Understanding Risk Analysis and Risk Management
The goal of risk management is to measure and assess risk, with the ultimate goal of managing that risk. Risk management falls into the arena of Project Planning. Over time, specific standards and methods have been developed with respect to risk management. These methods of analysis help those that practice risk management to use established ways of identifying risk. It also helps them manage risk by either avoiding it, transferring it, reducing the impact of the risk, or by various other alternative solutions that will be discussed later in this article. Risk management should be thoroughly understood by project managers. They should be familiar with the principles of risk management from the earliest days of their training in project management and project management principles.
What is Risk?
You may ask yourself, what is risk? Risk can be found in almost anything that we set out to do or accomplish in life. Think of risk as anything that can potentially have a negative impact on something that is of value to you. Risk can be caused by any number of factors. To understand the severity of a risk, risk is often analyzed for probability; the higher the chance that it will happen the higher the risk. Probability is then assessed in combination with loss.
When it comes to project management, all types of risk can occur: knowledge risk, relationship risk or process-engagement risk. Unfortunately, each of these can have a huge impact on the productivity of your team and ultimately on the success of the project at hand. Having said that, all risk can not be avoided nor should it else nothing would ever be accomplished in your projects as risk exists in every single task. Your job is analyze risk and outcome and decide when to allow risk.
Risk management requires you to identify potential risks; risk being anything that can possibly harm or have a negative impact on the project. Risk managers generally approach the search for potential risk from two distinct angles: source analysis and problem analysis. Source analysis seeks to look at the potential sources of risk whereas problem analysis looks at specific individual problems that could arise.
Risk Management Methods
Risk management uses formulas and templates to narrow in on and to identify risk. Which formulas and templates are used is often determined by the industry that they are being practiced in. Some common methods of risk identification are: Scenario-Based Risk Identification, Objectives-Based Risk Identification, Taxonomy-Based Risk Identification and Common Risk Checking. One useful method of risk management is to ‘Bubble Wrap’ your project management by numbers. In addition to online resources, stay up to date with books, magazines and other literature so as to stay current with industry trends.
Once risks have been identified, the next logical step in risk management is assessment. Risk assessment, as mentioned earlier, measures the probability of an identified risk actually taking place, as well as the amount of loss that would be suffered were the risk to actually occur. Loss and probability are usually placed in a prioritized list, with those risks that are most probable and that stand to generate the most loss given the most attention. In reality, a lot of guess work goes into this phase of risk management as at times it is almost impossible to evaluate and know the true likelihood as to whether a potential risk will occur or not.
Once risk has been identified and prioritized according to probability and loss, those issues that are at the top of the prioritized list (those of highest risk) can be addressed. Of course, you would logically want to completely eliminate anything that is of high risk. Although ideal, this is not usually possible as eliminating all risk would also eliminate most of your opportunities.
Risk can be and is usually managed by a variety of approaches: Risk transfer, risk avoidance, risk reduction and risk acceptance.
Risk transfer involves transferring the weight or the consequence of a risk on to some other party. There are many ways that risk transfer can take place. Insurance is a commonly used method of risk transfer; the insurance company accepts the risk of another. Another form of risk transfer can happen in the way that a contract is laid out.
Risk avoidance is exactly as it sounds. It generally involves not doing an activity in order to avoid the risk involved. The downfall of using avoidance as your main form of risk management is that by avoiding all risk, you will avoid all opportunities to earn or accomplish as well.
Risk reduction involves measures that are thrown at a risk in order to reduce the potential loss associated with that risk. A very easy to understand example of this is the installation of sprinklers in a building. Sprinklers can not prevent a fire but are aimed at reducing the loss caused by the fire should one break out.
Risk acceptance is also known by the name of risk retention. Risk acceptance is simply accepting the identified risk without taking any measures to prevent loss or the probability of the risk happening. This approach is ideal for those risks that will not create a high amount of loss if they occur. These risks in fact would be considered more costly to manage than to allow.