Risk Management and Response Planning for Successful Project Execution

Revision as of 18:54, 18 February 2023

Developed by David Rühmkorf

In a time of growing global competition, the outcome of projects is crucial to an organization's business result. Despite this, many projects still suffer from postponements, scope changes, failures, and cancellations. These issues can stem from inadequate risk management practices in projects such as risk identification and decision-making.^[1] The objective of project risk management is to enhance the likelihood of favorable outcomes and reduce the probability of potential risks to increase the chances of project success. The PMBOK® Guide describes that unhandled risk can result in deviations from the project strategy and hinder the accomplishment of the project goals. As a result, the outcome of a project is closely linked to the effectiveness of project risk management.^[2]

One method that served already as an adequate tool in various areas for identifying risks is the FMEA (Failure Modes and Effects Analysis). By applying an FMEA the project team is able to detect potential risks before they occur, assess their impact on the project outcome and implement appropriate measures to reduce or prevent them.^[3] For an enhancing evaluation and assessment of the measures, a cost-benefit analysis can be carried out along with the FMEA. By conducting this additional method it can be checked to what extent the execution of the measure makes sense from an economic point of view with regard to the respective project.^[4] Overall, it can be of crucial for companies to combine these methods and integrate them into their project risk management processes in order to ensure the implementation of appropriate measures and thus achieve project goals and business results.

Overview of methods

FMEA

FMEA is a systematic, qualitative method from risk management that is suitable for the identification, analysis and evaluation of risks. The aim of its application is to detect and prevent defects at an early stage in order to optimize product and process risks. Depending on the area of application, a number of different methods can be used in practice. The different types include design, system and process FMEA. A total of seven steps are considered for performing an FMEA. Each steps helps to further develop and to understand the risk profile of a product or a process.

• 1. Planning and Preparation
  
• 2. Structure analysis
  
• 3. Function analysis
  
• 4. Failure analysis
  
• 5. Risk analysis
  
• 6. Optimization
  
• 7. Result documentation
  

With the help of the FMEA, the identified risks can be evaluated and assessed. For the evaluation, the severity(s), occurrence(o) and detection(d) of the failures are considered. Based on the risk assessment, the risk priority number (RPN) can be formed as a measure for analyzing the risk. The RPN is calculated by multiplying the three categories s, o and d and is between 1 and 1000. This means that the higher the RPN, the more necessary it is from a risk management point of view to consider a measure to improve the number. The RPN alone, however, is not a sufficient technique to draw conclusions for evaluating the risks due to the equal weighting of the categories. For the following reason, the FMEA Handbook of the Automotive Industry Action Group (AIAG) and the German Association of the Automotive Industry (VDA) has additionally introduced the action priority (AP). This method was created to assign different weights to the categories. In this case severity is given the highest priority, followed by occurrence and finally discovery. Based on this change, the involved participants can make better decisions to prevent future problems. The following article will mainly focus on steps 4, 5 and 6 of the FMEA taking into account the cost-benefit analysis.^[3]

Cost-benefit analysis

A cost-benefit analysis is a method of data-driven decision-making and serves as a tool to weigh the expected costs and benefits of a project decision to assess whether it is reasonable from an economic point of view. Therefore it is a method that is mainly used in the business environment, by both large companies and start-ups. The fundamental principles and structure can be utilized in nearly any decision-making process, regardless of its commercial or non-commercial orientation.
If the analysis shows that the expected benefits exceed the projected costs, it can be argued that the decision has a positive impact. However, if the costs surpass the benefits, a company may want to reconsider the decision or the overall project. There can be potential promising benefits from an economic perspective to performing such analysis before relevant organizational decisions are made. Conducting analysis can highlight important information, such as the organization's value chain, the ROI of a project, or the transparency of decisions.

The cost-benefit analysis consists of the following four steps:

• Step 1: Definition of the framework: Determination of the aims and objectives that the analysis tries to achieve. To be able to compare the two factors in an apropriate way, it is important to use the similiar units.
• Step 2: Identification of cost and benefit: For the identification and a better understanding of the costs and benefits, these can be subdivided into sub-areas such as direct or indirect.
• Step 3: Estimate values for costs and benefits: In order to compare the costs with the benefits, a value is calculated or assigned in the previously defined unit. In most cases, this is a monetary value.
• Step 4: Comparing values and determining conclusions: In the last step, the values are compared in order to determine which decision makes sense from an economic point of view.^[4]

Risk response

Successful projects are of paramount importance for the long-term existence of companies and organizations. Certainly, statistics show that successful projects tend to be the exception. The Standish Group reports that of approximately 30,000 IT projects in the U.S., only 28% are on schedule and on budget, while nearly 63% are late and 49% are more expensive than planned. Moreover, the cost of failed projects amounts to $38 billion. This shows how much potential for the implementation and execution of projects exists.^[5]

The reason for the high proportion of failed or sub-optimal projects can be attributed to various factors. One possible factor can be derived from the definition of a project. According to the PMBOK Guide, a project is “a temporary endeavor undertaken to create a unique product, service, or result”.^[6] Due to the fact that a project is defined as something unique, high uncertainties can arise, which in turn can lead to various risks. For this reason, risk management is taking on an increasingly important role within project management.^[7]

