Managing Project Risks
Description
A comprehensive and highly practical overview of project risk management emphasising pragmatic solutions and user-friendly methods without advanced mathematical techniques
Managing Project Risks provides a comprehensive treatment of project risk management, offering a systematic but easy-to-follow approach. This book explores critical topics that influence how risks are managed, but which are rarely found in other books, including risk knowledge management, cultural risk-shaping, project complexity, political risks, and strategic risk management.
The book commences with foundational concepts, providing an overview of risk, project definitions, project stakeholders, and risk management systems. Subsequent chapters explore the core processes of project risk management, including risk identification, analysis, evaluation, response strategies, and risk monitoring and control. Additional topics include risk knowledge management, the influence of culture on risk, political risks in projects, and relevant software applications. Experienced readers may choose to navigate directly to the later chapters, which focus on strategic risk management and offer recommendations for planning, building, and maturing a project risk management system.
Throughout, the authors impart a practical approach that does not rely on high level expertise or advanced mathematical techniques; the emphasis remains on pragmatic solutions, user-friendly techniques, and reliable communication, enabling readers to seamlessly integrate theory into practice.
Updates to the newly revised Second Edition of Managing Project Risks include:
- Additional tools and techniques for risk identification and an expanded treatment of risk communication
- A new tool for early-stage project complexity assessment-the stage where uncertainties, and thus threat and opportunity risks, are at their highest level
- A more substantial treatment of planning for crisis response and disaster recovery, taking into consideration climate change and the increasingly prevalent impacts of severe weather phenomena
- More information on strategic risk management, now including public and organizational policy development with respect to risks in projects
Managing Project Risks is an essential resource for practitioners of project management across architecture, construction, engineering, and technology disciplines, for undergraduate and postgraduate students, and for public and private sector stakeholders involved in decision-making and policy development. It is useful wherever project-driven activities are undertaken.
More details
Other editions
Additional editions
Persons
Peter J. Edwards, PhD, is an Emeritus Professor at RMIT University in Melbourne, Australia and continues to be active in research and writing in his retirement.
Paulo Vaz Serra, PhD, is a civil engineer with more than 20 years of experience in the construction industry, public and private, and operational research and development in Europe. He is a Senior Lecturer at the University of Melbourne, Australia.
Michael Edwards, BSc, has more than 20 years of experience initiating and managing projects in a large department of the Australian federal government.
Content
About the Authors xvii
Preface to the Second Edition xviii
Preface to the First Edition xix
Acknowledgments xxi
Glossary of Terms xxii
1 Introduction 1
1.1 Introduction 1
1.2 The Project Perspective 1
1.3 The Project Stakeholder Perspective 2
1.4 Overview of Contents 3
1.5 Limitations Caveat 5
2 An Overview of Risk 7
2.1 Chapter Introduction 7
2.2 Risk Definitions 7
2.3 Threat and Opportunity 9
2.4 Risk and Uncertainty 11
2.4.1 Uncertainties in the Type of Risk Trigger Events 14
2.4.2 Uncertainties in the Occurrence of Risk Events 14
2.4.3 Uncertainties in the Period of Exposure to Risk Events 14
