&#039;t be able to brake&lt;br /&gt;
| Low&lt;br /&gt;
| Possible crash&lt;br /&gt;
| Get brakes checked on regular basis&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Fault_tree_analysis Fault Tree Analysis (FTA)]===&lt;br /&gt;
&lt;br /&gt;
Fault tree analysis is a technique for identifying and analysing factors that can contribute to a specified undesired event (called the &amp;quot;top event&amp;quot;). Causal factors are deductively identified, organised in a logical manner and represented pictorially in a tree diagram which depicts causal factors and their logical relationships to the top event. A fault tree may be used qualitatively to identify potential causes and pathways to a failure (the top event) or quantitatively to calculate the probability of the top event, given knowledge of the probabilities of causal events.&lt;br /&gt;
&lt;br /&gt;
The following figures will:&lt;br /&gt;
&lt;br /&gt;
Show the symbols used in FTA and show an example of a fault tree:&lt;br /&gt;
&lt;br /&gt;
[[File:FTA1.png|900px|thumb|left|Figure 3: Symbols in FTA &amp;lt;ref&amp;gt;http://conceptdraw.com/solution-park/resource/images/solutions/fault-tree-analysis-diagrams/Design-elements-Fault-tree-analysis-solution-Sample.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
[[File:FTA2.png|1000px|thumb|right|Figure 4: Example of a fault tree &amp;lt;ref&amp;gt;http://reliawiki.com/images/thumb/e/ea/10.5.png/450px-10.5.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Other mentionable tools==&lt;br /&gt;
&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Failure_mode_and_effects_analysis Failure mode and effect analysis (FMEA)]&lt;br /&gt;
* [http://www2.mitre.org/work/sepo/toolkits/risk/procedures/brainstorming.html Brainstorming]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Structured_interview Structured or semi-structured interviews]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Delphi_method Delphi method]&lt;br /&gt;
* [http://www.safetyrisk.net/risk-assessment-checklist/ Check-lists]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Hazard_analysis Primary hazard analysis]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Hazard_analysis_and_critical_control_points Hazard analysis and critical control points (HACCP)]&lt;br /&gt;
* [http://www.dantes.info/Tools&amp;amp;Methods/Environmentalassessment/enviro_asse_era.html Environmental risk assessment]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Event_tree_analysis Event tree analysis]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
These benefits can be achieved if risk management is run effectively. As figure 1 shows, communication and consultation as well as monitoring and reviewing are key factors for a successful risk management.&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
&lt;br /&gt;
There are of course limitations to risk management, otherwise organizations would never experience failure as they would have answers to everything if the risk management process had been done properly.&lt;br /&gt;
&lt;br /&gt;
The first limitation is regarding prioritizing, by prioritizing the risk management processes too highly could keep an organization from ever completing a project or even getting started.&lt;br /&gt;
&lt;br /&gt;
Second is regarding if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. It is inevitable that unlikely events will occur at some point. If the risk is unlikely enough to occur sometimes it may even be better to simply retain the risk and deal with the consequences.&lt;br /&gt;
&lt;br /&gt;
Third is about qualitative risk assessment, it is subjective and lacks consistency.&lt;br /&gt;
&lt;br /&gt;
Subjective assessments are often influenced by past experience. This is a dangerous shortcoming of the process, because one thing we have learned over the years is that the past is not always a reliable indicator of what to expect in the future&lt;br /&gt;
&lt;br /&gt;
To summarize, an assessment process that subjects all risks to the same analytical grid has shortcomings that need to be recognized. If very little happens as a result of an organization&#039;s risk assessment process, it is a clear sign that alternative approaches should be considered.&amp;lt;ref&amp;gt;http://corporatecomplianceinsights.com/the-limitations-of-traditional-risk-assessments/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Conclusions=&lt;br /&gt;
&lt;br /&gt;
I think it is safe to say that risk management is very important for every organization in order to maximize the probability of achieving their objectives. There is a wide range of tools that can be used in different circumstances in risk management. Every organization should find the proper tools and perform risk management no matter their size. As stated in the limitation section, risk management can also have its flaws. Communication strategies as well as constantly reviewing and monitoring the process are the most likely ways to prevent these flaws to occur. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17493</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17493"/>
		<updated>2015-09-28T21:11:25Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Figure 1: Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained in detail and risk assessment tools explained. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|500px|thumb|center|Figure 2: Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context. &#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [https://en.wikipedia.org/wiki/Quantitative quantitative] or [https://en.wikipedia.org/wiki/Qualitative qualitative] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Risk assessment tools==&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Hazard_and_operability_study Hazard and operability study (HAZOP)]===&lt;br /&gt;
&lt;br /&gt;
Was initially developed to analyse chemical systems, but has been extended to other types of systems and complex operations. It is a technique to identify risks to people, equipment, environment and/or organizational objectives. The technique is qualitative and uses guide words which question how the design intention or operating conditions might not be achieved in the design, process, procedure or system. Lastly, it identifies failure modes of a process, system or procedure, their causes and consequences.&lt;br /&gt;
&lt;br /&gt;
HAZOP guide words and meanings: &amp;lt;ref&amp;gt;https://cdn.auckland.ac.nz/assets/ecm/documents/Hazard-Operability-Studies.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Guide word&lt;br /&gt;
! Meaning&lt;br /&gt;
|-&lt;br /&gt;
| NO OR NOT&lt;br /&gt;
| Complete negation of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| MORE&lt;br /&gt;
| Quantitative increase&lt;br /&gt;
|-&lt;br /&gt;
| LESS&lt;br /&gt;
| Quantitative decrease&lt;br /&gt;
|-&lt;br /&gt;
| AS WELL AS&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| PART OF&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| REVERSE&lt;br /&gt;
| Logical opposite of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| OTHER THAN&lt;br /&gt;
| Complete substitution&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Structured_What_If_Technique Structured What-IF technique (SWIFT)]===&lt;br /&gt;
&lt;br /&gt;
Originally developed as a simpler alternative to HAZOP. It uses standard &#039;what-if&#039; type phrases in combination with the prompts to investigate how a system, plan item, organization or procedure will be affected by deviations from normal operations and behaviour. It is normally applied at a more of a system level with a lower level of detail than HAZOP.&lt;br /&gt;
&lt;br /&gt;
The SWIFT tool is easy to use and has a simple template. The template and an example of an event are for example: &amp;lt;ref&amp;gt;http://activeriskcontrol.com/tools-and-templates/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! What if&lt;br /&gt;
! Answer&lt;br /&gt;
! Likelihood&lt;br /&gt;
! Consequences&lt;br /&gt;
! Recommendations&lt;br /&gt;
|-&lt;br /&gt;
| Brakes on a car stop working&lt;br /&gt;
| Car won&#039;t be able to brake&lt;br /&gt;
| Low&lt;br /&gt;
| Possible crash&lt;br /&gt;
| Get brakes checked on regular basis&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Fault_tree_analysis Fault Tree Analysis (FTA)]===&lt;br /&gt;
&lt;br /&gt;
Fault tree analysis is a technique for identifying and analysing factors that can contribute to a specified undesired event (called the &amp;quot;top event&amp;quot;). Causal factors are deductively identified, organised in a logical manner and represented pictorially in a tree diagram which depicts causal factors and their logical relationships to the top event. A fault tree may be used qualitatively to identify potential causes and pathways to a failure (the top event) or quantitatively to calculate the probability of the top event, given knowledge of the probabilities of causal events.&lt;br /&gt;
&lt;br /&gt;
The following figures will:&lt;br /&gt;
&lt;br /&gt;
Show the symbols used in FTA and show an example of a fault tree:&lt;br /&gt;
&lt;br /&gt;
[[File:FTA1.png|900px|thumb|left|Figure 3: Symbols in FTA &amp;lt;ref&amp;gt;http://conceptdraw.com/solution-park/resource/images/solutions/fault-tree-analysis-diagrams/Design-elements-Fault-tree-analysis-solution-Sample.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
[[File:FTA2.png|1000px|thumb|right|Figure 4: Example of a fault tree &amp;lt;ref&amp;gt;http://reliawiki.com/images/thumb/e/ea/10.5.png/450px-10.5.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Other mentionable tools==&lt;br /&gt;
&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Failure_mode_and_effects_analysis Failure mode and effect analysis (FMEA)]&lt;br /&gt;
* [http://www2.mitre.org/work/sepo/toolkits/risk/procedures/brainstorming.html Brainstorming]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Structured_interview Structured or semi-structured interviews]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Delphi_method Delphi method]&lt;br /&gt;
* [http://www.safetyrisk.net/risk-assessment-checklist/ Check-lists]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Hazard_analysis Primary hazard analysis]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Hazard_analysis_and_critical_control_points Hazard analysis and critical control points (HACCP)]&lt;br /&gt;
* [http://www.dantes.info/Tools&amp;amp;Methods/Environmentalassessment/enviro_asse_era.html Environmental risk assessment]&lt;br /&gt;
* [https://en.wikipedia.org/wiki/Event_tree_analysis Event tree analysis]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
These benefits can be achieved if risk management is run effectively. As figure 1 shows, communication and consultation as well as monitoring and reviewing are key factors for a successful risk management.&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
&lt;br /&gt;
There are of course limitations to risk management, otherwise organizations would never experience failure as they would have answers to everything if the risk management process had been done properly.&lt;br /&gt;
&lt;br /&gt;
The first limitation is regarding prioritizing, by prioritizing the risk management processes too highly could keep an organization from ever completing a project or even getting started.&lt;br /&gt;
&lt;br /&gt;
Second is regarding if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. It is inevitable that unlikely events will occur at some point. If the risk is unlikely enough to occur sometimes it may even be better to simply retain the risk and deal with the consequences.&lt;br /&gt;
&lt;br /&gt;
Third is about qualitative risk assessment, it is subjective and lacks consistency.&lt;br /&gt;
&lt;br /&gt;
Subjective assessments are often influenced by past experience. This is a dangerous shortcoming of the process, because one thing we have learned over the years is that the past is not always a reliable indicator of what to expect in the future&lt;br /&gt;
&lt;br /&gt;
To summarize, an assessment process that subjects all risks to the same analytical grid has shortcomings that need to be recognized. If very little happens as a result of an organization&#039;s risk assessment process, it is a clear sign that alternative approaches should be considered.&amp;lt;ref&amp;gt;http://corporatecomplianceinsights.com/the-limitations-of-traditional-risk-assessments/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Conclusions=&lt;br /&gt;
