+

Week 7 – Project risk management

7.1. Introduction
Analyses of risk management and how they apply to projects are the main topics for this week. Risk
management is a methodical approach to management that includes defining, assessing, and
responding appropriately to risks. Applications for project risk management take place in three stages.
The detection phase of the danger is the initial step. At every level, there are specified hazards that
can be measured and those that cannot. The stage of evaluating and assessing the hazards is the second
step. Numerous approaches and procedures, including scenario analysis, simulation, and
susceptibility analysis, are employed during the assessment and evaluation process. Risk management
is the final stage. At this point, risks are dealt with through transfer, assurance, sharing, and reduction.

7.2. Learning Outcomes

Upon the completion of this week of study you will able to:
1. Define project risk management.
2. Recognize the different types of risks in projects.
3. Understand project risk management principles, values, and hypotheses.
4. Identify basic risk categories in projects.

LJMU-7501-BEPG, Project Management Fundamentals 1|Page

7.3. Risk management policy
In order to create a sturdy foundation vis-à-vis risk management within a project, it is necessary
that top management is committed to it. After that, the creation of a common language, high
level of communication, good flow of information and efficient teamwork play an important
role. If an efficient application is expected in the management of uncertain risks in a project, a
risk management policy to be followed must be defined (Flouris and Lock, 2009).
The content of the policy to be followed should cover a number of topics, including: the
ways and means of measuring risks; the roles and responsibilities of the risk management team;
the makeup and frequency of meetings of the risk committee; the mandatory approvals and
confirmations to be given in response to various events; the type and methods of feedback; the
measures used at the stage of monitoring and controlling of risks; and the risk appetite and risk
tolerancing. (Cagliano et al., 2015).

7.4. The need of risk management in projects

Considering the above, the question that comes to mind is why risk management is needed in
projects. Regardless of which business sector a project is undertaken in, environmental
uncertainty and resource scarcity create risks (Chapman, 2019).
As such project managers must focus on identifying and mitigating risks for the following
reasons:
• The desire of the project to continue toward completion.
• Their desire to minimize the surprises they might face.
• The possibility to face a crisis within a project frequently.
• Variable environment conditions in projects.
• Providing scope and timescale stabilization within a project.
• Minimizing and controlling project cost.
• The obligation to comply with legal regulations.

LJMU-7501-BEPG, Project Management Fundamentals 2|Page

7.5. Risk management principles
Managers and other decision-makers must examine risk management's concepts and tenets if
they are to be useful in projects. Managers and decision-makers must concur on the value of risk
management and how it will benefit the current project. Employees must be familiar with risk
management principles in order for a project to have a good risk management practice. All
parties must be convinced of the suitability of the risk management model and the advantages it
will bring to the project before the risk management application is created. The success of risk
management will not be a coincidence if the decision makers integrate and thoroughly analyze
the notions of risk (Chapman, 2019).

7.6. Risk management concepts in projects

Risks on a project may have major consequences, including possibly putting the business
itself out of business. Risks for projects indicate uncertainty.

Uncertainty: The condition of uncertainty can have both favorable and unfavorable
effects. The iron triangle (financial, scope, and timeline) losses will undoubtedly emerge from the
poor results, even though the positive results benefit enterprises. But there is a fundamental
distinction between risk and uncertainty. Risk is a random, uncontrolled occurrence that can be
measured using particular methods using current data and probability distributions, whereas
uncertainty is an uncontrollable, haphazard event whose probability distribution is unknown.
However, danger increases along with uncertainty. If risk is properly managed, it can present
opportunities. Project managers must be aware of the hazards they can accept and how much of
them they can tolerate. Besides, project managers must define their obtainable strategic targets.
Also, project managers have to analyse the risk types that they face or will face with respect to
their sustainability and respond to the risk types respectively.