2.4.4 Uncertainty in the Type of Consequences of Risk Events 15
2.4.5 Uncertainty in the Magnitude of Risk Consequences 15
2.4.6 Uncertainty in Periods of Exposure to Risk Consequences 16
2.5 The Dynamic Nature of Risk 17
2.6 Psychology and Perceptions of Risk 17
2.7 Risk Awareness 18
2.8 Classifying Risk 19
2.8.1 A Generic Source Event Risk Classification System 20
2.8.2 Natural Systems Risks 21
2.8.3 Human Risks 22
2.8.4 Risk Classification Based on Organisational Structure 25
2.8.5 Risk Classification Based on Project Phases 26
2.8.6 Customised Hybrid Approaches to Risk Classification 26
2.8.7 Multisystem Risk Classification 28
2.9 Risk Communication 28
2.10 Chapter Summary 29
References 30
3 Projects and Project Stakeholders 31
3.1 Introduction 31
3.2 The Nature of Projects 31
3.3 Project Objectives 32
3.3.1 Procurement Objectives 33
3.3.2 Operational Objectives 35
3.3.3 Strategic Objectives 36
3.4 Project Phases 39
3.5 Composition of Projects 41
3.6 Processes of Project Implementation 43
3.6.1 IT Project Example 44
3.6.2 Ideation and Concept Development 44
3.6.3 Project Development Stage 45
3.6.4 Project Deployment and Operation 46
3.6.5 Operational Maintenance 46
3.7 Organisational Structures for Projects 46
3.8 Project Stakeholder Relationships 47
3.9 Stakeholder Organisational Structures 55
3.9.1 Simple Structures 55
3.9.2 Machine Bureaucracies 55
3.9.3 Professional Bureaucracies 57
3.9.4 Divisionalised Forms 59
3.9.5 Adhocracies 60
3.10 Modes of Organisational Management 61
3.11 Project Stakeholder Decision-Making 62
3.12 'Risky' Projects 66
3.13 Chapter Summary 68
References 68
4 Project Risk Management Systems and Frameworks 69
4.1 Chapter Introduction 69
4.2 Risk Management 70
4.3 Risk Management Systems 72
4.4 Risk Management Standards and Guides 73
4.5 A Cycle of Systematic Project Risk Management 75
4.5.1 A: Establish the Context 77
4.5.2 B 1 : Identify Risks 77
4.5.3 B 2 : Analyse Risks 78
4.5.4 B 3 : Evaluate Risks 78
4.5.5 C: Respond to Risks 78
4.5.6 D: Monitor and Control Risks 79
4.5.7 E: Capture Project Risk Knowledge 79
4.6 Project Stages and Risk Management Workshops 80
4.6.1 Construction Project Example 80
4.6.2 The DB Design-Bid Stage 82
4.6.3 The DB Build Stage 83
4.6.4 IT Project Example 84
4.7 A Project Risk Register Template 86
4.8 RMS Integration 89
4.9 RM Governance and Responsibility 89
4.10 Joint Venture RMS 89
4.11 Project Client RM Requirements 90
4.12 Chapter Summary 90
References 91
5 Project Risk Contexts and Drivers 93
5.1 Chapter Introduction 93
5.2 The Contextualising Process 94
5.3 Internal Contexts as Risk Drivers 95
5.4 External Contexts as Risk Drivers 97
5.4.1 Physical Contexts 99
5.4.2 Technical Contexts 100
5.4.3 Economic Contexts 100
5.4.4 Social Contexts 101
5.5 Using Contextual Information 102
5.6 Chapter Summary 104
Reference 104
6 Approach to Project Risk Identification 105
6.1 Chapter Introduction 105
6.2 Approach to Risk Identification 106
6.3 Workshop Timing 107
6.4 Types of Risk Identification Techniques 112
6.4.1 Activity-Related Techniques 114
6.4.2 Analytical Techniques 114
6.4.3 Associated Representative Techniques 115
6.4.4 Functional Value-Related Technique 116
6.4.5 Matrix Combinations 117
6.4.6 Simulation or Visualisation Techniques 117
6.4.7 Speculation Techniques 117
6.4.8 Structural or Management Techniques 118
6.5 Chapter Summary 119
Reference 119
7 Project Risk Identification Tools 121
7.1 Chapter Introduction 121
7.2 Activity-Related Tools 122
7.2.1 Work Breakdown Structures 122
7.2.2 Bar Charts 126
7.2.3 Critical Path Networks 127
7.3 Analytical Tools 130
7.3.1 Decision Tree Analysis 131
7.3.2 Event Tree Analysis 133
7.3.3 Fault Tree Analysis 134
7.3.4 Failure Modes and Effects Criticality Analysis 135
7.3.5 Hazard and Operability Studies (HAZOPS) 136
7.3.6 Safety Hazard Analysis (SHA) 138
7.4 Associated Representative Tools 141
