Risk-based Learning
(32 intermediate revisions by one user not shown) | |||
Line 1: | Line 1: | ||
− | ''Developed by Gudrun Gudnadottir | + | ''Developed by Gudrun Gudnadottir'' |
==Abstract== | ==Abstract== | ||
<!-- A comment --> | <!-- A comment --> | ||
− | Risk is defined as an uncertain event or condition that can have a positive or negative impact on one or more objectives. Positive risks represent opportunities, whilst negative risks represent threats. <ref name="book"> The Standard for Risk Management in Portfolios, Programs, and Projects. (2019). Retrieved from https://findit.dtu.dk/en/catalog/5de50a6fd9001d00e06d6ccc on March 10th 2022. </ref> Every day we confront several kinds of risks and must make calculated decisions about how to handle them. A calculated risk is a chance made after thorough assessment of the possible consequences. We are taking a calculated risk when we act knowing that the potential reward is significantly greater than the potential loss if the activity fails. Taking a risk forces us to develop. When we stay inside the boundaries of our comfort zones, our progress slows. We need to take risks and put ourselves in circumstances we've never been in before if we want to progress. Learning from risks is one of the most essential things a person or organization can do. The more risks | + | Risk is defined as an uncertain event or condition that can have a positive or negative impact on one or more objectives. Positive risks represent opportunities, whilst negative risks represent threats. <ref name="book"> The Standard for Risk Management in Portfolios, Programs, and Projects. (2019). Retrieved from https://findit.dtu.dk/en/catalog/5de50a6fd9001d00e06d6ccc on March 10th 2022. </ref> Every day we confront several kinds of risks and must make calculated decisions about how to handle them. A calculated risk is a chance made after thorough assessment of the possible consequences. We are taking a calculated risk when we act knowing that the potential reward is significantly greater than the potential loss if the activity fails. Taking a risk forces us to develop. When we stay inside the boundaries of our comfort zones, our progress slows. We need to take risks and put ourselves in circumstances we've never been in before if we want to progress. Learning from risks is one of the most essential things a person or organization can do. The more risks that we take, the better we will get at avoiding them. <ref name="art"> Pira, P. (2019). ''Life's Short. Take More Risks.'' Retrieved from |
https://www.forbes.com/sites/forbesbooksauthors/2019/08/23/lifes-short-take-more-risks/?sh=62ff41f12ad5 on February 20th 2022.</ref> | https://www.forbes.com/sites/forbesbooksauthors/2019/08/23/lifes-short-take-more-risks/?sh=62ff41f12ad5 on February 20th 2022.</ref> | ||
− | This | + | This topic is connected to project, program, and portfolio management because it is critical for managers to understand the driving forces behind risk management and to be able to apply it to risk assessments. A risk may have one or more causes and, if it occurs, one or more consequences. Threats that arise are referred to as issues, and opportunities that emerge are referred to as benefits. Project, program, and portfolio managers are accountable for resolving and managing these difficulties in an efficient and effective manner. <ref name="book"/> |
− | This article begins by providing an overview of risk-based learning through an introduction to the concept of risk-based. Following that, it explores the significance of risk management. Risk | + | This article begins by providing an overview of risk-based learning through an introduction to the concept of risk-based. Following that, it explores the significance of risk management and the key factors that need to be considered. Risk assessment in project management is addressed in-depth, as well as its application to detect risks. Finally, the limits of risk-based learning are emphasized. |
==The Big Idea: An Introduction== | ==The Big Idea: An Introduction== | ||
− | + | Projects, programs, and portfolios all have an element of uncertainty about them. Uncertainty creates risk, and risk creates uncertainty. The larger the number of risks identified, the higher the degree of uncertainty. The capacity to recognize risks is influenced by ambiguity, which is one of the most important elements. When ambiguity is low, the amount of information available is high, allowing for the identification of risks. Uncertainty and ambiguity are variables that motivate risk management initiatives, as are assessment and open evaluation. Assessments and open evaluations enable the appropriate risk management approach to be determined and outline how risks will be managed across the project, program, and portfolio management life cycles, iterations of these life cycles, and their connections. <ref name="book"/> | |
===What is Risk-based Learning?=== | ===What is Risk-based Learning?=== | ||
Line 31: | Line 31: | ||
==Application== | ==Application== | ||
− | What methods can managers use to minimize risks and how is risk-based learning applied in project management? First, an overview of risk management is presented | + | What methods can managers use to minimize risks and how is risk-based learning applied in project management? First, an overview of risk management is presented and followed by information on key success factors. The five main factors that must be evaluated while accessing risks will then be addressed. Finally, a study on risk-based learning games is presented. |
===Risk Management=== | ===Risk Management=== | ||
− | Individual risks are unforeseeable events or conditions that, if they occur, have a positive or negative impact on one or more objectives. The influence of uncertainty on organizational objectives at different levels is referred to as overall risk. Risk management involves defining the strategy, analyzing risks, as well as reaction planning and implementation. Risk management is an important part of project, program, and portfolio management for all organizations. It allows organizations and teams to increase the predictability of outcomes. It is about reaching the appropriate level of organizational process maturity and the optimal level of performance. Organizations grow and develop through improving the framework for identifying risks, learning from and assessing past results, and applying what they've learned to improve the process. In order to do that complete transparency and accountability | + | Individual risks are unforeseeable events or conditions that, if they occur, have a positive or negative impact on one or more objectives. The influence of uncertainty on organizational objectives at different levels is referred to as overall risk. Risk management involves defining the strategy, analyzing risks, as well as reaction planning and implementation. Risk management is an important part of project, program, and portfolio management for all organizations. Project risk management is a knowledge area of project management that identifies and manages project risks that could impact cost, schedule, or scope baselines. Project risk management is the process of conducting risk management planning, identification, analysis, response planning, response implementation, and monitoring risk on a project. Program risk management strategy ensures effective management of any risk that can cause misalignment between the program roadmap and its supported objectives to organizational strategy. It includes defining program risk thresholds, performing the initial program risk assessment, and developing a program risk response strategy. Portfolio risk management categorizes risks as structural, component, and overall risk. Overall, portfolio risk considers the interdependencies between components and is, therefore, more than just the sum of individual component risks. Risk management allows organizations and teams to increase the predictability of outcomes. It is about reaching the appropriate level of organizational process maturity and the optimal level of performance. Organizations grow and develop through improving the framework for identifying risks, learning from and assessing past results, and applying what they've learned to improve the process. In order to do that complete transparency and accountability are needed. <ref name="book"/> |