&lt;br /&gt;
I think it is safe to say that risk management is very important for every organization in order to maximize the probability of achieving their objectives. There is a wide range of tools that can be used in different circumstances in risk management. Every organization should find the proper tools and perform risk management no matter their size. As stated in the limitation section, risk management can also have its flaws. Communication strategies as well as constantly reviewing and monitoring the process are the most likely ways to prevent these flaws to occur. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17433</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17433"/>
		<updated>2015-09-28T20:42:40Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Figure 1: Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained in detail and risk assessment tools explained. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|500px|thumb|center|Figure 2: Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context. &#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [https://en.wikipedia.org/wiki/Quantitative quantitative] or [https://en.wikipedia.org/wiki/Qualitative qualitative] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Risk assessment tools==&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Hazard_and_operability_study Hazard and operability study (HAZOP)]===&lt;br /&gt;
&lt;br /&gt;
Was initially developed to analyse chemical systems, but has been extended to other types of systems and complex operations. It is a technique to identify risks to people, equipment, environment and/or organizational objectives. The technique is qualitative and uses guide words which question how the design intention or operating conditions might not be achieved in the design, process, procedure or system. Lastly, it identifies failure modes of a process, system or procedure, their causes and consequences.&lt;br /&gt;
&lt;br /&gt;
HAZOP guide words and meanings: &amp;lt;ref&amp;gt;https://cdn.auckland.ac.nz/assets/ecm/documents/Hazard-Operability-Studies.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Guide word&lt;br /&gt;
! Meaning&lt;br /&gt;
|-&lt;br /&gt;
| NO OR NOT&lt;br /&gt;
| Complete negation of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| MORE&lt;br /&gt;
| Quantitative increase&lt;br /&gt;
|-&lt;br /&gt;
| LESS&lt;br /&gt;
| Quantitative decrease&lt;br /&gt;
|-&lt;br /&gt;
| AS WELL AS&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| PART OF&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| REVERSE&lt;br /&gt;
| Logical opposite of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| OTHER THAN&lt;br /&gt;
| Complete substitution&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Structured_What_If_Technique Structured What-IF technique (SWIFT)]===&lt;br /&gt;
&lt;br /&gt;
Originally developed as a simpler alternative to HAZOP. It uses standard &#039;what-if&#039; type phrases in combination with the prompts to investigate how a system, plan item, organization or procedure will be affected by deviations from normal operations and behaviour. It is normally applied at a more of a system level with a lower level of detail than HAZOP.&lt;br /&gt;
&lt;br /&gt;
The SWIFT tool is easy to use and has a simple template. The template and an example of an event are for example: &amp;lt;ref&amp;gt;http://activeriskcontrol.com/tools-and-templates/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! What if&lt;br /&gt;
! Answer&lt;br /&gt;
! Likelihood&lt;br /&gt;
! Consequences&lt;br /&gt;
! Recommendations&lt;br /&gt;
|-&lt;br /&gt;
| Brakes on a car stop working&lt;br /&gt;
| Car won&#039;t be able to brake&lt;br /&gt;
| Low&lt;br /&gt;
| Possible crash&lt;br /&gt;
| Get brakes checked on regular basis&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Fault_tree_analysis Fault Tree Analysis (FTA)]===&lt;br /&gt;
&lt;br /&gt;
Fault tree analysis is a technique for identifying and analysing factors that can contribute to a specified undesired event (called the &amp;quot;top event&amp;quot;). Causal factors are deductively identified, organised in a logical manner and represented pictorially in a tree diagram which depicts causal factors and their logical relationships to the top event. A fault tree may be used qualitatively to identify potential causes and pathways to a failure (the top event) or quantitatively to calculate the probability of the top event, given knowledge of the probabilities of causal events.&lt;br /&gt;
&lt;br /&gt;
The following figures will:&lt;br /&gt;
&lt;br /&gt;
Show the symbols used in FTA and show an example of a fault tree:&lt;br /&gt;
&lt;br /&gt;
[[File:FTA1.png|900px|thumb|left|Figure 3: Symbols in FTA &amp;lt;ref&amp;gt;http://conceptdraw.com/solution-park/resource/images/solutions/fault-tree-analysis-diagrams/Design-elements-Fault-tree-analysis-solution-Sample.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
[[File:FTA2.png|1000px|thumb|right|Figure 4: Example of a fault tree &amp;lt;ref&amp;gt;http://reliawiki.com/images/thumb/e/ea/10.5.png/450px-10.5.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Other mentionable tools==&lt;br /&gt;
&lt;br /&gt;
* Failure mode and effect analysis (FMEA)&lt;br /&gt;
* Brainstorming&lt;br /&gt;
* Structured or semi-structured interviews&lt;br /&gt;
* Delphi&lt;br /&gt;
* Check-lists&lt;br /&gt;
* Primary hazard analysis&lt;br /&gt;
* Hazard analysis and critical control points (HACCP)&lt;br /&gt;
* Environmental risk assessment&lt;br /&gt;
* Event tree analysis&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
These benefits can be achieved if risk management is run effectively. As figure 1 shows, communication and consultation as well as monitoring and reviewing are key factors for a successful risk management.&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
&lt;br /&gt;
There are of course limitations to risk management, otherwise organizations would never experience failure as they would have answers to everything if the risk management process had been done properly.&lt;br /&gt;
&lt;br /&gt;
The first limitation is regarding prioritizing, by prioritizing the risk management processes too highly could keep an organization from ever completing a project or even getting started.&lt;br /&gt;
&lt;br /&gt;
Second is regarding if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. It is inevitable that unlikely events will occur at some point. If the risk is unlikely enough to occur sometimes it may even be better to simply retain the risk and deal with the consequences.&lt;br /&gt;
&lt;br /&gt;
Third is about qualitative risk assessment, it is subjective and lacks consistency.&lt;br /&gt;
&lt;br /&gt;
Subjective assessments are often influenced by past experience. This is a dangerous shortcoming of the process, because one thing we have learned over the years is that the past is not always a reliable indicator of what to expect in the future&lt;br /&gt;
&lt;br /&gt;
To summarize, an assessment process that subjects all risks to the same analytical grid has shortcomings that need to be recognized. If very little happens as a result of an organization&#039;s risk assessment process, it is a clear sign that alternative approaches should be considered.&amp;lt;ref&amp;gt;http://corporatecomplianceinsights.com/the-limitations-of-traditional-risk-assessments/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Conclusions=&lt;br /&gt;
&lt;br /&gt;
I think it is safe to say that risk management is very important for every organization in order to maximize the probability of achieving their objectives. There is a wide range of tools that can be used in different circumstances in risk management. Every organization should find the proper tools and perform risk management no matter their size. As stated in the limitation section, risk management can also have its flaws. Communication strategies as well as constantly reviewing and monitoring the process are the most likely ways to prevent these flaws to occur. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17374</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17374"/>
		<updated>2015-09-28T20:24:21Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained in detail and risk assessment tools explained. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context.&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Risk assessment tools==&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Hazard_and_operability_study Hazard and operability study (HAZOP)]===&lt;br /&gt;
&lt;br /&gt;
Was initially developed to analyse chemical systems, but has been extended to other types of systems and complex operations. It is a technique to identify risks to people, equipment, environment and/or organizational objectives. The technique is qualitative and uses guide words which question how the design intention or operating conditions might not be achieved in the design, process, procedure or system. Lastly, it identifies failure modes of a process, system or procedure, their causes and consequences.&lt;br /&gt;
&lt;br /&gt;
HAZOP guide words and meanings: &amp;lt;ref&amp;gt;https://cdn.auckland.ac.nz/assets/ecm/documents/Hazard-Operability-Studies.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Guide word&lt;br /&gt;
! Meaning&lt;br /&gt;
|-&lt;br /&gt;
| NO OR NOT&lt;br /&gt;
| Complete negation of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| MORE&lt;br /&gt;
| Quantitative increase&lt;br /&gt;
|-&lt;br /&gt;
| LESS&lt;br /&gt;
| Quantitative decrease&lt;br /&gt;
|-&lt;br /&gt;
| AS WELL AS&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| PART OF&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| REVERSE&lt;br /&gt;
| Logical opposite of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| OTHER THAN&lt;br /&gt;
| Complete substitution&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Structured_What_If_Technique Structured What-IF technique (SWIFT)]===&lt;br /&gt;
&lt;br /&gt;
Originally developed as a simpler alternative to HAZOP. It uses standard &#039;what-if&#039; type phrases in combination with the prompts to investigate how a system, plan item, organization or procedure will be affected by deviations from normal operations and behaviour. It is normally applied at a more of a system level with a lower level of detail than HAZOP.&lt;br /&gt;
&lt;br /&gt;
The SWIFT tool is easy to use and has a simple template. The template and an example of an event are for example: &amp;lt;ref&amp;gt;http://activeriskcontrol.com/tools-and-templates/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! What if&lt;br /&gt;
! Answer&lt;br /&gt;
! Likelihood&lt;br /&gt;
! Consequences&lt;br /&gt;
! Recommendations&lt;br /&gt;
|-&lt;br /&gt;
| Brakes on a car stop working&lt;br /&gt;
| Car won&#039;t be able to brake&lt;br /&gt;
| Low&lt;br /&gt;
| Possible crash&lt;br /&gt;
| Get brakes checked on regular basis&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Fault_tree_analysis Fault Tree Analysis (FTA)]===&lt;br /&gt;
&lt;br /&gt;
Fault tree analysis is a technique for identifying and analysing factors that can contribute to a specified undesired event (called the &amp;quot;top event&amp;quot;). Causal factors are deductively identified, organised in a logical manner and represented pictorially in a tree diagram which depicts causal factors and their logical relationships to the top event. A fault tree may be used qualitatively to identify potential causes and pathways to a failure (the top event) or quantitatively to calculate the probability of the top event, given knowledge of the probabilities of causal events.&lt;br /&gt;
&lt;br /&gt;
The following figures will:&lt;br /&gt;
&lt;br /&gt;
Show the symbols used in FTA and show an example of a fault tree:&lt;br /&gt;
&lt;br /&gt;
[[File:FTA1.png|900px|thumb|left|Symbols in FTA &amp;lt;ref&amp;gt;http://conceptdraw.com/solution-park/resource/images/solutions/fault-tree-analysis-diagrams/Design-elements-Fault-tree-analysis-solution-Sample.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
[[File:FTA2.png|1000px|thumb|right|Example of a fault tree &amp;lt;ref&amp;gt;http://reliawiki.com/images/thumb/e/ea/10.5.png/450px-10.5.png&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Other mentionable tools==&lt;br /&gt;
&lt;br /&gt;
* Failure mode and effect analysis (FMEA)&lt;br /&gt;