7.4.1 Contextualisation 141
7.4.2 Checklists 142
7.4.3 Financially Related Tools 144
7.4.4 Procedural Manuals Tools 144
7.4.5 Design/Cost Related 148
7.4.6 Risk Related 150
7.5 Matrix Combinations Tools 152
7.6 Simulation or Visualisation Tools 155
7.7 Speculation Tools 157
7.7.1 Scenario Testing 157
7.7.2 Stress Testing 158
7.8 Structural or Management Tools 159
7.9 Risk Identification Statements 159
7.10 Chapter Summary 162
References 163
8 Project Risk Analysis and Evaluation 165
8.1 Chapter Introduction 165
8.2 Qualitative Analysis 167
8.3 Assessing Likelihood 168
8.4 Assessing Impacts 171
8.5 Evaluating Risk Severity 172
8.6 Quantitative Analysis 175
8.7 Risk Mapping 183
8.8 Chapter Summary 184
Reference 186
9 Risk Response and Treatment Options 187
9.1 Chapter Introduction 187
9.2 Risk Attitudes and Appetites 188
9.3 Existing Risk Controls 191
9.4 Risk Response Options 192
9.4.1 Risk Avoidance 192
9.4.2 Risk Transfer 194
9.4.3 Risk Reduction and Retention 196
9.4.4 Risk Retention 197
9.4.5 Combination Responses to Risk 197
9.5 Risk Treatment Options 198
9.6 Risk Mitigation Principles 200
9.7 Strategic use of ALARP 201
9.8 Re-assessment 202
9.9 Recording Decisions 202
9.10 Chapter Summary 203
References 203
10 Risk Monitoring and Control 205
10.1 Chapter Introduction 205
10.2 Assigning Responsibility 206
10.3 Monitoring Procedures 209
10.3.1 Negligible Risks 210
10.3.2 Low Risks 210
10.3.3 Medium Risks 210
10.3.4 High Risks 210
10.3.5 Extreme Risks 211
10.4 Control Measures 211
10.4.1 Negligible Risks 212
10.4.2 Low Risks 212
10.4.3 Medium Risks 212
10.4.4 High Risks 212
10.4.5 Extreme Risks 212
10.5 Reporting Processes 214
10.6 Dealing with New Risks 215
10.7 Disaster Planning and Recovery 215
10.8 Capturing Project Risk Knowledge 216
10.9 Chapter Summary 217
11 Project Risk Knowledge Management 219
11.1 Chapter Introduction 219
11.2 Knowledge Definitions and Types 221
11.2.1 Knowledge Transformation 221
11.2.2 Types and Forms of Knowledge 223
11.2.3 Organisational Culture and Knowledge Management 223
11.3 The Knowledge Creation Cycle 224
11.3.1 Stage 1 (Tacit to Tacit): Use and Validate 225
11.3.2 Stage 2 (Tacit to Explicit): Identify and Capture 225
11.3.3 Stage 3 (Explicit to Explicit): Codify and Store 225
11.3.4 Stage 4 (Explicit to Tacit): Share and Update 226
11.3.5 Using and Validating Knowledge 226
11.3.6 Identifying and Capturing Knowledge 227
11.3.7 Codifying and Storing Knowledge 228
11.3.8 Sharing and Updating Knowledge 229
11.4 Additional Issues of Organisational Culture 230
11.4.1 KMS Alignment and Information Redundancy 231
11.4.2 Tools and Techniques for Eliciting Risk Knowledge 231
11.4.3 Brainstorming Sessions 233
11.4.4 Storytelling 233
11.4.5 Communities of Practice 233
11.4.6 Networking 234
11.4.7 Project Reviews, Project Debriefings and 'Lessons Learned' 234
11.4.8 Mentoring and Apprenticeships 235
11.4.9 Induction and Training Courses 235
11.4.10 Workplace Design 235
11.4.11 People Finders 235
11.4.12 Intranets and IT Platforms 235
11.4.13 Internet Search Engines and Alerting Services 236
11.4.14 Organisational Culture 236
11.4.15 PRMS-Related Tools 236
11.4.16 Developing Organisational Risk Wisdom 237
11.5 Project and ORR Architecture 237
11.5.1 Capturing Project Risk Experiences 238
11.5.2 PRRs 239
11.5.3 Beyond the Project Level is the ORR 240
11.6 Challenges for Implementing RKMSs 242
11.6.1 Issues Relating to Knowledge Itself 242
11.6.2 Storing, Accessing and Using Knowledge 242
11.6.3 Knowledge System Development and Implementation Costs 243
11.6.4 Concern with Financial Issues and Return on Investment 244
11.6.5 Concern with Time Management and 'Unproductive Tasks' 244
11.7 Communication and Risk Knowledge Management 246
11.8 Ai 247
11.9 Chapter Summary 249
References 249
12 Cultural Shaping of Risk 251
12.1 Chapter Introduction 251
12.2 Culture in Society 252
12.3 Organisational Cultures 253
