<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en-GB">
	<id>http://13.50.150.85/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Saeh0803</id>
	<title>DTU ProjectLab - User contributions [en-gb]</title>
	<link rel="self" type="application/atom+xml" href="http://13.50.150.85/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Saeh0803"/>
	<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php/Special:Contributions/Saeh0803"/>
	<updated>2026-07-14T19:47:00Z</updated>
	<subtitle>User contributions</subtitle>
	<generator>MediaWiki 1.43.3</generator>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5487</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5487"/>
		<updated>2014-11-30T20:50:58Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
Further information about M_O_R and ISO 31000:2009 is available in Michael Dallas report [http://www.best-managementpractice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project. To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple; you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis  Risk_analysis] which is described more in detail. I will not go in too details in this reports, because another one is writing.  &lt;br /&gt;
By defining risk management processes for your company, you get closer to success by minimizing or completely eliminating any kind of risks that could have a negative impact on the the project. This lets you to fulfill the targets within the allowed budget and time deadlines. If the risk management strategies are not defined properly then the project could be more prone to deficiencies and failures. Effective risk management strategies helps to overcome the extra expenses that do not produce a return on investment and it also helps to maximize the profits. Through detailed analysis, clever leaders prioritize the on going work based on the results produced, despite the odds.&lt;br /&gt;
&lt;br /&gt;
Assessing and managing risks is the best weapon you have against project&#039;s deficiencies. By identifying the risk management within the projects plan and strategies, you will improve your chances for a successful project even if  the project is not a perfect project. Risk management is a way of success if you manage it in a correct way by making use of the correct framework and identifying all the risks that could have a negative impact on your project.&lt;br /&gt;
&lt;br /&gt;
You can always use your projects result to the next project that what should be better on next project and which phases you should put more attention. An effective risks management will always help you to minimize the negative impacts of activities that could be a big problem for your projects and your organization.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5484</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5484"/>
		<updated>2014-11-30T20:44:41Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
Further information about M_O_R and ISO 31000:2009 is available in Michael Dallas report [http://www.best-managementpractice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project. To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple; you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis  Risk_analysis] which is described more in detail. I will not go in too details in this reports, because another one is writing.  &lt;br /&gt;
By defining risk management processes for your company, you get closer to success by minimizing or completely eliminating any kind of risks that could have a negative impact on the the project. This lets you to fulfill the targets within the allowed budget and time deadlines. If the risk management strategies are not defined properly then the project could be more prone to deficiencies and failures. Effective risk management strategies helps to overcome the extra expenses that do not produce a return on investment and it also helps to maximize the profits. Through detailed analysis, clever leaders prioritize the on going work based on the results produced, despite the odds.&lt;br /&gt;
&lt;br /&gt;
Assessing and managing risks is the best weapon you have against project&#039;s deficiencies. By identifying the risk management within the projects plan and strategies, you will improve your chances for a successful project even if  the project is not a perfect project. Risk management is a way of success if you manage it in a correct way by making use of the correct framework and identifying all the risks that could have a negative impact on your project.&lt;br /&gt;
You can always use your projects result to the next project that what should be better on next project and which phases you should put more attention. An effective risks management will always help you to minimize the negative impacts of activities that could be a big problem for your projects and your organization.&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5482</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5482"/>
		<updated>2014-11-30T20:43:38Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
Further information about M_O_R and ISO 31000:2009 is available in Michael Dallas report [http://www.best-managementpractice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project. To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple; you can maybe use it for a very small project. You can visit | Risk_analysis which is described more in detail. I will not go in too details in this reports, because another one is writing.  &lt;br /&gt;
By defining risk management processes for your company, you get closer to success by minimizing or completely eliminating any kind of risks that could have a negative impact on the the project. This lets you to fulfill the targets within the allowed budget and time deadlines. If the risk management strategies are not defined properly then the project could be more prone to deficiencies and failures. Effective risk management strategies helps to overcome the extra expenses that do not produce a return on investment and it also helps to maximize the profits. Through detailed analysis, clever leaders prioritize the on going work based on the results produced, despite the odds.&lt;br /&gt;
&lt;br /&gt;
Assessing and managing risks is the best weapon you have against project&#039;s deficiencies. By identifying the risk management within the projects plan and strategies, you will improve your chances for a successful project even if  the project is not a perfect project. Risk management is a way of success if you manage it in a correct way by making use of the correct framework and identifying all the risks that could have a negative impact on your project.&lt;br /&gt;
You can always use your projects result to the next project that what should be better on next project and which phases you should put more attention. An effective risks management will always help you to minimize the negative impacts of activities that could be a big problem for your projects and your organization.&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5468</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5468"/>
		<updated>2014-11-30T20:30:08Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
Further information about M_O_R and ISO 31000:2009 is available in Michael Dallas report [http://www.best-managementpractice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5466</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5466"/>
		<updated>2014-11-30T20:28:49Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
Further information about M_O_R and ISO 31000:2009 is available in Michael Dallas report[http://www.best-management practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5464</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5464"/>
		<updated>2014-11-30T20:26:07Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. &lt;br /&gt;
&lt;br /&gt;
M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R].&lt;br /&gt;
&lt;br /&gt;
It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5463</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5463"/>
		<updated>2014-11-30T20:24:13Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to [http://bcove.me/qvtxp001 M_O_R] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk. It is a framework for the management of risk at different levels of of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives [M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities. In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5451</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5451"/>
		<updated>2014-11-30T20:15:57Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5448</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5448"/>
		<updated>2014-11-30T20:13:30Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
	By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
	By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
In the first option many standard guidelines and analysis can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others. The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size. ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis - consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* Communication and consultation, and monitoring and review&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5440</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5440"/>
		<updated>2014-11-30T20:00:01Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Three Levels of operational risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
Risk management does not tell you to take a number of actions to tackel or facilitate an unexpected situation. It is a framework that helps you to apply leadership at all levels to meet project&#039;s requirements and to improve the project&#039;s result.&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5436</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5436"/>
		<updated>2014-11-30T19:51:41Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Three Levels of operational risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
At this level, top managers should not expect that all process would be accomplished without defects, free errors, flaws or less than perfect projects, demanding such a standard leads to over management and paralysis. It creates nervous leaders, that can be afraid to make tough decisions in crisis and unwilling to take risks necessary for success in projects, In this level op managers must be aware of risk management, understand it and must be ready to support a project manager’s decision in those situations. The top managers must accept that things may go wrong, even if a project manager has a lot of experience and knowledge in that area. In this level the risks has a very high impact in the organization, because you will define the risks based on your Business Plan and Processes, where strategic goals are defined. These risks are expected to be managed by the organization’s CEO [Operational Risk Management, February 2002]&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the projects. It provides the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project.&lt;br /&gt;
There always should be a connection between strategic and tactical level, the vision or mission statements defines in strategic level and the projects, programmes, their deliverables and its requirements describes in tactical level. Many projects fail because of less communication between strategic vision and tactical project deliverables and requirements. [Integrated Risk Management, as a framework for Organizational Success].&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5415</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5415"/>
		<updated>2014-11-30T19:35:00Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Benefit of risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. These four factors are a part of [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse]. By identifying your projects strengths and opportunities you can reduce the weaknesses and threats and there by your project’s risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management]. There are many reasons for managing risks. Here are some main reasons: First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those [Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5412</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5412"/>
		<updated>2014-11-30T19:32:35Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* What is risk? */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5407</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5407"/>
		<updated>2014-11-30T19:29:43Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Definition of risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
&lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5404</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5404"/>
		<updated>2014-11-30T19:28:59Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Definition of risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
Frank Knigh’s definition is more useful according to project, program and portfolio management. In many projects, risk is the uncertainty, which is associated with any kind of the action and projects in organization’s context that must understand and effectively manage during the project’s process and improve the results [Luce and Raiffa]. &lt;br /&gt;
Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management,concepts and methods].&lt;br /&gt;
 To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=5403</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=5403"/>
		<updated>2014-11-30T19:27:27Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic in each area in our society. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4944</id>
		<title>Talk:Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4944"/>