* Brainstorming&lt;br /&gt;
* Structured or semi-structured interviews&lt;br /&gt;
* Delphi&lt;br /&gt;
* Check-lists&lt;br /&gt;
* Primary hazard analysis&lt;br /&gt;
* Hazard analysis and critical control points (HACCP)&lt;br /&gt;
* Environmental risk assessment&lt;br /&gt;
* Event tree analysis&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
These benefits can be achieved if risk management is run effectively. As figure 1 shows, communication and consultation as well as monitoring and reviewing are key factors for a successful risk management.&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
&lt;br /&gt;
There are of course limitations to risk management, otherwise organizations would never experience failure as they would have answers to everything if the risk management process had been done properly.&lt;br /&gt;
&lt;br /&gt;
The first limitation is regarding prioritizing, by prioritizing the risk management processes too highly could keep an organization from ever completing a project or even getting started.&lt;br /&gt;
&lt;br /&gt;
Second is regarding if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. It is inevitable that unlikely events will occur at some point. If the risk is unlikely enough to occur sometimes it may even be better to simply retain the risk and deal with the consequences.&lt;br /&gt;
&lt;br /&gt;
Third is about qualitative risk assessment, it is subjective and lacks consistency.&lt;br /&gt;
&lt;br /&gt;
Subjective assessments are often influenced by past experience. This is a dangerous shortcoming of the process, because one thing we have learned over the years is that the past is not always a reliable indicator of what to expect in the future&lt;br /&gt;
&lt;br /&gt;
To summarize, an assessment process that subjects all risks to the same analytical grid has shortcomings that need to be recognized. If very little happens as a result of an organization&#039;s risk assessment process, it is a clear sign that alternative approaches should be considered.&amp;lt;ref&amp;gt;http://corporatecomplianceinsights.com/the-limitations-of-traditional-risk-assessments/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Conclusions=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:FTA2.png&amp;diff=17165</id>
		<title>File:FTA2.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:FTA2.png&amp;diff=17165"/>
		<updated>2015-09-28T19:20:17Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:FTA1.png&amp;diff=17164</id>
		<title>File:FTA1.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:FTA1.png&amp;diff=17164"/>
		<updated>2015-09-28T19:20:05Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17162</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=17162"/>
		<updated>2015-09-28T19:19:47Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context.&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Risk assessment tools==&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Hazard_and_operability_study Hazard and operability study (HAZOP)]===&lt;br /&gt;
&lt;br /&gt;
Was initially developed to analyse chemical systems, but has been extended to other types of systems and complex operations. It is a technique to identify risks to people, equipment, environment and/or organizational objectives. The technique is qualitative and uses guide words which question how the design intention or operating conditions might not be achieved in the design, process, procedure or system. Lastly, it identifies failure modes of a process, system or procedure, their causes and consequences.&lt;br /&gt;
&lt;br /&gt;
HAZOP guide words and meanings: &amp;lt;ref&amp;gt;https://cdn.auckland.ac.nz/assets/ecm/documents/Hazard-Operability-Studies.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Guide word&lt;br /&gt;
! Meaning&lt;br /&gt;
|-&lt;br /&gt;
| NO OR NOT&lt;br /&gt;
| Complete negation of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| MORE&lt;br /&gt;
| Quantitative increase&lt;br /&gt;
|-&lt;br /&gt;
| LESS&lt;br /&gt;
| Quantitative decrease&lt;br /&gt;
|-&lt;br /&gt;
| AS WELL AS&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| PART OF&lt;br /&gt;
| Qualitative modification/increase&lt;br /&gt;
|-&lt;br /&gt;
| REVERSE&lt;br /&gt;
| Logical opposite of the design intent&lt;br /&gt;
|-&lt;br /&gt;
| OTHER THAN&lt;br /&gt;
| Complete substitution&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Structured_What_If_Technique Structured What-IF technique (SWIFT)]===&lt;br /&gt;
&lt;br /&gt;
Originally developed as a simpler alternative to HAZOP. It uses standard &#039;what-if&#039; type phrases in combination with the prompts to investigate how a system, plan item, organization or procedure will be affected by deviations from normal operations and behaviour. It is normally applied at a more of a system level with a lower level of detail than HAZOP.&lt;br /&gt;
&lt;br /&gt;
The SWIFT tool is easy to use and has a simple template. The template and an example of an event are for example: &amp;lt;ref&amp;gt;http://activeriskcontrol.com/tools-and-templates/&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! What if&lt;br /&gt;
! Answer&lt;br /&gt;
! Likelihood&lt;br /&gt;
! Consequences&lt;br /&gt;
! Recommendations&lt;br /&gt;
|-&lt;br /&gt;
| Brakes on a car stop working&lt;br /&gt;
| Car won&#039;t be able to brake&lt;br /&gt;
| Low&lt;br /&gt;
| Possible crash&lt;br /&gt;
| Get brakes checked on regular basis&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===[https://en.wikipedia.org/wiki/Fault_tree_analysis Fault Tree Analysis (FTA)]===&lt;br /&gt;
&lt;br /&gt;
Fault tree analysis is a technique for identifying and analysing factors that can contribute to a specified undesired event (called the &amp;quot;top event&amp;quot;). Causal factors are deductively identified, organised in a logical manner and represented pictorially in a tree diagram which depicts causal factors and their logical relationships to the top event. A fault tree may be used qualitatively to identify potential causes and pathways to a failure (the top event) or quantitatively to calculate the probability of the top event, given knowledge of the probabilities of causal events.&lt;br /&gt;
&lt;br /&gt;
The following figures show and explain the symbols used in fault tree analysis and also show how a fault tree looks like.&lt;br /&gt;
&lt;br /&gt;
&amp;lt;ref&amp;gt;http://conceptdraw.com/solution-park/resource/images/solutions/fault-tree-analysis-diagrams/Design-elements-Fault-tree-analysis-solution-Sample.png&amp;lt;/ref&amp;gt;&lt;br /&gt;
&amp;lt;ref&amp;gt;http://reliawiki.com/images/thumb/e/ea/10.5.png/450px-10.5.png&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Other mentionable tools===&lt;br /&gt;
&lt;br /&gt;
* Failure mode and effect analysis (FMEA)&lt;br /&gt;
* Brainstorming&lt;br /&gt;
* Structured or semi-structured interviews&lt;br /&gt;
* Delphi&lt;br /&gt;
* Check-lists&lt;br /&gt;
* Primary hazard analysis&lt;br /&gt;
* Hazard analysis and critical control points (HACCP)&lt;br /&gt;
* Environmental risk assessment&lt;br /&gt;
* Event tree analysis&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16868</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16868"/>
		<updated>2015-09-28T17:43:17Z</updated>

		<summary type="html">&lt;p&gt;S141543: /* Risk evaluation */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context.&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Klinke&#039;&#039; and &#039;&#039;Renn&#039;&#039;&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt; talked about three major strategies in risk evaluation:&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16824</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16824"/>
		<updated>2015-09-28T17:25:50Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context.&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
To briefly summarize, it is a process that involves finding, recognizing, and describing the risks that could affect the achievement of an organization&#039;s objectives.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
To summarize the concept: It is a process that is used to understand the nature, sources, and causes of the risks that an organization has identified and to estimate the level of risk. Also used to study impacts and consequences and to examine the controls that currently exist.&amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
===Risk evaluation===&lt;br /&gt;
&lt;br /&gt;
Risk evaluation is the process by which organizations, individuals and other social groups within society determine the acceptability of a given risk. If a risk is judged as unacceptable, adequate measures for risk reduction are required.&lt;br /&gt;
&lt;br /&gt;
Klinke and Renn talked about three major strategies in risk evaluation:&amp;lt;ref&amp;gt;http://josiah.berkeley.edu/2007Fall/NE275/CourseReader/6.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# Risk-based approaches, including numerical thresholds (quantitative safety goals, exposure limits, standards, etc.)&lt;br /&gt;
# Reduction activities derived from the application of the precautionary principle (examples are ALARA, as low as reasonably achievable, BACT, best available control technology)&lt;br /&gt;
# Standards derived from discursive processes such as roundtables, deliberative rule making, mediation, or citizen panels.&lt;br /&gt;
&lt;br /&gt;
A brief summarize of the concept: It is a process that is used to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. &amp;lt;ref&amp;gt;http://www.praxiom.com/iso-31000-terms.htm&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16738</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16738"/>
		<updated>2015-09-28T16:56:29Z</updated>

		<summary type="html">&lt;p&gt;S141543: /* Risk assessment */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
As figure 1 illustrates, risk assessment takes place after establishing the context.&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
==Risk assessment process==&lt;br /&gt;
&lt;br /&gt;
===Risk identification===&lt;br /&gt;
&lt;br /&gt;
For an organization to effectively manage its key risks and demonstrate whether they are in control a risk identification process must be in place. Risk identification is a key component of a robust framework. By going through the risk identification process an organization would be able to identify the following:&amp;lt;ref&amp;gt;https://www.lloyds.com/the-market/operating-at-lloyds/performance-framework-of-minimum-standards/risk-management/process_identification_assessment_control_and_mitigation&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Significant risks to the achievement of its business objectives.&lt;br /&gt;
* All types of risks, associated major components and controls currently in place, from all sources, across the entire scope of the organisation&#039;s activities.&lt;br /&gt;
* Risks around opportunities as well as threats, to increase the organization&#039;s chance of maximizing the benefit of those opportunities when they arise.&lt;br /&gt;
&lt;br /&gt;
It would also ensure that the organization is aware of its major risks at any point in time.&lt;br /&gt;
&lt;br /&gt;
In this process questions such as: what can happen? when and where? how and why? should be answered in order to move to the next step in the risk assessment process, risk analysis.&lt;br /&gt;
&lt;br /&gt;
===Risk analysis===&lt;br /&gt;
&lt;br /&gt;
To successfully determine the level of risk, consequences have to be determined as well as the likelihood of an event. Risk analysis includes qualitative and quantitative assessments. &amp;lt;ref&amp;gt;http://www.pwc.com/us/en/issues/enterprise-risk-management/assets/risk_assessment_guide.pdf&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Qualitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Quantitative&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16487</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16487"/>
		<updated>2015-09-28T14:15:57Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:Image2.png|500px|thumb|right|Risk management process (based on ISO 31000: 2009) &amp;lt;ref&amp;gt;Carmen Nadia Ciocoiu and Razvan Catalin Dobrea (2010). The Role of Standardization in Improving the Effectiveness of Integrated Risk Management, Advances in Risk Management, Giancarlo Nota (Ed.), ISBN: 978-953-307-138-1, InTech, DOI: 10.5772/9893. Available from: http://www.intechopen.com/books/advances-in-risk-management/the-role-of-standardization-in-improving-the-effectiveness-of-integrated-risk-management&amp;lt;/ref&amp;gt;]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Image2.png&amp;diff=16484</id>
