Risk Breakdown Structure (RBS)

From apppm
(Difference between revisions)
Jump to: navigation, search
Line 42: Line 42:
 
==The concept of Risk Breakdown Structure (RBS)==
 
==The concept of Risk Breakdown Structure (RBS)==
  
[[File:123.jpg‎|500px|thumb|right| Figure 2: Example of a Risk Breakdown Structure <ref name="Towards a Framework for Project Risk Knowledge Management in the Construction Supply Chain"> Tah, J.H.M. and Carr, V. (2001) "Towards a Framework for Project Risk Knowledge Management in the Construction Supply Chain" Advances in Engineering Software</ref>]]
+
[[File:123.jpg‎|600px|thumb|right| Figure 2: Example of a Risk Breakdown Structure <ref name="Towards a Framework for Project Risk Knowledge Management in the Construction Supply Chain"> Tah, J.H.M. and Carr, V. (2001) "Towards a Framework for Project Risk Knowledge Management in the Construction Supply Chain" Advances in Engineering Software</ref>]]
  
 
Risk Identification provides an unstructured list of risks that is difficult to communicate to other stakeholders. Therefore, different tools that structure the large amount of data have been proposed including risk registers, risk matrix and risk map. Among them, Risk Breakdown Structure (RBS) is a useful tool that groups the identified risk events into different levels following a bottom-up approach. The RBS is a hierarchically organized depiction of the identified project risks arranged by risk categories and subcategories that identifies the various areas and causes of potential risks <ref name="A Guide to the Project Management Body of Knowledge - Fourth Edition">Project Management Institute, (2008),"A Guide to the Project Management Body of Knowledge - Fourth Edition"</ref>. It represents the overall project and organizational risk factors and events organized by group and category <ref name="Developing risk breakdown structure for information technology organizations"> Holzmann, Vered & Spiegler, Israel. (2011). "Developing risk breakdown structure for information technology organizations" International Journal of Project Management</ref>
 
Risk Identification provides an unstructured list of risks that is difficult to communicate to other stakeholders. Therefore, different tools that structure the large amount of data have been proposed including risk registers, risk matrix and risk map. Among them, Risk Breakdown Structure (RBS) is a useful tool that groups the identified risk events into different levels following a bottom-up approach. The RBS is a hierarchically organized depiction of the identified project risks arranged by risk categories and subcategories that identifies the various areas and causes of potential risks <ref name="A Guide to the Project Management Body of Knowledge - Fourth Edition">Project Management Institute, (2008),"A Guide to the Project Management Body of Knowledge - Fourth Edition"</ref>. It represents the overall project and organizational risk factors and events organized by group and category <ref name="Developing risk breakdown structure for information technology organizations"> Holzmann, Vered & Spiegler, Israel. (2011). "Developing risk breakdown structure for information technology organizations" International Journal of Project Management</ref>

Revision as of 17:52, 2 March 2022

Written by Dimitrios Machairas


A Risk Breakdown Structure is a tool that depicts in the form of a graph the risks a project might face as it develops. Commonly, this tool's structure follows a hierarchical representation of risk, starting with the top levels and consequently moving down to more specific risks. The scope of this tool is to help project managers map out the possible risk exposure of the project - every parameter that might affect the regular progression of the project.

Risk Breakdown Structure (RBS) is a tool developed by Dr. David Hillson and he describes it as: "A Source-oriented grouping of project risks that organize and defines the total risk exposure of the project. Each descending level represents an increasingly detailed definition of sources of risk to the project" [1].

Contents

Introduction: Risk Management

Risk management is a systematic process of identifying, assessing, responding and controlling and monitoring the project risk [2]. The overall goal of the risk management process is to maximize the opportunities and minimize the negative consequences of risk threats [2]. Project Risk Management aims to identify and prioritize risks in advance of their occurrence and provide action-oriented information to project managers. This orientation requires consideration of events that may or may not occur and are therefore described in terms of likelihood or probability of occurrence in addition to other dimensions such as their impact on objectives [3].

Figure 1:Risk Management stages: Identify, Assess, Respond, Monitor [4]

Risk identification

A risk cannot be managed unless it is first identified. Consequently, after risk management planning has been completed, the first process in the iterative Project Risk Management process aims to identify all the knowable risks to project objectives [2]. Risk identification is the process of systematically and continuously identifying, categorizing, and assessing the initial significance of risks associated with a project [5]. Risk identification describes risks that can potentially affect the project. Participants in risk identification activities can be the following: project manager, project team members, risk management team (if assigned), experts that are not member of project, customers, end users, other project managers, stakeholders, and risk management experts [4].

Techniques used for risk identification include brainstorming and workshops, checklists and prompt lists, questionnaires and interviews, Delphi groups or Nominal Group Techniques, and various diagramming approaches (cause–effect diagrams, systems dynamics, influence diagrams, etc.)[6].