		<updated>2014-11-29T17:57:57Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* s132463 Review */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Sube - Review ==&lt;br /&gt;
&lt;br /&gt;
Greetings Risk management writer &lt;br /&gt;
&lt;br /&gt;
* Answer: Hi :)&lt;br /&gt;
&lt;br /&gt;
First of all, congratulation you wrote you first wiki style article!&lt;br /&gt;
* Answer: Thanks :)&lt;br /&gt;
&lt;br /&gt;
Second, NOTE that the text flows to the right... I do not know how to fix this...&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
 * Your english is pretty good and understandable:) &lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks&lt;br /&gt;
&lt;br /&gt;
 * General speaking. Be more concrete about what you are writing, remember the reader do not know what you have in mind when writing it... &lt;br /&gt;
Ex. First line &amp;quot;abstract&amp;quot; &#039;&#039;...in each area.&#039;&#039;&lt;br /&gt;
 - which areas... This issue is present around the article. And improved, would make it much more reader freindly.&lt;br /&gt;
&lt;br /&gt;
* Answer: this is now corrected and described more specific.&lt;br /&gt;
&lt;br /&gt;
 * Try to make the text more compressed and concrete. Words and add-on words that dont add value to the sentence should more or less not be there.  &lt;br /&gt;
&lt;br /&gt;
 * Take note of long sentences try to rewrite or divide them... They are present:)&lt;br /&gt;
* Answer: check :) I try to rewrite and make my sentences shorter &lt;br /&gt;
&lt;br /&gt;
 * Maybe use some example of best practice cases to further inhance the truthness of your writing.&lt;br /&gt;
* Answer: I will try to fine some good examples, you are right, it could be more interesting &lt;br /&gt;
&lt;br /&gt;
 * A suggestion; Have you heart about Monte Carlo Method regarding Risk Management/Analysis. This perspective could be interesting.&lt;br /&gt;
&lt;br /&gt;
* Yes, I have, I will use it in my article :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Abstract&#039;&#039;&#039;&lt;br /&gt;
 - To start with I would place the abstract in the beginning of the document, followed by a table of content...&lt;br /&gt;
&lt;br /&gt;
 - Moreover, I would add a general introduction, maybe without heading, to explain why risk management is important, this way make the reader more intreaked.&lt;br /&gt;
 &lt;br /&gt;
 - I think the Abstract could be rewritten, if you catch the reader here they will read the entire thing:) &lt;br /&gt;
 &lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Defination&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Definition is spelled like this, you do spell it right in the text though:) then definition of what? I would call it &amp;quot;Risk Management&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;What is risk&#039;&#039;&#039;    &lt;br /&gt;
&lt;br /&gt;
 - What is risk is a question and whould be ended with ?. Maybe Definition of risk instead... &lt;br /&gt;
When talking about the word risk,I would put the topic before Defination, as is explain some aspects of this topic.&lt;br /&gt;
&lt;br /&gt;
* Answer: HMMM, I think I do this part a bit different, because I released that Definition and what is the risk is same :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Benefit of risk management and why risk management&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Revisit; &amp;quot;Benefit of risk management and why risk management&amp;quot;, title cuold be more focused. You dont really answer why risk management?.&lt;br /&gt;
&lt;br /&gt;
* Answer: actually, benefit of risk is answer of why risk, because, you chose to define the risks, so you have benefit of it, but maybe I can be more specific :) &lt;br /&gt;
&lt;br /&gt;
First line isnt that a SWOT. Maybe: risk managment do the same as a SWOT analysis, by evaluating both S, W, T and O ... And why does is avaluate this?&lt;br /&gt;
&lt;br /&gt;
*Answer: YES, it is SWOT, and I will reference to SWOT, maybe its a good idea and help reader. &lt;br /&gt;
&lt;br /&gt;
 - Reference .16. &amp;quot;There are many reasons to manage risk&amp;quot; - is it where the benefits come from`? &lt;br /&gt;
Then I would move the reference. Otherwise I think it is a wierd reference:)&lt;br /&gt;
&lt;br /&gt;
 - Small Note: . after the first 7 bullet points none after...&lt;br /&gt;
&lt;br /&gt;
* Answer: YES, thanks :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
 &#039;&#039;&#039;Three levels of operational risk management&#039;&#039;&#039;&lt;br /&gt;
 - Honestly I think this part is vaid. Maybe rearrange to focus on projects, programs and portfolio? What are the risks here&lt;br /&gt;
* I try to fine some examples in all three levels, if I could, then I will remove this part :)&lt;br /&gt;
&lt;br /&gt;
 - Another thing i notest, isnt it called; Strategic, Tactical and Operational level?&lt;br /&gt;
&lt;br /&gt;
* Answer: yes you are right, it is corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;How to develop a risk analysis&#039;&#039;&#039;&lt;br /&gt;
 - First line... Again be specific ex. Risk can develop in two different ways... Risk Management can be developed in .... &lt;br /&gt;
&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
I think the second way (second bulletpoing) is nonsence, dont get me wrong:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually, that is a part of guide, its not something I found out :)&lt;br /&gt;
&lt;br /&gt;
 - What is M_O_R? or what does it stand for?&lt;br /&gt;
* Answer: I will add this, thanks :)&lt;br /&gt;
&lt;br /&gt;
 - Good with ISO standarts:) Maybe make a list: ISO blabla - does this/provides this ect. &lt;br /&gt;
I suggest in bulletpoints. This would make it more illustrative and as a reader it provides a nice overview... &lt;br /&gt;
&lt;br /&gt;
* Answer: I add a table, which shows differences between M_O_R and ISO. it can help reader to chose the correct framework :)&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;An example on how to identify your projects risks&#039;&#039;&#039;&lt;br /&gt;
 - Title:) Risk Management in Practice - just a suggestion from my side.&lt;br /&gt;
&lt;br /&gt;
* Thanks :) I used your suggestion :)&lt;br /&gt;
&lt;br /&gt;
 - It would be more appropriate in bulletpoints suplemented by text. Step by step what do you have to do?&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
I would add a wrapup to end the article, somehow answering what you tried to figure out...&lt;br /&gt;
&lt;br /&gt;
* Answer: I think it is difficult to explain it with bulletpoints, thats why I tried to explain it in shorts&lt;br /&gt;
&lt;br /&gt;
Hope you can use atleast some of my review... Good Luck Have Fun:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks for your feedback, it helps me a lot to improve my article. You pointed those points that I didn&#039;t were aware of :)&lt;br /&gt;
&lt;br /&gt;
thanks alot once again&lt;br /&gt;
have a nice weekend&lt;br /&gt;
Best regards&lt;br /&gt;
Saeh0803&lt;br /&gt;
&lt;br /&gt;
== s132463 Review ==&lt;br /&gt;
&lt;br /&gt;
* Hi S132463 :)&lt;br /&gt;
&lt;br /&gt;
I like that you aim at defining risk and risk management before going into concrete examples. Also the use of many sources is good, as it gives the reader opportunity to read more on the topic. Maybe use more journal article style as references, rather than e-newspaper articles. Empirical evidence and good research is preferable.&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks :) My references were not finished in that time, so now I changed style of it :)&lt;br /&gt;
&lt;br /&gt;
However, I see the article as a whole having the following general flaws:&lt;br /&gt;
*The is no distinct red-thread through the article. I can see what you are trying to do, and I think the general layout/chapters are a good idea. The chapters just do not link in any way. Make sure to finish each chapter with some sort of conclusion, to clearly state what is learned. &lt;br /&gt;
&lt;br /&gt;
* Answer: Actually the headlines are more in order and there is a connection between them, thats why I didn&#039;t make a connections between the text&lt;br /&gt;
&lt;br /&gt;
*Many of the first chapters pretty much say the same thing, with minor changes. Be sure to write about the specific topic within the headline of the chapter. No information should be stated twice, unless it is in relation/discussion with something new.&lt;br /&gt;
&lt;br /&gt;
* Answer: I reread it again an try to delete the parts which are repeated :)&lt;br /&gt;
&lt;br /&gt;
*References should be done in wiki style references and with appropriate annotation of source (author(s), year, journal name, etc.). &lt;br /&gt;
**&amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;Information here. This is what can be found in the bottom.&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;&lt;br /&gt;
**You can reference to the same by using the &amp;quot;RefName&amp;quot; like this: &amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;. Be aware  that Ref-names are case sensitive.&lt;br /&gt;
**Include &amp;lt;/references&amp;gt; at the bottom of your page to get all reference information shown&lt;br /&gt;
*Include categories to your article (see front page here on the apppm.wiki). fx &amp;lt;nowiki&amp;gt;[[Category:Uncertainty]]&amp;lt;/nowiki&amp;gt;. This should just be added somewhere in the wiki-code. Maybe as the very last.&lt;br /&gt;
&lt;br /&gt;
* Answer: check&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== &amp;quot;Introduction&amp;quot; ===&lt;br /&gt;
* You write &amp;quot;...this article focuses on for example...&amp;quot;. I think the focus of the article should be clearly stated, not mentioned as an example&lt;br /&gt;
* The NOTE at the end should link to the actual wiki pages (link by typing &amp;lt;nowiki&amp;gt;[[&amp;quot;Category Name&amp;quot;]] fx. [[Risk management]]&amp;lt;/nowiki&amp;gt; , beware that page names are case sensitive). Link to this page: [[Risk management]]&lt;br /&gt;
&lt;br /&gt;
* Answer Done :)&lt;br /&gt;
&lt;br /&gt;
=== Definition of risk management ===&lt;br /&gt;
I like the general idea of starting with description of risk, then risk management and how risk assesment is used.&lt;br /&gt;
&lt;br /&gt;
* Answer: thanks :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*I find the start of this chapter to be fine, but when you spend a lot of different sources to define risk in different ways, you should briefly discuss what the differences on the definitions actually mean. What definition do you assume?&lt;br /&gt;
&lt;br /&gt;
* Answer: I will do&lt;br /&gt;
&lt;br /&gt;
*The second part where you talk about how risk management is used, you can be a bit more direct in your description. I&#039;m not quite sure what direction you try to direct my attention/understanding. Try to clearly answer: How is risk used? Why is risk used? What implications when using? What implications when not using? etc. - I can see what you try to do, but the red thread is a bit hard to find when reading it.&lt;br /&gt;
&lt;br /&gt;
=== What is risk ===&lt;br /&gt;
*Again I am not 100% sure what you are trying to tell me as the reader. Defining the risk (again again)? Talking about what risk can actually be? I suggest you describe more different actual examples of risk (like the example of 6/12 months) and then call the chapter &amp;quot;Examples of Risk&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually you are right, the definition and what is risk is same, I try to change this part.&lt;br /&gt;
&lt;br /&gt;
=== Benefit of risk management and why risk management ===&lt;br /&gt;
*Nice with a bullet list of benefits, but I miss some sort of conclusion or specific declaration of &amp;quot;why risk management&amp;quot;.&lt;br /&gt;
*Reference on bullets?&lt;br /&gt;
&lt;br /&gt;
=== Three levels of operational risk management ===&lt;br /&gt;
*Strategic level: &lt;br /&gt;
**What is risk demand? why does strategic operational relate to this? I think this should be stated more clearly&lt;br /&gt;
**I find it somewhat unclear what risk management at the strategic level actually is. Try to be clear in your definitions.&lt;br /&gt;
*Tactical level:&lt;br /&gt;
&lt;br /&gt;
I will do&lt;br /&gt;
&lt;br /&gt;
**I find the information to be okay. However, this specific chapter is not very well-written. Consider rewriting to make sure the reader understand what you try to convey.&lt;br /&gt;
&lt;br /&gt;
*Dynamic level:&lt;br /&gt;
**What is the dynamic level? Normally I would think strategic, tactical, and operational are the three organisational levels.&lt;br /&gt;
&lt;br /&gt;
Answer: Corrected&lt;br /&gt;
&lt;br /&gt;
=== How to develop a risk analysis ===&lt;br /&gt;
*I suppose first line should be: Risk analysis can develop in two different ways &lt;br /&gt;
*The comparison of ISO 31010 and M_O_R is a bit hard to follow. Be clear about what the differences are. Maybe set up a table, similar points of explanation or similar, and then do the comparison and discussion of differences.&lt;br /&gt;
&lt;br /&gt;
* Answer I add a table, which shows the differences of it, thanks :)&lt;br /&gt;
&lt;br /&gt;
=== An example of how to identify your project&#039;s risk ===&lt;br /&gt;
*What source(s) is/(are) used here?&lt;br /&gt;
* Answer: Actually, I tried to write the way I do, when I make a risk analyse, and I don&#039;t know which source I should use, because its something I found by myself.. 1. brainstorm- 2. prioritize the risk 3. assign each risk to  a group member after their experience and skills. but yea I used the risk Matrix. &lt;br /&gt;
&lt;br /&gt;
*I like the idea of describing an example of how to identify risk. However, the example is very short and provides very little information. Consider what you want to say with this chapter.&lt;br /&gt;
&lt;br /&gt;
*Answer, Thanks :) okay I try &lt;br /&gt;
&lt;br /&gt;