==== Key success factors ==== | ==== Key success factors ==== | ||
− | Organizational, | + | Organizational, project, program, and portfolio risk management are all carried out in accordance with established procedures and rules. Figure 1 shows the key success factors for risk management. |
− | <li style="display: inline-block;"> [[File:Riskgudrun.jpg|thumb|right|420px|'''Figure 1: '''Key Success Factors for Risk Management ''(own figure, based on <ref name="book"/>) | + | <li style="display: inline-block;"> [[File:Riskgudrun.jpg|thumb|right|420px|'''Figure 1: '''Key Success Factors for Risk Management ''(own figure, based on <ref name="book"/>)'']] |
These key success factors include: | These key success factors include: | ||
− | *'''Recognizing the value of risk management.''' | + | *'''Recognizing the value of risk management.''' Project, program, and portfolio risk management is acknowledged as a valued discipline that offers a significant return on investment by organizational management, team members, and stakeholders. <ref name="book"/> |
− | *'''Individual commitment/responsibility.''' Participants and stakeholders in the | + | *'''Individual commitment/responsibility.''' Participants and stakeholders in the project, program, and portfolio assume responsibility for performing risk-related actions as needed. Everyone is responsible for risk management. <ref name="book"/> |
*'''Open and honest communication.''' It is critical not to hinder risk communication since this may limit the effectiveness of risk management. <ref name="book"/> Creating a governing structure can be beneficial. Governance encourages cultural honesty and openness while requiring responsibility from every employee, operating unit, and support function. <ref name="rael"> Rael, R. (2012). ''Smart Risk Management: A guide to identifying and calibrating business risks''. New York, NY: American Institute of Certified Public Accountants, Inc. Retrieved from | *'''Open and honest communication.''' It is critical not to hinder risk communication since this may limit the effectiveness of risk management. <ref name="book"/> Creating a governing structure can be beneficial. Governance encourages cultural honesty and openness while requiring responsibility from every employee, operating unit, and support function. <ref name="rael"> Rael, R. (2012). ''Smart Risk Management: A guide to identifying and calibrating business risks''. New York, NY: American Institute of Certified Public Accountants, Inc. Retrieved from | ||
https://onlinelibrary-wiley-com.proxy.findit.cvt.dk/doi/pdf/10.1002/9781119449430 on February 19th 2022.</ref> | https://onlinelibrary-wiley-com.proxy.findit.cvt.dk/doi/pdf/10.1002/9781119449430 on February 19th 2022.</ref> | ||
− | *'''Organizational commitment.''' It is critical to establish a culture that values risk management in order to achieve this. Only when risk management is integrated with the organization's goals, values, and ERM policies can organizational commitment develop. Risk management decisions may need approval from people at a higher level than the | + | *'''Organizational commitment.''' It is critical to establish a culture that values risk management in order to achieve this. Only when risk management is integrated with the organization's goals, values, and ERM policies can organizational commitment develop. Risk management decisions may need approval from people at a higher level than the project, program, or portfolio manager. <ref name="book"/> Risk management is an integral component of the framework for project, program, and portfolio management. Risk management needs to be practiced, acknowledged, and supported within the organization. A risk management culture fosters the identification of risks rather than ignoring them, as well as the discovery of possibilities through the promotion of a positive mentality inside the organization. <ref name="rael"/> |
− | *'''Tailoring risk effort.''' Risk management operations are compatible with the organization's value of the activity, as well as | + | *'''Tailoring risk effort.''' Risk management operations are compatible with the organization's value of the activity, as well as it's level of risk, scale, and other restrictions. <ref name="book"/> |
*'''Integration with organizational project management.''' Risk management does not operate separately from other organizational project management procedures. <ref name="book"/> Distribute best practices throughout your organization. For this to happen, your organization's culture must be one of openness, with managers acting as co-dependent participants in the risk environment. Workers from the operational side of the business, as well as employees whose input is often ignored, such as the audit, finance, human resource, and risk management teams, must be included in this partnership. <ref name="rael"/> | *'''Integration with organizational project management.''' Risk management does not operate separately from other organizational project management procedures. <ref name="book"/> Distribute best practices throughout your organization. For this to happen, your organization's culture must be one of openness, with managers acting as co-dependent participants in the risk environment. Workers from the operational side of the business, as well as employees whose input is often ignored, such as the audit, finance, human resource, and risk management teams, must be included in this partnership. <ref name="rael"/> | ||
− | ==== | + | ==== Risk assessment in Project Management ==== |
− | There are five main factors that | + | There are five main factors that need to be considered when evaluating potential risks in project management: <ref name="projectm"/> |
'''1. Risk Identification''' | '''1. Risk Identification''' | ||
