Risk Profile in General Contracting
Line 27: | Line 27: | ||
A risk assessment should contain, the ''likelihood'' of the risk being realized, and if the risk being realized the ''impact''. The possibility for something to happen is categorized, occasionally in three different stages, high/ medium/low. This is the lowest categorizations of impacts and creates a 3x3 matrix. For projects needing higher accuracy a 5x5 matrix is often used. It can be beneficial to use “traffic-colures” to highlight the significant risks. <ref name="orange">HM Treasury. 2004. The orange book: Management of risk principles and concepts.</ref> | A risk assessment should contain, the ''likelihood'' of the risk being realized, and if the risk being realized the ''impact''. The possibility for something to happen is categorized, occasionally in three different stages, high/ medium/low. This is the lowest categorizations of impacts and creates a 3x3 matrix. For projects needing higher accuracy a 5x5 matrix is often used. It can be beneficial to use “traffic-colures” to highlight the significant risks. <ref name="orange">HM Treasury. 2004. The orange book: Management of risk principles and concepts.</ref> | ||
[[File:Matrix1.JPG|600px|thumb|right|Simple risk/tolerability matrix [HM Treasury. 2004. The orange book: Management of risk principles and concepts] ]] | [[File:Matrix1.JPG|600px|thumb|right|Simple risk/tolerability matrix [HM Treasury. 2004. The orange book: Management of risk principles and concepts] ]] | ||
+ | |||
+ | When documenting a risk assessment, it is important to document the process. Especially define the difference between ‘’residual risk’’ and ‘’inherent risks’’. Residual risk is when it has been an internal control, and actions have been taken to take control over the risk, successfully. Inherent risk is before any action has been put in to mange the risk. <ref name="orange">HM Treasury. 2004. The orange book: Management of risk principles and concepts.</ref> | ||
+ | |||
+ | When this is successfully documented, the company will have a risk profile which states: | ||
+ | |||
+ | *What is and what is not expectable exposure. | ||
+ | |||
+ | *An easier way to get an overview on how to address risks | ||
+ | |||
+ | *Simplifies assessment and monitoring of risks | ||
+ | |||
+ | When the risks has been assessed, it will be easier for the organization to see a prioritizing among the risks. High priority risks, also called “Key Risks” are easier to see, and should be given regularly attention.<ref name="orange">HM Treasury. 2004. The orange book: Management of risk principles and concepts.</ref> | ||
==References== | ==References== | ||
<references/> | <references/> |
Revision as of 01:30, 29 September 2015
This article is going to give an overview of Risk Profiling in General Contracting. General contracting is the most common project coalition in the construction site, and preferred by the EU procurement directives. .[1] The general contractor has a contract with a client for the entire execution of the project, and is responsible for the day-to-day overview on the construction site.
Risk profiling in Construction industry are complicated because these kinds of projects carries complex risks for all involved in the project, not only the stakeholders, but for the process alone. When the construction takes place the risk increases extremely, especially in congested or populated areas.
Introduction to Risk Profile
To explain risk profiling it is important to define the word risk, this is a well-used term with many definitions. How risk is defined is different from person to person, it depends on experience, attitude and viewpoint. [2] Some will argue that risk is something with a consequent negative outcome. [3] Other will say that it is both negative and positive, like a threat and an opportunity.[4] International Organization for Standardization defines a risk as “the effect of uncertainty on objectives” (p. 1) in ISO 31000:2009. The last definition has been adopted in the British Standards Institution (BSI) [5] the theory of looking at a risk as a uncertainty of outcome, either positive opportunity or negative threat [6] will also be adopted in this article.
Fraser described a Risk Profile as “A periodic documentation of key risks to an organization to achieving its stated objectives over a specific future time” (Fraser 2010: p. 171)[7] or as ISO defines it “a description of a set of risks” (p. 1) in ISO 31000:2009
Risk Profiling is a document that should contain the overall prioritized assessment of specific risks an organization faces.[6] This can be used as a method to find the optimal level of risks an individual or corporation are willing to accept. A corporation’s risk profile usually shows how eager a company is to take a risk and how that will affect the firm’s strategy, or it can be an evaluation of a risk the corporation exposes too. [8]
Structure
There are no standardized way to document a risk profile, but it is vital to have one to keep the risk management efficient [6]
The first step in making a risk profile is to document the risks the organization or project is facing. It is important to look at how the risk will affect the company or project, and identify the risks characteristics. [9]
Often the identification of risks separates in two different categories.[6]
- Initial risk identification: When a organization or a project needs to identify and categorize risks for the first time.
- Continuous risk identification: This is for organizations that have identified their risks and need an update on existing risks or find new risks that has occurred.
In both of the two categorize it should be put down a lot of effort in finding generic risks, especially those who do not appear logical to the business aspect at first, but could have a huge impact.
When the organization has identified the risks, the next step will be to assess the risks. The proses should contain an objective independent view of the evidence, and look at the different spectra from the effected stakeholder’s point of view.
A risk assessment should contain, the likelihood of the risk being realized, and if the risk being realized the impact. The possibility for something to happen is categorized, occasionally in three different stages, high/ medium/low. This is the lowest categorizations of impacts and creates a 3x3 matrix. For projects needing higher accuracy a 5x5 matrix is often used. It can be beneficial to use “traffic-colures” to highlight the significant risks. [6]
When documenting a risk assessment, it is important to document the process. Especially define the difference between ‘’residual risk’’ and ‘’inherent risks’’. Residual risk is when it has been an internal control, and actions have been taken to take control over the risk, successfully. Inherent risk is before any action has been put in to mange the risk. [6]
When this is successfully documented, the company will have a risk profile which states:
- What is and what is not expectable exposure.
- An easier way to get an overview on how to address risks
- Simplifies assessment and monitoring of risks
When the risks has been assessed, it will be easier for the organization to see a prioritizing among the risks. High priority risks, also called “Key Risks” are easier to see, and should be given regularly attention.[6]
References
- ↑ G.M.Winch (2010), "Managing Construction Projects", Chapter 5.4.1 ,Second edition, Wiley-Blackwell.
- ↑ Walewski J, Gibson GE, Dudley G (2003) Development of the international project risk assessment (IPRA) tool. Construction Industry Institute, Austin.
- ↑ Baloi D, Price ADF (2003) Modelling global risk factors affecting construction cost performance. Int J Proj Manage 21(4):261–269
- ↑ Segal S (2011) Corporate value of enterprise risk management. Wiley, Hoboken
- ↑ Zhao X (2015) Enterprise Risk Management in International Construction Operations. Springer, Singapore
- ↑ 6.0 6.1 6.2 6.3 6.4 6.5 6.6 HM Treasury. 2004. The orange book: Management of risk principles and concepts.
- ↑ Fraser J (2010) ENTERPRISE RISK MANAGEMENT. John Wiley & Sons, Hoboken
- ↑ Risk Profile Available from: www.investopedia.com, (20.09.2015)
- ↑ Library of Congress Cataloging-in-Publication Data (2013) A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Fifth Edition. Project Management Institute, Pennsylvania