*The &amp;quot;second part&amp;quot; where you describe how risk should be assigned; Is that really a general way of doing risk analysis? &lt;br /&gt;
* Answer, maybe :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*Try to combine the knowledge gained through previous chapters in this example. Since this ends the article, it should act as a conclusion/sum-up of important knowledge gained through the entire article&lt;br /&gt;
&lt;br /&gt;
*Pictures should contain a text description. Also, are the pictures covered by copyright?&lt;br /&gt;
&lt;br /&gt;
* Answer: It is something I done by myself, so its not something I copied from anything or any place, thats why I don&#039;t have any reference on it.&lt;br /&gt;
&lt;br /&gt;
== TigR helping ==&lt;br /&gt;
&lt;br /&gt;
I thought you might want to use this picture: http://apppm.man.dtu.dk/index.php/File:Risk_Management_from_ISO31000.JPG&lt;br /&gt;
I use a version of it in my article on Risk Analysis.. (also consider linking to my article where it is applicable. :)&lt;br /&gt;
Also.. you might not want to be too detailed on the &amp;quot;Risk Analysis&amp;quot; part.. instead let me know if I have missed out on some points which you mention.&lt;br /&gt;
&lt;br /&gt;
Answer: Thanks, I referenced to your article now :) and yea I didn&#039;t went in too detail on risk analysis, because you are writing about it, but thanks for the idea :)&lt;br /&gt;
&lt;br /&gt;
hilsen&lt;br /&gt;
Saeh0803&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4942</id>
		<title>Talk:Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4942"/>
		<updated>2014-11-29T17:56:47Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* TigR helping */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Sube - Review ==&lt;br /&gt;
&lt;br /&gt;
Greetings Risk management writer &lt;br /&gt;
&lt;br /&gt;
* Answer: Hi :)&lt;br /&gt;
&lt;br /&gt;
First of all, congratulation you wrote you first wiki style article!&lt;br /&gt;
* Answer: Thanks :)&lt;br /&gt;
&lt;br /&gt;
Second, NOTE that the text flows to the right... I do not know how to fix this...&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
 * Your english is pretty good and understandable:) &lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks&lt;br /&gt;
&lt;br /&gt;
 * General speaking. Be more concrete about what you are writing, remember the reader do not know what you have in mind when writing it... &lt;br /&gt;
Ex. First line &amp;quot;abstract&amp;quot; &#039;&#039;...in each area.&#039;&#039;&lt;br /&gt;
 - which areas... This issue is present around the article. And improved, would make it much more reader freindly.&lt;br /&gt;
&lt;br /&gt;
* Answer: this is now corrected and described more specific.&lt;br /&gt;
&lt;br /&gt;
 * Try to make the text more compressed and concrete. Words and add-on words that dont add value to the sentence should more or less not be there.  &lt;br /&gt;
&lt;br /&gt;
 * Take note of long sentences try to rewrite or divide them... They are present:)&lt;br /&gt;
* Answer: check :) I try to rewrite and make my sentences shorter &lt;br /&gt;
&lt;br /&gt;
 * Maybe use some example of best practice cases to further inhance the truthness of your writing.&lt;br /&gt;
* Answer: I will try to fine some good examples, you are right, it could be more interesting &lt;br /&gt;
&lt;br /&gt;
 * A suggestion; Have you heart about Monte Carlo Method regarding Risk Management/Analysis. This perspective could be interesting.&lt;br /&gt;
&lt;br /&gt;
* Yes, I have, I will use it in my article :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Abstract&#039;&#039;&#039;&lt;br /&gt;
 - To start with I would place the abstract in the beginning of the document, followed by a table of content...&lt;br /&gt;
&lt;br /&gt;
 - Moreover, I would add a general introduction, maybe without heading, to explain why risk management is important, this way make the reader more intreaked.&lt;br /&gt;
 &lt;br /&gt;
 - I think the Abstract could be rewritten, if you catch the reader here they will read the entire thing:) &lt;br /&gt;
 &lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Defination&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Definition is spelled like this, you do spell it right in the text though:) then definition of what? I would call it &amp;quot;Risk Management&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;What is risk&#039;&#039;&#039;    &lt;br /&gt;
&lt;br /&gt;
 - What is risk is a question and whould be ended with ?. Maybe Definition of risk instead... &lt;br /&gt;
When talking about the word risk,I would put the topic before Defination, as is explain some aspects of this topic.&lt;br /&gt;
&lt;br /&gt;
* Answer: HMMM, I think I do this part a bit different, because I released that Definition and what is the risk is same :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Benefit of risk management and why risk management&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Revisit; &amp;quot;Benefit of risk management and why risk management&amp;quot;, title cuold be more focused. You dont really answer why risk management?.&lt;br /&gt;
&lt;br /&gt;
* Answer: actually, benefit of risk is answer of why risk, because, you chose to define the risks, so you have benefit of it, but maybe I can be more specific :) &lt;br /&gt;
&lt;br /&gt;
First line isnt that a SWOT. Maybe: risk managment do the same as a SWOT analysis, by evaluating both S, W, T and O ... And why does is avaluate this?&lt;br /&gt;
&lt;br /&gt;
*Answer: YES, it is SWOT, and I will reference to SWOT, maybe its a good idea and help reader. &lt;br /&gt;
&lt;br /&gt;
 - Reference .16. &amp;quot;There are many reasons to manage risk&amp;quot; - is it where the benefits come from`? &lt;br /&gt;
Then I would move the reference. Otherwise I think it is a wierd reference:)&lt;br /&gt;
&lt;br /&gt;
 - Small Note: . after the first 7 bullet points none after...&lt;br /&gt;
&lt;br /&gt;
* Answer: YES, thanks :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
 &#039;&#039;&#039;Three levels of operational risk management&#039;&#039;&#039;&lt;br /&gt;
 - Honestly I think this part is vaid. Maybe rearrange to focus on projects, programs and portfolio? What are the risks here&lt;br /&gt;
* I try to fine some examples in all three levels, if I could, then I will remove this part :)&lt;br /&gt;
&lt;br /&gt;
 - Another thing i notest, isnt it called; Strategic, Tactical and Operational level?&lt;br /&gt;
&lt;br /&gt;
* Answer: yes you are right, it is corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;How to develop a risk analysis&#039;&#039;&#039;&lt;br /&gt;
 - First line... Again be specific ex. Risk can develop in two different ways... Risk Management can be developed in .... &lt;br /&gt;
&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
I think the second way (second bulletpoing) is nonsence, dont get me wrong:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually, that is a part of guide, its not something I found out :)&lt;br /&gt;
&lt;br /&gt;
 - What is M_O_R? or what does it stand for?&lt;br /&gt;
* Answer: I will add this, thanks :)&lt;br /&gt;
&lt;br /&gt;
 - Good with ISO standarts:) Maybe make a list: ISO blabla - does this/provides this ect. &lt;br /&gt;
I suggest in bulletpoints. This would make it more illustrative and as a reader it provides a nice overview... &lt;br /&gt;
&lt;br /&gt;
* Answer: I add a table, which shows differences between M_O_R and ISO. it can help reader to chose the correct framework :)&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;An example on how to identify your projects risks&#039;&#039;&#039;&lt;br /&gt;
 - Title:) Risk Management in Practice - just a suggestion from my side.&lt;br /&gt;
&lt;br /&gt;
* Thanks :) I used your suggestion :)&lt;br /&gt;
&lt;br /&gt;
 - It would be more appropriate in bulletpoints suplemented by text. Step by step what do you have to do?&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
I would add a wrapup to end the article, somehow answering what you tried to figure out...&lt;br /&gt;
&lt;br /&gt;
* Answer: I think it is difficult to explain it with bulletpoints, thats why I tried to explain it in shorts&lt;br /&gt;
&lt;br /&gt;
Hope you can use atleast some of my review... Good Luck Have Fun:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks for your feedback, it helps me a lot to improve my article. You pointed those points that I didn&#039;t were aware of :)&lt;br /&gt;
&lt;br /&gt;
thanks alot once again&lt;br /&gt;
have a nice weekend&lt;br /&gt;
Best regards&lt;br /&gt;
Saeh0803&lt;br /&gt;
&lt;br /&gt;
== s132463 Review ==&lt;br /&gt;
&lt;br /&gt;
* Hi S132463 :)&lt;br /&gt;
&lt;br /&gt;
I like that you aim at defining risk and risk management before going into concrete examples. Also the use of many sources is good, as it gives the reader opportunity to read more on the topic. Maybe use more journal article style as references, rather than e-newspaper articles. Empirical evidence and good research is preferable.&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks :) My references were not finished in that time, so now I changed style of it :)&lt;br /&gt;
&lt;br /&gt;
However, I see the article as a whole having the following general flaws:&lt;br /&gt;
*The is no distinct red-thread through the article. I can see what you are trying to do, and I think the general layout/chapters are a good idea. The chapters just do not link in any way. Make sure to finish each chapter with some sort of conclusion, to clearly state what is learned. &lt;br /&gt;
&lt;br /&gt;
* Answer: Actually the headlines are more in order and there is a connection between them, thats why I didn&#039;t make a connections between the text&lt;br /&gt;
&lt;br /&gt;
*Many of the first chapters pretty much say the same thing, with minor changes. Be sure to write about the specific topic within the headline of the chapter. No information should be stated twice, unless it is in relation/discussion with something new.&lt;br /&gt;
&lt;br /&gt;
* Answer: I reread it again an try to delete the parts which are repeated :)&lt;br /&gt;
&lt;br /&gt;
*References should be done in wiki style references and with appropriate annotation of source (author(s), year, journal name, etc.). &lt;br /&gt;
**&amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;Information here. This is what can be found in the bottom.&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;&lt;br /&gt;
**You can reference to the same by using the &amp;quot;RefName&amp;quot; like this: &amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;. Be aware  that Ref-names are case sensitive.&lt;br /&gt;
**Include &amp;lt;/references&amp;gt; at the bottom of your page to get all reference information shown&lt;br /&gt;
*Include categories to your article (see front page here on the apppm.wiki). fx &amp;lt;nowiki&amp;gt;[[Category:Uncertainty]]&amp;lt;/nowiki&amp;gt;. This should just be added somewhere in the wiki-code. Maybe as the very last.&lt;br /&gt;
&lt;br /&gt;
* check&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== &amp;quot;Introduction&amp;quot; ===&lt;br /&gt;
* You write &amp;quot;...this article focuses on for example...&amp;quot;. I think the focus of the article should be clearly stated, not mentioned as an example&lt;br /&gt;
* The NOTE at the end should link to the actual wiki pages (link by typing &amp;lt;nowiki&amp;gt;[[&amp;quot;Category Name&amp;quot;]] fx. [[Risk management]]&amp;lt;/nowiki&amp;gt; , beware that page names are case sensitive). Link to this page: [[Risk management]]&lt;br /&gt;
&lt;br /&gt;
* Answer Done :)&lt;br /&gt;
&lt;br /&gt;
=== Definition of risk management ===&lt;br /&gt;
I like the general idea of starting with description of risk, then risk management and how risk assesment is used.&lt;br /&gt;
&lt;br /&gt;
* Answer: thanks :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*I find the start of this chapter to be fine, but when you spend a lot of different sources to define risk in different ways, you should briefly discuss what the differences on the definitions actually mean. What definition do you assume?&lt;br /&gt;
&lt;br /&gt;
* Answer: I will do&lt;br /&gt;
&lt;br /&gt;
*The second part where you talk about how risk management is used, you can be a bit more direct in your description. I&#039;m not quite sure what direction you try to direct my attention/understanding. Try to clearly answer: How is risk used? Why is risk used? What implications when using? What implications when not using? etc. - I can see what you try to do, but the red thread is a bit hard to find when reading it.&lt;br /&gt;
&lt;br /&gt;
=== What is risk ===&lt;br /&gt;
*Again I am not 100% sure what you are trying to tell me as the reader. Defining the risk (again again)? Talking about what risk can actually be? I suggest you describe more different actual examples of risk (like the example of 6/12 months) and then call the chapter &amp;quot;Examples of Risk&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually you are right, the definition and what is risk is same, I try to change this part.&lt;br /&gt;
&lt;br /&gt;
=== Benefit of risk management and why risk management ===&lt;br /&gt;
*Nice with a bullet list of benefits, but I miss some sort of conclusion or specific declaration of &amp;quot;why risk management&amp;quot;.&lt;br /&gt;
*Reference on bullets?&lt;br /&gt;
&lt;br /&gt;
=== Three levels of operational risk management ===&lt;br /&gt;
*Strategic level: &lt;br /&gt;
**What is risk demand? why does strategic operational relate to this? I think this should be stated more clearly&lt;br /&gt;
**I find it somewhat unclear what risk management at the strategic level actually is. Try to be clear in your definitions.&lt;br /&gt;
*Tactical level:&lt;br /&gt;
&lt;br /&gt;
I will do&lt;br /&gt;
&lt;br /&gt;