− | The risk identification activity identifies which risks may have an impact on the project, program, or portfolio and analyzes their characteristics. Risks should be recognized and addressed as early as possible in the project. Risk identification occurs throughout the project life cycle, with a focus on major milestones. Some risks will be obvious to the project team while others will require more effort to identify, but will still be predictable. <ref name="projectm"/> Participants in risk identification activities might include the program manager, program sponsor, program team members, risk management team, stakeholders, outside subject matter experts, customers, risk management experts and external reviewers as needed. New risks may emerge or become identified as the process develops. The frequency of iteration and the engagement of participants may vary, but the structure of the risk statements should remain similar. The identification activity should offer enough information to analyze and prioritize the risk. <ref name="program"> The Standard for Program Management – Fourth Edition (2017). Retrieved from https://findit.dtu.dk/en/catalog/5c45c08ad9001d2f38206ba6 on March 6th 2022. </ref> | + | The risk identification activity identifies which risks may have an impact on the project, program, or portfolio and analyzes their characteristics. Risks should be recognized and addressed as early as possible in the project. Risk identification occurs throughout the project life cycle, with a focus on major milestones. Some risks will be obvious to the project team while others will require more effort to identify, but will still be predictable. <ref name="projectm"/> Participants in risk identification activities might include the program manager, program sponsor, program team members, risk management team, stakeholders, outside subject matter experts, customers, risk management experts, and external reviewers as needed. New risks may emerge or become identified as the process develops. The frequency of iteration and the engagement of participants may vary, but the structure of the risk statements should remain similar. The identification activity should offer enough information to analyze and prioritize the risk. <ref name="program"> The Standard for Program Management – Fourth Edition (2017). Retrieved from https://findit.dtu.dk/en/catalog/5c45c08ad9001d2f38206ba6 on March 6th 2022. </ref> |
− | Identifying risk sources and categories is one method of identifying risks. The fundamental causes that produce risks in a project or organization are referred to as risk sources. Risk sources identify potential sources of risk. <ref name="projectm"/> Specific factors inside a project or organization that might go wrong during the preparation or execution of an activity are referred to as risk categories. It identifies locations that are vulnerable to risks. Category types include: | + | Identifying risk sources and categories is one method of identifying risks. The fundamental causes that produce risks in a project or organization are referred to as risk sources. Risk sources identify potential sources of risk. <ref name="projectm"/> Specific factors inside a project or organization that might go wrong during the preparation or execution of an activity are referred to as risk categories. It identifies locations that are vulnerable to risks. Category types include: |
− | + | ||
*'''External risks:''' Governmental, regulatory, environmental. | *'''External risks:''' Governmental, regulatory, environmental. | ||
Line 74: | Line 73: | ||
*'''Technical risks:''' Risks with software, hardware, or any manuals or other process documents related to the project. | *'''Technical risks:''' Risks with software, hardware, or any manuals or other process documents related to the project. | ||
− | *'''Project management risks:''' How the team working on the project operates. | + | *'''Project management risks:''' How the team working on the project operates. <ref name="category"> Bishop, K. (2021). ''4 Types of Risk Categories in Project Risk Management.'' Retrieved from |
+ | https://www.fool.com/the-blueprint/risk-categories/ on March 20th 2022.</ref> | ||
'''2. Risk Analysis''' | '''2. Risk Analysis''' | ||
− | Risk analysis entails evaluating how project goals and objectives may alter as a result of the risk event's influence. Successful organizations should be able to effectively and efficiently identify the risks that have a direct impact on their goals and objectives. Once the risks have been identified, they are analyzed to determine the qualitative and quantitative impact of the risk on the project so that suitable measures may be performed. It might be difficult to identify the most significant risks. To analyze risks, it is essential to address both the probability and impact of the risks within an organization, | + | Risk analysis entails evaluating how project goals and objectives may alter as a result of the risk event's influence. Successful organizations should be able to effectively and efficiently identify the risks that have a direct impact on their goals and objectives. Once the risks have been identified, they are analyzed to determine the qualitative and quantitative impact of the risk on the project so that suitable measures may be performed. It might be difficult to identify the most significant risks. To analyze risks, it is essential to address both the probability and impact of the risks within an organization, project, program, and portfolio risk management processes. <ref name="book"/> |
To analyze risks, the following guidelines are employed: <ref name="projectm"/> | To analyze risks, the following guidelines are employed: <ref name="projectm"/> | ||
− | <li style="display: inline-block;"> [[File:analysis.jpg|thumb|right|600px|'''Figure 2: '''Impact-Probability Matrix ''(own figure, based on <ref name="projectm"/>) | + | <li style="display: inline-block;"> [[File:analysis.jpg|thumb|right|600px|'''Figure 2: '''Impact-Probability Matrix ''(own figure, based on <ref name="projectm"/>)'']] |
''Probability'': <br />Probability refers to the likelihood of a risk occurring. | ''Probability'': <br />Probability refers to the likelihood of a risk occurring. | ||
Line 99: | Line 99: | ||
'''3. Risk Exposure''' | '''3. Risk Exposure''' | ||
− | Risk Exposure, also known as Risk Score, is calculated by multiplying the Impact Rating by the Risk Probability. The colors signify the amount of urgency in risk response planning and are used to establish reporting levels as is shown in Figure 2. | + | Risk Exposure, also known as Risk Score, is calculated by multiplying the Impact Rating by the Risk Probability. The colors signify the amount of urgency in risk response planning and are used to establish reporting levels as is shown in Figure 2. <ref name="projectm"/> |
'''4. Risk Occurrence Timeframe''' | '''4. Risk Occurrence Timeframe''' | ||
− | The timeframe in which this risk will have an impact is identified. A timeframe is evaluated for each identified risk. Risks with a "near" timeframe of occurrence need more attention than those with a "far" timeframe. Defining the risk severity and using it to prioritize the risk is one way | + | The timeframe in which this risk will have an impact is identified. A timeframe is evaluated for each identified risk. Risks with a "near" timeframe of occurrence need more attention than those with a "far" timeframe. Defining the risk severity and using it to prioritize the risk is one way of identifying the most significant and impactful risks. Because risk is often related to project milestones, the timeframe for exposure might shift as the schedule evolves. <ref name="time"> Pira, P. (2019). ''State of California.'' (2014). Risk/Issue Management Plan. California, USA: Board of Equalization. Retrieved from |
+ | https://capmf.cdt.ca.gov/pdf/templates/samples/BOE_CROS_RiskManagementPlan.pdf on March 17th 2022.</ref> | ||
'''5. Risk Response Planning''' | '''5. Risk Response Planning''' | ||
Line 109: | Line 110: | ||