		<title>File:Image2.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Image2.png&amp;diff=16484"/>
		<updated>2015-09-28T14:11:20Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16339</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16339"/>
		<updated>2015-09-28T12:13:29Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16337</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16337"/>
		<updated>2015-09-28T12:12:55Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&amp;lt;ref&amp;gt;ISO 31000:2009 handbook, &lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16336</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=16336"/>
		<updated>2015-09-28T12:10:41Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
The following principles should be complied with by an organization in order for risk management to be effective. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk:&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Creates and protects value&#039;&#039;&#039; - Contributes to the demonstrable achievement of objectives and improvement of performance in, for example, security, environmental protection, project and program management.&lt;br /&gt;
# &#039;&#039;&#039;Integral part of all organizational processes&#039;&#039;&#039; - Risk management is not a stand-alone activity that is separate from the main activities and processes of the organization. It is part of the responsibilities of management and an integral part of all organizational processes, including strategic planning and all project and change management processes.&lt;br /&gt;
# &#039;&#039;&#039;Part of decision making&#039;&#039;&#039; - Helps decision makers make informed choices, prioritize actions and distinguish among alternative courses of action.&lt;br /&gt;
# &#039;&#039;&#039;Explicitly addresses uncertainty&#039;&#039;&#039; - Risk management explicitly takes account of uncertainty, the nature of that uncertainty, and how it can be addressed.&lt;br /&gt;
# &#039;&#039;&#039;Systematic, structured and timely&#039;&#039;&#039; - A systematic, structured and timely approach to risk management contributes to efficiency and to consistent, comparable and reliable results.&lt;br /&gt;
# &#039;&#039;&#039;Based on the best available information&#039;&#039;&#039; - The inputs to the process of managing risk are based on information sources such as historical data, experience, stakeholder feedback, observation, forecasts and expert judgement. Decision makers should however inform themselves of, and should take into account, any limitations of the data or modelling used or the possibility of divergence among experts.&lt;br /&gt;
# &#039;&#039;&#039;Is tailored&#039;&#039;&#039; - It is aligned with the organization&#039;s external and internal context and risk profile.&lt;br /&gt;
# &#039;&#039;&#039;Takes human and cultural factors into account&#039;&#039;&#039; - Recognizes the capabilities, perceptions and intentions of external and internal people that can facilitate or hinder achievement of the organization&#039;s objectives.&lt;br /&gt;
# &#039;&#039;&#039;Is transparent and inclusive&#039;&#039;&#039; - For risk management to be relevant and up-to-date, appropriate and timely involvement of stakeholders and, in particular, decision makers at all levels of the organization has to be ensured. By doing so also allows stakeholders to be properly represented and to have their views taken into account in determining risk criteria.&lt;br /&gt;
# &#039;&#039;&#039;Is dynamic, iterative and responsive to change&#039;&#039;&#039; - Continually senses and responds to change. As external and internal events occur, context and knowledge change, monitoring and review of risks take place, new risks emerge, some change, and others disappear.&lt;br /&gt;
# &#039;&#039;&#039;Facilitates continual improvement of the organization&#039;&#039;&#039; - Organizations should develop and implement strategies to improve their risk management maturity alongside all other aspects of their organization.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13329</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13329"/>
		<updated>2015-09-23T13:39:50Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.[[File: fig_1.png|800px|thumb|center|Relationships between risk management principles, framework and process]]&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Fig_1.png&amp;diff=13327</id>
		<title>File:Fig 1.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Fig_1.png&amp;diff=13327"/>
		<updated>2015-09-23T13:34:54Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13326</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13326"/>
		<updated>2015-09-23T13:34:42Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of [https://en.wikipedia.org/wiki/Risk_management risk management] will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
[https://en.wikipedia.org/wiki/Organization Organizations] of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders. Stakeholders that are included are those responsible for developing risk management policy within their organization, those accountable for ensuring that risk is effectively managed within the organization as a whole or within a specific area, project or activity. Those who need to evaluate an organization&#039;s effectiveness in managing risk and developers of standards, guides, procedures and codes of practice that, in whole or in part, set out how risk is to be managed withing the specific context of these documents. Figure X shows the relationships between the risk management principles, framework and process.&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13323</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=13323"/>
		<updated>2015-09-23T13:25:43Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of risk management will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
Organizations of all types and sizes face internal and external factors and influences that make it uncertain whether and when they will achieve their objectives. Risk is the effect this uncertainty has on an organization&#039;s objectives. Risk can be managed by identifying it, analysing it and then evaluating whether the risk should be modified by risk treatment in order to satisfy their risk criteria. Constant communication and consultation with stakeholders is a key for the process to run smoothly as well as monitoring and reviewing the risk and making sure that the correct actions are taken to ensure that no further risk treatment is required.&lt;br /&gt;
&lt;br /&gt;
Risk management can be applied to an entire organization, at its many areas and levels, at any time. It can also be applied to specific functions, projects and activities. &lt;br /&gt;
&lt;br /&gt;
The practice of risk management is used within many sectors in order to meet diverse needs. Despite that wide range, adoption of consistent processes within a comprehensive framework can help to ensure that risk is managed effectively, efficiently and coherently across an organization. [https://en.wikipedia.org/wiki/ISO_31000 ISO 31000] is an international standard that describes a generic approach and provides the principles and guidelines for managing any form of risk in a systematic, transparent and credible manner and withing any scope and context. &amp;lt;ref&amp;gt;https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-1:v1:en&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
As can be seen in figure 1, the first step is to establish the context in order to figure out the individual needs, audiences, perceptions and criteria for each specific sector while applying risk management. Establishing the context will capture the objectives of the organization, the environment in which it pursues those objectives, its stakeholders and the dicersity of risk criteria. those factors will help reveal and assess the nature and complexity of its risks. &lt;br /&gt;
&lt;br /&gt;
The international standard has stated that when risk management is implemented and maintained in accordance with ISO, it enables an organization to achieve the following objectives:&lt;br /&gt;
&lt;br /&gt;
* Increase the likelihood of achieving objectives&lt;br /&gt;
* encourage proactive management&lt;br /&gt;
* Be aware of the need to identify and treat risk throughout the organization&lt;br /&gt;
* Improve the identification of opportunities and threats&lt;br /&gt;
* Comply with relevant legal and regulatory requirements and international norms&lt;br /&gt;
* Improve mandatory and voluntary reporting&lt;br /&gt;
* Improve governance&lt;br /&gt;
* Improve stakeholder confidence and trust&lt;br /&gt;
* Establish a reliable basis for decision making and planning&lt;br /&gt;
* Improve controls&lt;br /&gt;
* Effectively allocate and use resources for risk treatment&lt;br /&gt;
* Improve operational effectiveness and efficiency&lt;br /&gt;
* Enhance health and safety performance, as well as environmental protection&lt;br /&gt;
* Improve loss prevention and incident management&lt;br /&gt;
* Minimize losses&lt;br /&gt;
* Improve organizational learning &lt;br /&gt;
* Improve organizational resilience&lt;br /&gt;
&lt;br /&gt;
As well as helping organizations reach these objectives the standard is intended to meet the needs of a wide range of stakeholders&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12957</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12957"/>
		<updated>2015-09-22T19:20:29Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:overviewrisk.png|500px|thumb|right|Overview of risk management]]&lt;br /&gt;
&lt;br /&gt;
Risk is part of all our lives. We need to take risks to grow and develop. Effectively managed risk in hospitals, airport security, construction sites, projects, programmes, portfolios and in so many more circumstances help societies achieve. &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities. &lt;br /&gt;
&lt;br /&gt;
Figure 1 shows what is involved in risk management. Identifying, analysing and evaluating risks are all part of risk assessment and will be further analysed in the risk assessment section.&lt;br /&gt;
&lt;br /&gt;
Because risk is inherent in everything we do, risk professionals undertake roles that are very diverse. It includes roles in insurance, business, health and safety, corporate governance, engineering, planning and financial services to name a few.&lt;br /&gt;
&lt;br /&gt;
In this article general methodologies and important principles of risk management will be outlined, risk assessment will be explained and programme risk management introduced. Benefits and limitations of risk management will be discussed before stating the conclusions.&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Overviewrisk.png&amp;diff=12956</id>
		<title>File:Overviewrisk.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Overviewrisk.png&amp;diff=12956"/>
		<updated>2015-09-22T19:19:30Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:The_best_milestone_plan_is_simple_but_with_depths!&amp;diff=12665</id>
		<title>Talk:The best milestone plan is simple but with depths!</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:The_best_milestone_plan_is_simple_but_with_depths!&amp;diff=12665"/>
		<updated>2015-09-22T13:25:31Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Anna: I like the topic a lot, it gives great opportunity for discussing the advantages and limitations of this tool and also give pointers on how this should be used in the most efficient way!&lt;br /&gt;
&lt;br /&gt;
=Reviewer 1: S141543=&lt;br /&gt;
&lt;br /&gt;
*	It is noted at the top of the wiki page that the article is a work in progress at the moment&lt;br /&gt;
*	What has been written at this moment is really good&lt;br /&gt;
*	The abstract sums it up nicely&lt;br /&gt;
*	The definition in “big idea” explains the idea behind the method well&lt;br /&gt;
*	The article needs references &lt;br /&gt;
*	It might be a good idea to add some figures for easy understanding&lt;br /&gt;
*	It would be nice to add conclusions as well&lt;br /&gt;