**I find the information to be okay. However, this specific chapter is not very well-written. Consider rewriting to make sure the reader understand what you try to convey.&lt;br /&gt;
&lt;br /&gt;
*Dynamic level:&lt;br /&gt;
**What is the dynamic level? Normally I would think strategic, tactical, and operational are the three organisational levels.&lt;br /&gt;
&lt;br /&gt;
Answer: Corrected&lt;br /&gt;
&lt;br /&gt;
=== How to develop a risk analysis ===&lt;br /&gt;
*I suppose first line should be: Risk analysis can develop in two different ways &lt;br /&gt;
*The comparison of ISO 31010 and M_O_R is a bit hard to follow. Be clear about what the differences are. Maybe set up a table, similar points of explanation or similar, and then do the comparison and discussion of differences.&lt;br /&gt;
&lt;br /&gt;
* Answer I add a table, which shows the differences of it, thanks :)&lt;br /&gt;
&lt;br /&gt;
=== An example of how to identify your project&#039;s risk ===&lt;br /&gt;
*What source(s) is/(are) used here?&lt;br /&gt;
* Answer: Actually, I tried to write the way I do, when I make a risk analyse, and I don&#039;t know which source I should use, because its something I found by myself.. 1. brainstorm- 2. prioritize the risk 3. assign each risk to  a group member after their experience and skills. but yea I used the risk Matrix. &lt;br /&gt;
&lt;br /&gt;
*I like the idea of describing an example of how to identify risk. However, the example is very short and provides very little information. Consider what you want to say with this chapter.&lt;br /&gt;
&lt;br /&gt;
*Answer, Thanks :) okay I try &lt;br /&gt;
&lt;br /&gt;
*The &amp;quot;second part&amp;quot; where you describe how risk should be assigned; Is that really a general way of doing risk analysis? &lt;br /&gt;
* Answer, maybe :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*Try to combine the knowledge gained through previous chapters in this example. Since this ends the article, it should act as a conclusion/sum-up of important knowledge gained through the entire article&lt;br /&gt;
&lt;br /&gt;
*Pictures should contain a text description. Also, are the pictures covered by copyright?&lt;br /&gt;
&lt;br /&gt;
* Answer: It is something I done by myself, so its not something I copied from anything or any place, thats why I don&#039;t have any reference on it.&lt;br /&gt;
&lt;br /&gt;
== TigR helping ==&lt;br /&gt;
&lt;br /&gt;
I thought you might want to use this picture: http://apppm.man.dtu.dk/index.php/File:Risk_Management_from_ISO31000.JPG&lt;br /&gt;
I use a version of it in my article on Risk Analysis.. (also consider linking to my article where it is applicable. :)&lt;br /&gt;
Also.. you might not want to be too detailed on the &amp;quot;Risk Analysis&amp;quot; part.. instead let me know if I have missed out on some points which you mention.&lt;br /&gt;
&lt;br /&gt;
Answer: Thanks, I referenced to your article now :) and yea I didn&#039;t went in too detail on risk analysis, because you are writing about it, but thanks for the idea :)&lt;br /&gt;
&lt;br /&gt;
hilsen&lt;br /&gt;
Saeh0803&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4939</id>
		<title>Talk:Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4939"/>
		<updated>2014-11-29T17:48:10Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* s132463 Review */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Sube - Review ==&lt;br /&gt;
&lt;br /&gt;
Greetings Risk management writer &lt;br /&gt;
&lt;br /&gt;
* Answer: Hi :)&lt;br /&gt;
&lt;br /&gt;
First of all, congratulation you wrote you first wiki style article!&lt;br /&gt;
* Answer: Thanks :)&lt;br /&gt;
&lt;br /&gt;
Second, NOTE that the text flows to the right... I do not know how to fix this...&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
 * Your english is pretty good and understandable:) &lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks&lt;br /&gt;
&lt;br /&gt;
 * General speaking. Be more concrete about what you are writing, remember the reader do not know what you have in mind when writing it... &lt;br /&gt;
Ex. First line &amp;quot;abstract&amp;quot; &#039;&#039;...in each area.&#039;&#039;&lt;br /&gt;
 - which areas... This issue is present around the article. And improved, would make it much more reader freindly.&lt;br /&gt;
&lt;br /&gt;
* Answer: this is now corrected and described more specific.&lt;br /&gt;
&lt;br /&gt;
 * Try to make the text more compressed and concrete. Words and add-on words that dont add value to the sentence should more or less not be there.  &lt;br /&gt;
&lt;br /&gt;
 * Take note of long sentences try to rewrite or divide them... They are present:)&lt;br /&gt;
* Answer: check :) I try to rewrite and make my sentences shorter &lt;br /&gt;
&lt;br /&gt;
 * Maybe use some example of best practice cases to further inhance the truthness of your writing.&lt;br /&gt;
* Answer: I will try to fine some good examples, you are right, it could be more interesting &lt;br /&gt;
&lt;br /&gt;
 * A suggestion; Have you heart about Monte Carlo Method regarding Risk Management/Analysis. This perspective could be interesting.&lt;br /&gt;
&lt;br /&gt;
* Yes, I have, I will use it in my article :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Abstract&#039;&#039;&#039;&lt;br /&gt;
 - To start with I would place the abstract in the beginning of the document, followed by a table of content...&lt;br /&gt;
&lt;br /&gt;
 - Moreover, I would add a general introduction, maybe without heading, to explain why risk management is important, this way make the reader more intreaked.&lt;br /&gt;
 &lt;br /&gt;
 - I think the Abstract could be rewritten, if you catch the reader here they will read the entire thing:) &lt;br /&gt;
 &lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Defination&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Definition is spelled like this, you do spell it right in the text though:) then definition of what? I would call it &amp;quot;Risk Management&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;What is risk&#039;&#039;&#039;    &lt;br /&gt;
&lt;br /&gt;
 - What is risk is a question and whould be ended with ?. Maybe Definition of risk instead... &lt;br /&gt;
When talking about the word risk,I would put the topic before Defination, as is explain some aspects of this topic.&lt;br /&gt;
&lt;br /&gt;
* Answer: HMMM, I think I do this part a bit different, because I released that Definition and what is the risk is same :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Benefit of risk management and why risk management&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Revisit; &amp;quot;Benefit of risk management and why risk management&amp;quot;, title cuold be more focused. You dont really answer why risk management?.&lt;br /&gt;
&lt;br /&gt;
* Answer: actually, benefit of risk is answer of why risk, because, you chose to define the risks, so you have benefit of it, but maybe I can be more specific :) &lt;br /&gt;
&lt;br /&gt;
First line isnt that a SWOT. Maybe: risk managment do the same as a SWOT analysis, by evaluating both S, W, T and O ... And why does is avaluate this?&lt;br /&gt;
&lt;br /&gt;
*Answer: YES, it is SWOT, and I will reference to SWOT, maybe its a good idea and help reader. &lt;br /&gt;
&lt;br /&gt;
 - Reference .16. &amp;quot;There are many reasons to manage risk&amp;quot; - is it where the benefits come from`? &lt;br /&gt;
Then I would move the reference. Otherwise I think it is a wierd reference:)&lt;br /&gt;
&lt;br /&gt;
 - Small Note: . after the first 7 bullet points none after...&lt;br /&gt;
&lt;br /&gt;
* Answer: YES, thanks :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
 &#039;&#039;&#039;Three levels of operational risk management&#039;&#039;&#039;&lt;br /&gt;
 - Honestly I think this part is vaid. Maybe rearrange to focus on projects, programs and portfolio? What are the risks here&lt;br /&gt;
* I try to fine some examples in all three levels, if I could, then I will remove this part :)&lt;br /&gt;
&lt;br /&gt;
 - Another thing i notest, isnt it called; Strategic, Tactical and Operational level?&lt;br /&gt;
&lt;br /&gt;
* Answer: yes you are right, it is corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;How to develop a risk analysis&#039;&#039;&#039;&lt;br /&gt;
 - First line... Again be specific ex. Risk can develop in two different ways... Risk Management can be developed in .... &lt;br /&gt;
&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
I think the second way (second bulletpoing) is nonsence, dont get me wrong:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually, that is a part of guide, its not something I found out :)&lt;br /&gt;
&lt;br /&gt;
 - What is M_O_R? or what does it stand for?&lt;br /&gt;
* Answer: I will add this, thanks :)&lt;br /&gt;
&lt;br /&gt;
 - Good with ISO standarts:) Maybe make a list: ISO blabla - does this/provides this ect. &lt;br /&gt;
I suggest in bulletpoints. This would make it more illustrative and as a reader it provides a nice overview... &lt;br /&gt;
&lt;br /&gt;
* Answer: I add a table, which shows differences between M_O_R and ISO. it can help reader to chose the correct framework :)&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;An example on how to identify your projects risks&#039;&#039;&#039;&lt;br /&gt;
 - Title:) Risk Management in Practice - just a suggestion from my side.&lt;br /&gt;
&lt;br /&gt;
* Thanks :) I used your suggestion :)&lt;br /&gt;
&lt;br /&gt;
 - It would be more appropriate in bulletpoints suplemented by text. Step by step what do you have to do?&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
I would add a wrapup to end the article, somehow answering what you tried to figure out...&lt;br /&gt;
&lt;br /&gt;
* Answer: I think it is difficult to explain it with bulletpoints, thats why I tried to explain it in shorts&lt;br /&gt;
&lt;br /&gt;
Hope you can use atleast some of my review... Good Luck Have Fun:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks for your feedback, it helps me a lot to improve my article. You pointed those points that I didn&#039;t were aware of :)&lt;br /&gt;
&lt;br /&gt;
thanks alot once again&lt;br /&gt;
have a nice weekend&lt;br /&gt;
Best regards&lt;br /&gt;
Saeh0803&lt;br /&gt;
&lt;br /&gt;
== s132463 Review ==&lt;br /&gt;
&lt;br /&gt;
* Hi S132463 :)&lt;br /&gt;
&lt;br /&gt;
I like that you aim at defining risk and risk management before going into concrete examples. Also the use of many sources is good, as it gives the reader opportunity to read more on the topic. Maybe use more journal article style as references, rather than e-newspaper articles. Empirical evidence and good research is preferable.&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks :) My references were not finished in that time, so now I changed style of it :)&lt;br /&gt;
&lt;br /&gt;
However, I see the article as a whole having the following general flaws:&lt;br /&gt;
*The is no distinct red-thread through the article. I can see what you are trying to do, and I think the general layout/chapters are a good idea. The chapters just do not link in any way. Make sure to finish each chapter with some sort of conclusion, to clearly state what is learned. &lt;br /&gt;
&lt;br /&gt;
* Answer: Actually the headlines are more in order and there is a connection between them, thats why I didn&#039;t make a connections between the text&lt;br /&gt;
&lt;br /&gt;
*Many of the first chapters pretty much say the same thing, with minor changes. Be sure to write about the specific topic within the headline of the chapter. No information should be stated twice, unless it is in relation/discussion with something new.&lt;br /&gt;
&lt;br /&gt;
* Answer: I reread it again an try to delete the parts which are repeated :)&lt;br /&gt;
&lt;br /&gt;
*References should be done in wiki style references and with appropriate annotation of source (author(s), year, journal name, etc.). &lt;br /&gt;
**&amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;Information here. This is what can be found in the bottom.&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;&lt;br /&gt;
**You can reference to the same by using the &amp;quot;RefName&amp;quot; like this: &amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;. Be aware  that Ref-names are case sensitive.&lt;br /&gt;
**Include &amp;lt;/references&amp;gt; at the bottom of your page to get all reference information shown&lt;br /&gt;
*Include categories to your article (see front page here on the apppm.wiki). fx &amp;lt;nowiki&amp;gt;[[Category:Uncertainty]]&amp;lt;/nowiki&amp;gt;. This should just be added somewhere in the wiki-code. Maybe as the very last.&lt;br /&gt;
&lt;br /&gt;
* check&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
=== &amp;quot;Introduction&amp;quot; ===&lt;br /&gt;
* You write &amp;quot;...this article focuses on for example...&amp;quot;. I think the focus of the article should be clearly stated, not mentioned as an example&lt;br /&gt;
* The NOTE at the end should link to the actual wiki pages (link by typing &amp;lt;nowiki&amp;gt;[[&amp;quot;Category Name&amp;quot;]] fx. [[Risk management]]&amp;lt;/nowiki&amp;gt; , beware that page names are case sensitive). Link to this page: [[Risk management]]&lt;br /&gt;
&lt;br /&gt;
* Answer Done :)&lt;br /&gt;
&lt;br /&gt;
=== Definition of risk management ===&lt;br /&gt;
I like the general idea of starting with description of risk, then risk management and how risk assesment is used.&lt;br /&gt;
&lt;br /&gt;
* Answer: thanks :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*I find the start of this chapter to be fine, but when you spend a lot of different sources to define risk in different ways, you should briefly discuss what the differences on the definitions actually mean. What definition do you assume?&lt;br /&gt;
&lt;br /&gt;
* Answer: I will do&lt;br /&gt;
&lt;br /&gt;
