Risk tolerances
(→Determining risk tolerance) |
|||
Line 44: | Line 44: | ||
Empirical studies have been conducted to measure organizational risk tolerances. The results show that risk tolerances obtained from different executives within the same organization vary tremendously. Generally, those lower in the organization have lower risk tolerances. Howard [9] reports that assessments from CEO's in the oil and chemicals industry concluded that risk tolerance is roughly six per cent of sales, one to one and a half times net income, or one-sixth of equity. McNamee and Celona [10] add to this list a ratio of market value to risk tolerance of one-fifth. They also comment that the ratio of risk tolerance to equity or market value [usually translates best between companies in different industries. | Empirical studies have been conducted to measure organizational risk tolerances. The results show that risk tolerances obtained from different executives within the same organization vary tremendously. Generally, those lower in the organization have lower risk tolerances. Howard [9] reports that assessments from CEO's in the oil and chemicals industry concluded that risk tolerance is roughly six per cent of sales, one to one and a half times net income, or one-sixth of equity. McNamee and Celona [10] add to this list a ratio of market value to risk tolerance of one-fifth. They also comment that the ratio of risk tolerance to equity or market value [usually translates best between companies in different industries. | ||
Once risk tolerance has been established, the certain equivalent for any risky project or project portfolio can be obtained via the utility function. The effect, as illustrated in Figure 44, is to subtract a risk adjustment factor from the expected value (if projects allow you to avoid risks, the effect is to add, rather than subtract, adjustment factors). The risk adjustment depends on the risk tolerance and the amount of risk. If the projects are independent (i.e., their risks are uncorrelated), then the certain equivalent of the project portfolio will be the sum of the certain equivalents of the individual projects. If project risks are correlated, the certain equivalent for the portfolio can be obtained once the distribution of payoffs for the portfolio are computed (accounting for correlations as described above). | Once risk tolerance has been established, the certain equivalent for any risky project or project portfolio can be obtained via the utility function. The effect, as illustrated in Figure 44, is to subtract a risk adjustment factor from the expected value (if projects allow you to avoid risks, the effect is to add, rather than subtract, adjustment factors). The risk adjustment depends on the risk tolerance and the amount of risk. If the projects are independent (i.e., their risks are uncorrelated), then the certain equivalent of the project portfolio will be the sum of the certain equivalents of the individual projects. If project risks are correlated, the certain equivalent for the portfolio can be obtained once the distribution of payoffs for the portfolio are computed (accounting for correlations as described above). | ||
+ | |||
+ | An advantage of this approach is that a single risk tolerance can be established for the organization. Use of the common risk tolerance ensures that risks are treated consistently, thus avoiding the common bias in which greater levels of risk aversion tend to be applied by lower-level managers. | ||
+ | Note that the method presented in this paper do not guarantee that the outcome of a particular risky decision will be optimal or "good," but only that the decision will be rational in the face of uncertainty and that repeated application of these methods will maximize the decision maker's welfare over the long run. | ||
== Alternative ways to model and quantify of risk tolerance == | == Alternative ways to model and quantify of risk tolerance == |
Revision as of 21:56, 2 October 2017
Risk tolerance is an amount of risk that a project driven organization can withstand. This element in project management indicates the willingness of organization and it's people to avoid or accept risks. Risk tolerance can be analyzed from three different perspectives: company, project manager, and stakeholder. The company risk tolerance depends on the financial stability and project diversification. A project manager’s risk tolerance is affected by job security and corporate culture. The stakeholder’s risk tolerance is influenced by project objective. The project success depends on agreeable level of risk tolerance and early risk management planning.
Contents |
Big idea
In project management, risk tolerance is the measure of the degree of uncertainty that a stakeholder accepts in respect of the project risk assessment. The three major stakeholders are the project organization, the customer or the owner of the project and the project manager. Risk is intangible, or invisible, therefore stakeholders have different perceptions of what constitutes risk and subsequently its tolerance. Hence these three stakeholder groups rarely have the same view on the possible outcomes of a project. The attitude towards risk tolerance varies depending on risk characteristics and project’s internal and external environment. Therefore, it is important to first define “risk” and “risk tolerance” and how it relates to project management in a technology-driven organization.
According to classical decision theory, risk is generally understood to be the distribution of possible outcomes, their probability and impact. In project management, this definition can be applied to time, cost, quality, and other factors that can affect these three concerns. It can be concluded, that a risk can either be an opportunity or a threat. An opportunity has positive effect on project objectives, while a threat possess a negative impact. The objective of risk management is to increase the probability of positive risks, and reduce the probability of negative risks.[1]
Risk tolerance is the degree, volume or amount of risk that an organization can withstand. It indicates how sensitive organizations, stakeholders, and people are towards risks. High tolerance often means that organizations welcome high risks while tolerance tells otherwise. Risk tolerance is still a developing area of research because of its human dynamics. A simple conception of risk tolerance can be expressed by claiming that individual decision-makers are risk averse. However in reality many other circumstances shape attitudes toward risk, and thus risk tolerance is a complex topic demanding a more complex definition.[2]
Application
Risk tolerance application leads to more efficient use of resources because the project team has a better understanding of how to respond to threats and how to exploit opportunities. It is important to prioritize risks and address the most crucial ones, to know which should be avoided, reduced, transferred or accepted. In the same manner, opportunities can be exploited, enhanced, shared or ignored.
In addition to that, risk tolerance provides the project team a better understanding of how far down the list of prioritized risks it should go. This can result in improved decision-making that leads to lower costs, better performance, and a shorter delivery of the project. The following steps should be taken in order to reap benefits of risk tolerance.
First of all, a detailed risk management plan should be put in place. It should include definition of risk tolerance levels. It should address risk tolerance not only from the company perspective, but also with regard to the key stakeholders of project. Early assessment should improve decision maker making process as the project progress over time and issues become more complex.
Secondly, a firm should review its compensation policies for project managers and other employees. People weigh the possible rewards in making decisions that impact projects. By initiating a compensation structure where a portion of a remuneration is at risk or based on performance, organization influences employees likelihood of taking risks. This is a tool that firms can use to either increase decision-makers risk-taking ability or increase risk aversion.
Thirdly, it is important for companies to exercise an organizational culture that which promotes calculated risk-taking and innovation. Risk taking should be well thought out and measured. Project managers should be trained to quantify risks. Upper management should lend a hand in getting functional managers involved in the risk management process to help improve their decision making ability. It is recommended as part of risk training for project managers to ask four questions:
- Am I a risk-taker or avoider?
- What about my project sponsor?
- How much will the project benefit my organization?
- What is the project team’s experience and expertise?
By going through the process of addressing these issues, a project manager should improve evaluation of the personal risk tolerance level as well as that of the project team and the company as a whole.
Additionally, comprehensive performance reviews of project managers are another important component for maintaining a shared understanding and vision of risk tolerance. In reviewing the project manager’s performance, the upper management should critique the project manager’s apparent level of risk aversion. By doing so, the project manager receives formal guidance for future decisions.
A clear communication strategy is important and steps should be taken to ensure its effectiveness. First, the organization handling the project should identify who it is they need to establish channels of communication with, through which good and bad news can be delivered. The second step is to identify whose opinion, positions, and interests the firm should be aware of. This enables the firm to manage issues accordingly and more readily exploit opportunities. If the project manager does not receive input from the appropriate representatives of the stakeholder, or the messages are not cohesive, the project performance will suffer and accepted risk levels will not be met.
Finally, in performing risk assessment, decision issuing entity should adopt an outside view. This means that a project manager should make forecasts not only on historical figures and facts pertaining to the project at hand, but more on what has happened with similar scenarios outside of the project and even outside of the organization. By doing so, there is less chance the project manager will make overly optimistic forecasts, which lead to failed projects. Project risk tolerance is a crucial part of any risk management plan. Risk tolerance should be analyzed continuously during the life cycle of the project.
Determining risk tolerance
There are several ways to determine the risk tolerance for an organization. One is to ask senior decision makers (ideally, the CEO) to answer the following hypothetical question. Suppose you have an opportunity to make a risky, but potentially profitable investment. The required investment is an amount R that, for the moment, is unspecified. The investment has a 50-50 chance of success. If it succeeds, it will generate the full amount invested, including the cost of capital, plus that amount again. In other words, the return will be R if the investment is successful. If the investment fails, half the investment will be lost, so the return is minus R/2. Figure 47 illustrates the opportunity. Note that the expected value of the investment is R/4.
If R were very low, most CEOs would want to make the investment. If R were very large, for example, close to the market value of the enterprise, most CEOs would not take the investment. The risk tolerance is the amount R for which decision makers would just be indifferent between making and not making the investment. In other words, the risk tolerance is the value of R for which the certain equivalent of the investment is zero. Empirical studies have been conducted to measure organizational risk tolerances. The results show that risk tolerances obtained from different executives within the same organization vary tremendously. Generally, those lower in the organization have lower risk tolerances. Howard [9] reports that assessments from CEO's in the oil and chemicals industry concluded that risk tolerance is roughly six per cent of sales, one to one and a half times net income, or one-sixth of equity. McNamee and Celona [10] add to this list a ratio of market value to risk tolerance of one-fifth. They also comment that the ratio of risk tolerance to equity or market value [usually translates best between companies in different industries. Once risk tolerance has been established, the certain equivalent for any risky project or project portfolio can be obtained via the utility function. The effect, as illustrated in Figure 44, is to subtract a risk adjustment factor from the expected value (if projects allow you to avoid risks, the effect is to add, rather than subtract, adjustment factors). The risk adjustment depends on the risk tolerance and the amount of risk. If the projects are independent (i.e., their risks are uncorrelated), then the certain equivalent of the project portfolio will be the sum of the certain equivalents of the individual projects. If project risks are correlated, the certain equivalent for the portfolio can be obtained once the distribution of payoffs for the portfolio are computed (accounting for correlations as described above).
An advantage of this approach is that a single risk tolerance can be established for the organization. Use of the common risk tolerance ensures that risks are treated consistently, thus avoiding the common bias in which greater levels of risk aversion tend to be applied by lower-level managers. Note that the method presented in this paper do not guarantee that the outcome of a particular risky decision will be optimal or "good," but only that the decision will be rational in the face of uncertainty and that repeated application of these methods will maximize the decision maker's welfare over the long run.
Alternative ways to model and quantify of risk tolerance
Risk tolerance concerns both the probabilities of risk occurrences taking place and the resulting impact of those risks. Tools and techniques have been developed to quantify risks and how the organization risk tolerance weighs against them. Information collected into project risk register during risk assessment process can be used to generate risk tolerance profile (fig. 1). The process begins with the company determining the positive or negative impact it is capable to endure a probability. With this information, the risk tolerance line is mapped out. Each risk is plotted according to its perceived likelihood of occurring, as well as the impact it would have. With this information charted out, the firm can identify the individual risks that lie above the firm’s tolerance level and focus resources towards those. The utility curve is another tool for understanding risk tolerance. A utility curve shown in fig. 2 demonstrates a risk averse decision maker while fig. 3 shows a risk-taker.[3]
When measuring risk and determining acceptable levels for tolerance, it is important that projects are viewed as a portfolio. By taking on multiple projects with uncorrelated or negatively correlated outcomes, a firm builds a portfolio of projects whereby the overall level of risk is lower than what one would perceive by looking at projects individually. This way the project risk can be correlated to investment portfolio theory.
Company perspective
Risk tolerance of the company usually depends on the extent of financial stability and project portfolio diversification. Organization may lower its overall risk exposure by taking on multiple projects with uncorrelated or negatively correlated outcomes. While this is true for the organization, it is not true for a project manager dedicated to one project. For this reason, upper management must ensure project managers understand their project’s role within the context of the project portfolio.
It can be claimed, that taking risks can be beneficial to a firm that is able to accept them because it enables opportunity. Another aspect of the organizational risk tolerance is, that it depends on the importance of the project within the aggregate project portfolio. For instance, if the project being handled is critical, the organization is willing to take more risks. Alternatively, if it is not critical, then the organization might increase risk tolerance for that one.
Risk tolerance of organizations is dynamic and fluid. Company's acceptance of risk changes throughout the duration of a project. For instance a company’s commitment and investment in the project grows and more is at stake through its progression. Even though the project has fewer risks in towards final stages, the ones that still persist can be more dangerous.
Project manager perspective
The risk tolerance of the project manager and other members of the project team depends on job security and corporate culture. Project manager should have a detailed understanding of the firm’s tolerance level for the possible occurrence of every sizable risk or opportunity. Two categories of risk which concern project manager can be identified. These are project risk and professional risk.
Project risk applies to the uncertainties for a project manager in achieving a project’s goals in terms of time, cost, and quality. These risks are the main subject of risk management as they apply to project management.
Professional risk deals with a project manager’s uncertainties with respect to future job advancement and reward. This type of risk receives less attention, but it can potentially drive a project manager’s decisions and cause those decisions not to be in line with defined risk tolerance levels. Naturally, a project manager weighs credit and blame when making decisions. A project’s visibility and impact heavily influence a project manager’s personal risk tolerance. If the manager possesses a strong drive to climb the corporate ladder, he or she may accept more risk in a highly visible project in an effort to gain accolades should the project come through. In a less visible project, there is less incentive for risk-taking. This can be in contrast with the firm’s risk tolerance profile of a willingness to accept greater risk on smaller projects than larger visible projects.
Stakeholder perspective
The project stakeholder risk tolerance depends on the project objective, which often is different from the organization’s risk tolerance levels. The stakeholder is the customer or client for which a project is being carried out. Risk tolerance levels must be examined by the stakeholder and conveyed to the project team, regardless of whether the tolerance level is high or low. The purposes behind a project and the project’s ultimate goals are generally laid out very early in the relationship between a contractor and client, and risk tolerance levels should be set and defined at the same time.
Limitation
As one of the methods limitations it can be mentioned, that because firms have limited resources and various project proposals competing for them, there is an embedded incentive for overly optimistic estimates and forecasts. Combined with this, any expression of pessimism is often construed as disloyalty to the organization or the project team. These factors lead to serious concerns over whether the risk tolerance levels are defined correctly. This can lead to projects being delivered late, over budget, under quality, out of scope, and without meeting all the initial goals. Due to to size and complexity, some projects can be plagued be plagued with conflicting tolerances of risks. It is difficult for all project stakeholders to agree on risk tolerance levels throughout the life cycle of the project.
References
- ↑ 1 http://www.unnap.com/six-sigma/risk-appetite-tolerance-and-threshold-explained/
- ↑ 2 http://synergybusiness.com/files/PDF/White_Papers/Examining-Risk-Tolerance-in-Projectdriven-Organization.pdf
- ↑ 3 https://books.google.dk/books/about/The_Project_Management_Question_and_Answ.html?id=XjB30_XPikcC&redir_esc=y