When planning and implementing a project, we try to identify and reduce the risk that threatens the project. The plan takes into account potential risk factors, and in carrying out the project we try to select the appropriate project participants, to manage and motivate them properly and to communicate well with them. By monitoring the project, we determine whether there are any deviations in the project from the actual and planned values. Then we take action as quickly as possible and implement the necessary corrective measures. A final analysis of the project progress is
also useful, providing us with valuable information for managing future projects.
“In today’s world, there are many projects that fail to achieve their goals. The reasons for this are largely due to deviations between actual and planned events. Planned events often fail to materialize because of a series of unforeseeable or only partially foreseeable disruptions. There is therefore always the risk that things will actually turn out differently than we had planned. It is therefore important that we make every effort to achieve the goals we have set ourselves at all stages of the work process. However, a thorough risk assessment plays a very important role in following up what has been planned. People in life face decisions every day that are more or less important. Decisions are present everywhere – at home and at work, in commercial and non-commercial institutions, in production lines and in projects. In the strictest sense, decision making is a choice between several different alternatives. For companies to be successful, it is extremely important that they make the right decisions, especially today when change is part of our daily lives. Since our information is never perfect and since our knowledge is limited, there is always the possibility that when we make a decision, we do not choose the one that brings the best results “(McCray, Purvis, McCray, 2002, p. 49).
Therefore, all decisions involve a certain amount of risk, which cannot be completely avoided despite
all efforts. Risk is the probability of adverse effects of future events. Sometimes this risk is high, sometimes negligible. The greater the risk, the more important it becomes to be aware of it and to try
to manage it. The risk is lower for repetitive decisions and activities where certain permanent solutions
occur over time. The level of security increases slightly with each repetition, and the risk of not achieving the objectives decreases. Over time, practitioners gain valuable experience and knowledge and refine their skills so that they can perform a routine activity better, faster and cheaper next time.
For one-off activities, such as projects, the risk is much higher because we make most decisions for the first time and the situation is completely new and unknown to us. We have no concrete experience and we learn on the fly during the course of the project. The probability of choosing the wrong alternative is higher, and the consequences of such a wrong decision are often fatal for the whole project. Risk mitigation is therefore crucial for projects and a necessary part of project management.
Well-thought-out risk management makes it possible to reduce project delays, lower project costs and improve the quality of the final impact of the project. Achieving project goals then has an indirect effect on increasing the business performance of the entire organization.
A distinction must be made between large and small projects, which have some different characteristics, and there are also differences between projects from different economic or noneconomic sectors. The risk in projects is high and reducing it is extremely important, but it differs slightly between different types of projects. There is a risk that we have misjudged some factors. However, the error of assessment can be reduced by taking the risk into account when planning the
project, for which there are several methods. The PERT critical path method and its newer and slightly improved version, the GERT method (Heizer und Render, 1988, pp. 672-673) are certainly well known. When planning and implementing a project, we try to identify and reduce the risk that threatens the project. The plan takes into account potential risk factors, and in carrying out the project we try to
select suitable project participants, to manage and motivate them properly and to communicate well with them. By monitoring the project, we determine whether there are any deviations in the project from the actual and planned values. Then we take action as quickly as possible and implement the necessary corrective measures. A final analysis of the project progress is also useful, providing us with
valuable information for managing future projects.
Risk can be described as the probability of undesired consequences of future events. It can also be
described as a hazard, the possibility of a negative consequence or loss, the threat of inconvenience
and the like. This definition covers only a negative view of risk, although every risk also has certain
positive characteristics. It is a well-known fact in economic theory that a higher risk also allows a higher
return. An old proverb says that the greater the risk, the greater the reward (Clarke, Varma, 1999, p. 414).
Project risk is any event that prevents or limits the achievement of the project objectives. Project risk can be divided into many types according to various criteria. The most common one is the classification of project risk according to its relation to project objectives, separating time risk, financial risk and risk related to the quality of project impact. A distinction can also be made between indirect (subordinate) and direct (superior) project risk, where it is a possibility to influence the project objectives, and the time sequence in which these two types of risk occur.
The risk is addressed by many authors in their works. Burke defines risk management in projects as a process of identifying, analyzing, and responding to uncertainty (1999, pp. 229-235). Lientz and Rea present risk management in projects as the management of unresolved contentious issues that need to be resolved so that the project does not deviate four times from actual planning (1999, pp. 8 and 9). Kerzner also deals with risk in projects, as he believes that in every project we have to answer the question of what may prevent us from achieving the project goals and thus prepare for various uncertain developments (2001, p. 564). Like the project management process, the project risk management process can be divided into three phases – planning, implementing, and controlling strategies to reduce project risk.