12.3.1 Organisational Scans 256
12.3.2 The Organisational Scanning Process 259
12.4 External Cultures as Project Risk-Shapers 260
12.4.1 Media Scans 260
12.5 Organisational Cultures of Other Project Stakeholders 261
12.6 Applying Cultural Shaping in Project Risk Management 262
12.7 Chapter Summary 266
Reference 267
13 Project Complexity and Risk 269
13.1 Chapter Introduction 269
13.2 The Concept of Complexity 269
13.2.1 Differentiation 272
13.2.2 Inter-dependency 274
13.3 Relative Complexity 276
13.4 Uncertainty and Project Complexity 278
13.5 An Early-Stage Project Complexity Assessment Tool 280
13.6 Identifying and Mapping Complexity 284
13.7 Influence of Complexity on Risk Management 285
13.8 Complexity and Mega-Projects 286
13.9 Chapter Summary 288
References 289
14 Political Risk 291
14.1 Chapter Introduction 291
14.2 Political Spheres 293
14.3 Dimensions of Political Risk Factors 293
14.4 Examples of Political Risks 295
14.5 Political Stakeholders 298
14.6 Managing Political Risks 298
14.6.1 Contextualising 298
14.6.2 Identifying Political Risks 300
14.6.3 Analysing and Assessing Political Risks 300
14.6.4 Responding to Political Risks 301
14.6.5 Monitoring and Controlling Political Risks 302
14.6.6 Knowledge Capture 302
14.6.7 In-House Political Risks 302
14.7 More Extreme Political Threat Risks 303
14.8 Professional Misconduct 304
14.9 Corruption 305
14.9.1 Conflict of Interest 308
14.10 Chapter Summary 309
References 310
15 Planning for Crisis Response and Disaster Recovery 313
15.1 Chapter Introduction 313
15.1.1 Crisis 313
15.1.2 Disaster 314
15.2 Crises 314
15.2.1 Snowy Hydro 2 Scheme 315
15.2.2 COVID-19 Pandemic 316
15.2.3 Australian Housing Crisis 318
15.2.4 Australian Telco Crises 319
15.3 Disasters 319
15.3.1 Whakaari White Island Disaster 320
15.3.2 Floods and Fires 321
15.3.3 Asylum Seeker Disasters 321
15.4 Planning for Crisis Response and Disaster Recovery 322
15.4.1 Strategic Management 322
15.4.2 Strategic Planning Management 325
15.4.3 The Champlain Towers Disaster 325
15.4.4 Leadership and Management Control 327
15.4.5 Regulatory Environments 328
15.4.6 Human Resource Management 329
15.4.7 Resources Management 329
15.4.8 Utilities and Services 330
15.4.9 Security and Crime 331
15.4.10 Health Services Management 332
15.4.11 Environment 332
15.4.12 Cross-border Co-operation and Management 332
15.4.13 Communications Management 333
15.5 Risk Management for Crisis Response and Disaster Recovery Planning 333
15.6 Chapter Summary 334
References 334
16 Opportunity Risk Management 335
16.1 Chapter Introduction 335
16.2 Concept of Opportunity Risk 336
16.3 Opportunity Risk in Projects 338
16.4 Examples of Opportunity Risks 339
16.4.1 IT Brand Product Personalisation Service 339
16.4.2 Botanic Gardens Special Display Project 339
16.4.3 Case Study A (PPP Correctional Facility) 340
16.4.4 Case Study C (Aid-Funded Pacific Rim Island Civic Project) 340
16.5 Managing Opportunity Risks 341
16.5.1 Implications for Personnel 341
16.5.1.1 SP1: Exchanging Ideas Too Early and Too Often Hinders Their Diversity and Potential to Innovate 342
16.5.1.2 SP2: The Workplace Should Promote Absurdity 342
16.5.1.3 SP4: Adversities Are Worth Keeping, Even Introduced, in the Workplace to Promote Innovation 343
16.5.1.4 Artificial Intelligence (AI) 343
16.5.1.5 Implications for the Project RMS 344
16.5.1.6 Context Establishment 344
16.5.1.7 Risk Identification 344
16.5.1.8 Risk Statements 345
16.5.1.9 Risk Analysis 345
16.5.1.10 Risk Evaluation 346
16.5.1.11 Risk Response 346
16.5.1.12 Monitoring and Control 350
16.5.1.13 Knowledge Capture 350
16.6 Chapter Summary 350
References 351
17 Strategic Risk Management 353
17.1 Chapter Introduction 353
17.2 Strategic Issues for Project Risk Management 355
17.2.1 Project Risk Management System (PRMS) Implementation 356
17.2.2 System Separation/Integration 358