*	Definitely going in the right direction, keep up the good work!&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Reviewer 2: Lea&lt;br /&gt;
*Your article is well written. You have a good and fluent writing style. Sentences are coherent and the reader can easily follow through the paragraphs. &lt;br /&gt;
*From the structure you are following the method-article. I would suggest to add more sub-heading on order for the reader to be able to follow the theme or your article more. &lt;br /&gt;
* Grammar and sentence-structure are fine. &lt;br /&gt;
* You have not used any figures but some visualization would make the topic more readable. &lt;br /&gt;
*The topic is interesting and applies to the course. As mentioned above, I would recommend to add more subheadings to facilitate reading. &lt;br /&gt;
*As you mentioned, you are not done with the article yet. Right now the word count is far below 3000. More structure and headings might help you to identify spots where more information is needed. &lt;br /&gt;
*There are no sources in the text. In my opinion you should concentrate on adding more information to your article by revising relevant articles and books which will also give you the opportunity to add information to the annotated bibliography.&lt;br /&gt;
*You haven’t added any links but mentioned for example Work Breakdown Structure. An article was formulated this year which you could link to your text. [[Work Breakdown Structure (WBS)]] &lt;br /&gt;
*Concerning Plagiarism you have to be sure to add sources to the text.&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Development_phase_of_idea_to_project&amp;diff=12646</id>
		<title>Talk:Development phase of idea to project</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Development_phase_of_idea_to_project&amp;diff=12646"/>
		<updated>2015-09-22T13:02:46Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Mette: I like this topic, however, I suggest to focus on a specific area, otherwise, your article may end up a bit generic, and not as interesting as it could be because it is too broad. So think about tools for fine-tune ideas for projects and then pick one you can really go into details with.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Reviewer 2: S141543=&lt;br /&gt;
&lt;br /&gt;
*	This is an interesting idea to write about&lt;br /&gt;
*	I do not understand what sentence two in the abstract means, possibly it should be re-written&lt;br /&gt;
*	Otherwise, the abstract looks good to me&lt;br /&gt;
*	Project management chapter seems to be more about a specific project than the concept of project management &lt;br /&gt;
*	The planning section is well done in my opinion&lt;br /&gt;
*	Could come up with an example of a decision that has to be made in the decision making phase.&lt;br /&gt;
*	The article needs references&lt;br /&gt;
*	The word structure in the article is a little confusing at times&lt;br /&gt;
*	I do realize that this article is a work in progress&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Early_warning_signals_in_project_management&amp;diff=12645</id>
		<title>Talk:Early warning signals in project management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Early_warning_signals_in_project_management&amp;diff=12645"/>
		<updated>2015-09-22T13:01:57Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Kristine: &lt;br /&gt;
It is an interesting subject you have chosen. I am not exactly certain I understand the specific tool you are talking about, but it might very well be much clearer in the final wiki feed. &lt;br /&gt;
Remember to follow the structure as mentioned on the main page.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Feedback by S141506, Reviewer 1=&lt;br /&gt;
&lt;br /&gt;
I notice that you are not yet done with the article which is totally fine :) I will try to give you feedback on the material that you have the best way as I can.&lt;br /&gt;
&lt;br /&gt;
==Stucture==&lt;br /&gt;
&lt;br /&gt;
* I think it is good and chronologial structured. The pictures helps to understand the idea behind the text.&lt;br /&gt;
* The language is overall good but there is in somepoint grammar mistakes in the text. Those are good to correct before the final handin.&lt;br /&gt;
* The chapter &amp;quot;Main group of project problems&amp;quot; looks confusing that should made look different.&lt;br /&gt;
* References and bibliography are missing but they are probaply on their way...You have authors writen in the text, so remember to also have the reference at the bottom.&lt;br /&gt;
* The Barriers of identification looks nice.&lt;br /&gt;
* The article will also come more clear when it is finished, now it is still little bit unbalanced.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Content==&lt;br /&gt;
&lt;br /&gt;
* The abstract tells in nicely all what is needed know about the article.&lt;br /&gt;
*Some sentences are very long and it makes them confusing, for example &#039;&#039;&#039;&amp;quot;The complexity and uncertainly in the development of the process of the project make difficult to achieve the requirements adapted in the early stage of the project and not have a failure.&amp;quot; &#039;&#039;&#039; These kind should be written in more understandable way.&lt;br /&gt;
&lt;br /&gt;
=Reviewer 3: S141543=&lt;br /&gt;
&lt;br /&gt;
*	This is an interesting idea to write about&lt;br /&gt;
*	I do not understand what sentence two in the abstract means, possibly it should be re-written&lt;br /&gt;
*	Otherwise, the abstract looks good to me&lt;br /&gt;
*	Project management chapter seems to be more about a specific project than the concept of project management &lt;br /&gt;
*	The planning section is well done in my opinion&lt;br /&gt;
*	Could come up with an example of a decision that has to be made in the decision making phase.&lt;br /&gt;
*	The article needs references&lt;br /&gt;
*	The word structure in the article is a little confusing at times&lt;br /&gt;
*	I do realize that this article is a work in progress&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Early_warning_signals_in_project_management&amp;diff=12643</id>
		<title>Talk:Early warning signals in project management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Early_warning_signals_in_project_management&amp;diff=12643"/>
		<updated>2015-09-22T13:00:41Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Kristine: &lt;br /&gt;
It is an interesting subject you have chosen. I am not exactly certain I understand the specific tool you are talking about, but it might very well be much clearer in the final wiki feed. &lt;br /&gt;
Remember to follow the structure as mentioned on the main page.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Feedback by S141506, Reviewer 1=&lt;br /&gt;
&lt;br /&gt;
I notice that you are not yet done with the article which is totally fine :) I will try to give you feedback on the material that you have the best way as I can.&lt;br /&gt;
&lt;br /&gt;
==Stucture==&lt;br /&gt;
&lt;br /&gt;
* I think it is good and chronologial structured. The pictures helps to understand the idea behind the text.&lt;br /&gt;
* The language is overall good but there is in somepoint grammar mistakes in the text. Those are good to correct before the final handin.&lt;br /&gt;
* The chapter &amp;quot;Main group of project problems&amp;quot; looks confusing that should made look different.&lt;br /&gt;
* References and bibliography are missing but they are probaply on their way...You have authors writen in the text, so remember to also have the reference at the bottom.&lt;br /&gt;
* The Barriers of identification looks nice.&lt;br /&gt;
* The article will also come more clear when it is finished, now it is still little bit unbalanced.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Content==&lt;br /&gt;
&lt;br /&gt;
* The abstract tells in nicely all what is needed know about the article.&lt;br /&gt;
*Some sentences are very long and it makes them confusing, for example &#039;&#039;&#039;&amp;quot;The complexity and uncertainly in the development of the process of the project make difficult to achieve the requirements adapted in the early stage of the project and not have a failure.&amp;quot; &#039;&#039;&#039; These kind should be written in more understandable way.&lt;br /&gt;
&lt;br /&gt;
=Reviewer: S141543=&lt;br /&gt;
&lt;br /&gt;
*	This is an interesting idea to write about&lt;br /&gt;
*	I do not understand what sentence two in the abstract means, possibly it should be re-written&lt;br /&gt;
*	Otherwise, the abstract looks good to me&lt;br /&gt;
*	Project management chapter seems to be more about a specific project than the concept of project management &lt;br /&gt;
*	The planning section is well done in my opinion&lt;br /&gt;
*	Could come up with an example of a decision that has to be made in the decision making phase.&lt;br /&gt;
*	The article needs references&lt;br /&gt;
*	The word structure in the article is a little confusing at times&lt;br /&gt;
*	I do realize that this article is a work in progress&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Development_phase_of_idea_to_project&amp;diff=12640</id>
		<title>Talk:Development phase of idea to project</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Development_phase_of_idea_to_project&amp;diff=12640"/>
		<updated>2015-09-22T12:58:14Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Mette: I like this topic, however, I suggest to focus on a specific area, otherwise, your article may end up a bit generic, and not as interesting as it could be because it is too broad. So think about tools for fine-tune ideas for projects and then pick one you can really go into details with.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
Reviewer: S141543&lt;br /&gt;
&lt;br /&gt;
*	This is an interesting idea to write about&lt;br /&gt;
*	I do not understand what sentence two in the abstract means, possibly it should be re-written&lt;br /&gt;
*	Otherwise, the abstract looks good to me&lt;br /&gt;
*	Project management chapter seems to be more about a specific project than the concept of project management &lt;br /&gt;
*	The planning section is well done in my opinion&lt;br /&gt;
*	Could come up with an example of a decision that has to be made in the decision making phase.&lt;br /&gt;
*	The article needs references&lt;br /&gt;
*	The word structure in the article is a little confusing at times&lt;br /&gt;
*	I do realize that this article is a work in progress&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12462</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12462"/>
		<updated>2015-09-22T08:54:40Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:riskoverview.png|200px|thumb|right|Overview of risk management]]&lt;br /&gt;
From 2009 [[ISO 31000]] defines risk as &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word risk does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Limitations=&lt;br /&gt;
=Conclusions=&lt;br /&gt;
=References=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12377</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12377"/>
		<updated>2015-09-22T08:05:50Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:riskoverview.png|200px|thumb|right|Overview of risk management]]&lt;br /&gt;
From 2009 [[ISO 31000]] defines risk as &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word risk does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Tools=&lt;br /&gt;
There are many tools used in risk assessment, sometimes it is recommended to use more than one tool in risk assessment. They all have their own focus areas. Lets take a better look at the most frequently used tools.&lt;br /&gt;
&lt;br /&gt;
==Hazard and operability study (HAZOP)==&lt;br /&gt;
==Failure mode effect analysis (FMEA)==&lt;br /&gt;
==Structured What-IF technique (SWIFT)==&lt;br /&gt;
==Fault Tree Analysis (FTA)==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12371</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=12371"/>
		<updated>2015-09-22T07:57:10Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:riskoverview.png|200px|thumb|right|Overview of risk management]]&lt;br /&gt;
From 2009 [[ISO 31000]] defines risk as &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word risk does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Riskoverview.png&amp;diff=12368</id>
		<title>File:Riskoverview.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Riskoverview.png&amp;diff=12368"/>
		<updated>2015-09-22T07:52:47Z</updated>

		<summary type="html">&lt;p&gt;S141543: overview of risk management&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;overview of risk management&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Riskmanagement.jpg&amp;diff=12365</id>
		<title>File:Riskmanagement.jpg</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Riskmanagement.jpg&amp;diff=12365"/>
		<updated>2015-09-22T07:49:51Z</updated>

		<summary type="html">&lt;p&gt;S141543: Overview of Risk Management&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Overview of Risk Management&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=10983</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=10983"/>
		<updated>2015-09-21T18:04:31Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:RiskManagement.jpeg]]&lt;br /&gt;
From 2009 [[ISO 31000]] defines risk as &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word risk does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==General methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Programme risk management=&lt;br /&gt;
&lt;br /&gt;
There are four defined steps in programme risk management. Identify step, assess step, plan step and implement step. In order for a programme to run as smoothly as possible, these four steps must be followed. Other factors play along these four steps, good and effective communication is the most important factor. Communication has to be good throughout each and every step. Let&#039;s take a better look at the four steps.&lt;br /&gt;
&lt;br /&gt;
==Identify step==&lt;br /&gt;
&lt;br /&gt;
In the beginning of programme management, the identification of uncertain events which can both be threats and opportunities takes place. The programme&#039;s objectives and scope, what assumptions have been made, who the stakeholders are and where the programme fits inside the organization as well as the environment should be understood. If those aspects are understood it enables the programme to search for risk methodically and take the correct actions should a response be needed at some point.&lt;br /&gt;
&lt;br /&gt;
Actual risks should then be identified. Both threats to the programme objectives and opportunities to overachieve on outcomes and benefits.&lt;br /&gt;
&lt;br /&gt;
==Assess step==&lt;br /&gt;
&lt;br /&gt;
The assessment of risk can be broken down into two activities. Estimate the threats and the opportunities in terms of their probability impact and proximity on the one hand, and on the other hand to evaluate the net aggregated effect of the identified threats and opportunities on the programme. This is explained in detail in the Risk assessment section.&lt;br /&gt;
&lt;br /&gt;
==Plan step==&lt;br /&gt;
&lt;br /&gt;
Preparation of specific management response to the threats and opportunities that have been identified are the primary goal of the plan step. The objective is to remove or reduce the threats and to maximize the opportunities.&lt;br /&gt;
&lt;br /&gt;
==Implement step==&lt;br /&gt;
&lt;br /&gt;
Here it shall be ensured that the previously planned risk management actions are successfully implemented and monitored as to their effectiveness. Corrective actions should be taken where responses do not live up to expectations. It is an important factor that roles and responsibilities are allocated. Someone has to be responsible for the management and control of the risk. Key roles in that perspective are: &#039;&#039;&#039;Risk owner&#039;&#039;&#039; is responsible for the management and control of all aspects of the risks assigned to them. Managing, tracking and reporting the implementation of the selected actions to address the threats or to maximize the opportunities is included in that role. &#039;&#039;&#039;Risk actionee&#039;&#039;&#039; is responsible for the implementation of risk response actions. Support and take directions from the risk owner.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=10035</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=10035"/>
		<updated>2015-09-20T19:20:12Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:RiskManagement.jpeg]]&lt;br /&gt;
From 2009 [[ISO 31000]] defines risk as &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word risk does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
Now it is time to take a deeper look at benefits of risk management for projects, portfolios and businesses.&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
[[Contingency]] in projects can make or break them. Too much contingency is uncompetitive and too little increases the chance of failure. Risk assessment helps set contingency levels. It aims to figure out the most probable level of risk and gives the confidence level of outcome targets.&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Project risk management=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Qualitative==&lt;br /&gt;
&lt;br /&gt;
A pre-defined rating scale is used to prioritize the identified project risks. The probability or likelihood and the impact on a project objectives should they occur gives the score for a certain risk. A qualitative risk analysis also includes the appropriate categorization of the risks. Source-based or effect-based.&lt;br /&gt;
&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
A further analysis of the highest priority risks during which a numerical or quantitative rating is assigned in order to develop a probabilistic analysis of the project. Possible outcomes for the project are quantified and the probability of achieving specific project objectives is assessed. When there is uncertainty a quantitative approach can be used to make decisions. It also creates realistic and achievable cost, schedule or scope targets.&lt;br /&gt;
&lt;br /&gt;
Quantitative risk analysis can only be successfully carried out if there is high-quality data, a well-developed project model, and a prioritized lists of project risks. That usually yields from performing a qualitative risk analysis. &amp;lt;ref&amp;gt;https://www.passionatepm.com/blog/qualitative-risk-analysis-vs-quantitative-risk-analysis-pmp-concept-1&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot; &lt;br /&gt;
|-&lt;br /&gt;
! Qualitative&lt;br /&gt;
! Quantitative&lt;br /&gt;
|-&lt;br /&gt;
| risk-level&lt;br /&gt;
| project level&lt;br /&gt;
|-&lt;br /&gt;
| subjective evaluation of probability and impact&lt;br /&gt;
| probabilistic estimates of time and cost&lt;br /&gt;
|-&lt;br /&gt;
| quick and easy to perform&lt;br /&gt;
| time consuming&lt;br /&gt;
|-&lt;br /&gt;
| no special software or tools required&lt;br /&gt;
| may require specalized tools&lt;br /&gt;
|-&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=Risk assessment=&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Risk assessment&#039;&#039;&#039; is the determination of [[quantitative]] or [[qualitative]] estimate of risk related to a concrete situation and a recognized hazard. Two components of risk are required for calculations in quantitative risk assessment. The magnitude of the potential loss (L) and the probability (p) that the loss will occur. If the countermeasure for handling a certain risk exceeds the value of the expected loss it is called acceptable risk. That kind of risk is understood and tolerated&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9285</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9285"/>
		<updated>2015-09-19T15:46:43Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:RiskManagement.jpeg]]&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with a risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;VANTAR HEIMILD&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
The most notable potential benefits of a well-structured and efficiently run risk management are. &amp;lt;ref&amp;gt;http://irisintelligence.com/risk-management-explained/why-manage-risk.html&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
* Improved strategic and business planning&lt;br /&gt;
* More effective use of resources&lt;br /&gt;
* An ability to quickly grasp new opportunities&lt;br /&gt;
* Fewer unwelcome surprises&lt;br /&gt;
* Enhanced communication&lt;br /&gt;
* Ability to reassure key stakeholders throughout the organization&lt;br /&gt;
* Continuous improvement&lt;br /&gt;
* robust contingency planning&lt;br /&gt;
&lt;br /&gt;
Now it is time to take a deeper look at benefits of risk management for projects, portfolios and businesses.&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Project risk management=&lt;br /&gt;
==Qualitative==&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9163</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9163"/>
		<updated>2015-09-19T10:52:39Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:ISS impact RiskManagement.jpeg|thumb|320px|]]&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with a risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
==For projects==&lt;br /&gt;
==For portfolios==&lt;br /&gt;
==For businesses==&lt;br /&gt;
&lt;br /&gt;
=Project risk management=&lt;br /&gt;
==Qualitative==&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9140</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9140"/>
		<updated>2015-09-19T10:13:58Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:ISS impact RiskManagement.jpeg|thumb|320px|]]&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with a risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
Among strategies used to manage threats are.&lt;br /&gt;
&lt;br /&gt;
* Transferring the threat to another party&lt;br /&gt;
* Avoid the threat&lt;br /&gt;
* Reducing both the negative effect and lowering the probability of the threat&lt;br /&gt;
* Accepting the potential negative consequences of a particular thread is the only option. &lt;br /&gt;
* For uncertain events with benefits (opportunities) the opposite is done.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. Events such as natural disasters are usually very hard to forecast but usually have large impacts. Whereas events such as minor human errors happen every day and are therefor relatively easy to forecast. Human errors can have from minor to major consequences. This displays the wide range of risk management well as each possible event has to be identified, assessed and prioritized. &lt;br /&gt;
&lt;br /&gt;
In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order as they are listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
=Project risk management=&lt;br /&gt;
==Qualitative==&lt;br /&gt;
==Quantitative==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9078</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9078"/>
		<updated>2015-09-18T16:58:07Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:ISS impact RiskManagement.jpeg|thumb|320px|]]&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with a risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
ISO Guide 73:2009, &#039;&#039;Risk management - Vocabulary&#039;&#039; complements ISO 31000. According to ISO 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk. &amp;lt;ref&amp;gt;http://www.iso.org/iso/catalogue_detail?csnumber=44651&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order that they will be listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;br /&gt;
&lt;br /&gt;
== Important principles ==&lt;br /&gt;
&lt;br /&gt;
ISO has identified principles of risk management, some mentionable principles are.&lt;br /&gt;
&lt;br /&gt;
* Create value&lt;br /&gt;
* Be part of decision making process&lt;br /&gt;
* Be a systematic and structured process&lt;br /&gt;
* Take human factors into account&lt;br /&gt;
* Be continually or periodically re-assessed&lt;br /&gt;
&lt;br /&gt;
=Benefits=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&amp;lt;references/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9072</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9072"/>
		<updated>2015-09-18T14:45:09Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
[[File:ISS impact RiskManagement.jpeg|thumb|320px|]]&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009. Before revision the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;. Meaning that only negative results could be associated with a risk.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
=Introduction=&lt;br /&gt;
&lt;br /&gt;
According to ISO Guide 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk.&lt;br /&gt;
&lt;br /&gt;