The main task of project management is to achieve the set objectives of the project in all phases of the managed process. The success of the project is assessed in terms of achieving these goals. The main objectives, to which project management is directed, are the following (Kerzner, 1979, p. 318): time, costs, quality of project effects. In addition to these three goals, there is the goal of sufficient security in the project (Bonyuet, 2001, p. 49), which is actually only a condition for the achievement of the three basic goals and is not a goal in itself. Ideally, the project manager would be able to balance all three goals in the project. In reality, however, this is difficult, so that in project work the center of gravity of the triangle is often not reached. However, it is important that the project manager tries to get as close as possible to it. It has sometimes been thought that in different phases of the life cycle of a project, the meaning of the individual goals changes. Quality should come first, then cost and finally time. However, recent research has shown that this is not the case. Quality and time should be a more important objective than cost throughout the life of the project (Meredith, Mantel, 2000, p. 14).
However, as we start to implement the project and it approaches the end point, the project risk or the probability that the project objectives will not be achieved also decreases. Therefore, during the course of the project, new estimates of duration, cost and quality are often made at certain project intervals. In a similar way, Burke also describes the change in risk level in a project. In the beginning, the risk is greatest because much about the project is still unknown. However, as the project progresses and more decisions are made, the number of unknown variables decreases. At the end of the project, nothing is unknown anymore. Contrary to the decreasing risk level, the amount of invested funds exposed to risk increases continuously during the project.
By controlling the project we can discover the consequences of the realized risk, and by planning and executing the project we can reduce the probability of realization and the consequences of the project risk. No matter how much effort we invest in planning, implementation and control of a project, there
is always some risk in the way the project works. The future is unknown, and many undesirable events can occur in it, which represents various forms of risk. Sometimes we also deliberately maintain a certain risk. An integral part of project management is decision making, which is a methodical part of the management process. It is present in the planning, implementation and control of projects. One of the key components of project management is decision-making under conditions of uncertainty with the aim of balancing different types of risks associated with a particular problem. In the strictest sense, decision making is a choice between several different alternatives. People in life make decisions every
day and strive for efficiency. It is extremely important for the success and satisfaction of people as well as for the success of associations that they make the right decisions. In reality, most decisions are based on incomplete information and limited knowledge, so there is always the possibility that when we make a decision, we may not choose the one that would give the best results among the many options. So often the consequences of decisions are less favorable than one might imagine.
We say that we take risks when we make decisions. Sometimes this risk is high, sometimes negligible. The greater the risk, the more important it becomes to be aware of it and to try to control it. The risk is lower for repetitive decisions and activities where there are permanent solutions over time. The level of security increases slightly with each repetition and the risk of not achieving the objectives decreases. Over time, practitioners gain valuable experience and refine their skills so that they can perform a routine activity better, faster and cheaper next time. For one-off activities, such as projects, the risk is much higher because we make most decisions for the first time and the situation is unknown to us. We have no concrete experience and we learn on the fly during the project. The probability of choosing the wrong alternative is higher, and the consequences of such a wrong decision are often fatal for the whole project. Risk reduction is therefore a necessary part of project management.
The risk can be reduced by the project management process, especially by planning or thinking ahead. If the project manager is aware of the risks involved in the projects and if he takes them into account in the project plan, he ensures a higher probability of achieving the project goals. By carefully planning
who, when, and by what means has to carry out an individual activity, he or she reduces the risk of delays, insufficient resources, or a particular activity not being carried out. Good planning avoids unnecessary traffic jams and allows you to choose the best route. The planning process also provides a suitable basis for project control. When carrying out a project, the project manager must follow a plan that is flexible enough to accommodate any necessary changes. He or she must familiarize the project participants well with the project goals so that they understand them and are therefore more motivated to achieve them. He can also reduce risk by constantly monitoring the progress of the project. By comparing what is planned and implemented, it can identify possible deviations and take
Risk can be described as the probability of undesired consequences of future events. It can also be described as a hazard, the possibility of a negative consequence or loss, the threat of inconvenience and the like. This definition covers only a negative view of risk, although every risk also has certain positive characteristics. It is a well-known fact in economic theory that a higher risk also allows a higher return. An old saying says that the greater the risk, the greater the reward (Clarke, Varma, 1999, p. 414).