17.2.3 System Inception 359
17.2.4 Initial System Application 359
17.2.5 Roles and Responsibilities 360
17.2.6 PRMS Process Approach 361
17.2.7 Risk Knowledge Management 363
17.2.8 PRMS Maintenance and Development 364
17.2.9 Crisis Response and Disaster Preparedness 364
17.3 PRMS Process Strategies 366
17.3.1 Project Contextualisation 366
17.3.2 Project Risk Identification Strategies 367
17.3.3 Quantitative and Qualitative Risk Analysis Strategies 367
17.3.4 Risk Response and Treatment Strategies 369
17.3.5 Risk Monitoring and Control Strategies 369
17.3.6 Risk Knowledge Capture Strategies 370
17.4 Chapter Summary 370
References 370
18 Planning, Building and Maturing a Project Risk Management System 371
18.1 Chapter Introduction 371
18.2 PRMS Objectives 372
18.3 Planning and Designing the PRMS 373
18.3.1 Planning the PRMS 373
18.3.2 Designing the System 374
18.4 Risk Management Maturity 376
18.4.1 Level 1 PRMS Maturity (Mostly Unaware) 376
18.4.2 Level 2 PRMS Maturity (Starting) 377
18.4.3 Level 3 PRMS Maturity (Growing) 379
18.4.4 Level 4 RM Maturity (Maturing) 380
18.5 Building the PRMS 382
18.5.1 Organising the PRMS Project 382
18.5.2 PRMS Specialists 382
18.5.3 System-Building Tasks 383
18.5.4 Component Testing 384
18.5.5 PRMS Trials 385
18.5.6 PRMS Roll-Out 385
18.6 PRMS Performance Review and Improvement Cycle 386
18.6.1 Review Criteria 387
18.6.2 System Benchmarking 390
18.6.3 Addressing System Decay 391
18.6.4 Review Frequency 392
18.7 Chapter Summary 392
References 392
19 Computer Applications 395
19.1 Chapter Introduction 395
19.2 PRMS Software Applications 396
19.2.1 Tables and Matrices 396
19.2.2 Spreadsheets 398
19.2.3 Project Management Systems 400
19.2.4 Bespoke RKMS 401
19.3 Other Information Technologies and Tools 401
19.3.1 Simulation Systems 401
19.3.2 Smart Sensors 402
19.3.3 Aerial Drones 402
19.3.4 Building Information Modelling 403
19.4 Chapter Summary 403
20 Communicating Risk 405
20.1 Chapter Introduction 405
20.2 Communication Theory and Models 406
20.2.1 Other Theory Elements of the Model 406
20.2.2 Processes in the Model 408
20.3 Components in the Communication Process 409
20.3.1 Senders 409
20.3.2 Receivers 409
20.3.3 Messages 409
20.3.4 Media 410
20.3.5 Channels 411
20.3.6 Relays 411
20.3.7 Filters 412
20.3.8 Interference 412
20.3.9 Feedback 413
20.4 Communicating Risk in the PRMS Cycle 413
20.5 Communicating Project Risk Beyond the Project Stakeholder Organisations 415
20.5.1 Promotional Announcements 415
20.5.2 Communicating Risk in Adverse or Challenging Environments 415
20.5.3 Social Amplification of Risk 415
20.5.4 Social Licence 416
20.5.5 Communication in Extensive Advisory Loops 417
20.6 Evaluating Risk Communication 417
20.7 Chapter Summary 418
References 419
21 Conclusions 421
21.1 Chapter Introduction 421
21.2 Current State of Project Risk Management 422
21.2.1 Changes in Business Conditions 423
21.2.2 More Serious Risk Impacts and Consequences 423
21.2.3 Public Expectations and Regulations 423
21.2.4 Publication of Standards and Texts 424
21.2.5 Psycho-Social Emphases 424
21.2.6 Tertiary Curriculum Changes 424
21.2.7 Continuing Issues with Contemporary PRMS 424
21.3 Future Project Risk Management 425
21.4 Checking Your Reading Satisfaction 427
21.4.1 Risk 427
21.4.2 Projects 428
21.4.3 Prms 428
21.4.4 Risk Contexts 429
21.4.5 Risk Identification 429
21.4.6 Risk Assessment 430
21.4.7 Risk Response 430
21.4.8 Risk Monitoring and Control 431
21.4.9 Risk Knowledge Management 431
21.4.10 Risk and Culture 431
21.4.11 Complexity 432
21.4.12 Political Risk 432
21.4.13 Planning for Crisis Response and Disaster Recovery 433
21.4.14 Opportunity Risk 433
21.4.15 Strategic Risk Management 433
21.4.16 Building and Maturing a PRMS 434
21.4.17 Computer Applications 434
21.4.18 Communicating Risk 435
21.4.19 Case Studies 435
21.5 Closing Remarks 436