*The second part where you talk about how risk management is used, you can be a bit more direct in your description. I&#039;m not quite sure what direction you try to direct my attention/understanding. Try to clearly answer: How is risk used? Why is risk used? What implications when using? What implications when not using? etc. - I can see what you try to do, but the red thread is a bit hard to find when reading it.&lt;br /&gt;
&lt;br /&gt;
=== What is risk ===&lt;br /&gt;
*Again I am not 100% sure what you are trying to tell me as the reader. Defining the risk (again again)? Talking about what risk can actually be? I suggest you describe more different actual examples of risk (like the example of 6/12 months) and then call the chapter &amp;quot;Examples of Risk&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually you are right, the definition and what is risk is same, I try to change this part.&lt;br /&gt;
&lt;br /&gt;
=== Benefit of risk management and why risk management ===&lt;br /&gt;
*Nice with a bullet list of benefits, but I miss some sort of conclusion or specific declaration of &amp;quot;why risk management&amp;quot;.&lt;br /&gt;
*Reference on bullets?&lt;br /&gt;
&lt;br /&gt;
=== Three levels of operational risk management ===&lt;br /&gt;
*Strategic level: &lt;br /&gt;
**What is risk demand? why does strategic operational relate to this? I think this should be stated more clearly&lt;br /&gt;
**I find it somewhat unclear what risk management at the strategic level actually is. Try to be clear in your definitions.&lt;br /&gt;
*Tactical level:&lt;br /&gt;
&lt;br /&gt;
I will do&lt;br /&gt;
&lt;br /&gt;
**I find the information to be okay. However, this specific chapter is not very well-written. Consider rewriting to make sure the reader understand what you try to convey.&lt;br /&gt;
&lt;br /&gt;
*Dynamic level:&lt;br /&gt;
**What is the dynamic level? Normally I would think strategic, tactical, and operational are the three organisational levels.&lt;br /&gt;
&lt;br /&gt;
Answer: Corrected&lt;br /&gt;
&lt;br /&gt;
=== How to develop a risk analysis ===&lt;br /&gt;
*I suppose first line should be: Risk analysis can develop in two different ways &lt;br /&gt;
*The comparison of ISO 31010 and M_O_R is a bit hard to follow. Be clear about what the differences are. Maybe set up a table, similar points of explanation or similar, and then do the comparison and discussion of differences.&lt;br /&gt;
&lt;br /&gt;
* Answer I add a table, which shows the differences of it, thanks :)&lt;br /&gt;
&lt;br /&gt;
=== An example of how to identify your project&#039;s risk ===&lt;br /&gt;
*What source(s) is/(are) used here?&lt;br /&gt;
* Answer: Actually, I tried to write the way I do, when I make a risk analyse, and I don&#039;t know which source I should use, because its something I found by myself.. 1. brainstorm- 2. prioritize the risk 3. assign each risk to  a group member after their experience and skills. but yea I used the risk Matrix. &lt;br /&gt;
&lt;br /&gt;
*I like the idea of describing an example of how to identify risk. However, the example is very short and provides very little information. Consider what you want to say with this chapter.&lt;br /&gt;
&lt;br /&gt;
*Answer, Thanks :) okay I try &lt;br /&gt;
&lt;br /&gt;
*The &amp;quot;second part&amp;quot; where you describe how risk should be assigned; Is that really a general way of doing risk analysis? &lt;br /&gt;
* Answer, maybe :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
*Try to combine the knowledge gained through previous chapters in this example. Since this ends the article, it should act as a conclusion/sum-up of important knowledge gained through the entire article&lt;br /&gt;
&lt;br /&gt;
*Pictures should contain a text description. Also, are the pictures covered by copyright?&lt;br /&gt;
&lt;br /&gt;
* Answer: It is something I done by myself, so its not something I copied from anything or any place, thats why I don&#039;t have any reference on it.&lt;br /&gt;
&lt;br /&gt;
== TigR helping ==&lt;br /&gt;
&lt;br /&gt;
I thought you might want to use this picture: http://apppm.man.dtu.dk/index.php/File:Risk_Management_from_ISO31000.JPG&lt;br /&gt;
I use a version of it in my article on Risk Analysis.. (also consider linking to my article where it is applicable. :)&lt;br /&gt;
Also.. you might not want to be too detailed on the &amp;quot;Risk Analysis&amp;quot; part.. instead let me know if I have missed out on some points which you mention.&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4935</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4935"/>
		<updated>2014-11-29T17:26:11Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://en.wikipedia.org/wiki/Risk_management Risk management] is a very interesting and important topic both in our private and professional life. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4934</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4934"/>
		<updated>2014-11-29T17:23:54Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic both in our private and professional life. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4927</id>
		<title>Talk:Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Risk_management&amp;diff=4927"/>
		<updated>2014-11-29T17:00:31Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Sube - Review */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== Sube - Review ==&lt;br /&gt;
&lt;br /&gt;
Greetings Risk management writer &lt;br /&gt;
&lt;br /&gt;
* Answer: Hi :)&lt;br /&gt;
&lt;br /&gt;
First of all, congratulation you wrote you first wiki style article!&lt;br /&gt;
* Answer: Thanks :)&lt;br /&gt;
&lt;br /&gt;
Second, NOTE that the text flows to the right... I do not know how to fix this...&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
 * Your english is pretty good and understandable:) &lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks&lt;br /&gt;
&lt;br /&gt;
 * General speaking. Be more concrete about what you are writing, remember the reader do not know what you have in mind when writing it... &lt;br /&gt;
Ex. First line &amp;quot;abstract&amp;quot; &#039;&#039;...in each area.&#039;&#039;&lt;br /&gt;
 - which areas... This issue is present around the article. And improved, would make it much more reader freindly.&lt;br /&gt;
&lt;br /&gt;
* Answer: this is now corrected and described more specific.&lt;br /&gt;
&lt;br /&gt;
 * Try to make the text more compressed and concrete. Words and add-on words that dont add value to the sentence should more or less not be there.  &lt;br /&gt;
&lt;br /&gt;
 * Take note of long sentences try to rewrite or divide them... They are present:)&lt;br /&gt;
* Answer: check :) I try to rewrite and make my sentences shorter &lt;br /&gt;
&lt;br /&gt;
 * Maybe use some example of best practice cases to further inhance the truthness of your writing.&lt;br /&gt;
* Answer: I will try to fine some good examples, you are right, it could be more interesting &lt;br /&gt;
&lt;br /&gt;
 * A suggestion; Have you heart about Monte Carlo Method regarding Risk Management/Analysis. This perspective could be interesting.&lt;br /&gt;
&lt;br /&gt;
* Yes, I have, I will use it in my article :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Abstract&#039;&#039;&#039;&lt;br /&gt;
 - To start with I would place the abstract in the beginning of the document, followed by a table of content...&lt;br /&gt;
&lt;br /&gt;
 - Moreover, I would add a general introduction, maybe without heading, to explain why risk management is important, this way make the reader more intreaked.&lt;br /&gt;
 &lt;br /&gt;
 - I think the Abstract could be rewritten, if you catch the reader here they will read the entire thing:) &lt;br /&gt;
 &lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Defination&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Definition is spelled like this, you do spell it right in the text though:) then definition of what? I would call it &amp;quot;Risk Management&amp;quot;&lt;br /&gt;
&lt;br /&gt;
* Answer: Corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;What is risk&#039;&#039;&#039;    &lt;br /&gt;
&lt;br /&gt;
 - What is risk is a question and whould be ended with ?. Maybe Definition of risk instead... &lt;br /&gt;
When talking about the word risk,I would put the topic before Defination, as is explain some aspects of this topic.&lt;br /&gt;
&lt;br /&gt;
* Answer: HMMM, I think I do this part a bit different, because I released that Definition and what is the risk is same :)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;Benefit of risk management and why risk management&#039;&#039;&#039;&lt;br /&gt;
 - Titles... Revisit; &amp;quot;Benefit of risk management and why risk management&amp;quot;, title cuold be more focused. You dont really answer why risk management?.&lt;br /&gt;
&lt;br /&gt;
* Answer: actually, benefit of risk is answer of why risk, because, you chose to define the risks, so you have benefit of it, but maybe I can be more specific :) &lt;br /&gt;
&lt;br /&gt;
First line isnt that a SWOT. Maybe: risk managment do the same as a SWOT analysis, by evaluating both S, W, T and O ... And why does is avaluate this?&lt;br /&gt;
&lt;br /&gt;
*Answer: YES, it is SWOT, and I will reference to SWOT, maybe its a good idea and help reader. &lt;br /&gt;
&lt;br /&gt;
 - Reference .16. &amp;quot;There are many reasons to manage risk&amp;quot; - is it where the benefits come from`? &lt;br /&gt;
Then I would move the reference. Otherwise I think it is a wierd reference:)&lt;br /&gt;
&lt;br /&gt;
 - Small Note: . after the first 7 bullet points none after...&lt;br /&gt;
&lt;br /&gt;
* Answer: YES, thanks :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
 &#039;&#039;&#039;Three levels of operational risk management&#039;&#039;&#039;&lt;br /&gt;
 - Honestly I think this part is vaid. Maybe rearrange to focus on projects, programs and portfolio? What are the risks here&lt;br /&gt;
* I try to fine some examples in all three levels, if I could, then I will remove this part :)&lt;br /&gt;
&lt;br /&gt;
 - Another thing i notest, isnt it called; Strategic, Tactical and Operational level?&lt;br /&gt;
&lt;br /&gt;
* Answer: yes you are right, it is corrected :)&lt;br /&gt;
&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;How to develop a risk analysis&#039;&#039;&#039;&lt;br /&gt;
 - First line... Again be specific ex. Risk can develop in two different ways... Risk Management can be developed in .... &lt;br /&gt;
&lt;br /&gt;
* Answer: Check&lt;br /&gt;
&lt;br /&gt;
I think the second way (second bulletpoing) is nonsence, dont get me wrong:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Actually, that is a part of guide, its not something I found out :)&lt;br /&gt;
&lt;br /&gt;
 - What is M_O_R? or what does it stand for?&lt;br /&gt;
* Answer: I will add this, thanks :)&lt;br /&gt;
&lt;br /&gt;
 - Good with ISO standarts:) Maybe make a list: ISO blabla - does this/provides this ect. &lt;br /&gt;
I suggest in bulletpoints. This would make it more illustrative and as a reader it provides a nice overview... &lt;br /&gt;
&lt;br /&gt;
* Answer: I add a table, which shows differences between M_O_R and ISO. it can help reader to chose the correct framework :)&lt;br /&gt;
----&lt;br /&gt;
&#039;&#039;&#039;An example on how to identify your projects risks&#039;&#039;&#039;&lt;br /&gt;
 - Title:) Risk Management in Practice - just a suggestion from my side.&lt;br /&gt;
&lt;br /&gt;
* Thanks :) I used your suggestion :)&lt;br /&gt;
&lt;br /&gt;
 - It would be more appropriate in bulletpoints suplemented by text. Step by step what do you have to do?&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
I would add a wrapup to end the article, somehow answering what you tried to figure out...&lt;br /&gt;
&lt;br /&gt;
* Answer: I think it is difficult to explain it with bulletpoints, thats why I tried to explain it in shorts&lt;br /&gt;
&lt;br /&gt;
Hope you can use atleast some of my review... Good Luck Have Fun:)&lt;br /&gt;
&lt;br /&gt;
* Answer: Thanks for your feedback, it helps me a lot to improve my article. You pointed those points that I didn&#039;t were aware of :)&lt;br /&gt;
&lt;br /&gt;
thanks alot once again&lt;br /&gt;
have a nice weekend&lt;br /&gt;
Best regards&lt;br /&gt;
Saeh0803&lt;br /&gt;
&lt;br /&gt;
== s132463 Review ==&lt;br /&gt;
I like that you aim at defining risk and risk management before going into concrete examples. Also the use of many sources is good, as it gives the reader opportunity to read more on the topic. Maybe use more journal article style as references, rather than e-newspaper articles. Empirical evidence and good research is preferable.&lt;br /&gt;
&lt;br /&gt;
However, I see the article as a whole having the following general flaws:&lt;br /&gt;
*The is no distinct red-thread through the article. I can see what you are trying to do, and I think the general layout/chapters are a good idea. The chapters just do not link in any way. Make sure to finish each chapter with some sort of conclusion, to clearly state what is learned. &lt;br /&gt;
*Many of the first chapters pretty much say the same thing, with minor changes. Be sure to write about the specific topic within the headline of the chapter. No information should be stated twice, unless it is in relation/discussion with something new.&lt;br /&gt;
*References should be done in wiki style references and with appropriate annotation of source (author(s), year, journal name, etc.). &lt;br /&gt;
**&amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;Information here. This is what can be found in the bottom.&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;&lt;br /&gt;
**You can reference to the same by using the &amp;quot;RefName&amp;quot; like this: &amp;lt;nowiki&amp;gt;&amp;lt;ref name=RefName&amp;gt;&amp;lt;/ref&amp;gt;&amp;lt;/nowiki&amp;gt;. Be aware  that Ref-names are case sensitive.&lt;br /&gt;
**Include &amp;lt;/references&amp;gt; at the bottom of your page to get all reference information shown&lt;br /&gt;
*Include categories to your article (see front page here on the apppm.wiki). fx &amp;lt;nowiki&amp;gt;[[Category:Uncertainty]]&amp;lt;/nowiki&amp;gt;. This should just be added somewhere in the wiki-code. Maybe as the very last.&lt;br /&gt;