There is rarely a simple fix that can be used to minimize or eliminate all of the risks associated with a project. Action plans should be developed to minimize these risks. These action plans should include a description of the steps that must be followed to reduce that risk. Some risks might have to be handled and decreased in a calculated way over a longer period of time. When choosing an action plan, it is critical to determine the time and cost of the action plan as accurately as feasible. It helps in choosing a response plan among the options, as well as determining if the action plan is more expensive or has a greater impact on one of the project objectives than the risk itself. All risk action plans should be assigned to the individual who will carry them out, and the project manager is responsible for that. <ref name="projectm"/> | There is rarely a simple fix that can be used to minimize or eliminate all of the risks associated with a project. Action plans should be developed to minimize these risks. These action plans should include a description of the steps that must be followed to reduce that risk. Some risks might have to be handled and decreased in a calculated way over a longer period of time. When choosing an action plan, it is critical to determine the time and cost of the action plan as accurately as feasible. It helps in choosing a response plan among the options, as well as determining if the action plan is more expensive or has a greater impact on one of the project objectives than the risk itself. All risk action plans should be assigned to the individual who will carry them out, and the project manager is responsible for that. <ref name="projectm"/> | ||
− | The risk manager oversees establishing the risk reduction strategy, which includes identifying options and deciding steps to reduce risks to the project. Risk-reduction strategies often include one or more of the following: | + | The risk manager oversees establishing the risk reduction strategy, which includes identifying options and deciding steps to reduce risks to the project. Risk-reduction strategies often include one or more of the following: |
− | *'''Transfer:''' Involves transferring the responsibility of a risk along with the ownership of the response to a third party. < | + | *'''Transfer:''' Involves transferring the responsibility of a risk along with the ownership of the response to a third party. <ref name="time"/> |
− | *'''Mitigate:''' Action is performed in risk mitigation to lower the likelihood of occurrence and/or effect of a threat to an acceptable threshold. | + | *'''Mitigate:''' Action is performed in risk mitigation to lower the likelihood of occurrence and/or effect of a threat to an acceptable threshold. An early mitigation action is frequently more successful than attempting to restore damage after the threat has happened. <ref name="book"/> |
− | *'''Avoid:''' When the | + | *'''Avoid:''' When the project, program, or portfolio team moves to eliminate the threat posed by the adverse risk/issue it is referred to as risk avoidance. It is most suitable for a high-priority threat with a high likelihood of occurrence and a significant negative impact. <ref name="book"/> |
− | <li style="display: inline-block;"> [[File:Study2.png|thumb|right| | + | <li style="display: inline-block;"> [[File:Study2.png|thumb|right|283px|'''Figure 3: ''' Average quiz scores as overall scores and separated into gender. ''(own figure, based on <ref name="games"/>) '']] |
====Study on Risk-Based Learning Games==== | ====Study on Risk-Based Learning Games==== | ||
Line 120: | Line 121: | ||
In 2014, undergraduate students conducted a study in which they designed a risk-based learning game for students in order to explore if such learning games may increase later memory of information. Undergraduate neuroscience students led 90-minute scientific workshops for 9-10 year old students (n = 448) separated into 'Risk,' 'No Risk,' and 'Control' groups. During the workshops, 'Risk' groups were given multiple choice questions (MCQs) that required small groups of students to allocate tokens to the answer(s) they thought were right. <ref name="games"> Devonshire, I., Davis, J., Fairweather, S., Highfield, L., Thaker, C., Walsh, A., ... Hathway, Gareth J. (2014). Risk-based learning games improve long-term retention of information among school pupils ''Plos One, 9(7),'' e103640. Retrieved on March 4th 2022 from https://doi.org/10.1371/journal.pone.0103640 </ref> | In 2014, undergraduate students conducted a study in which they designed a risk-based learning game for students in order to explore if such learning games may increase later memory of information. Undergraduate neuroscience students led 90-minute scientific workshops for 9-10 year old students (n = 448) separated into 'Risk,' 'No Risk,' and 'Control' groups. During the workshops, 'Risk' groups were given multiple choice questions (MCQs) that required small groups of students to allocate tokens to the answer(s) they thought were right. <ref name="games"> Devonshire, I., Davis, J., Fairweather, S., Highfield, L., Thaker, C., Walsh, A., ... Hathway, Gareth J. (2014). Risk-based learning games improve long-term retention of information among school pupils ''Plos One, 9(7),'' e103640. Retrieved on March 4th 2022 from https://doi.org/10.1371/journal.pone.0103640 </ref> | ||
− | The group received the tokens and an equal amount back as a prize if they answered correctly, but they lost the tokens if they answered incorrectly. The group at the end of the workshop that had the most tokens won a price. MCQs without the risk component were given to the 'No risk' group, whereas no MCQs were given to the 'Control' group. At the end of the workshop, the students were given a neuroscience test based on the workshop material. Students in the 'Risk' group remembered material considerably better one week later than students in the 'No Risk' and 'Control' groups. This is reinforced by responses from students in 'Risk' classes, who stated that the 'Risk' workshops were more interesting than the 'No risk' and 'Control' workshops | + | The group received the tokens and an equal amount back as a prize if they answered correctly, but they lost the tokens if they answered incorrectly. The group at the end of the workshop that had the most tokens won a price. MCQs without the risk component were given to the 'No risk' group, whereas no MCQs were given to the 'Control' group. At the end of the workshop, the students were given a neuroscience test based on the workshop material. Students in the 'Risk' group remembered material considerably better one week later than students in the 'No Risk' and 'Control' groups. This is reinforced by responses from students in 'Risk' classes, who stated that the 'Risk' workshops were more interesting than the 'No risk' and 'Control' workshops. <ref name="games"/> |
− | These findings suggest that the higher the risk factor involved, the more likely it is that | + | Average quiz scores on the day of the workshop and a week later are illustrated in Figure 3. These findings show that risk has a role in the classroom and can be used to interest students and motivate them to improve engagement in the classroom. It suggest that the higher the risk factor involved, the more likely it is that the students will prepare for it, learn from it, and hence remember it better. The evaluation is taken more seriously when there is risk involved. It also indicates that there is a connection between the degree of risk around us and our memory. <ref name="games"/> |