Case Study A: PPP Correctional Facilities Project 439
Case Study B: Rail Improvement Project 449
Case Study C: PM Consultant and Government-Aid-Funded Pacific-Rim Project 455
Case Study D: High-Capacity Metropolitan Train Mock-up Project 461
Case Study E: Hot-Rod Car Project 463
Case Study F: Aquatic Theme Park Project 467
Case Study G: Risk Governance Guidance Document 471
Case Study H: Rise and Fall of a Plumbing Company 477
Index 483
1
Introduction
1.1 Introduction
In this introductory chapter, we describe the project and project stakeholder perspectives that we have adopted to frame this book and its content. The chapter synopses will guide you in choosing the actual sequence you wish to follow for individual reading, but we recommend that you do follow the order for Chapters 4-10, as these chapters embrace the sequential and systematic application of the cycle of project risk management processes.
1.2 The Project Perspective
Our world has become increasingly 'project-driven'. This is largely because projects are seen to be more 'containable' than other methods of achieving development goals. Projects are perceived as having clearly identifiable beginnings and finite endings (although sometimes these are hard to pinpoint precisely). The fulfilment of sought-for objectives is intended to deliver desirable (and hopefully measurable) outcomes. This perspective assumes that the project approach is more manageable than other ways of doing things, although this assumption may not always translate easily or fully into reality.
Projects are endeavours usually surrounded by uncertainty and often cloaked in risk. While we tend to regard them as exclusively human undertakings, projects do occur in the natural world. Beavers build dams across watercourses; termites construct elaborate edifices to shelter themselves from harsh extremes of weather; birds build nests to accommodate their young. These creatures also face risks as they go about their 'project' work.
Managing risks is thus an important part of managing projects, as much for human society as for the natural world. Our book describes a comprehensive and systematic approach to the management of project risks. Whilst we have no plans for further references to animals and insects, their potential contribution to risk management should not be ignored. Bio-mimicry has become an important source of innovation for contemporary society in engineering and other fields, and there is every reason to suppose that it could also contribute to risk management.
Project management, as an art and a science (hence its vulnerability to many interpretations), stems largely from a construction industry that has been project-based since human beings first attempted to create shelter for themselves. We have become increasingly aware of the need to organise the ways in which our building activities are planned, resourced and carried out in order to satisfy our need to develop our physical environment. Traditionally, therefore, project management has been associated with building projects, and many books (including those on risk management) retain that perspective exclusively.
For this book, we have tried to embrace the project-driven nature of contemporary society more fully and have deliberately adopted a generic project perspective.
All projects are exposed to risks. While particular risks will be different for different projects, different project stakeholders and different project environments, we seek to demonstrate that it is possible to adopt a systematically uniform approach in order to deal with those risks. Thus, while many of the examples presented in this book are taken from projects in the construction industry, we have sought to include some from other fields. The actual risks will not be identical (although many will be similar), but the risk management principles remain the same.