&lt;br /&gt;
=== &amp;quot;Introduction&amp;quot; ===&lt;br /&gt;
* You write &amp;quot;...this article focuses on for example...&amp;quot;. I think the focus of the article should be clearly stated, not mentioned as an example&lt;br /&gt;
* The NOTE at the end should link to the actual wiki pages (link by typing &amp;lt;nowiki&amp;gt;[[&amp;quot;Category Name&amp;quot;]] fx. [[Risk management]]&amp;lt;/nowiki&amp;gt; , beware that page names are case sensitive). Link to this page: [[Risk management]]&lt;br /&gt;
&lt;br /&gt;
=== Definition of risk management ===&lt;br /&gt;
I like the general idea of starting with description of risk, then risk management and how risk assesment is used.&lt;br /&gt;
&lt;br /&gt;
*I find the start of this chapter to be fine, but when you spend a lot of different sources to define risk in different ways, you should briefly discuss what the differences on the definitions actually mean. What definition do you assume?&lt;br /&gt;
*The second part where you talk about how risk management is used, you can be a bit more direct in your description. I&#039;m not quite sure what direction you try to direct my attention/understanding. Try to clearly answer: How is risk used? Why is risk used? What implications when using? What implications when not using? etc. - I can see what you try to do, but the red thread is a bit hard to find when reading it.&lt;br /&gt;
&lt;br /&gt;
=== What is risk ===&lt;br /&gt;
*Again I am not 100% sure what you are trying to tell me as the reader. Defining the risk (again again)? Talking about what risk can actually be? I suggest you describe more different actual examples of risk (like the example of 6/12 months) and then call the chapter &amp;quot;Examples of Risk&amp;quot;&lt;br /&gt;
&lt;br /&gt;
=== Benefit of risk management and why risk management ===&lt;br /&gt;
*Nice with a bullet list of benefits, but I miss some sort of conclusion or specific declaration of &amp;quot;why risk management&amp;quot;.&lt;br /&gt;
*Reference on bullets?&lt;br /&gt;
&lt;br /&gt;
=== Three levels of operational risk management ===&lt;br /&gt;
*Strategic level: &lt;br /&gt;
**What is risk demand? why does strategic operational relate to this? I think this should be stated more clearly&lt;br /&gt;
**I find it somewhat unclear what risk management at the strategic level actually is. Try to be clear in your definitions.&lt;br /&gt;
*Tactical level:&lt;br /&gt;
**I find the information to be okay. However, this specific chapter is not very well-written. Consider rewriting to make sure the reader understand what you try to convey.&lt;br /&gt;
*Dynamic level:&lt;br /&gt;
**What is the dynamic level? Normally I would think strategic, tactical, and operational are the three organisational levels.&lt;br /&gt;
&lt;br /&gt;
=== How to develop a risk analysis ===&lt;br /&gt;
*I suppose first line should be: Risk analysis can develop in two different ways &lt;br /&gt;
*The comparison of ISO 31010 and M_O_R is a bit hard to follow. Be clear about what the differences are. Maybe set up a table, similar points of explanation or similar, and then do the comparison and discussion of differences.&lt;br /&gt;
&lt;br /&gt;
=== An example of how to identify your project&#039;s risk ===&lt;br /&gt;
*What source(s) is/(are) used here?&lt;br /&gt;
*I like the idea of describing an example of how to identify risk. However, the example is very short and provides very little information. Consider what you want to say with this chapter.&lt;br /&gt;
*The &amp;quot;second part&amp;quot; where you describe how risk should be assigned; Is that really a general way of doing risk analysis? &lt;br /&gt;
*Try to combine the knowledge gained through previous chapters in this example. Since this ends the article, it should act as a conclusion/sum-up of important knowledge gained through the entire article&lt;br /&gt;
*Pictures should contain a text description. Also, are the pictures covered by copyright?&lt;br /&gt;
&lt;br /&gt;
== TigR helping ==&lt;br /&gt;
&lt;br /&gt;
I thought you might want to use this picture: http://apppm.man.dtu.dk/index.php/File:Risk_Management_from_ISO31000.JPG&lt;br /&gt;
I use a version of it in my article on Risk Analysis.. (also consider linking to my article where it is applicable. :)&lt;br /&gt;
Also.. you might not want to be too detailed on the &amp;quot;Risk Analysis&amp;quot; part.. instead let me know if I have missed out on some points which you mention.&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4915</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4915"/>
		<updated>2014-11-29T16:24:47Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic both in our private and professional life. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4871</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4871"/>
		<updated>2014-11-29T13:28:18Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Benefit of risk management and why risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4870</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4870"/>
		<updated>2014-11-29T13:23:23Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Benefit of risk management and why risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4869</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4869"/>
		<updated>2014-11-29T13:22:40Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Benefit of risk management and why risk management */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. [http://da.wikipedia.org/wiki/SWOT-analyse SWOT-analyse] can be the best tools for it.By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Talk:Project_Evaluation_and_Selection_for_the_Formation_of_the_Optimal_Portfolio&amp;diff=4794</id>
		<title>Talk:Project Evaluation and Selection for the Formation of the Optimal Portfolio</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Talk:Project_Evaluation_and_Selection_for_the_Formation_of_the_Optimal_Portfolio&amp;diff=4794"/>
		<updated>2014-11-28T20:32:12Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Reply to kikigaga */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;== reviewed by Saeh0803 ==&lt;br /&gt;
&lt;br /&gt;
1. Very long summary, maybe you can make it a bit short and interesting for reader&lt;br /&gt;
&lt;br /&gt;
2. you didn&#039;t referenced the first figure in the text, you also not referenced the figure number two on the text, I know you explain the points from figure, but you need to write something like &amp;quot;..as it shown in figure X&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* Is the article interesting for a practitioner? --&amp;gt; I think it is a bit boring, it is maybe the way of writing.. (long explanations and long sentences ) but over all I think it is a good article and you have all main points, but if I search for this topic at google and want to read about it, then I will chose one, which is short and precis.. because you have write it in too many details..&lt;br /&gt;
&lt;br /&gt;
* Does the article clearly relate to a project, program or portfolio management topic? --&amp;gt; Yes&lt;br /&gt;
&lt;br /&gt;
* Is it clear which one of the four “content categories” the article belongs to? --&amp;gt; yes&lt;br /&gt;
&lt;br /&gt;
* Does the length of the article seem appropriate? Does it contain less relevant passages or excessive details? Does it miss critical details? (The suggested length is “on the order of 3500 words”. Articles can be longer or shorter if it makes sense to do so in order to deliver a quality argument.) --&amp;gt; I think this articles is more in 3500 words, I can&#039;t see it on WIKI, but it seems to be more than 3500..&lt;br /&gt;
&lt;br /&gt;
* Is there a logical flow throughout the article? Are the parts “tied together” through a red thread? --&amp;gt; I think yes&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* Is the article free of grammatical, spelling and punctuation errors--&amp;gt; I think yes, I have difficult to understand,maybe because my English is not so good, but its really difficult to understand and readers may read one sentence more than one time to understand it.. &lt;br /&gt;
 &lt;br /&gt;
* Is the article written in an engaging style, e.g. short, precise sentences instead of long winded, hard to follow mega -sentences? --&amp;gt; Puhaaa, I think it is difficult to understand and follow, you both have long sentences and many explanations &lt;br /&gt;
&lt;br /&gt;
* Are all main points illustrated with an appropriate figure?&lt;br /&gt;
&lt;br /&gt;
* Are the figures free of formal errors--&amp;gt; yes&lt;br /&gt;
&lt;br /&gt;
* Are the figures referenced in the text? --&amp;gt; the first figure is not referenced in the text&lt;br /&gt;
&lt;br /&gt;
* Does the author have the copyright or right to use the figures (e.g.through Creative) common Non-Commercial share Alike attribution?) --&amp;gt; maybe, can&#039;t see&lt;br /&gt;
&lt;br /&gt;
* Is the article formatted properly, i.e. are the typical Wiki-features such sub-headings, proper bullet-point list and Wiki-style references used? are graphics, videos ect. integrated correctly? --&amp;gt; Yes&lt;br /&gt;
&lt;br /&gt;
as I wrote, overall your article is good, try to change the sentences, so its understandable, maybe make it shorts and use some every days words, so everyone can understand what they are reading about :)&lt;br /&gt;
&lt;br /&gt;
I hope you can use my comments and best of luck :)&lt;br /&gt;
&lt;br /&gt;
== Reviewed by kikigaga==&lt;br /&gt;
&lt;br /&gt;
Hi, as a product engineer I think the subject is interesting. So great:)&lt;br /&gt;
I believe that the article might be too long compared to the content, but what do I know..&lt;br /&gt;
&lt;br /&gt;
Some short comments, since the other reviewer went through all the points I will only go through the ones i thought was standing out.&lt;br /&gt;
&lt;br /&gt;
*Clarify the introduction so that the user knows what he/she is reading about.&lt;br /&gt;
**As i said, it is interesting but the long introduction made me almost give up.&lt;br /&gt;
*Gramma fails in some sentences&lt;br /&gt;
** Maybe it is because of sentences referring to the sentence before all the time, it is hard to read.&lt;br /&gt;
*Refer to the models or keep them out&lt;br /&gt;
** As i could see non of the figures are referred to?&lt;br /&gt;
*There are 4 major sources of internal dependencies – Says who?&lt;br /&gt;
**Make it clear: When is it your voice and when the references? (The implementation advice e.g.)&lt;br /&gt;
&lt;br /&gt;
Thank you, and good luck:)&lt;br /&gt;
&lt;br /&gt;
== Reply to Saeh0803 ==&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;First of all, thanks for your feedback, I found it very useful. &lt;br /&gt;
&lt;br /&gt;
I went through each of the points, so I will paste here the bullet points in order to facilitate the reading. Your comments are in italics, while mines are in bold. &lt;br /&gt;
&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;1. Very long summary, maybe you can make it a bit short and interesting for reader&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Actually, the summary is in the order of 500 words, that was the recommended size of the abstract. Anyway, I think that you are right, since it is quite long as an introduction and there is information that may not need to be there (I think that the illustration may also have an impact on the perceived size of this part). Finally, I managed to make it 150 words shorter, keeping the most relevant content.&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;2. you didn&#039;t referenced the first figure in the text, you also not referenced the figure number two on the text, I know you explain the points from figure, but you need to write something like &amp;quot;..as it shown in figure X&amp;quot;.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;You are right, this point has been addressed throughout the article&#039;&#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Is the article interesting for a practitioner? --&amp;gt; I think it is a bit boring, it is maybe the way of writing.. (long explanations and long sentences ) but over all I think it is a good article and you have all main points, but if I search for this topic at google and want to read about it, then I will chose one, which is short and precis.. because you have write it in too many details..&lt;br /&gt;
&#039;&#039;&lt;br /&gt;
&#039;&#039;&#039;I&#039;ve taken your point in consideration. I guess it&#039;s difficult to say if it is interesting or not, since maybe the topic per se is not interesting for you, but it may be for another person. However, I agree with the fact that keeping it simpler may be a better approach to try to engage the readers. &lt;br /&gt;
&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Does the article clearly relate to a project, program or portfolio management topic? --&amp;gt; Yes&#039;&#039; &lt;br /&gt;
&#039;&#039;&#039;Check&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;Is it clear which one of the four “content categories” the article belongs to? --&amp;gt; yes&#039;&#039; &lt;br /&gt;
&#039;&#039;&#039;Check&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Does the length of the article seem appropriate? Does it contain less relevant passages or excessive details? Does it miss critical details? (The suggested length is “on the order of 3500 words”. Articles can be longer or shorter if it makes sense to do so in order to deliver a quality argument.) --&amp;gt; I think this articles is more in 3500 words, I can&#039;t see it on WIKI, but it seems to be more than 3500..&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;You are correct. It was in the order of 4,500, but after getting rid of some very detailed information, I managed to make an article of about 3,700 words, without references (which is about 800 less words).&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Is there a logical flow throughout the article? Are the parts “tied together” through a red thread? --&amp;gt; I think yes&#039;&#039;&lt;br /&gt;