Project managers, to make proper decisions to attain their goals must know their power
well, and must be aware of their risk appetite, risk capacity and risk tolerance. Strategic decisions
within a project made without realizing their power and competence will do nothing but leave
the business' future to chance. If strategic targets are well-defined, realistic and attainable results
can be realized in time. Risk tolerance is a concept that shows the level of uncertainty that a
LJMU-7501-BEPG, Project Management Fundamentals 3|Page
 business can easily overcome or the risk quantity that it can easily take to attain a target. Also,

risk tolerance can differ according to project age, financial tolerances, and targets.
A project's risk capacity is its ability to survive challenging circumstances without having
a greater detrimental effect on accomplishing key financial objectives. The amount of risk that the
project must accept in order to fulfill its financial goals is known as risk capacity, as opposed to
risk tolerance (Gitman & Joehnk, 2005). However, in order to decide how much risk they can
endure, project managers must first take into account their income goals and level of risk tolerance.
In order to accomplish their long-term strategic goals, project managers must have a certain level
and kind of risk appetite. The level of risk that the project manager finds reasonable without the
need for safety precautions is another definition of risk appetite.
Project managers need to understand and critically evaluate the difference between risk
capacity and risk tolerance in order for the risks they encounter to have a positive influence on the
project. The decisions the project manager makes about these risks may have consequences that
jeopardize the project's long-term goals when a project's risk appetite exceeds its risk tolerance.
Therefore, it is important to balance risk appetite and tolerance when working on projects. This
balance needs to be considered, especially when making strategic decisions. This equilibrium is
referred to as risk tolerance.

7.7. Risk management principles and hypotheses in projects

Depending on the characteristics of their surroundings, projects may be exposed to various
dangers. Projects are unable to completely avoid the negative effects of potential hazards,
sometimes due to a lack of time and other times due to inadequate measures. Managers need to be
proactive and handle potential risks if they want initiatives to avoid unfavorable outcomes. They
must exercise operational and strategic care in order to effectively respond to these threats
(Chapman, 2019).
Making the right choices about the risks that the project managers may accept at this point
is crucial. If the manager's decisions are interpreted incorrectly, the project may be exposed to
dangers.
Projects with salient risk management rely on seven important principles:
• There must be an open line of communication

LJMU-7501-BEPG, Project Management Fundamentals 4|Page

 • The fact that the risk management is a continuous process should not be ignored.
• Future-focused decisions must be made.
• The project managers must have a global perspective that is so important for the design
and development of its activities and can give the project itself the chance to be informed
of the potential opportunities.
• Shared product vision is another principle. For the vision of the project to be adopted is
extremely important.
• Integrated project management and risk management means, and methods must be
synchronized with the structure and culture of the business.
• For risk management to be effective and successful, the effect of the teamwork should not
be neglected. The synergy created by the teamwork will contribute positively to the
success of the risk management of the project.

7.8. Project risk management values

Applications for risk management are crucial for the longevity of a project. It is normal for a risk
management program to produce positive outcomes in one project but fail in a subsequent project
operating in the same industry. Although they are active in the same sectors as the result of some
factors, the results may be different. We can categorize these factors that affect the results
significantly under four headings, Organizational Culture, Organizational Climate, Norms, and
Values (Rodrigues-da-Silva and Crispim, 2014).
A project's culture defines its organizational behavior and distinguishes it from other
projects. Project managers need to thoroughly comprehend and analyze organizational culture. The
likelihood that a risk management program that produces successful results for one project may
cause another project to fail is not surprising due to organizational variances. The desires and wants
of the participants shape the organizational culture, which adapts to the external environment while
maintaining its equilibrium.
Every organizational setting seeks the cooperation of its members in order to accomplish
its objectives. For the initiative to be effective and productive, the people's integration with their
environment is crucial. Therefore, the individuals that comply with the cultural features of the
project, are the individuals that contribute to the management's and project's expectations for
LJMU-7501-BEPG, Project Management Fundamentals 5|Page
the project to attain its goals. Thus, it is a desirable situation that the individuals comply with the
organizational culture of the project in a short time. The closer the cultural environment of the
individual is to the organizational project culture, the shorter the adaptation period of the individual
to the organization will be (Rodrigues-da-Silva and Crispim, 2014).
Before starting a new risk management application, the project managers have important
duties. First, they must persuade their employees about the necessity of this perception of
management. At this point, the concept of organizational climate comes out. The organizational
climate of the project has permanent features that separate an organization formed with the
coordination of its employees than the others. It also contains the employees working in harmony,
their ability to work together, their common perception that they developed in innovative and fair
dimensions.
According to Wallace, Hunt, and Richards (1996) six dimensions of the organizational
climate can be stated:
• The endorsement of management
• A sense of cooperation within the workplace and the organization.
• Mutual respect;
• Conflict and ambiguity
• The working teams' cooperation.
• The significance of the work, as well as its originality and appeal.
With this information in mind, it is appropriate to state that the project's staff must share management's
belief in the risk management model.
Values make up the inner and hidden face of a project's culture. They demonstrate a suitable approach
to resolving issues with organizations. These ideals place restrictions on how people can achieve their
objectives. Additionally, they define which conduct is incorrect and direct it. As a result, norms and
values have a significant impact on how the company behaves.