1.3 The Project Stakeholder Perspective
All projects involve stakeholders: those people or entities that have the capacity to influence the decision-making associated with projects. We explore this concept in greater depth later in this book. Suffice it to say here that every project involves multiple stakeholders (or at least more than one). For example, I may decide to embark on a renovation project on my house. While it is 'my' project, it is likely that other family members will be involved, that tradesmen will be engaged and external suppliers sourced. I may have to approach consultants for advice or even apply for permits from local authorities. To a greater or lesser extent, each and all of these will influence the decision-making that inevitably surrounds the project. Anyone with that influential capacity has to be regarded as a stakeholder. How much influence they can exert will determine the nature, level and treatment of the risks involved.
Similarly, you may propose a project to write a book as a sole author. However, if you want others to read it and if you want to earn royalties from its publication, other people will become involved in, and help to make decisions about, the publication process. The same scenario actually applies to more artistic and creative works. While the intellectual inputs may be entirely individual on the part of the artist, if the project outcomes are intended to become available to others, or even to just a single end-user or purchaser, then we might argue that the follow-up process is also part of the project and thus susceptible to decision-making beyond that of the original artist. Few artists can afford to ignore their 'market' entirely.
A single project stakeholder perspective is thus only tenable if the project outcomes were never meant to be available to anyone other than the project originator.
However, while all may be involved in bringing a project to fruition, each stakeholder is likely to have at least some objectives that are different to those of other stakeholders. By definition, as we shall see in Chapter 3, this means that each stakeholder will be exposed to different risks, albeit possibly of a similar type but of varying uncertainty in terms of likelihood and consequence. Each stakeholder may have to manage its risks in ways that may be subtly different to those of other project stakeholders.
Logically, therefore, whatever the organisational arrangement of stakeholders in a project, any attempt to insist upon a common risk management system for all stakeholders for that project is neither practical nor advisable, particularly where the stakeholders are autonomous entities. Even where projects are undertaken 'in-house' by an organisation, e.g. under Project Management Office (PMO) or Enterprise Project Management (EPM) arrangements, there will still be other stakeholders involved, including other departments within the host organisation and external stakeholders supplying goods or services to the project.
In this book, we have deliberately adopted a stakeholder perspective that assumes that each stakeholder implements its own risk management system for each of the projects in which it is involved. Ideally, each stakeholder will employ an overarching approach that, while dealing individually with all of its risks on each of its projects, will apply common principles of risk management throughout and will capture risk knowledge from each project to the benefit of the whole stakeholder organisation.
The unique project and project stakeholder perspectives outlined above provide the essential context for the whole of this book.
1.4 Overview of Contents
The chapter synopses in this section should help you to determine the topic reading sequence you wish to follow. For those who are involved in teaching project risk management, the synopses may help you to formulate a useful reading programme for your students.
In Chapter 2, we explore an understanding of risk itself, providing definitions and common terms. Positive and negative concepts of risk (threat risk and opportunity risk) are presented. We consider the psychology of risk, together with risk awareness. Risk and uncertainty are distinguished, and their association is clarified. The dynamic nature of risk is discussed. Approaches to classifying risks are considered. The important topic of risk communication is introduced here, but is treated more comprehensively in Chapter 20 (Communicating Risk).
Chapter 3 is all about projects, further consolidating the essential platform upon which the processes of managing project risks can be presented. The nature of projects is considered, in terms of their life cycles and processes. Additional thought is given to project stakeholders and their influence. Project decision-making is considered, and the chapter concludes with some thoughts about what may constitute a risky project.
National and international risk management standards are described in Chapter 4, which then presents a systematic approach to project risk management in the form of an experiential learning cycle. This provides an essential precursor for the more detailed presentation of the stages of the risk management process in subsequent chapters.
In Chapter 5, the important preliminary task of establishing the internal and external contexts for a project is presented, together with the risk drivers (the issues that shape and influence risks) operating in those contexts.
For risks to be managed, they must first be identified. This process is dealt with in Chapters 6 and 7. Approaches to identifying project risks are first considered, followed by presentation of several risk identification tools.
Following identification, risks should be analysed and assessed in terms of their individual and comparative magnitudes or severity levels. Chapter 8...
