Log in / Register
Home arrow Business & Finance arrow Project Risk Governance
< Prev   CONTENTS   Next >

Importance of Project Risk Management

Project risk management plays a key role in achieving the project's objectives by identifying, analysing and responding to risks that impact on them throughout the life of a project. It plays a key role in selecting good projects, determining project scope and developing realistic estimates, thereby contributing to a successful project outcome. Through project risk identification and analysis, information is made available about the viability of the project and to support project planning. Project risk management identifies, and keeps stakeholders fully informed about, possible risk events and conditions. The major outcome of project risk management is an improved probability that project value realisation will be optimal and the project will be a success.

Unsatisfactory performance of project risk management can have negative outcomes. An unrealistic belief can be generated that all risks have been accounted for and that there are no further concerns. It may also cause the project to be shut down unnecessarily, thereby not realising the positive risks that may have been on offer. To avoid failure the organisation needs to be well aware that risk management is not free; it often adds substantial costs and time to the completion of the project.


Project risk management is regarded as the least mature of all project management knowledge areas (Schwalbe 2007). The reason is the high degree of interaction with all the other project knowledge areas. It is impossible to identify every possible project risk within these project areas because of the dynamic nature of projects. To demonstrate the diversity of possible project risk events, Figure 8.3 is provided. It gives examples of possible negative risk conditions that can be encountered in each of the project knowledge areas.


According to PMBOK® (Project Management Institute 2008), project risk management can be defined as '[t]he systematic process of identifying, analyzing, and responding to project risk'. It is executed by completing the following steps: Risk Management Planning → Risk Identification → Qualitative/Quantitative Risk Analysis → Risk Response → Risk Monitoring and Control. In short, project risk management is the systematic process of identifying, analysing and responding to project risk.

Figure 8.3 Project risk events/conditions across knowledge areas

Renn (2010) identified major requirements to complete each of the above processes in his 'transparent or inclusive' risk model. Planning is dependent on the capabilities of the project team and the standards it applies in structuring and developing the risk management plan. During the remaining risk management phases, social and economic factors come into play. The social aspects relate to the behaviour context in which the project is developed, while an economic approach seeks a rational and cost-effective outcome. For risk identification, a further factor needs consideration: politics. Risk identification is influenced by organisational power structures and agendas. Risk analysis requires additional technical expertise because of the quantitative nature of risk modelling.

Which factors and to what extent they play a role in risk management is determined by the perspective the organisation adopts. There are choices in how it shapes project risk management strategies. The 'governance' perspective suits project-oriented organisations since the aim is to maximise the probability and consequences of positive project risk events and minimise the effects of adverse risk events on project objectives. An 'asset' perspective could be applied in an engineering-type organisation. Because engineering practices are seen to be predictable it is possible to maximise the returns on its project investment. Bureaucratic organisations and government entities could favour the 'client' perspective to provide superior service to customers/ public. Emphasis is placed on intangible benefits of project investments such as developing customer goodwill and social capital.

To be effective, project risk management should be 'practical' in its approaches. Obtaining adequate information is the key to success. Since the relationship between uncertainty and information is inverse, the better the information about risk the less uncertainty remains. It should, however, be remembered that for the project manager, conditions of relative uncertainty (partial information) are the rule.

Furthermore, the circumstances of a project can affect the risk management process, such as time pressure to get the job done and not being able to consult widely. By contrast, too many risk events may be identified and prevent satisfactory responses to the most critical risk events. While organisations will not deny the importance of risk management in today's volatile environment, the culture may not be supportive in that no serious attempt is being made to actually conduct a risk assessment. Because of perceived costs and the time it takes, there can be a natural resistance to formal project risk management.


To determine where to put project management time and resources, the author (Fink 2012) surveyed members of the AIPM to establish key project risk issues, defined as those that require special attention over the next three to five years. This may be due to not understanding the nature of risk due to complexity, continued difficulty in managing the risk issue, and expected changes in project risk management. A detailed discussion of the study and its findings is provided in Appendix 1. The findings of the survey established the top ten project risk issues shown in Table 8.1.

Table 8.1 Ranking of project risk management issues




Understanding the risk concept


Agreeing on project risk


Recognising risk events


Developing a risk management approach


Preparing the risk management plan


Preparing the risk breakdown structure


Determining risk tolerance


Developing organisational risk processes


Estimating risk severity


Creating and updating the risk register

The table indicates the importance of understanding the project risk concept and related issues. They occupy ranks 1, 2, 3, and 7, and are covered in Chapter 7. The remaining key issues are the processes and outputs of project risk management, and are covered in this chapter.

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science