LJMU-7501-BEPG, Project Management Fundamentals 6|Page

7.9. Basic risk categories
In general terms, if we count the risk types, it is possible to state many risks such as market risk,
supplanted risk, earthquake risk, terror risk- that every project can face. But, in order to make
this subject clear, it is apropos to categorize the most accepted risks under certain headings. We
can collect the risks in four groups. These are financial risks, operational risks, environmental
risks, and strategic risks (Toma and Alexa, 2012).
Financial risks are the kinds of hazards that enable the appearance and growth of the
perception of risk management.The risk type that many projects take the most care to control and
that they give it significant attention is shown when the development dates of the risk
management application are examined. Financial hazards include things like credit risk, interest
rate risk, and cash risk.
Operational risks comprise the hazards that have an impact on a project's operations.
The operational risks that immediately come to mind are those related to the equipment's
functionality, personnel performance and motivation, regulatory requirements, and brand
management.
Strategic risks are the risks that can affect the targets of a project or business defined in
short, medium or long term. The risks such as market analysis, planning, work portfolio and
work model can be evaluated as strategic risks.
Environmental risks are those that show up on their own. Risks including natural
disasters, terrorism threats, political developments between nations, governmental restrictions,
and consumer preference trends can all be included in the category of environmental risks.
It would be incorrect to believe that these risk groups, which are arranged into four
groups, are distinct from one another or to draw clear divisions between them. For instance,
credit risk is part of the financial risks category based on its outcomes, and the operational risks
category based on its causes. Knowing that these risk categories are connected to one another,
whether directly or indirectly, is crucial. Therefore, these connections and interdependencies
should not be disregarded when assessing these risk groupings.

LJMU-7501-BEPG, Project Management Fundamentals 7|Page

References
Allen, S. (2003). Financial Risk Management: A Practictioner's Guide to Managing

Market and Credit Risk. Hoboken, New Jersey: John Wiley & Sons, Inc.

Cagliano, A. C., Grimaldi, S. and Rafele, C. (2015). Choosing project risk management
techniques. A theoretical framework. Journal of risk research, 18(2), 232-248.
Chapman, R. J. (2019). Exploring the value of risk management for projects: improving
capability through the deployment of a maturity model. IEEE Engineering Management Review,
47(1), 126-143.
Coso Internal Control Integrated Framework: An implementation guide for the healthcare
provider industry (2019). https://www.coso.org/documents/coso-crowe-coso-internal-control-
integrated-framework.pdf.
Drouin, N., Besner, C. and Hobbs, B. (2012). The paradox of risk management; a project
management practice perspective. International Journal Of Managing Projects In Business, 5(2),
230-247.
Gitman, L.J. & Joehnk, M.D. (2005). Fundamentals of Investing (9th ed.). Boston: Pearson
Rodrigues-da-Silva, L. H. and Crispim, J. A. (2014). The project risk management process,
a preliminary study. Procedia Technology, 16, 943-949.
Toma, S. V. and Alexa, I. V. (2012). Different Categories of Business Risk. Annals of the
University Dunarea de Jos of Galati: Fascicle: I, Economics & Applied Informatics, 18(2): 88-
92.
Wallace, J., Hunt , J. and Richards, C. (1996). "The Relationship Between Organizational
Culture, Organizational Climate and Managerial Values”. The International Journal of Public
Sector Management, 12(7), 548-564.
Ward, S. and Chapman, C. (2003). “Transforming project risk management into project
uncertainty management”. International Journal of Project Management, 21: 97-105.

LJMU-7501-BEPG, Project Management Fundamentals 8|Page