- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Prioritising Project Risks
About this book
Prioritisation is an important part of any risk management process because it focuses on what matters most. Written by the Risk Prioritisation Group of the APM Risk Management Specific Interest Group, this guide looks at how the first step towards effective risk prioritisation is an understanding of its purpose. Complementing the APM Project Risk Analysis and Management (PRAM) Guide 2nd edition, it offers a variety of risk management techniques and will help practitioners and students.
Tools to learn more effectively
Saving Books
Keyword Search
Annotating Text
Listen to it instead
Information
1
Introduction
Project risk management addresses the implications of uncertainty for the project team, the sponsoring organisation, the users of the project’s deliverables and other project stakeholders. The aim of this guide is to improve risk prioritisation by offering a choice of techniques ranging from simple to complex. Efficient prioritisation selects the simplest technique that will be suitable in the circumstances, but making the choice requires a clear understanding of why risks are being prioritised and what we mean by a risk.
Prioritisation is an important part of any risk process because it focuses attention on what matters most. However, ‘what matters most’ is variable in the sense that it depends on context. It varies from one stakeholder to another, and it changes during the course of the project, from one stage to another. For example, the most important impacts on the project sponsor at feasibility stage, before the project has been sanctioned, are not necessarily those that the project manager will regard as most important during project startup. Additionally, the range of responses available to the project sponsor at feasibility stage will be typically much wider than those available to the project manager once the project has begun.
This variability of ‘what matters most’ raises questions in prioritisation, such as:
1.Where does the project team need to pay most attention to understanding risks in more detail?
2.What are the most important risks from the project sponsor’s perspective?
3.How can the team identify those risks that should be prioritised for the implementation of risk responses?
4.How can quantitative risk models be used to identify key risks?
5.How can risks be prioritised if probability and impact cannot be reliably estimated?
6.Which risks threaten the feasibility of the project?
The third question above identifies an important distinction between prioritising risks and prioritising responses. This distinction is explored further in Section 3.
Prioritisation of risks is commonly associated with the assessment of probability and impact and the ranking of risks within a probability–impact matrix (PIM), so that risks with high impact and high probability assume the greatest importance. The familiarity of this technique leads us to assume that it is simple and effective, but probability and impact are not always easy to define or estimate. Nor are they always the most important attributes to consider.
Attempts to prioritise risks often raise another important question: what do we mean by risk? We know that uncertainty lies at the heart of risk. We also know that project risk can be complex, with many risk events and other sources of uncertainty contributing to the overall project risk. In this guide we have started from the concept of overall project risk. The APM Project Risk Analysis and Management [PRAM] Guide (2nd edition, 2004) describes project risk as resulting from ‘an accumulation of a number of individual risk events, together with other sources of uncertainty to the project as a whole, such as variability and ambiguity’.
Types of risk that contribute towards overall project risk include:
•uncertainty concerning an event which, should it occur, would have an effect on the project objectives (event risks);
•uncertainty concerning the eventual value of an important project variable, including those that affect duration, cost and resource requirements (variability risks);
•uncertainty concerning the combined effect of multiple interdependent factors (systemic risks);
•uncertainty concerning the underlying understanding of the project (ambiguity risks).
Any of these types of risk can have a positive or negative impact on the project outcome. The project team may need to use the project risk management process to address either some or all of these types of uncertainty.
This guide also includes the concept of composite risks. These may comprise combinations of any or all of the risk types listed above. When using a multipass top-down approach to risk management, such as that recommended by the PRAM Guide, dealing with composite risks is an important part of the process, particularly during earlier passes. Composite risks might also be produced as a synthesis of contributory risks where it makes sense to do so, e.g. where an overarching response may be effective. The levels to which risk has been decomposed will, of course, affect prioritisation results. In addition, some techniques (including all of those related to quantitative modelling) cannot be expected to produce reliable prioritisation of risks unless risks have been understood within a coherent structure developed from a top-down perspective.
Finally, the scope of this guide also includes project strategy risks. Typically, these involve uncertainty about the fundamental role of the parties involved, the project objectives or factors that are critical to project success. Project strategy risks have the potential to change the purpose of a project or to fundamentally affect the way in which it is delivered.