So if there is a risk, there can also be an opportunity. In addition to the possibility of a greater reward, risk also brings with it the possibility of a greater loss associated with accepting a particular decision. The level of risk is acceptable if the potential gains exceed the potential losses. Each decision-maker must choose the most appropriate risk/reward ratio. If he is risk-averse, he will be prepared to accept it on a larger scale to ensure the possibility of a higher return or greater benefit. However, if the decision maker is not risk-averse, he will accept a smaller and more certain return. Some authors distinguish between risk and uncertainty. Uncertainty should arise when a person does not have sufficient
information to assess the likelihood of alternative solutions. However, risk should be a situation in which alternative solutions and probabilities can be determined that individual solutions will produce the desired result (Kavčič et al., 1994, pp. 223-225). We speak of risk when we can predict the results of business decisions with a certain probability distribution, and of uncertainty when this is not possible
(Prašnikar, Debeljak, 1998, p. 36; Kerzner, 2001, p. 908-913). Risk consists of two elements – the probability that something will happen and the negative consequences or losses that will follow if it does happen (Moder, Phillips, 1964, p. 196). In institutions, there is often a possibility that things will not go as planned. The probability of such an unfavorable development can be very high or very low.
The consequences of the risk can also be small or extensive or even fatal. As an example I can mention a project to build a new hotel, where there is a likelihood that there will be difficulties in obtaining a building permit. So there is also the possibility of negative consequences. It is possible that the hotel will be built with a delay, that it will have to be built elsewhere, that it will not be possible to build it at all, and so on. The likelihood of this risk occurring and the possible consequences of this risk must be assessed by the people responsible.
Uncertainty and risk are common terms in both probability theory and behavioral theory. Probability is strongly related to risk. It is one way of measuring uncertainty (Howes, 2001, p. 232). There are many mathematical and statistical definitions of probability, which are very complex. Probability theory attempts to quantify accurately and objectively the subjective statements we use every day when we say that something is “almost certain”, “very likely” or “almost impossible”. Statistics can be used to calculate the probability that an event will occur and the probability that it will not occur. The latter is called the risk of the event occurring (Košmelj, Rovan, 1997, p. 80). In simplified form, it takes the
probability of a value on a scale from zero to one. An event that will occur with zero probability is an impossible event, and one with one probability is a specific event. There is no risk in the latter. In reality, there are very few such extreme cases. Usually, events have a probability between zero and one, which means that they contain a certain degree of uncertainty. In statistical practice, the acceptable level of risk is usually less than 0.05, and in the management of projects a much higher risk is often acceptable. The risk could be completely eliminated if (Naylor, 1996, p. 81): they knew how to predict the future accurately, had enough influence to achieve the realization of the future as we had planned
it. Since both options are not feasible in the long run, we must accept risk, or at least a certain part of risk, as an integral part of life and of any project and its management. At least for the time being, we do not know how to predict the future accurately, nor can we influence it to the extent that all risk factors that could jeopardize our plans are eliminated.
Fill out the form bellow to get the free e-book
As projects are usually implemented under uncertain conditions, there was always a risk that the achievement of the project objectives would be jeopardized. Recently, as the project work method has gained ground, more and more different scientists and experts are dealing with risks – from economists, statisticians and organizers to insurance agents, energy engineers and building owners. The knowledge of project risks is constantly increasing. Various aspects of project risk are a central theme at many seminars, conferences and workshops around the world. Like risk in general, project risk consists of two elements (Moder, Phillips, 1964, p. 196): the probability that the risk will materialize and the negative consequences of a possible realization of the risk. Negative consequences for the
project mean that the project objectives will not be achieved. The project risk therefore represents any event that prevents or restricts the achievement of the project objectives, which must consequently be corrected or completely changed. Since the project objectives are always linked to specific costs, deadlines and the quality of the project’s effects, project risk is the risk of negative consequences, such as higher costs, extended deadlines or an insufficient quality of the project’s effects compared to the plan.
The process of project risk management has only recently become an area that the authors include in their work, so not much has been written about it. Most experts mention it only very superficially in their books on project management, and some even ignore it completely. Only a few people deal with the topic of risk management in greater depth and devote their entire work to it. The process of
project risk management has remained hidden and unexplored until today. It is still largely based on intuition, so that many project managers are not aware of the necessity of risk management. Only a few companies have developed a formal approach to project risk management (Thomsett, 2002, p. 161). Even today, in institutions with poorly developed project management, some related processes
are still designed separately, although they require the same skills and business elements. These are usually processes of project management, total quality management and competitive analysis. As the associations develop, they form a unified methodological system and link these processes together. In the next phase of development, the institutions further extend and improve the uniform methodology from the previous phase, as they strive for excellence in the field of project management. They are refining it by adding two new areas, change management and risk management, resulting in greater efficiency and effectiveness of these associations (Kerzner, 2001a, pp. 78-81). The area of risk management is still very unknown and underdeveloped, so that there are many uncertainties and unsolved problems.