Risk Analysis

Risk analysis is subsequent step of Risk Identification and aims to evaluate the consequences associated with risks and to assess the impact of risk by using risk analysis and measurement techniques. These techniques involve Qualitative Analysis (description, likelihood of happening and impact of the risk to the project), Quantitative Analysis (sensitivity analysis, Monte Carlo, decision trees etc.).

Risk Response Planning

The step after risk identification and risk analysis is to strategically plan actions focusing on the most significant risks, in a way that increases the possibility of success and minimizes the impacts of the threats on the project. This process aims to determine effective response actions that are appropriate to the priority of individual risks and to the overall project risk. It takes into account the stakeholders‟ risk attitudes and the conventions specified in the Risk Management Plan, in addition to any constraints and assumptions that were determined when the risks were identified and analyzed.[6]. When the response actions are applied, they affect the project objectives and can generate additional risks. These are known as secondary risks and have to be analyzed and planned for in the same way as those risks which were initially identified [2].

Responses to risks can be one/combination of the following options [6] :

  • Mitigate: acts on the reduction of the probability and/or the impact of a risk to an acceptable threshold. This may require further resources and therefore may represent a tradeoff of one objective for another. This is one of the most applied methods.
  • Avoid: risk avoidance consists of altering the project plan so that the risk is eliminated and does not impose a threat to the project.
  • Transfer: in this option, the risk is transferred to another partner or third party that is better positioned to address a particular threat. A good example is insurance companies that are willing to take the risk in exchange for money.

Risk Control and Monitoring

By the progress of the project, new information becomes available and the list of project risks changes by the appearance of new risks, whether foreseen or unforeseen or disappearance of some anticipated risks. The project risk management planning should therefore be kept current and the project manager should ensure that risk identification, analysis, and response planning are repeated at reasonable intervals, or in response to project events [6].

Risk monitoring and control keep track of the identified risks, residual risks, and new risks. It also monitors the execution of planned strategies on the identified risks and evaluates their effectiveness. Risk monitoring and control continue for the life of the project [7].

The concept of Risk Breakdown Structure (RBS)

Figure 2: Example of a Risk Breakdown Structure [8]

Risk Identification provides an unstructured list of risks that is difficult to communicate to other stakeholders. Therefore, different tools that structure the large amount of data have been proposed including risk registers, risk matrix and risk map. Among them, Risk Breakdown Structure (RBS) is a useful tool that groups the identified risk events into different levels following a bottom-up approach. The RBS is a hierarchically organized depiction of the identified project risks arranged by risk categories and subcategories that identifies the various areas and causes of potential risks [2]. It represents the overall project and organizational risk factors and events organized by group and category [9]

Risk Breakdown Structure is a practical tool, widely used during the various stages of project life in risk management. It can be used in the risk identification stage and it can provide support in the later stages (risk assessment and risk response) since it offers an overview of the risks which affect the project.[6]. Figure 2 demonstrates an example of RBS [8]

Building blocks of the RBS

Risk Factors

Risk Events (RE)

Risk Categories (RC)

Advantages of the RBS

Drawbacks of the RBS

Anotated Bibliography

References

  1. Hillson, D. (2002). "Use a risk breakdown structure (RBS) to understand your risks", Project Management Institute
  2. 2.0 2.1 2.2 2.3 2.4 Project Management Institute, (2008),"A Guide to the Project Management Body of Knowledge - Fourth Edition"
  3. Project Management Institute. (2009). "Practice standard for project risk management. Newtown Square"
  4. 4.0 4.1 Mojtahedi, Mohammad & Mousavi, Sana & Makui, Ahmad. (2010). "Project risk identification and assessment simultaneously using multi-attribute group decision making technique", Safety Science
  5. Al-Bahar, J.F. and Crandall, K.C. (1990), "Systematic Risk Management Approach for Construction Projects", Journal of Construction Engineering and Management
  6. 6.0 6.1 6.2 6.3 6.4 Rasool Mehdizadeh. (2012)."Dynamic and multi-perspective risk management of construction projects using tailor-made Risk Breakdown Structures"
  7. Uzulāns, Juris. (2016). "Project Risk Register Analysis Based on the Theoretical Analysis of Project Management Notion of Risk" Economics and Business
  8. 8.0 8.1 Tah, J.H.M. and Carr, V. (2001) "Towards a Framework for Project Risk Knowledge Management in the Construction Supply Chain" Advances in Engineering Software
  9. Holzmann, Vered & Spiegler, Israel. (2011). "Developing risk breakdown structure for information technology organizations" International Journal of Project Management
Retrieved from "http://wiki.doing-projects.org/index.php?title=Risk_Breakdown_Structure_(RBS)&oldid=111391"
Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox