Risk management
Contents |
Abstract
I chose to write about risk management, because it is very interesting and important topic in each area. Actually everyone knows what a risk is; it is a part of our life. Each step or each decision we make, is full of risks, whether we notice it or not, but when we look at our professional life, then we have to take an action for each risk arise, because it has a negative effect and the effect can have consequences in terms of economic, professional reputation, environmental, safety and societal outcomes. This article focuses on for example how an organization or project handles its risks and which framework could be relevant or helpful for it. Now a day, the risk management is an important part of project, program and portfolio management. In order to end up a project successfully and deliver it on time and within budget, it is important to get an overview of the risks, which is associated to the project. Most of the projects fail due to the lack of risk management [1]. In many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of project's planning process, the projects fail because the resources are not completely utilized to get the full advantage [2]. This article further talks about the risk and different level of risks in organization level and how to identify the projects risks by using some of standard guidelines for risk management such as ISO 31000, ISO 2700S, DS/ISO 31000 Risk management- Principles and guidelines and M_O_R principles, which is a standard risk management framework, which can be used by any organization on any projects regardless of its size. NOTE: This article might be similar to other articles; Risk analysis, risk register, Risk management strategy in project portfolios.
Defination
You can find different tools and definition for risk depending on the context in which it is used. A definition from Oxford English Dictionary sounds like “the possibility that something unpleasant or unwelcome will happen” [3]. This is more general and related more to your every day. In decision theory, Luce and Raiffa relate risk to make decisions under known probabilities of the states of nature [4] and Frank Knight define the risk in economic theory as “risk arises when the decision maker can assign probabilities to possible outcomes”. A well-known definition of the risk in the domain of project management considers the risk as “an uncertain event or condition that, if it occurs, has a positive (opportunity) or negative (threat) impact on project objectives” [5] Frank Knight defines the uncertainty and risk as “...Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated. … The essential fact is that "risk" means in some cases a quantity susceptible of measurement, while at other times it is something distinctly not of this character; and there are far-reaching and crucial differences in the bearings of the phenomena depending on which of the two is really present and operating. … It will appear that a measurable uncertainty, or "risk" proper, as we shall use the term, is so far different from an un-measurable one that it is not in effect an uncertainty at all." [6] To minimize the uncertainty and reduce the risks on the project, you may regularly look back to your risk analysis, because most of the projects fail due to lack of risk management, in many projects the risks are not proactively identified, analyzed and mitigated or even in some projects the risk is a part of projects planning process, The projects fail because they do not invest their resources completely and do not pay attention to it. Risk management is the most important part of the project planning process. It is a management tool, which project manager uses to analyses the risk factor within a project group or projects. Project group must be informed of the main risks and how they will deal with those risks. Often it requires extra resources to eliminate risks; these resources must allocate the project group. Many studies have pointed as well that the risk management has a big role in projects success [7]. The report by Jacob and Kwak highlights the positive contribution of risk management to improve the project selection, review and resource allocation of new product development projects. It used in many areas such as public debate, research, danger of disease, death or accidents, threatening environmental problems in terms of risk of climate changes, CO2 , pollution and so on. It is also used in many other projects such as customer needs and price, new technology and resources, construction and delivery projects, research projects and interests and other tasks.
What is risk
Risk is the uncertainty, which is associated with any kind of the action and projects in organization's context that must understand and effectively manage during the project's process and improve the results[9]. Different types of risk management definitions can be found and the choice of definition depends on how big a concept of risk is used in order to which risks are covered by the definition. There is not a complete tool or solution that fits in every project, creating a new or changes the existing risk management process according to the project's goal is always helpful and flexible process that will ultimately result in a solution to the individual organization or project. Risk is always based on imagination of how the project will be completed. It can be defined on the basis of an existing plan, for example, the project must be completed in 6 months. The risk of delay is bigger than if the project must be completed in one year. If the new technologies are a part of the project plan, that you have to use the new technologies is the risk bigger than use the known technologies. Therefor the risk is based on an existing plan; the same project may have very different risks, if you change the project’s plan. [10].
Three Levels of operational risk management
The risk management in an organization can be categorized in three levels of operation- [8].
- Strategic level:
At strategic level, operational risk management relates to the vision of the business, expansion planned over a few couple of years, the product position and the target customers in the market. In other words, the strategic operational risk management relates to the implementation of the risk demands. It must be defined at the top management level and must be deployed in a top-down manner through all the levels of the organization.
- Tactical level
At tactical level, the set of operational risk management tools and controls helps to reduce the number and intensity of the events. It provide the risk manager with a second line of defence. The effect of the risk responses deploys at tactical level, such as loss, fines and near misses reductions Tactical operational risk management emphasizes on loss prevention and risk reduction techniques, process control, loss data analysis, key risk indicators, risk self-assessments and business expansion plans are some of the vast array of tools and techniques that have been developed to reduce the frequent occurrence of the risk elements and to reduce their impact on the overall project. Financial service industry is the most developed aspect of operational risk management, today.
- Dynamic level
Dynamic level provides a natural reduction of the operational incidents by redesigning all those processes that were prone to errors, removing any unnecessary tasks and useless controls, standardizing the procedures and improving the productivity. Dynamic risk management targets the operational efficiency and process design. Work flows are redesigned in this level to improve the work speed by eliminating the errors. Staff Operational risk management must spread over all these three levels, in order to be more effective and efficient