IDENTIFICATION OF ALL POSSIBLE TYPES OF RISK IN PROJECTS
As soon as we start risk management, we have to identify all possible forms of risks that could jeopardize the achievement of the project goals. It is a matter of identifying all possible types of risks that are known to the project manager and the other project participants right at the beginning of risk management. Later in the risk management process, new types of risks may be discovered (Verzuh,
1999, p. 86).
We must first determine what types of indirect risks may occur in a particular project. Some also call these types risk factors (Royer, 2002, p. 18). Indirect risks cannot be quantified directly, but can only be stated descriptively. It is a qualitative risk. When it is implemented, it causes a direct risk to occur in the project. It is therefore the cause of the risk of delays, cost overruns and inadequate quality of project impact. It is part of the unfavorable development of events in the project and indirectly leads to the three most important project objectives not being achieved. Each risk has one or more causes and one or more consequences. The causes of indirect risk are very diverse and depend on the nature of the
indirect risk. The cause of the weather-related risk is a specific natural process, and the cause of the risk of late delivery can be a lack of work organization on the part of the supplier. Indirect risk leads to the occurrence of a direct project risk. The cause of the direct risk is therefore the realized indirect risk, and the consequences of the realized direct risk can be delays, excessive costs or insufficient quality in the project.
The following elements, among others, help us to determine the indirect risk:
The importance of experience in project risk management is particularly emphasized by Shepherd (1999, pp. 55-57). There are lists of many possible types of indirect risks that project participants can rely on in their work. These lists can vary greatly between different activities, and each institution often needs to draw up its own list tailored to its needs and circumstances. In such a list, the risk is divided according to whether the source of the risk is inside or outside the project. However, both broader groups are still divided into several more specific types of indirect risk.
1. external risk or risk due to the environment:
a) risk due to the natural environment:
- weather risk,
- terrain-related risk,
- risk of natural disasters,
b) risk due to the legal environment:
- risk due to changes in legislation,
- contract risk,
- property risk and theft,
c) risk due to the social environment:
- risk due to cultural differences (norms, habits, traditions),
- risk through public resistance (environmentalists, influential groups),
- risk due to political factors (change of government, opposition to government),
d) Risk due to the economic environment:
- risk related to the stability of the economy as a whole (inflation, taxes),
- risk related to the stability of the business units involved in the project,
- risk related to the stability of the association,
e) technological risk:
- the risk of the inadequacy of existing technology,
- the risk of the existing technology becoming obsolete,
- the risk associated with the use or development of new technologies,
f) risk related to working capital:
- the risk of injury and damage to work equipment,
- risk of insufficient capacity of labor resources,
- risk of technical changes,
g) risk due to suppliers:
- risk of late delivery,
- risk related to the quality of the work tasks delivered,
- risk with regard to the quantity of work items delivered,
- risk related to the price of the work elements supplied,
h) risk by the association manager:
- the risk of lack of support for the project by the main leaders of the association,
- risk of conflicts between project managers and other managers in the association,
i) risk from external contractors
- risk due to insufficient commitment of external contractors to the project,
- risk of non-compliance with project requirements by external contractors,
j) risk due to customers or end-users of project effects:
- the risk of changes in customer requirements,
- risk of customer dissatisfaction,
- risk of poor cooperation with customers,
k) other external risk.
2. internal risk or risk related to project management:
a) project planning risk:
- the risk of inadequate assessment of project duration or project costs: (a) project planning risk
- the risk of omitting certain activities from the plan
- risk of poor definition of project objectives,
- risk of neglecting project objectives
- the risk of using incomplete information,
b) the project implementation risk:
- the risk of an insufficient number of project team members,
- the “hidden” risk of staff shortages,
- risk of conflicts within the project team,
- risk of weak motivation of project team members
- communication risk regarding expectations
- the risk of not meeting the expectations of the project team members
- risk of absence of project team members (illness, delays),
- the risk of inefficiency, inexperience and incompetence of the project manager and other members of the project team,
- risk of insufficient information support in the project
c) project control risk:
- the risk of neglecting certain areas of project control,
- risk of an out-of-date control of the project,
- risk of lack of control by external experts,
d) other internal risk.