&#039;&#039;&#039;Check&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Is the article free of grammatical, spelling and punctuation errors--&amp;gt; I think yes, I have difficult to understand,maybe because my English is not so good, but its really difficult to understand and readers may read one sentence more than one time to understand it..&lt;br /&gt;
&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Thanks, I&#039;ve considered your comment in order to go through the text and try to make every sentence a little bit clearer.&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Is the article written in an engaging style, e.g. short, precise sentences instead of long winded, hard to follow mega -sentences? --&amp;gt; Puhaaa, I think it is difficult to understand and follow, you both have long sentences and many explanations&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;As stated before, I&#039;ve gone through all the text to look for this type of sentences. &#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Are all main points illustrated with an appropriate figure?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Are the figures free of formal errors--&amp;gt; yes&#039;&#039; &lt;br /&gt;
&#039;&#039;&#039;Check&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Are the figures referenced in the text? --&amp;gt; the first figure is not referenced in the text&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;As stated before, this mistake has already been corrected.&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Does the author have the copyright or right to use the figures (e.g.through Creative) common Non-Commercial share Alike attribution?) --&amp;gt; maybe, can&#039;t see&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;I draw all of the images by myself in order to avoid this point, and I made reference to the only one that I more or less took from other sources. &lt;br /&gt;
&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039; Is the article formatted properly, i.e. are the typical Wiki-features such sub-headings, proper bullet-point list and Wiki-style references used? are graphics, videos ect. integrated correctly? --&amp;gt; Yes&lt;br /&gt;
&#039;&#039; &#039;&#039;&#039;Check&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;as I wrote, overall your article is good, try to change the sentences, so its understandable, maybe make it shorts and use some every days words, so everyone can understand what they are reading about :)&lt;br /&gt;
&lt;br /&gt;
I hope you can use my comments and best of luck :)&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Thank you very much for your feedback; it was really useful. Sometimes, when you are writing, you don&#039;t know if you are being clear enough or if you are including enough detail, or too much of it. I think that with your feedback I&#039;ve been able to improve my article, from format to the actual structure of the sentences.&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
== Reply to kikigaga ==&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Hello, thank you very much for your feedback. I&#039;ve found it interesting and relevant for improving my article. I know that it was quite long, so I&#039;ve taken that into consideration for only including the most relevant parts. I will go through every bullet point to reply each of your suggestions. I include my comments in bold and yours in italics.&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Hi, as a product engineer I think the subject is interesting. So great:) I believe that the article might be too long compared to the content, but what do I know..&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Thanks! I&#039;m glad that you found it interesting. I have shortened my article a little bit to make it more entertaining to read and to help the readers to go through it in a more natural way.&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Some short comments, since the other reviewer went through all the points I will only go through the ones i thought was standing out.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;Clarify the introduction so that the user knows what he/she is reading about.&#039;&#039;&lt;br /&gt;
** &#039;&#039;As i said, it is interesting but the long introduction made me almost give up.&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;I agree with it. I&#039;ve tried to highlight in some way the purpose of the article and to help the reader understand from the beginning what he/she is reading about. At the same time, the introduction was reduced in 150 words, so now it only contains the most relevant information. &#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;Gramma fails in some sentences&#039;&#039;&lt;br /&gt;
** &#039;&#039;Maybe it is because of sentences referring to the sentence before all the time, it is hard to read.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;I&#039;ve gone though the whole text taking this into consideration to avoid repetition of ideas or referring to sentences before.&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;Refer to the models or keep them out&#039;&#039;&lt;br /&gt;
** &#039;&#039;As i could see non of the figures are referred to?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Now the text include references to the figures. I think now it is easier to relate to them to have a better idea of what the text is about.&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
* &#039;&#039;There are 4 major sources of internal dependencies – Says who?&#039;&#039;&lt;br /&gt;
** &#039;&#039;Make it clear: When is it your voice and when the references? (The implementation advice e.g.)&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;I&#039;ve now clarified correctly that point. Actually, I read a couple of articles about dependencies, and I saw that they could be grouped in 4 categories. Now, I think that it could be easily seen if that is mine or someone else&#039;s idea&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Thank you, and good luck:)&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;&#039;Once again, thanks for your feedback. I think that now I have an easier to read article and it is better formatted than before. Good luck to you as well.&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
happy to hear it :) good luck for the final and with your rest exams,&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4594</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4594"/>
		<updated>2014-11-28T11:58:17Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk_analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4593</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4593"/>
		<updated>2014-11-28T11:58:03Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/ Risk analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4592</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4592"/>
		<updated>2014-11-28T11:57:29Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk analysis | Risk_analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4591</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4591"/>
		<updated>2014-11-28T11:57:00Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk analysis| Risk analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4590</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4590"/>
		<updated>2014-11-28T11:56:41Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk analysis |Risk analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4589</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4589"/>
		<updated>2014-11-28T11:56:08Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple,you can maybe use it for a very small project. You can visit [http://apppm.man.dtu.dk/index.php/Risk analysis Risk analysis] which is described more in detail.&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4588</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4588"/>
		<updated>2014-11-28T11:54:59Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple, you can visit [http://apppm.man.dtu.dk/index.php/Risk analysis Risk analysis]&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4586</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4586"/>
		<updated>2014-11-28T11:53:18Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple, you can visit [Risk analysis]&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4585</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4585"/>
		<updated>2014-11-28T11:51:51Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
This example is more general and very simple, you can visit [Risk analysis|Risk analysis]&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4480</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4480"/>
		<updated>2014-11-27T22:00:33Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4479</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4479"/>
		<updated>2014-11-27T22:00:05Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001 Video] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4478</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4478"/>
		<updated>2014-11-27T21:58:46Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,[http://bcove.me/qvtxp001] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4477</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4477"/>
		<updated>2014-11-27T21:58:01Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R,http://bcove.me/qvtxp001] and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4476</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4476"/>
		<updated>2014-11-27T21:57:17Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, Code: {{#ev:youtube|video http://bcove.me/qvtxp001}} and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4475</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4475"/>
		<updated>2014-11-27T21:48:05Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4474</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4474"/>
		<updated>2014-11-27T21:45:56Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|contain|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4471</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4471"/>
		<updated>2014-11-27T21:39:41Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
For further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4469</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4469"/>
		<updated>2014-11-27T21:39:06Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
for further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
The Tabel as taken from Michael Dallas report, which shows a direct comparison of M_O_R with ISO 31000 against categories that are common to both framework.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4463</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4463"/>
		<updated>2014-11-27T21:30:54Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* How to develop a risk analysis */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100O based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
for further information about M_O_R and ISO 31000:2009 you can read Michael Dallas report[http://www.best-management-practice.com/gempdf/Management_of_Risk_Guidance_for_Practitioners_and_the_International_Standard_on_Risk_Management_ISO31000_2009.pdf]&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4458</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4458"/>
		<updated>2014-11-27T21:19:39Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100 based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=File:Different_between_M_O_R_AND_ISO.png&amp;diff=4456</id>
		<title>File:Different between M O R AND ISO.png</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=File:Different_between_M_O_R_AND_ISO.png&amp;diff=4456"/>
		<updated>2014-11-27T21:17:15Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: &lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4455</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4455"/>
		<updated>2014-11-27T21:16:12Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100 based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
[[File:Different between_M_O_R_AND_ISO.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
	<entry>
		<id>http://13.50.150.85/index.php?title=Risk_management&amp;diff=4454</id>
		<title>Risk management</title>
		<link rel="alternate" type="text/html" href="http://13.50.150.85/index.php?title=Risk_management&amp;diff=4454"/>
		<updated>2014-11-27T21:13:36Z</updated>

		<summary type="html">&lt;p&gt;Saeh0803: /* Risk Management in Practice */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;Risk management is a very interesting and important topic in each area in our society.  Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it.&lt;br /&gt;
Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [Why projects fail 2011]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project&#039;s planning process, the projects fail because the resources are not completely utilized to get the full advantage [Oehmen et. al.2012 and Zwikael and Ahn 2011].&lt;br /&gt;
This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size.&lt;br /&gt;
NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.&lt;br /&gt;
&lt;br /&gt;
=Definition of risk management=&lt;br /&gt;
&lt;br /&gt;