==Limitations and conclusions== | ==Limitations and conclusions== | ||
− | The main | + | The main limitation of the application of risk management is the uncertainty factor. Uncertainty is a key concept when it comes to risk management. The uncertainty makes it difficult to analyze risks and collect enough data to be able to anticipate hazards as accurately as feasible. Furthermore, risk management requires complex calculations that must be performed by a qualified practitioner and, if not done properly, can severely limit risk identification and analysis. <ref name="limits"> Reddy, C. (n.d.). ''What is Risk Management: Advantages and Disadvantages'' Retrieved from |
+ | https://content.wisestep.com/advantage-disadvantage-risk-management/ on March 20th 2022.</ref> | ||
− | Risk-based | + | Identification of risks might also provide a false sense of security. Identifying the risk is not enough if the required actions are not taken to reduce the possibility of the risk occurring. Risk identification is never complete since risks are continuously changing and evolving. New risks might appear at any time, therefore risk identification should be repeated. What is a risk at one time may not be a risk at another. |
+ | |||
+ | Risk assessment and management is becoming the most challenging aspect of managing a project, program, and portfolio. While we can never forecast the future with certainty, we can apply risk assessment methods to increases the likelihood of successful project completion and decreases the risks associated with it. <ref name="projectm"/> Management should be aware of the concept of risk-based learning and utilize it to encourage their employees to apply risk management effectively and productively. | ||
==Annotated bibliography== | ==Annotated bibliography== | ||
− | ''' 1. Dikmena, I., Birgonula, M.T., Anacb, C., Tahc, J.H.M. and Aouadd, G. (2008). Learning from risks: A tool for post-project risk assessment. ''Automation in Construction, 18(1),'' 42-50. ''' | + | ''' 1. The Standard for Risk Management in Portfolios, Programs, and Projects. (2019). ''' |
+ | |||
+ | :A book about the practice standard for Project Risk Management. It addresses the fact that certain events or conditions may occur with impacts on project, program, and portfolio objectives. Risk Management processes allow for the consideration of events that may or may not happen by describing them in terms of likelihood of occurrence and possible impact. | ||
+ | |||
+ | ''' 2. Dikmena, I., Birgonula, M.T., Anacb, C., Tahc, J.H.M. and Aouadd, G. (2008). Learning from risks: A tool for post-project risk assessment. ''Automation in Construction, 18(1),'' 42-50. ''' | ||
:In this paper, a learning-based approach is proposed for risk management (RM). In order to implement this approach in practice, a tool has been developed to facilitate construction of a lessons learned database that contains risk-related information and risk assessment throughout the life cycle of a project. The tool is tested on a real construction project. | :In this paper, a learning-based approach is proposed for risk management (RM). In order to implement this approach in practice, a tool has been developed to facilitate construction of a lessons learned database that contains risk-related information and risk assessment throughout the life cycle of a project. The tool is tested on a real construction project. | ||
− | ''' | + | ''' 3. Lavanya, N. & Malarvizhi, T. (2008). Risk analysis and management: a vital key to effective project management. Paper presented at PMI® Global Congress 2008—Asia Pacific, Sydney, New South Wales, Australia. ''' |
:This conference paper describes the structured Risk Management method used by Nokia Siemens Networks to avert crisis situations and incorporate lessons learned from previous missteps. It emphasizes that effective and early risk assessment and management ensures project objectives are met, resulting in lower rework costs. | :This conference paper describes the structured Risk Management method used by Nokia Siemens Networks to avert crisis situations and incorporate lessons learned from previous missteps. It emphasizes that effective and early risk assessment and management ensures project objectives are met, resulting in lower rework costs. | ||
− | ''' | + | ''' 4. Rael, R. (2012). Smart Risk Management: A guide to identifying and calibrating business risks. New York, NY: American Institute of Certified Public Accountants, Inc. ''' |
:This book describes organizational risk-taking and lays out a structured risk-management process. It is developed for management accountants to assist them in analyzing their position in the center of the organization. It ensures that they do not take risks that they cannot afford and that they take enough chances to remain competitive in an ever-changing industry. It lays forth six stages for effective risk management. | :This book describes organizational risk-taking and lays out a structured risk-management process. It is developed for management accountants to assist them in analyzing their position in the center of the organization. It ensures that they do not take risks that they cannot afford and that they take enough chances to remain competitive in an ever-changing industry. It lays forth six stages for effective risk management. | ||
− | |||
− | |||
− | |||
− | |||
==References== | ==References== | ||
<references/> | <references/> |
Latest revision as of 21:48, 22 March 2022
Developed by Gudrun Gudnadottir
Contents |
[edit] Abstract
Risk is defined as an uncertain event or condition that can have a positive or negative impact on one or more objectives. Positive risks represent opportunities, whilst negative risks represent threats. [1] Every day we confront several kinds of risks and must make calculated decisions about how to handle them. A calculated risk is a chance made after thorough assessment of the possible consequences. We are taking a calculated risk when we act knowing that the potential reward is significantly greater than the potential loss if the activity fails. Taking a risk forces us to develop. When we stay inside the boundaries of our comfort zones, our progress slows. We need to take risks and put ourselves in circumstances we've never been in before if we want to progress. Learning from risks is one of the most essential things a person or organization can do. The more risks that we take, the better we will get at avoiding them. [2]
This topic is connected to project, program, and portfolio management because it is critical for managers to understand the driving forces behind risk management and to be able to apply it to risk assessments. A risk may have one or more causes and, if it occurs, one or more consequences. Threats that arise are referred to as issues, and opportunities that emerge are referred to as benefits. Project, program, and portfolio managers are accountable for resolving and managing these difficulties in an efficient and effective manner. [1]
This article begins by providing an overview of risk-based learning through an introduction to the concept of risk-based. Following that, it explores the significance of risk management and the key factors that need to be considered. Risk assessment in project management is addressed in-depth, as well as its application to detect risks. Finally, the limits of risk-based learning are emphasized.