It is also stated in the Standard for Risk Management in Portfolios, Programs, and Projects that the inclusion of risk management is an essential component for the successful implementation of projects. To address risks, the standard outlines seven steps, including plan risk management, identify risks, perform qualitative risk analysis, perform quantitative risk analysis, plan risk responses, implement risk responses, and monitor risks. This article will focus especially on evaluating risks and plan risk responses.^[2]

As already shown above, an FMEA can be used as a tool for the identification and evaluation of risks. Furthermore, this method considers both the probability and impact of a failure in addition to the detection, which is in line with PMI’s requirements for assesing risks.

After assessing and prioritizing each risk that the project team deems to be sufficiently relevant, the responsible persons have to plan and identify accurate risk responses to minimize the adverse effects on the project and its results. By implementing effective and appropriate risk actions, both individual and general project risks can be reduced. Risk responses should be adequate for the magnitude of the risk, cost-effective, and feasible within the project's context.^[6] The actions for risk response can be divided into five categories escalate, avoid, transfer, mitigate and accept. Considering the five categories can help the team to better assess the failures and thus be able to develop appropriate actions.

The procedure for developing risk responses involves actions to address risks and their attributes, and incorporating them into relevant plans and budgets. There are three types of methods used in this process:

• Creative methods for determining possible responses
• Decision-support techniques for identifying the best potential response
• Implementation tools are utilized to execute the risk responses

Each of these categories of techniques can be applied to accomplish different goals. This article focuses on selecting the optimal response to align strategy with planning, where CBA is used as a supporting tool to evaluate the costs and benefits of different risk response options.^[2]

Aplication of the tools

The application of the tools will focus on the evaluation of the risks and further on defining and assessing appropriate measures to reduce or prevent identified risks. As previously stated in the general overview of FMEA, the process comprises 7 different steps, with each step being fundamental for achieving a successful implementation. Even though the primary focus of this article is on steps five and six, the significance of each step in the execution process warrants a brief explanation.

The first step, planning and preparation, deals with establishing and defining basic framework conditions that are crucial for the application of the analysis. Tasks include developing a project definition, determining the scope of the analysis, and establishing a baseline for subsequent analyses. For the development of a definition, the project to be analyzed as well as the reason for its implementation are included.

The second part of the system analysis is the structural analysis. It is a methodology, with the help of which the project or system can be divided into elements, action steps, and cause elements. The system elements that have been divided into smaller parts are arranged in a hierarchical tree structure, as shown in Fig?. The element represents the top level of the tree, followed by the individual action steps. The action steps describe the activity that has to be performed to achieve a specific result for the next step. The cause elements follow as the third and lowest level. These specify the previous action step, taking into account the categories according to Ishikawa.

The functional analysis forms the third level of system analysis and describes the tasks of the different system elements. Thus, one or more functions are assigned to each element, action step, and cause element. These can be derived with the help of information such as activities, environments, or times. To visualize the functional relationships, the determined functions can be represented as a tree or network, similar to the structural analysis.

In the next step, the failure consequences, types, and causes are identified as part of the failure analysis. Based on this, failure consequences chains can be created. Each chain consists of the three error types already mentioned. The center point is the failure type. From there, the consequences and causes can be derived. The failure consequences describe the possible effects on the internal or external customer, which can occur when the error occurs. The failure type refers to the function of the action step and describes potential negative deviations that can occur during application. The third category to be considered is the cause of the error. Here, the reasons for the occurrence of a failure type are presented. The causes should be as comprehensive and complete as possible so that appropriate measures can be implemented to eliminate them.^[3]

Utilization of FMEA and CBA

Benefits of applying combined tools

Limitations

Annotated bibliography

References

1. ↑ Bahrami, Mahdi et al. (2012). Innovation and Improvements In Project Implementation and Management; Using FMEA Technique. Elsevier Ltd.
2. ↑ ^{2.0 2.1 2.2} Project Management Institute (2019). Standard for Risk Management in Portfolios, Programs, and Projects.
3. ↑ ^{3.0 3.1 3.2} AIAG & VDA (2019). FMEA Handbook.
4. ↑ ^{4.0 4.1} Stobierski, Tim (2019). How to Do a Cost-Benefit Analysis & Why It’s Important. Harvard Business School Online. https://online.hbs.edu/blog/post/cost-benefit-analysis.
5. ↑ Gomes, Cleber Willian (2012). FMEA to Improve the Project Management. SAE International.
6. ↑ ^{6.0 6.1} Project Management Institute (2021). The Standard for Project Management and A Guide To the Project Management Body of Knowledge (pmbok® Guide). 7th Edition.
7. ↑ Pritchard, Carl L. (2000). Advanced risk - how big is your crystal ball?. Paper presented at Project Management Institute Annual Seminars & Symposium, Houston, TX. Newtown Square. Project Management Institute. https://www.pmi.org/learning/library/advanced-risk-organizations-role-management-561