Risks with great impacts and a high probability of happening are treated before risks with smaller impacts and lower possibility. This is called [[prioritization]]. There are several tools that can be used in the process of assessing risks. Those tools will be discussed in &#039;&#039;&#039;CHAPTER XX&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
When allocating resources, risk management faces some difficulties. Short term planning would recommend skipping risk management when starting a new project as the process itself costs manpower and is not directly involved in the project itself. While long term thinking would definitely recommend going through the processes of risk management. That is because it could save a lot of money and even lives if it prevents one unfortunate event to happen as it was accounted for in the process. The effect of negative effects of risks is minimized as well as spending in ideal risk management.&lt;br /&gt;
&lt;br /&gt;
==Methodology==&lt;br /&gt;
&lt;br /&gt;
The following methods are a part of the general methodology, these methods are usually performed in the order that they will be listed.&lt;br /&gt;
&lt;br /&gt;
# identify and characterize threats&lt;br /&gt;
# assess the vulnerability of critical assets to specific threats&lt;br /&gt;
# determine the risk &lt;br /&gt;
# identify ways to reduce those risks&lt;br /&gt;
# prioritize risk reduction measures based on a strategy&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9038</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=9038"/>
		<updated>2015-09-18T09:45:38Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;br /&gt;
According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009 before that, the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;br /&gt;
&lt;br /&gt;
The term Risk management is really broad and can be used by individuals, families, firms, nations and so on. In this article risk management in general will be outlined with a special focus on risk management activities as applied to project management. That is one aspect inside of risk management called [[Project risk management]]&lt;br /&gt;
&lt;br /&gt;
__TOC__ &lt;br /&gt;
&lt;br /&gt;
==Introduction==&lt;br /&gt;
&lt;br /&gt;
According to ISO Guide 73:2009 risk management is intended to be used by those engaged in managing risks, those who are involved in activities of ISO and IEC, and developers of national or sector-specific standards, guides, procedures and codes of practice relating to the management of risk.&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Articles_Fall_Term_2015&amp;diff=8891</id>
		<title>Articles Fall Term 2015</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Articles_Fall_Term_2015&amp;diff=8891"/>
		<updated>2015-09-17T09:43:59Z</updated>

		<summary type="html">&lt;p&gt;S141543: /* Overview of 2015 Wiki Articles */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Please complete this table with your name, user name and the title of your article.&lt;br /&gt;
&lt;br /&gt;
To create more lines in the table click &#039;&#039;&#039;Edit&#039;&#039;&#039; and use the following code to create more lines in the table and replace the example text with your own information:&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre style=&amp;quot;white-space: pre-wrap; &lt;br /&gt;
white-space: -moz-pre-wrap; &lt;br /&gt;
white-space: -pre-wrap; &lt;br /&gt;
white-space: -o-pre-wrap; &lt;br /&gt;
word-wrap: break-word;&amp;quot;&amp;gt;&lt;br /&gt;
|Group Number&lt;br /&gt;
|Last Name&lt;br /&gt;
|First Name&lt;br /&gt;
|Username&lt;br /&gt;
|Link to Article&lt;br /&gt;
|-&lt;br /&gt;
&lt;br /&gt;
Create a direct link by making square brackets around the title [[Title]] (Case sensitive)&lt;br /&gt;
&lt;br /&gt;
The straight lines ( | ) create columns and the straight line with a dash ( |- ) creates a new row in the table.&lt;br /&gt;
( |} ) is only used at the very end to finish the coding for the table.&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Overview of 2015 Wiki Articles=&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable sortable&amp;quot;&lt;br /&gt;
|+Fall 2015 Wiki Articles&lt;br /&gt;
|-&lt;br /&gt;
!Group Number&lt;br /&gt;
!Last Name&lt;br /&gt;
!First Name&lt;br /&gt;
!User Name&lt;br /&gt;
!Link to article&lt;br /&gt;
|-&lt;br /&gt;
|Group 12&lt;br /&gt;
|Gkatzalas&lt;br /&gt;
|Nikolaos&lt;br /&gt;
|s141569&lt;br /&gt;
|[[The Gantt chart and the usage nowadays]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 6&lt;br /&gt;
|Lymperis&lt;br /&gt;
|Konstantinos&lt;br /&gt;
|s142330&lt;br /&gt;
|[[Risk Management in Oil and Gas Industry]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 3&lt;br /&gt;
|Filis&lt;br /&gt;
|Charalampos&lt;br /&gt;
|Ch.filis&lt;br /&gt;
|[[Project Risk Management and Project Risk Management Processes]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 11&lt;br /&gt;
|Larsen&lt;br /&gt;
|Leonora&lt;br /&gt;
|s112910&lt;br /&gt;
|[[Gantt Charts as a Tool for Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 10&lt;br /&gt;
|Sala Vilar&lt;br /&gt;
|Lluís Ròmul&lt;br /&gt;
|s141586&lt;br /&gt;
|[[Portfolio Management in a Startup]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 14&lt;br /&gt;
|Pitsavas&lt;br /&gt;
|Konstantinos&lt;br /&gt;
|Konspits&lt;br /&gt;
|[[Modularisation: A modern process for project management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Kampianakis&lt;br /&gt;
|Andreas&lt;br /&gt;
|s150912&lt;br /&gt;
|[[Financial Portfolio Optimization Methods]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 13&lt;br /&gt;
|Penzes&lt;br /&gt;
|Balint&lt;br /&gt;
|s141943&lt;br /&gt;
|[[Product development and portfolio management processes at LEGO]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 6&lt;br /&gt;
|Hozmache&lt;br /&gt;
|Mihaela&lt;br /&gt;
|s146898&lt;br /&gt;
|[[Risk Management]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 14&lt;br /&gt;
|Le Corre&lt;br /&gt;
|Damien&lt;br /&gt;
|Damien&lt;br /&gt;
|[[Game theory in project management]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 14&lt;br /&gt;
|Bertrand&lt;br /&gt;
|Fabien&lt;br /&gt;
|150477&lt;br /&gt;
|[[Multi project management]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Cassel&lt;br /&gt;
|Sara&lt;br /&gt;
|Sarac&lt;br /&gt;
|[[The benefits of systems engineering]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 13&lt;br /&gt;
|Sergi&lt;br /&gt;
|Gibaja Musachs&lt;br /&gt;
|S141926&lt;br /&gt;
|[[Rapid Application Development in Extreme Project Management]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 14&lt;br /&gt;
|Poza&lt;br /&gt;
|María&lt;br /&gt;
|s150793&lt;br /&gt;
|[[Integrated Cost and Schedule Control]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 6&lt;br /&gt;
|Kulikova&lt;br /&gt;
|Nataliia&lt;br /&gt;
|s140767&lt;br /&gt;
|[[SCRUM Method]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Pekala&lt;br /&gt;
|Adam&lt;br /&gt;
|Adam.pekala&lt;br /&gt;
|[[Critical Path Method in Construction Industry]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 10&lt;br /&gt;
|Garnotel&lt;br /&gt;
|Gaëtan&lt;br /&gt;
|gaetangarnotel&lt;br /&gt;
|[[V-Model]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Ghanizada&lt;br /&gt;
|Naweed&lt;br /&gt;
|S103745&lt;br /&gt;
|[[PRINCE2, A Project Management Methodology]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 1&lt;br /&gt;
|Jacobsen&lt;br /&gt;
|Martin&lt;br /&gt;
|MistaJacob&lt;br /&gt;
|[[Mindfulness and Cognitive Biases in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 6&lt;br /&gt;
|Ferraresi&lt;br /&gt;
|Fabrizio&lt;br /&gt;
|S150905&lt;br /&gt;
|[[Projects in Controlled Environments, a process-based approach for project management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 5&lt;br /&gt;
|Tanghus&lt;br /&gt;
|Bjarke&lt;br /&gt;
|S113815&lt;br /&gt;
|[[Location Based Scheduling]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Højgaard Hindhede&lt;br /&gt;
|Daniel &lt;br /&gt;
|S143352 &lt;br /&gt;
|[[ Critical path optimization in construction management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 10&lt;br /&gt;
|Gayot&lt;br /&gt;
|Charles-Henri&lt;br /&gt;
|s141074&lt;br /&gt;
|[[Responsibility Assignment Matrix (RACI Matrix)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 12&lt;br /&gt;
|Thorp Sørensen&lt;br /&gt;
|Anders&lt;br /&gt;
|s103183&lt;br /&gt;
|[[The Gantt Chart]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 3&lt;br /&gt;
|Makris&lt;br /&gt;
|Dimitrios&lt;br /&gt;
|Dimak&lt;br /&gt;
|[[Benchmarking in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 7&lt;br /&gt;
|Greiling&lt;br /&gt;
|Lea&lt;br /&gt;
|Lea&lt;br /&gt;
|[[Lean in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Latorre Duque&lt;br /&gt;
|Ana&lt;br /&gt;
|Ana&lt;br /&gt;
| [[Modularity and Black-Boxing]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 7&lt;br /&gt;
|Almanzi&lt;br /&gt;
|Stefano&lt;br /&gt;
|S141530&lt;br /&gt;
|[[ Work Breakdown Structure (WBS)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 12&lt;br /&gt;
|Montagner&lt;br /&gt;
|Giacomo&lt;br /&gt;
|S150821&lt;br /&gt;
|[[Scrum Methodology in the Agile Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 14&lt;br /&gt;
|Ruiz Muñoz&lt;br /&gt;
|Gustavo Adolfo&lt;br /&gt;
|S121408&lt;br /&gt;
| [[Lean 6 Sigma in project management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 3&lt;br /&gt;
|Kalmus&lt;br /&gt;
|Thomas&lt;br /&gt;
|S141938&lt;br /&gt;
| [[Program evaluation and review technique (PERT) ]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 12&lt;br /&gt;
|Gudmundsson&lt;br /&gt;
|Arnar Gauti&lt;br /&gt;
|S141543&lt;br /&gt;
|[[Management of risk]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 5&lt;br /&gt;
|Jacobsen&lt;br /&gt;
|Ian Thobias&lt;br /&gt;
|S113735&lt;br /&gt;
|[[Story Points Estimation]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 11&lt;br /&gt;
|Boesgaard&lt;br /&gt;
|Katrine&lt;br /&gt;
|KB1991&lt;br /&gt;
|[[Gantt Chart]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 5&lt;br /&gt;
|Sorth-Olsen&lt;br /&gt;
|Rasmus&lt;br /&gt;
|Sorth90&lt;br /&gt;
|[[Lean as a project management tool]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 13&lt;br /&gt;
|Salling&lt;br /&gt;
|Stephanie&lt;br /&gt;
|StephSalling&lt;br /&gt;
|[[Management in E. Pihl &amp;amp; Søn A/S]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 6&lt;br /&gt;
|Ruina&lt;br /&gt;
|Jessica Linda&lt;br /&gt;
|Jejenji &lt;br /&gt;
|[[Scheduling techniques in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Gjerstrup&lt;br /&gt;
|Jacob&lt;br /&gt;
|s113440&lt;br /&gt;
|[[Fault tree analysis]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 11&lt;br /&gt;
|Lynge&lt;br /&gt;
|Jane&lt;br /&gt;
|s997303&lt;br /&gt;
|[[Theory of Constraint]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Palmerini&lt;br /&gt;
|Alessandro&lt;br /&gt;
|alex161&lt;br /&gt;
|[[Project Management Communication]] &lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Tvedt&lt;br /&gt;
|Ida Marie&lt;br /&gt;
|IMT&lt;br /&gt;
|[[BREEAM - project management and sustainable development]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Søndenaa&lt;br /&gt;
|Mathilde Hanssen&lt;br /&gt;
|s150621&lt;br /&gt;
|[[Critical chain project management (CCPM)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Helassalo&lt;br /&gt;
|Antti&lt;br /&gt;
|s141506&lt;br /&gt;
|[[Development phase of idea to project]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Thorning-Schmidt&lt;br /&gt;
|Nanna&lt;br /&gt;
|Nannats&lt;br /&gt;
|[[Earned Value Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 10&lt;br /&gt;
|Bureika&lt;br /&gt;
|Edvinas&lt;br /&gt;
|s141931&lt;br /&gt;
|[[Communication in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 1&lt;br /&gt;
|Rasmussen&lt;br /&gt;
|Marie-Louise&lt;br /&gt;
|DI2009&lt;br /&gt;
|[[Cross cultural teamwork]]&lt;br /&gt;
|-&lt;br /&gt;
|Group &lt;br /&gt;
|Lara Hoces&lt;br /&gt;
|Fernando&lt;br /&gt;
|s131882&lt;br /&gt;
|[[The Oticon Case: the Spaghetti organisation]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 13&lt;br /&gt;
|Christos&lt;br /&gt;
|Stamatis&lt;br /&gt;
|S145170&lt;br /&gt;
|[[Olympic Games London 2012: When the client strives for innovation (The London model)]]&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Group 5&lt;br /&gt;
|Moe&lt;br /&gt;
|Elizabeth Lindhard&lt;br /&gt;
|113129&lt;br /&gt;