Whatever scope is selected, the following are important aspects of risk prioritisation, often missing in common practice:
•risks should be understood before prioritising can begin;
•interrelationships between risks should be recognised, particularly in complex projects;
•risk management should begin in the earliest stages of a project;
•prioritisation, and the tools chosen to prioritise, should be part of a coherent process framework to analyse and manage risk in the project.
Section 2 addresses how we understand and describe risk. The purposes of risk prioritisation are explored in more detail in Section 3, and a selection of techniques to assist in prioritisation is presented in Section 4. The techniques selected in this guide are not intended to be exhaustive, and there may be other equally valid techniques available to projects. The techniques presented here have been chosen because they fulfil one or more of the following criteria:
•they are in common use;
•they are generally applicable;
•they give robust and reliable results;
•they are independent of proprietary tools.
Each of the techniques will be appropriate in some circumstances and not in others. The aim should be to select the simplest approach that will be suitable for the purpose of effective risk management. It is important to recognise in early passes of the prioritisation phase of the risk management process that there are sources of uncertainty that may require further analysis using more time-consuming and complex techniques. It is equally important to recognise where this is not necessary and avoid wasting time and resources on analysis of uncertainties that are of relatively low importance in terms of their effect on project objectives. These choices will almost certainly be more appropriate and effective if they are part of a coherent process framework.
It is important to recognise that there are significant differences of opinion about these choices, arising from different framing assumptions about the nature and scope of risk management. This guide attempts to clarify these differences and their effect on the choice of prioritisation technique.
2
Understanding and describing risks
Clear understanding of risks is an essential prerequisite for prioritising them; one cannot justify prioritising risks that have not been adequately understood. Risk descriptions are a vital tool for generating such understanding. A feature of good risk descriptions is that they include the information required both to make realistic estimates and to evaluate the relative importance of risks. Table 2.1 describes a number of risk attributes that might be taken into account when prioritising risks.
Of course not all the attributes shown in Table 2.1 will necessarily be relevant to risk prioritisation in any particular project or in any situation. But where these attributes are relevant they should be included in risk descriptions or related information such as descriptions of risk responses.
Table 2.1 Attributes that may be relevant to risk prioritisation
Risk attribute | Description |
Probability | The probability that a risk will occur (note that risks that are not event risks may have a probability of 100%) |
Impact | The consequence(s) or potential range of consequences of a risk should it occur |
Impact – single dimension | Impact estimated in the dimension relevant to the context in which risk is being assessed (e.g. time or cost) |
Variability | Uncertainty of outcome (typically evaluated as range or standard deviation) |
Urgency | The nearness in time by which responses to a risk must be implemented in order for them to be effective |
Proximity | The nearness in time at which a risk is expected or predicted to occur |
Propinquity | The acuteness of a risk as perceived by either an individual or group |
Controllability | The degree to which the risk’s owner (or owning organisation) is able to control the risk’s outcome |
Response effectiveness | The degree to which current risk responses can be expected to influence a risk’s outcome |
Manageability | A function of controllability and response effectiveness |
Relatedness | The degree to which causal relationships may correlate a risk’s outcome with the outcome of other risks |
Ownership ambiguity | The degree to which responsibility (either individual and/or organisational) for a risk’s ownership lacks clarity |
Given the importance of risk descriptions and the direct link to prioritisation, this guide describes a number of structured approaches that can be used to describe risks. Each of these structures differentiates between causal relationships that can be described in terms of facts and causal relationships characterised by uncertainty.
A commonly used simple structured risk description has three essential components: cause, risk and effect (see Figure 2.1). A cause is a certain event or set of circumstances that exists...
Table of contents
- Cover
- Title
- Copyright
- Contents
- List of tables
- List of figures
- Foreword
- Acknowledgements
- 1. Introduction
- 2. Understanding and describing risks
- 3. Purposes of risk prioritisation
- 4. Prioritisation techniques
- 5. Implications for practice
- Back Cover
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Prioritising Project Risks by Association for Project Management (APM) in PDF and/or ePUB format, as well as other popular books in Business & Project Management. We have over one million books available in our catalogue for you to explore.