Risk matrix
| Line 1: | Line 1: | ||
| − | ''' | + | This article is an overview and summary of the graphical tool called Risk Matrix concerning risk assessment in Project Management. |
| + | To successfully execute its projects, especially in surrounding unstable environment, the companies, have to be aware about uncertainty with coming risks that might appear and affect on the project during different stages. Effective project management need to identify what types of risk can influence particular stage of project, prioritize risks in terms of most severity and perform decision making in order to avoid any harm that may cause particular risk. | ||
| + | The one of the useful risk assessment tool that support your decision making towards what risks need your attention first called "Risk Matrix” or "Probability and Impact Matrix". | ||
| + | |||
| + | '''Risk Matrix ''' is a graphic tool used during project management in particularly Risk Assessment, to determine the different levels of risk as the product of the harm probability categories and harm severity categories. . <ref>[''Risk Management - Risk assessment techniques''] ''Dansk Standart DS/EN ISO 31010, 2010'' </ref> | ||
| − | |||
It is a very effective tool that could be used successfully with Project Management to increase awareness and visibility of risks and hence assist management decision making. | It is a very effective tool that could be used successfully with Project Management to increase awareness and visibility of risks and hence assist management decision making. | ||
Revision as of 11:22, 16 September 2016
This article is an overview and summary of the graphical tool called Risk Matrix concerning risk assessment in Project Management. To successfully execute its projects, especially in surrounding unstable environment, the companies, have to be aware about uncertainty with coming risks that might appear and affect on the project during different stages. Effective project management need to identify what types of risk can influence particular stage of project, prioritize risks in terms of most severity and perform decision making in order to avoid any harm that may cause particular risk. The one of the useful risk assessment tool that support your decision making towards what risks need your attention first called "Risk Matrix” or "Probability and Impact Matrix".
Risk Matrix is a graphic tool used during project management in particularly Risk Assessment, to determine the different levels of risk as the product of the harm probability categories and harm severity categories. . [1]
It is a very effective tool that could be used successfully with Project Management to increase awareness and visibility of risks and hence assist management decision making.
Contents |
Big idea
A risk matrices are common used to rank risks, sources of risks or risks treatments on the basis of the level of risk. It is commonly used as a screening tool when many risks have been already identified, for example to define which need to be referred to a higher level of management. It may also be used to select which risks need to be considered further at this time. This kind of risk matrices are also wide used to determine if a given risk is broadly acceptable, or not acceptable according to the zone where it is located on the matrix.
The Risk matrices may also be used to help communicate a common understanding foe qualitative levels of risks across the organization. The way risk levels are set and decision rules assigned to them should be aligned with the organization´s risk appetite.
Application
Risk matrices have two main applications. The application or aim of the risk matrix is relevant when discussing the suitability of risk matrices. One application is decision-making about the acceptance of risk; the other is to prioritize which risk needs to be addressed first.
Frequently, in risk acceptance, only three levels of risk are distinguished:
- hazards or events with unacceptable risk (often indicated with a red color);
- hazards or events in which the risk is found to be ‘‘broadly acceptable’’, i.e. not requiring further risk reduction (often indicated with green),
- an intermediate level, where risk should be reduced ‘‘As Low As Reasonably Practicable’’ (ALARP, often indicated with yellow).
Given these interpretations, there is no need to further prioritize hazards, at least not in the red and green areas.
In cases where the risk matrix is used for prioritizing (which hazards require most attention in order to reduce the cumulative risk), a larger number of risk levels may be necessary in order to obtain sufficient resolution to rank events or hazards in order of priority. Even then, different hazards may end up either in the same cell or with the same assigned risk (so called risk ties, see (Ni et al., 2010).
Process ¨To rank risks, the user first finds the consequence descriptor that best fits situation then defines the probability with which those consequences will occur. The level of risk is read from the matrix.
Many risks events may have a range of outcome with different associated probability. Usually. minor problems are more common outcome than catastrophes. There is therefore a choice as to whether to rank the most common outcome or the most serious combination. In many cases, it is appropriate to focus on the most serious credible outcomes as these pose the largest threat and are often of most concern. In some cases, it may be appropriate to rank both common problems and unlikely catastrophes as separate risks. It is important that the probability relevant to the selected consequence is used and not the probability of the event as a whole.
The level of risk defined by the matrix may be assisted with the decision rule such as to treat or not treat the risk. [2]
Limitations
The aim of any risk evaluation tool is to ensure that the decision process is transparent, based on best knowledge and reflects the common understanding of stakeholders. When reviewing the application of risk matrices, it becomes obvious that this simple tool has some notable weaknesses. Both users and designers of risk matrices should be aware of these shortcomings and ensure that the risk matrices are used in such a way that correct conclusions are drawn.
The mentioned ISO 31010 (2010) also includes an invaluable summary of the advantages and disadvantages of risk matrices, together with recommendations for their usage.
Strengths:
- relatively easy to use;
- provides a rapid ranking of risks into different significance levels.
Limitations:
- a matrix should be designed to be appropriate for the circumstances so it may be difficult to have a common system applying across the range of circumstances relevant to an organization;
- it is difficult to define the scales unambiguously;
- use is very subjective and there tend to be significant variation between raters;
- risk can not be aggregated (i.e. one cannot define that a particular number of low risks or a low risk identified a particular number of ties is equivalent to a medium risk);
- it is difficult to combine or compare the level of risk for the different categories of consequences(impact)
Results will depend of the level of detail of the analysis, i.e. the more detailed the analysis the higher the number of scenarios, each with a lower probability. This will underestimate the actual level of risk. The way in which scenarios are grouped together in describing risk should be consistent and defined at the start of the study.