[edit] The Big Idea: An Introduction
Projects, programs, and portfolios all have an element of uncertainty about them. Uncertainty creates risk, and risk creates uncertainty. The larger the number of risks identified, the higher the degree of uncertainty. The capacity to recognize risks is influenced by ambiguity, which is one of the most important elements. When ambiguity is low, the amount of information available is high, allowing for the identification of risks. Uncertainty and ambiguity are variables that motivate risk management initiatives, as are assessment and open evaluation. Assessments and open evaluations enable the appropriate risk management approach to be determined and outline how risks will be managed across the project, program, and portfolio management life cycles, iterations of these life cycles, and their connections. [1]
[edit] What is Risk-based Learning?
The definition of risk-based from the Cambridge Business English Dictionary is:
- “Done or calculated according to how much risk is involved.” [3]
Risk-based learning (RBL) is a type of learning environment in which the risk is the driving force behind the learning. Project risks motivate project managers to carefully analyze risks in order to reduce the probability of project failure. The more the risk involved with a project, the greater effort is required to obtain the necessary knowledge for the project to succeed. A key motivation for developing and implementing risk assessment systems is the ability to make informed decisions that reduce unnecessary risks. Risk-based learning assists in the identification, assessment, and evaluation of possible risks. [4]
Risk-based project management uses risk-based thinking to learn how to manage the risk and uncertainty that comes with each project. When uncertainty is decreased, if not totally removed, the project's value is preserved and predicted results are attained. [2] It is critical to assess the effect of risks, since failure to do so may result in a loss of understanding of the overall impact on project objectives such as scope, time, cost, and quality. As a result, it is critical for each project organization to establish an effective risk management strategy. Implementing a project team culture ensures that the project progresses as planned, with the fewest unexpected events. [5]
[edit] Application
What methods can managers use to minimize risks and how is risk-based learning applied in project management? First, an overview of risk management is presented and followed by information on key success factors. The five main factors that must be evaluated while accessing risks will then be addressed. Finally, a study on risk-based learning games is presented.
[edit] Risk Management
Individual risks are unforeseeable events or conditions that, if they occur, have a positive or negative impact on one or more objectives. The influence of uncertainty on organizational objectives at different levels is referred to as overall risk. Risk management involves defining the strategy, analyzing risks, as well as reaction planning and implementation. Risk management is an important part of project, program, and portfolio management for all organizations. Project risk management is a knowledge area of project management that identifies and manages project risks that could impact cost, schedule, or scope baselines. Project risk management is the process of conducting risk management planning, identification, analysis, response planning, response implementation, and monitoring risk on a project. Program risk management strategy ensures effective management of any risk that can cause misalignment between the program roadmap and its supported objectives to organizational strategy. It includes defining program risk thresholds, performing the initial program risk assessment, and developing a program risk response strategy. Portfolio risk management categorizes risks as structural, component, and overall risk. Overall, portfolio risk considers the interdependencies between components and is, therefore, more than just the sum of individual component risks. Risk management allows organizations and teams to increase the predictability of outcomes. It is about reaching the appropriate level of organizational process maturity and the optimal level of performance. Organizations grow and develop through improving the framework for identifying risks, learning from and assessing past results, and applying what they've learned to improve the process. In order to do that complete transparency and accountability are needed. [1]
[edit] Key success factors
Organizational, project, program, and portfolio risk management are all carried out in accordance with established procedures and rules. Figure 1 shows the key success factors for risk management.
These key success factors include:
- Recognizing the value of risk management. Project, program, and portfolio risk management is acknowledged as a valued discipline that offers a significant return on investment by organizational management, team members, and stakeholders. [1]
- Individual commitment/responsibility. Participants and stakeholders in the project, program, and portfolio assume responsibility for performing risk-related actions as needed. Everyone is responsible for risk management. [1]
- Open and honest communication. It is critical not to hinder risk communication since this may limit the effectiveness of risk management. [1] Creating a governing structure can be beneficial. Governance encourages cultural honesty and openness while requiring responsibility from every employee, operating unit, and support function. [6]
- Organizational commitment. It is critical to establish a culture that values risk management in order to achieve this. Only when risk management is integrated with the organization's goals, values, and ERM policies can organizational commitment develop. Risk management decisions may need approval from people at a higher level than the project, program, or portfolio manager. [1] Risk management is an integral component of the framework for project, program, and portfolio management. Risk management needs to be practiced, acknowledged, and supported within the organization. A risk management culture fosters the identification of risks rather than ignoring them, as well as the discovery of possibilities through the promotion of a positive mentality inside the organization. [6]
- Tailoring risk effort. Risk management operations are compatible with the organization's value of the activity, as well as it's level of risk, scale, and other restrictions. [1]
- Integration with organizational project management. Risk management does not operate separately from other organizational project management procedures. [1] Distribute best practices throughout your organization. For this to happen, your organization's culture must be one of openness, with managers acting as co-dependent participants in the risk environment. Workers from the operational side of the business, as well as employees whose input is often ignored, such as the audit, finance, human resource, and risk management teams, must be included in this partnership. [6]
[edit] Risk assessment in Project Management
There are five main factors that need to be considered when evaluating potential risks in project management: [5]
1. Risk Identification
The risk identification activity identifies which risks may have an impact on the project, program, or portfolio and analyzes their characteristics. Risks should be recognized and addressed as early as possible in the project. Risk identification occurs throughout the project life cycle, with a focus on major milestones. Some risks will be obvious to the project team while others will require more effort to identify, but will still be predictable. [5] Participants in risk identification activities might include the program manager, program sponsor, program team members, risk management team, stakeholders, outside subject matter experts, customers, risk management experts, and external reviewers as needed. New risks may emerge or become identified as the process develops. The frequency of iteration and the engagement of participants may vary, but the structure of the risk statements should remain similar. The identification activity should offer enough information to analyze and prioritize the risk. [7]
Identifying risk sources and categories is one method of identifying risks. The fundamental causes that produce risks in a project or organization are referred to as risk sources. Risk sources identify potential sources of risk. [5] Specific factors inside a project or organization that might go wrong during the preparation or execution of an activity are referred to as risk categories. It identifies locations that are vulnerable to risks. Category types include:
- External risks: Governmental, regulatory, environmental.
