Log in / Register
Home arrow Business & Finance arrow Project Risk Governance
< Prev   CONTENTS   Next >

4. Project Risk Governance - Processes


Risk management at the project level is acknowledged as a mature professional activity and is well supported by material provided by various project management institutes and the well-known Project Management Body of Knowledge (PMBOK®, Project Management Institute 2008). They prescribe practices on how to effectively and efficiently identify, analyse and respond to project risk. There is, however, a lack of guidance on PRG, although its significance is increasing as organisations operate in project mode and manage project risks strategically. New processes, structures and relationships are required to integrate project risk activities with corporate risk activities. Project risk management has become a governance responsibility.

Scope of Project Risk Governance

Organisations increasingly recognise that projects deliver new capacity. From their extensive review of the literature, Sewchurran et al. (2010: 683) concluded that today's view of projects is 'concerned with managing value and benefit realisation instead of being primarily inspired by the constraints of scope, time and cost'. Aubry et al. (2007) referred to the 'economic value' of projects and identified multiple facets of this concept; a view they found was increasingly shared by several authors. They established that project management performance (time, cost, quality, etc.), project success (benefits) and corporate success (translating business into project strategy) were the key factors that add business value. Wyman (2012) provided a specific recommendation so that projects realise maximum value: he advocated linking the project's technical information with its business case.

Similarly, the approach to project risk management has changed with the emergence of PBOs. It has taken on a governance perspective since project risk plays a strategic role as outlined in previous chapters. PRG is both supported by processes, structures and relational mechanisms, and is responsible for them. Each component of PRG is discussed in the following chapters:

• Chapter 2 provides the direction for PRG from the interaction of business and project strategy. PRG aims to develop strategies that protect and create organisational value.

• Chapter 3 reviews corporate governance principles and how they are reflected in project governance. This provides an introduction to the topic of PRG.

• Chapter 4 identifies and discusses the processes required for PRG. They are portfolio, programme and project management, investment management, value realisation and performance management.

• Chapter 5 covers the structures and relationships that support PRG. They are the board of directors, project sponsors, steering committees and the Project Management Office, tied together by organisational leadership.

Figure 4.1 provides a model of PRG that captures the above arrangement. It is designed to have vertical influences of strategy formulation at the top end and those of governance processes at the bottom end. From the alignment of business and project strategy, project strategies are formulated in which project risk is avoided or mitigated to protect the organisation's value, or exploited to give it a competitive advantage. The strategies are implemented by PRG processes. They operate within governance structures and relationships as shown on the vertical axis.

Figure 4.1 diagrammatically reflects the definition of PRG developed in Chapter 2: Project Risk Governance is the deployment of organisational structures, processes and relational mechanisms that not only minimise the uncertainty associated with negative project risk, but also maximise the benefits of positive project risk.

A model of project risk governance

Figure 4.1 A model of project risk governance


Project risk processes are generally regarded to be of a technical nature and are covered in frameworks such as PMBOK® (Project Management Institute 2008) and PRINCE2™. However, an increased emphasis on achieving positive business outcomes by projects has shifted the focus to PRG processes. They include the following:

• Project portfolio, programme and project management. The main objectives are: for portfolio management, to choose the 'right' projects for the organisation; for programme management, to deliver projects 'effectively'; and for project management, to deliver projects 'efficiently'. PRG ensures that strategies for value- protecting and value-creating are executed and that the overall risk of the project portfolio satisfies the risk appetite of the organisation.

• Investment management. Only projects aligned with strategic business objectives are considered, approved and funded. PRG mitigates the impact of negative project risk on the selected projects and exploits the opportunities offered by positive project risk.

• Value realisation. PRG delivers maximum value to the organisation during project development and implementation. A value realisation methodology is followed in which the impacts of risk changes on projects under development are continuously monitored.

• Performance management. PRG designs a set of metrics by which the progress and success of project risk management can be measured. Performance in PRG is assessed against a maturity model so that a high level of PRG sophistication can be reached.


PRG capabilities are determined not only by processes but also by structures and people. Structure can be viewed by how the PRG function is carried out; for example, through designating relevant PRG responsibilities to a steering committee. Collaborative relationships exist between members of the committee and other entities such as the Project Management Office.

• Organisational leadership. The board of directors and senior management demonstrate high levels of personal behaviour (e.g. transparency and honesty) and develop strategies for organisational success. Adopting effective communications and an overseeing role ensures that both value-protecting and value- creating project risk outcomes are achieved.

• Board of directors. Members of the board have a range of governance responsibilities as laid out in corporate governance principles. These translate to PRG and require a strong commitment to achieve outcomes that are in the best interests of shareholders/stakeholders.

Project sponsors. The project sponsor is sometimes referred to as the project owner because he/she represents the business needs the project is designed to meet. The person often chairs steering committees and has the authority to approve or reject ongoing project funding requests.

Project managers. They are responsible for the day-to-day management of a project and are accountable for the project's performance. The project manager 'controls' the project team and has ongoing contact with the project's external and internal stakeholders.

Steering committees. A steering committee is set up when a project is formed to monitor the attainment of project objectives. Members are actively engaged with project activities and signal their importance to stakeholders. They remain connected with projects until their completion.

Project Management Office. This is a central entity set up to guide and co-ordinate project work. It is generally regarded as a centre of excellence since it provides advice on project management standards and best practice.

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science