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [Oxford English Dictionary]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [Product Management Innovation 2009] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [Innovation and Product Management]&lt;br /&gt;
Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that &amp;quot;risk&amp;quot; means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or &amp;quot;risk&amp;quot; proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all&amp;quot; [Ariane Chapelle].&lt;br /&gt;
To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it.&lt;br /&gt;
Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [Tara Duggan].  The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects.&lt;br /&gt;
It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on.&lt;br /&gt;
It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.&lt;br /&gt;
&lt;br /&gt;
=What is risk?=&lt;br /&gt;
&lt;br /&gt;
Risk is the uncertainty, which is associated with any kind of the action and projects in organization&#039;s context that must understand and effectively manage during the project&#039;s process and improve the results[Luce and Raiffa]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project&#039;s goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project.&lt;br /&gt;
Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [Risk Management, concepts and methods].&lt;br /&gt;
&lt;br /&gt;
=Benefit of risk management and why risk management=&lt;br /&gt;
&lt;br /&gt;
Risk management helps you to identify your projects strengths, weaknesses, opportunities and threats [Jacob and Kwak]. By identifying your projects risks, you will be aware of the unexpected events and you can immediately take actions to reduce the losses [Overview of risk management].&lt;br /&gt;
There are many reasons for managing risks. Here are some main reasons:&lt;br /&gt;
First of all, risk management results in an overview and a number of options for an action to avoid known and unknown risk and reduce the impact of those[Power in projects &amp;amp; portfolio].&lt;br /&gt;
&lt;br /&gt;
* Saving resources: Time, assets, income, property and people are all valuable resources that can be saved if fewer claims occur.&lt;br /&gt;
* Protecting the reputation and public image of the organization.&lt;br /&gt;
* Preventing or reducing legal liability and increasing the stability of operations.&lt;br /&gt;
* Increases the organizations profits and competitiveness and reflects an attractive professional approach to project work.&lt;br /&gt;
* Protecting people from harm.&lt;br /&gt;
* Protecting the environment.&lt;br /&gt;
* Enhancing the ability to prepare for various circumstances.&lt;br /&gt;
* Assisting in clearly defining insurance needs.&lt;br /&gt;
* By managing the risks, you can increase the quality of the project deliverable&lt;br /&gt;
* Protects public image&lt;br /&gt;
* Protects people from harm&lt;br /&gt;
* Prevents/reduces legal liability&lt;br /&gt;
* Protects the environment&lt;br /&gt;
&lt;br /&gt;
=Three Levels of operational risk management=&lt;br /&gt;
&lt;br /&gt;
The risk management in an organization can be categorized in three levels of operation- [three level of operational risk management].&lt;br /&gt;
&lt;br /&gt;
* Strategic level:  &lt;br /&gt;
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.&lt;br /&gt;
&lt;br /&gt;
* Tactical level&lt;br /&gt;
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defense. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions&lt;br /&gt;
Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.&lt;br /&gt;
&lt;br /&gt;
* Operational level&lt;br /&gt;
Operational level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity.&lt;br /&gt;
Operational risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff&lt;br /&gt;
Operational risk management must spread over all these three levels, in order to be more effective and efficient&lt;br /&gt;
&lt;br /&gt;
=How to develop a risk analysis=&lt;br /&gt;
&lt;br /&gt;
Risk Management can be developed in two different ways [Best Management Practice]:&lt;br /&gt;
&lt;br /&gt;
* By using the standard risk guidelines such as ISO 31000, which managers can go step by step and identify the risks and analyse the situation of each phase and take an action for each risk, that have negative impact on each situation. In this step more leaders must participate in order to reduce the impact of risks and take care of each situation.&lt;br /&gt;
&lt;br /&gt;
* By using more general analysis or guidelines to define the project&#039;s goals and reduce the risks without managing it and less management participation.&lt;br /&gt;
&lt;br /&gt;
In the first option many standard guidelines and analysis  can be used such as ISO 31000, IEC/ISO 311010, and ISO 73-2009 and many others.&lt;br /&gt;
The International Organization for Standard (ISO ) risk management provides principles, general guidelines; framework and a process for managing the risks- It can be used by any project, organization regardless of its size.&lt;br /&gt;
ISO 31000 summarizes all the central activities and main points, which an organization might go through to manage their risks effectively and increase their chance to reach their goals. It doesn’t contain any specific techniques in order to use, but it mentions that an organization must follow risk identification tools and techniques, that match the projects and its goals. Another ISO standard application is ISO/IEC 31010, Risk Management, which contains of some risk assessment techniques and steps that gives an understanding of the risks, which can have a negative impact on an organization’s achievement of its goals and the adequacy and effectiveness of controls already in place. Risk assessment helps decision makers to take the correct decisions, for example which tools and techniques must be used to treat the risks and how to choose the best opportunities. The following techniques described on ISO 31010&lt;br /&gt;
&lt;br /&gt;
* Risk identification&lt;br /&gt;
* Risk analysis -  consequence analysis&lt;br /&gt;
* Risk analysis– qualitative, semi-quantitative or quantitative probability estimation&lt;br /&gt;
* Risk analysis – assessing the effectiveness of any existing controls&lt;br /&gt;
* Risk evaluation&lt;br /&gt;
* communication and consultation, and  monitoring and review&lt;br /&gt;
&lt;br /&gt;
Each step has described in detail on ISO 31010. Compare to M_O_R, and then M_O_R is much extensive application, which provides a detailed guidance on how to implement risk management. M_O_R stands for Management of Risk and it is a framework for the management of risk across all parts of an organization such as Strategic, programme, project and operational level. It includes all the activities required to identify and control the risks, both negative and positive, which may have an impact on the achievement of an organization’s objectives[M_O_R].It is also a framework for how to make informed decisions about risks respectively strategic, program, project and operational level in order to identify, assess and manage the key risks in order to deliver the expected advantages [M_O_R]. It describes deeply both what needs to be done through some principles, activities and roles and how to begin the activities.&lt;br /&gt;
In some ways, ISO31000 and M_O_R are very similar and use some common definition and methods. M_O_R is designed for practical application of risk management techniques and based on 4 core concepts: principles, approach, process and embedding and review, while ISO31000 is designed more to assess how completely the risk management techniques have been applied [Best Management Practice], The difference is that ISO3100 based on framework, principles and process. It prescribe how an organization should implement risk management and manage the risk by using any tools, that suits its goal and organization, while M_O_R allows it to customize its approach within the guidelines to suit its operating environment and process. Both are useful tools and can be used for managing the risks.&lt;br /&gt;
&lt;br /&gt;
=Risk Management in Practice=&lt;br /&gt;
&lt;br /&gt;
[[File:Risk management.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
To identify the projects risk, you can start with brainstorming, the first step is to list the main categories such as technologies, goal, stakeholder, communication, cost, environmental, resources, reliability, which is indicated with blue color in below figure. The next is to identify the risks, which is associated to the main categories. By brainstorm the risks, you can find 50-100 risks, depending to the projects size, therefore the third step is to estimate what the potential impact could be by using the Risk Matrix.&lt;br /&gt;
&lt;br /&gt;
[[File:Mathrix.png|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
Each high priority or high impact risk should be assigned to a group member after their experience and skills, so they could study and evaluate the risks. Cost risks might for example assign to someone in the finance department than one from IT- department. The new technology might assign to someone from IT- department. The project manager should be assign for all the risks process, the most important part of risk process is the schedule with deadline and the risks list, which should only edit, added, re-prioritized and control by the project manager during the project.&lt;br /&gt;
To reduce the risks, the project manager should communicate the risks list to all the project stakeholders regularly, at least once a week. All the changes should be registered to the risk map and at the end of the project the results can be used to do a retrospective. What did you learn from it, what should be different in next project and how to control the risks from the beginning?&lt;br /&gt;
&lt;br /&gt;
[[File:File|frameless|right]]&lt;br /&gt;
&lt;br /&gt;
=Reference=&lt;br /&gt;
&lt;br /&gt;
[1] Why projects fail: Avoiding the Classic Pitfall, An Oracle White Paper, October 2011 and Calleam Consulting LTD 2014: Why Projects Fail.  And Tom Carlos, PMP: Reasons Why Projects Fail.&lt;br /&gt;
&lt;br /&gt;
[2] Oehmen et. al.2012 and Zwikael and Ahn 2011, Oehmen, J., et al., Analysis of the effect of risk management practices on the performance of new product development programs. Technovation (2014),&lt;br /&gt;
&lt;br /&gt;
[3] Oxford English Dictionary&lt;br /&gt;
&lt;br /&gt;
[4] Innovation and Product Management 2009: A holistic and Practial Approach to Uncertainty Reduction,Kurt Gaubinger, Michael Rabl Scott Swan, Thomas Werani&lt;br /&gt;
&lt;br /&gt;
[5] Frank Knight 1921: Risk, Uncertainty and profit, Imperfect competition through Risk and Uncertainty, Part III, Chapter VII&lt;br /&gt;
&lt;br /&gt;
[6] Ariane Chapelle: The three levels of Operational risk management, May 2012&lt;br /&gt;
&lt;br /&gt;
[7] Risikosamfundet: 1997, Tara Duggan, Demand Media: Why Is Risk Management Important to Project Success?&lt;br /&gt;
&lt;br /&gt;
[8] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/&lt;br /&gt;
&lt;br /&gt;
[9] Luce&#039;s Paradigm for Decision under Uncertainty, Luce and Raiffa, 1957&lt;br /&gt;
&lt;br /&gt;
[10] Risk Management, concepts and methods: Club De La Securite De L’information Francais&lt;br /&gt;
&lt;br /&gt;
[11] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd. &lt;br /&gt;
&lt;br /&gt;
[12] http://www.management-of-risk.com/what-is-management-of-risk.asp&lt;br /&gt;
&lt;br /&gt;
[13] http://www.rovsingmanagement.dk/kurser/m_o_r%C2%AErisikostyring/?gclid=CM21qKLRjsICFeXUcgodGqEARQ&lt;br /&gt;
&lt;br /&gt;
[14] Best Management Practice: Management of Risk.Guidance for practitioners and the international standard on risk management, ISO 31000:2009 of Michael Dallas, Dictor, APM Group Ltd.&lt;br /&gt;
&lt;br /&gt;
[15] Jacob and Kwak (2003) and Raz et al.2002&lt;br /&gt;
&lt;br /&gt;
[16] Article: Overview of risk management Henrik K. Søndergaard&lt;br /&gt;
&lt;br /&gt;
[17]. Power in projects &amp;amp; portfolio of Mette Lindegaard, and John Ryding Olsson&lt;br /&gt;
&lt;br /&gt;
[18] http://www.chapelleconsulting.com/the-three-levels-of-operational-risk-management/.&lt;br /&gt;
&lt;br /&gt;
[19] http://strikingprojectmanagement.com/qualitative-risk-analysis/&lt;br /&gt;
&lt;br /&gt;
[20] http://projectmgmt-annualwarehousesale.blogspot.dk/&lt;br /&gt;
&lt;br /&gt;
[21] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[22] http://www.bestmanagementpractice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[23] http://tcgen.com/risk-mapping/#.VGidavnF-oO&lt;br /&gt;
&lt;br /&gt;
[24] http://www.modst.dk/~/media/Files/%C3%98AV/Vejledninger/%C3%98konomistyring/Risikostyring_vejledning_maj07%20pdf.ashx&lt;br /&gt;
&lt;br /&gt;
[25] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[26] http://www.vlv.dk/downloads/Artikel_RM1_Risk_Management.pdf&lt;br /&gt;
&lt;br /&gt;
[27] http://www.clearrisk.com/what-is-risk-management/&lt;br /&gt;
&lt;br /&gt;
[28] http://www.vlv.dk/downloads/rm1.htm&lt;br /&gt;
&lt;br /&gt;
[29] http://www.soc.aau.dk/fileadmin/user_upload/FoSo/Arbejdspapirer/Nr._10_Risiko_risikovurdering_risikoformidling_og_helhedssyn.pdf&lt;br /&gt;
&lt;br /&gt;
[30] http://klk.kl.dk/PageFiles/156494/Projekth%C3%A5ndbogen.pdf&lt;br /&gt;
&lt;br /&gt;
[31] http:///C:/Users/Samira/Downloads/Projekth-ndbog%20(1).PDF&lt;br /&gt;
&lt;br /&gt;
[32] http://www.digst.dk/~/media/Files/Arkitektur%20og%20standarder/Sikkerhed/Vejledning%20om%20risikovurdering.ashx&lt;br /&gt;
&lt;br /&gt;
[33] http://www.best-management-practice.com/managementofrisk_demo/content.aspx?page=mor_17&amp;amp;showNav=true&amp;amp;expandNav=false&lt;br /&gt;
&lt;br /&gt;
[34] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;br /&gt;
&lt;br /&gt;
[35] http://dx.doi.org/10.1016/j.technovation.2013.12.005i&lt;br /&gt;
&lt;br /&gt;
[36] http://smallbusiness.chron.com/risk-management-important-project-success-56920.html&lt;/div&gt;</summary>
		<author><name>Saeh0803</name></author>
	</entry>
</feed>