- Organizational risks: Service, budget, quality, resources.
- Technical risks: Risks with software, hardware, or any manuals or other process documents related to the project.
- Project management risks: How the team working on the project operates. [8]
2. Risk Analysis
Risk analysis entails evaluating how project goals and objectives may alter as a result of the risk event's influence. Successful organizations should be able to effectively and efficiently identify the risks that have a direct impact on their goals and objectives. Once the risks have been identified, they are analyzed to determine the qualitative and quantitative impact of the risk on the project so that suitable measures may be performed. It might be difficult to identify the most significant risks. To analyze risks, it is essential to address both the probability and impact of the risks within an organization, project, program, and portfolio risk management processes. [1]
To analyze risks, the following guidelines are employed: [5]
Probability:
Probability refers to the likelihood of a risk occurring.
- High probability – (80 % ≤ x ≤ 100%)
- Medium-high probability – (60 % ≤ x < 80%)
- Medium-Low probability – (30 % ≤ x < 60%)
- Low probability (0 % < x < 30%)
Impact:
Risk analysis entails determining how the risk event's impact will affect project outcomes and objectives.
- High – Catastrophic (Rating A – 100)
- Medium – Critical (Rating B – 50)
- Low – Marginal (Rating C – 10)
3. Risk Exposure
Risk Exposure, also known as Risk Score, is calculated by multiplying the Impact Rating by the Risk Probability. The colors signify the amount of urgency in risk response planning and are used to establish reporting levels as is shown in Figure 2. [5]
4. Risk Occurrence Timeframe
The timeframe in which this risk will have an impact is identified. A timeframe is evaluated for each identified risk. Risks with a "near" timeframe of occurrence need more attention than those with a "far" timeframe. Defining the risk severity and using it to prioritize the risk is one way of identifying the most significant and impactful risks. Because risk is often related to project milestones, the timeframe for exposure might shift as the schedule evolves. [9]
5. Risk Response Planning
There is rarely a simple fix that can be used to minimize or eliminate all of the risks associated with a project. Action plans should be developed to minimize these risks. These action plans should include a description of the steps that must be followed to reduce that risk. Some risks might have to be handled and decreased in a calculated way over a longer period of time. When choosing an action plan, it is critical to determine the time and cost of the action plan as accurately as feasible. It helps in choosing a response plan among the options, as well as determining if the action plan is more expensive or has a greater impact on one of the project objectives than the risk itself. All risk action plans should be assigned to the individual who will carry them out, and the project manager is responsible for that. [5]
The risk manager oversees establishing the risk reduction strategy, which includes identifying options and deciding steps to reduce risks to the project. Risk-reduction strategies often include one or more of the following:
- Transfer: Involves transferring the responsibility of a risk along with the ownership of the response to a third party. [9]
- Mitigate: Action is performed in risk mitigation to lower the likelihood of occurrence and/or effect of a threat to an acceptable threshold. An early mitigation action is frequently more successful than attempting to restore damage after the threat has happened. [1]
- Avoid: When the project, program, or portfolio team moves to eliminate the threat posed by the adverse risk/issue it is referred to as risk avoidance. It is most suitable for a high-priority threat with a high likelihood of occurrence and a significant negative impact. [1]
[edit] Study on Risk-Based Learning Games
In 2014, undergraduate students conducted a study in which they designed a risk-based learning game for students in order to explore if such learning games may increase later memory of information. Undergraduate neuroscience students led 90-minute scientific workshops for 9-10 year old students (n = 448) separated into 'Risk,' 'No Risk,' and 'Control' groups. During the workshops, 'Risk' groups were given multiple choice questions (MCQs) that required small groups of students to allocate tokens to the answer(s) they thought were right. [10]
The group received the tokens and an equal amount back as a prize if they answered correctly, but they lost the tokens if they answered incorrectly. The group at the end of the workshop that had the most tokens won a price. MCQs without the risk component were given to the 'No risk' group, whereas no MCQs were given to the 'Control' group. At the end of the workshop, the students were given a neuroscience test based on the workshop material. Students in the 'Risk' group remembered material considerably better one week later than students in the 'No Risk' and 'Control' groups. This is reinforced by responses from students in 'Risk' classes, who stated that the 'Risk' workshops were more interesting than the 'No risk' and 'Control' workshops. [10]
Average quiz scores on the day of the workshop and a week later are illustrated in Figure 3. These findings show that risk has a role in the classroom and can be used to interest students and motivate them to improve engagement in the classroom. It suggest that the higher the risk factor involved, the more likely it is that the students will prepare for it, learn from it, and hence remember it better. The evaluation is taken more seriously when there is risk involved. It also indicates that there is a connection between the degree of risk around us and our memory. [10]
[edit] Limitations and conclusions
The main limitation of the application of risk management is the uncertainty factor. Uncertainty is a key concept when it comes to risk management. The uncertainty makes it difficult to analyze risks and collect enough data to be able to anticipate hazards as accurately as feasible. Furthermore, risk management requires complex calculations that must be performed by a qualified practitioner and, if not done properly, can severely limit risk identification and analysis. [11]
Identification of risks might also provide a false sense of security. Identifying the risk is not enough if the required actions are not taken to reduce the possibility of the risk occurring. Risk identification is never complete since risks are continuously changing and evolving. New risks might appear at any time, therefore risk identification should be repeated. What is a risk at one time may not be a risk at another.