|[[Contracting as a PM]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 3&lt;br /&gt;
|Lessis&lt;br /&gt;
|Vasileios&lt;br /&gt;
|lessisv&lt;br /&gt;
|[[Rational Unified Process (RUP)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Klibo Buur&lt;br /&gt;
|Christian&lt;br /&gt;
|Buurbuur&lt;br /&gt;
|[[Project Execution Model (PEM)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Bachmann&lt;br /&gt;
|Thomas&lt;br /&gt;
|s117318&lt;br /&gt;
|[[Lean Tools in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 11&lt;br /&gt;
|Vilar Bustos&lt;br /&gt;
|Alberto&lt;br /&gt;
|s142581&lt;br /&gt;
|[[Minimizing Risk and Uncertainties in Construction Projects]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 1&lt;br /&gt;
|Trap Wiegandt&lt;br /&gt;
|Sissel&lt;br /&gt;
|s112195&lt;br /&gt;
|[[The Critical Path Method (CPM)]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Christensen&lt;br /&gt;
|Britt Marie Lekven&lt;br /&gt;
|brittmch&lt;br /&gt;
|[[Lean in building and construction industry]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 5&lt;br /&gt;
|Vestergaard Andersen&lt;br /&gt;
|Andreas&lt;br /&gt;
|AndreasAndersen&lt;br /&gt;
|[[Management of Project Change ]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 7&lt;br /&gt;
|Ann-Elise&lt;br /&gt;
|Gustavsen&lt;br /&gt;
|Alise&lt;br /&gt;
|[[Stakeholder Analysis and Matrices ]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Krogh&lt;br /&gt;
|Daniel&lt;br /&gt;
|DanielKrogh&lt;br /&gt;
|[[Managing Uncertainty and Risk on the Project]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 7&lt;br /&gt;
|Fabio&lt;br /&gt;
|Labrini&lt;br /&gt;
|s142911&lt;br /&gt;
|[[Critical Chain Project Management to cope with uncertainty]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 1&lt;br /&gt;
|Viig&lt;br /&gt;
|Oliver Johannes&lt;br /&gt;
|s102935&lt;br /&gt;
|[[BIM as a project management tool on construction projects]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Federico&lt;br /&gt;
|Sbernini&lt;br /&gt;
|s141573&lt;br /&gt;
|[[The critical path method as input for quantitative schedule risk assessment]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 12&lt;br /&gt;
|Augustin&lt;br /&gt;
|Bouet&lt;br /&gt;
|s142823&lt;br /&gt;
|[[Metra Potential Method]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 7&lt;br /&gt;
|Eva Schultz&lt;br /&gt;
|Hansen&lt;br /&gt;
|s112960&lt;br /&gt;
|[[The Role of Boundary Objects in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 13&lt;br /&gt;
|Otiv&lt;br /&gt;
|Peter&lt;br /&gt;
|s145166&lt;br /&gt;
|[[Project Financing Initiative]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Juhasz&lt;br /&gt;
|Bianka Zsuzsanna&lt;br /&gt;
|Biankajuh&lt;br /&gt;
|[[Changing conversations based on the Stacey matrix]]&lt;br /&gt;
|-&lt;br /&gt;
|Group &lt;br /&gt;
|Rodrigues&lt;br /&gt;
|Rafael&lt;br /&gt;
|s150931&lt;br /&gt;
|[[Project Integration Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Camilla &lt;br /&gt;
|Flataukan&lt;br /&gt;
|s150801&lt;br /&gt;
|[[Mindfulness in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Søren  &lt;br /&gt;
|Thomsen&lt;br /&gt;
|s140046&lt;br /&gt;
|[[Organisational resilience with mindfulness]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 8&lt;br /&gt;
|Schrøder  &lt;br /&gt;
|Niklas&lt;br /&gt;
|Faker&lt;br /&gt;
|[[Theory of Constraints]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 11&lt;br /&gt;
|Herreros&lt;br /&gt;
|Maria&lt;br /&gt;
|s142597&lt;br /&gt;
|[[Early warning signals in project management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 3&lt;br /&gt;
|Larsen&lt;br /&gt;
|Martin T&lt;br /&gt;
|s103128&lt;br /&gt;
|[[Management of risk in projects]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 9&lt;br /&gt;
|Hoier&lt;br /&gt;
|Lasse Rasmus&lt;br /&gt;
|Lassehoier87&lt;br /&gt;
|[[Application of Antifragility in Project Management]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Shapel  &lt;br /&gt;
|Sarah Groot&lt;br /&gt;
|s152093&lt;br /&gt;
|[[Leadership styles]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 4&lt;br /&gt;
|Hammer  &lt;br /&gt;
|Jonas&lt;br /&gt;
|s113665&lt;br /&gt;
|[[The best milestone plan is simple but with depths!]]&lt;br /&gt;
|-&lt;br /&gt;
|Group 2&lt;br /&gt;
|Flataukan &lt;br /&gt;
|Camilla&lt;br /&gt;
|s150801&lt;br /&gt;
|[[Risk Profile in General Contracting]]&lt;br /&gt;
|}&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=8890</id>
		<title>Management of risk</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Management_of_risk&amp;diff=8890"/>
		<updated>2015-09-17T09:42:57Z</updated>

		<summary type="html">&lt;p&gt;S141543: Created page with &amp;quot;According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to posit...&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;According to ISO 31000 the definition of &amp;quot;risk&amp;quot; is &amp;quot;the effect of uncertainty on objectives&amp;quot;. Looking into that definition it is noted that the word &amp;quot;risk&amp;quot; does refer to positive possibilities as well as negative ones. This definition was revised under the ISO 31000:2009 before that, the definition of the word &amp;quot;risk&amp;quot; was &amp;quot;chance or probability of loss&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Management of risk&#039;&#039;&#039; involves identification, assessment, and prioritization of risks. Coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Program_management_in_change_management&amp;diff=8622</id>
		<title>Program management in change management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Program_management_in_change_management&amp;diff=8622"/>
		<updated>2015-09-15T13:00:26Z</updated>

		<summary type="html">&lt;p&gt;S141543: Created page with &amp;quot;In today’s fast moving environment where innovation in technology, globalisation, massive competition and new demands of the market changes continuously it is very important...&amp;quot;&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;In today’s fast moving environment where innovation in technology, globalisation, massive competition and new demands of the market changes continuously it is very important that companies go through constant changes to adapt to the world’s needs in order to be competitive in their respective field. In the process of pursuing its own goals, companies need to pay attention to the environment as well as going through continuous transformation and readjustment. By misunderstanding the goals set or deviating from the goals a company can lose its identity which can eventually lead to the overall failure of the company &amp;lt;ref&amp;gt;[(Katsioloudes, M. I., 2006).]&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
The theory of change management makes sure that companies maintain clear sight of the goals set and go through the change process as smoothly as possible. In other words, a structured approach for ensuring that changes are thoroughly and smoothly implemented, and that the lasting benefits of change are achieved. The focus is on the wider impacts of change, particularly on people and how they, as individuals and teams, move from the current situation to the new one &amp;lt;ref&amp;gt; [(Hashim, M., 2013).] &amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Program management is a key method in organisational change. It allows change managers to have an overview of the wide range of projects and activities that should be executed in order for the company to achieve the changes intended. The most important aspects of the program management is to provide overview for change managers, as well as making sure projects are executed properly, making sure the alignment of projects and assessing the risks involved.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== References ===&lt;br /&gt;
&amp;lt;References/&amp;gt;&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Articles_Fall_Term_2015&amp;diff=7621</id>
		<title>Articles Fall Term 2015</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Articles_Fall_Term_2015&amp;diff=7621"/>
		<updated>2015-09-08T18:42:05Z</updated>

		<summary type="html">&lt;p&gt;S141543: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Please complete this table with your name, user name and the title of your article.&lt;br /&gt;
&lt;br /&gt;
To create more lines in the table click &#039;&#039;&#039;Edit&#039;&#039;&#039; and use the following code to create more lines in the table and replace the example text with your own information:&lt;br /&gt;
&lt;br /&gt;
&amp;lt;pre style=&amp;quot;white-space: pre-wrap; &lt;br /&gt;
white-space: -moz-pre-wrap; &lt;br /&gt;
white-space: -pre-wrap; &lt;br /&gt;
white-space: -o-pre-wrap; &lt;br /&gt;
word-wrap: break-word;&amp;quot;&amp;gt;&lt;br /&gt;
|Last Name here&lt;br /&gt;
|First Name here&lt;br /&gt;
|User Name here&lt;br /&gt;
|Article Title and Link here&lt;br /&gt;
|-&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
The straight lines ( | ) create columns and the straight line with a dash ( |- ) creates a new row in the table.&lt;br /&gt;
( |} ) is only used at the very end to finish the coding for the table.&lt;br /&gt;
&amp;lt;/pre&amp;gt;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=Overview of 2015 Wiki Articles=&lt;br /&gt;
&lt;br /&gt;
{| class=&amp;quot;wikitable&amp;quot;&lt;br /&gt;
|+Fall 2015&lt;br /&gt;
|-&lt;br /&gt;
|Kampianakis&lt;br /&gt;
|Andreas&lt;br /&gt;
|s150912&lt;br /&gt;
|Financial Portfolio Optimization Methods&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Penzes&lt;br /&gt;
|Balint&lt;br /&gt;
|s141943&lt;br /&gt;
|Article Title and Link here&lt;br /&gt;
|-&lt;br /&gt;
|Kulikova&lt;br /&gt;
|Nataliia&lt;br /&gt;
|s140767&lt;br /&gt;
|SCRUM Method&lt;br /&gt;
|-&lt;br /&gt;
|Pekala&lt;br /&gt;
|Adam&lt;br /&gt;
|Adam.pekala&lt;br /&gt;
|Critical Path Method (in Construction)&lt;br /&gt;
|-&lt;br /&gt;
|Garnotel&lt;br /&gt;
|Gaëtan&lt;br /&gt;
|gaetangarnotel&lt;br /&gt;
|[[V-Model]]&lt;br /&gt;
|-&lt;br /&gt;
|Ghanizada&lt;br /&gt;
|Naweed&lt;br /&gt;
|S103745&lt;br /&gt;
|PRINCE2, A Project Management Methodology&lt;br /&gt;
|-&lt;br /&gt;
|Jacobsen&lt;br /&gt;
|Martin&lt;br /&gt;
|MistaJacob&lt;br /&gt;
|Article Title and Link here&lt;br /&gt;
|-&lt;br /&gt;
|Ferraresi&lt;br /&gt;
|Fabrizio&lt;br /&gt;
|S150905&lt;br /&gt;
|Projects in Controlled Environments, a process-based approach for project management&lt;br /&gt;
|-&lt;br /&gt;
|Poza&lt;br /&gt;
|María&lt;br /&gt;
|S150793&lt;br /&gt;
|Integrated Cost and Schedule Control&lt;br /&gt;
|-&lt;br /&gt;
|Tanghus&lt;br /&gt;
|Bjarke&lt;br /&gt;
|S113815&lt;br /&gt;
|Location Based Scheduling&lt;br /&gt;
|-&lt;br /&gt;
|Højgaard Hindhede&lt;br /&gt;
|Daniel &lt;br /&gt;
|S143352&lt;br /&gt;
|Critical path optimization in construction management  &lt;br /&gt;
|-&lt;br /&gt;
|Le Corre&lt;br /&gt;
|Damien&lt;br /&gt;
|Damien&lt;br /&gt;
|Game theory in project management&lt;br /&gt;
|-&lt;br /&gt;
|Gayot&lt;br /&gt;
|Charles-Henri&lt;br /&gt;
|s141074&lt;br /&gt;
|Responsibility assignment matrix&lt;br /&gt;
|-&lt;br /&gt;
|Thorp Sørensen&lt;br /&gt;
|Anders&lt;br /&gt;
|s103183&lt;br /&gt;
|The Gantt Chart&lt;br /&gt;
|-&lt;br /&gt;
|Bertrand &lt;br /&gt;
|Fabien&lt;br /&gt;
|s150477&lt;br /&gt;
|Multi-projects: Planning optimization and conflict management&lt;br /&gt;
|-&lt;br /&gt;
|Makris&lt;br /&gt;
|Dimitrios&lt;br /&gt;
|Dimak&lt;br /&gt;
|Benchmarking in Project Management&lt;br /&gt;
|-&lt;br /&gt;
|Greiling&lt;br /&gt;
|Lea&lt;br /&gt;
|Lea&lt;br /&gt;
|Lean in Project Management&lt;br /&gt;
|-&lt;br /&gt;
|Latorre Duque&lt;br /&gt;
|Ana&lt;br /&gt;
|Ana&lt;br /&gt;
| Black-Boxing and Modularity&lt;br /&gt;
|-&lt;br /&gt;
|Almanzi&lt;br /&gt;
|Stefano&lt;br /&gt;
|S141530&lt;br /&gt;
| Work Breakdown Structure (WBS)&lt;br /&gt;
|-&lt;br /&gt;
|Montagner&lt;br /&gt;
|Giacomo&lt;br /&gt;
|S150821&lt;br /&gt;
|Scrum Methodology in Agile Project Management&lt;br /&gt;
|-&lt;br /&gt;
|Ruiz Muñoz&lt;br /&gt;
|Gustavo Adolfo&lt;br /&gt;
|S150821&lt;br /&gt;
|6 Sigma in project management&lt;br /&gt;
|-&lt;br /&gt;
|Kalmus&lt;br /&gt;
|Thomas&lt;br /&gt;
|S141938&lt;br /&gt;
|Critical chain theory&lt;br /&gt;
|-&lt;br /&gt;
|-&lt;br /&gt;
|Gudmundsson&lt;br /&gt;
|Arnar Gauti&lt;br /&gt;
|S141543&lt;br /&gt;
|Program management in change management&lt;br /&gt;
|-&lt;br /&gt;
}&lt;/div&gt;</summary>
		<author><name>S141543</name></author>
	</entry>
</feed>