Risk assessment and management is becoming the most challenging aspect of managing a project, program, and portfolio. While we can never forecast the future with certainty, we can apply risk assessment methods to increases the likelihood of successful project completion and decreases the risks associated with it. [5] Management should be aware of the concept of risk-based learning and utilize it to encourage their employees to apply risk management effectively and productively.
[edit] Annotated bibliography
1. The Standard for Risk Management in Portfolios, Programs, and Projects. (2019).
- A book about the practice standard for Project Risk Management. It addresses the fact that certain events or conditions may occur with impacts on project, program, and portfolio objectives. Risk Management processes allow for the consideration of events that may or may not happen by describing them in terms of likelihood of occurrence and possible impact.
2. Dikmena, I., Birgonula, M.T., Anacb, C., Tahc, J.H.M. and Aouadd, G. (2008). Learning from risks: A tool for post-project risk assessment. Automation in Construction, 18(1), 42-50.
- In this paper, a learning-based approach is proposed for risk management (RM). In order to implement this approach in practice, a tool has been developed to facilitate construction of a lessons learned database that contains risk-related information and risk assessment throughout the life cycle of a project. The tool is tested on a real construction project.
3. Lavanya, N. & Malarvizhi, T. (2008). Risk analysis and management: a vital key to effective project management. Paper presented at PMI® Global Congress 2008—Asia Pacific, Sydney, New South Wales, Australia.
- This conference paper describes the structured Risk Management method used by Nokia Siemens Networks to avert crisis situations and incorporate lessons learned from previous missteps. It emphasizes that effective and early risk assessment and management ensures project objectives are met, resulting in lower rework costs.
4. Rael, R. (2012). Smart Risk Management: A guide to identifying and calibrating business risks. New York, NY: American Institute of Certified Public Accountants, Inc.
- This book describes organizational risk-taking and lays out a structured risk-management process. It is developed for management accountants to assist them in analyzing their position in the center of the organization. It ensures that they do not take risks that they cannot afford and that they take enough chances to remain competitive in an ever-changing industry. It lays forth six stages for effective risk management.
[edit] References
- ↑ 1.00 1.01 1.02 1.03 1.04 1.05 1.06 1.07 1.08 1.09 1.10 1.11 1.12 1.13 The Standard for Risk Management in Portfolios, Programs, and Projects. (2019). Retrieved from https://findit.dtu.dk/en/catalog/5de50a6fd9001d00e06d6ccc on March 10th 2022.
- ↑ 2.0 2.1 Pira, P. (2019). Life's Short. Take More Risks. Retrieved from https://www.forbes.com/sites/forbesbooksauthors/2019/08/23/lifes-short-take-more-risks/?sh=62ff41f12ad5 on February 20th 2022.
- ↑ Cambridge University Press. (2022). risk-based adjective. Retrieved from https://dictionary.cambridge.org/dictionary/english/risk-based on February 13th 2022.
- ↑ Dikmena, I., Birgonula, M.T., Anacb, C., Tahc, J.H.M. and Aouadd, G. (2008). Learning from risks: A tool for post-project risk assessment. Automation in Construction, 18(1), 42-50. Retrieved on February 13th 2022 from https://doi.org/10.1016/j.autcon.2008.04.008
- ↑ 5.0 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 Lavanya, N. & Malarvizhi, T. (2008). Risk analysis and management: a vital key to effective project management. Paper presented at PMI® Global Congress 2008—Asia Pacific, Sydney, New South Wales, Australia. Retrieved from https://www.pmi.org/learning/library/risk-analysis-project-management-7070 on February 19th 2022.
- ↑ 6.0 6.1 6.2 Rael, R. (2012). Smart Risk Management: A guide to identifying and calibrating business risks. New York, NY: American Institute of Certified Public Accountants, Inc. Retrieved from https://onlinelibrary-wiley-com.proxy.findit.cvt.dk/doi/pdf/10.1002/9781119449430 on February 19th 2022.
- ↑ The Standard for Program Management – Fourth Edition (2017). Retrieved from https://findit.dtu.dk/en/catalog/5c45c08ad9001d2f38206ba6 on March 6th 2022.
- ↑ Bishop, K. (2021). 4 Types of Risk Categories in Project Risk Management. Retrieved from https://www.fool.com/the-blueprint/risk-categories/ on March 20th 2022.
- ↑ 9.0 9.1 Pira, P. (2019). State of California. (2014). Risk/Issue Management Plan. California, USA: Board of Equalization. Retrieved from https://capmf.cdt.ca.gov/pdf/templates/samples/BOE_CROS_RiskManagementPlan.pdf on March 17th 2022.
- ↑ 10.0 10.1 10.2 10.3 Devonshire, I., Davis, J., Fairweather, S., Highfield, L., Thaker, C., Walsh, A., ... Hathway, Gareth J. (2014). Risk-based learning games improve long-term retention of information among school pupils Plos One, 9(7), e103640. Retrieved on March 4th 2022 from https://doi.org/10.1371/journal.pone.0103640
- ↑ Reddy, C. (n.d.). What is Risk Management: Advantages and Disadvantages Retrieved from https://content.wisestep.com/advantage-disadvantage-risk-management/ on March 20th 2022.