Only some types of indirect risk are listed, as it would be impossible to list them all. Other types of risk are found in every project, such as the risk of overloading project participants and
the risk due to insufficient coordination of external staff. The project manager and other members of the project team, as well as external contractors and end-users of the impact of the project, must be involved in identifying possible types of indirect risks that may occur in a given project. It is advisable to follow Murphy’s principle that “if something can go wrong, it will go wrong”. (Verzuh, 1999, p. 83). This is the easiest way to identify all the factors that endanger the project. In addition to the indirect risks, it is necessary to determine the direct types of project risks, which are the consequences of the indirect risk realized. Different types of direct risks can also be called risk groups (Royer, 2002, p. 32). The most
logical and simplest way is to classify the direct risk into three types. The types of direct risk in projects are therefore as follows:
- the time risk,
- the financial risk,
- the quality risk.
The division of project risk into direct and indirect is a further development of the division of risk into time risk, financial risk and quality risk. The latter subdivision actually only covers the direct types of project risk. The first subdivision also covers indirect risks in the project, which are the cause of the occurrence of direct risks. The classification of direct project risk covers the second part of the causeand- effect relationship already mentioned, the consequences. For example, if the indirect risk of conflicts within the project team materializes, this is the cause for the occurrence of the time risk in the project.
The time risk is direct and represents a kind of consequence of the indirect risk. If the direct risk then materializes, there is actually a delay in the project. Both the delay and the overrun of the project costs and the insufficient quality of the project effects are the final consequences of the project risk or the consequences of the realized direct risk. The realized direct risk is then followed by various measures –
from material penalties to verbal warnings. The direct risk can be quantified to a certain extent, and it can be treated with numerical data. Part of the direct risk can only be included in the project plan in a descriptive way, and we rely mainly on intuition when dealing with it. This risk can therefore be quantitative or qualitative. Since the realization of the indirect project risk is the cause of the occurrence of the direct risk, which is the central danger of any project, the role of indirect risk in
projects is to a certain extent secondary. The management of this risk is as important as the management of direct risk, but the essence of both management processes is to prevent or reduce the probability of realization of direct risk types and their consequences. The essence of determining the types of direct risks that threaten the project is to link causes and consequences. For each type of indirect risk it is necessary to determine which of the three consequences it causes.
In most cases, a particular type of indirect risk can involve both the risk of delays and higher costs and the risk of insufficient quality of the project’s effects. For example, there is the risk of changes in customer requirements. However, sometimes an indirect risk can also be the cause of only one or two
types of direct risk. The risk related to the price of the delivered work items is only the cause of a financial risk. The direct risk can be linked to a broader, business risk (Royer, 2002, pp. 32-33). The realization of the direct risk, that is, the failure to achieve project goals, can lead to operational or strategic risks at the level of the company as a whole. A failed project with delays, excessive costs or
deviations in the quality of the project effects can have a negative impact on the operational or strategic level of the institution, as it can jeopardize both the ongoing operation and the implementation of its longer-term strategies.
The causes of any risk, both indirect and direct, are an important element in dealing with this risk (Kerzner, 2001, p. 905).
If the project manager knows the causes of a particular risk, it is easier to deal with it. However, he should not confuse the causes of the risk with its consequences. Dealing with the causes is usually more effective and easier than dealing with the consequences. The project manager must therefore
irst try to eliminate or reduce the indirect risk. If he does not succeed in this, he must at least manage the direct risk as far as possible, so that it does not occur and lead to delays, cost overruns or insufficient quality of the project.
Certain indirect risks remain in the project despite the efforts of the project manager to eliminate or reduce them. He has accepted the remaining risk and must now prepare for the consequences of a possible realization of this risk. These consequences are the occurrence of various types of direct risks in the project. The project manager must implement strategies to reduce the probability of a real project risk occurring. The project manager can prevent or reduce the probability of a direct risk occurring by using emergency plans. However, he can also do this by perfecting project planning, implementation or control. If the realization of an immediate risk cannot be prevented, he must accept this risk and deal with its ultimate consequences.
The project plan must be designed in such a way that it allows quantitative measurements of what has been achieved at certain intervals, which must be defined in advance. The planning must take place at least two levels – at the level of the overall project and at the level of the individual activities. With the first, the project manager creates a general overview of the project, with the second he defines the implementation of each individual activity. The planning should be neither too detailed nor too superficial. The project manager should not just pay attention to one particular risk and ignore all other possible types of risk (Kerzner, 1979, p. 428). By following these instructions, the direct project risk can be reduced. The direct risk can also be reduced during project implementation. A very effective method of reducing time risk can be to develop and use specific indicators that warn the project manager when a project is approaching the risk of delay. This method directs the project manager’s attention to the future and allows him to take active action instead of reacting passively to the risk of delay already realized. The system of leading indicators warns of the risk that the project will
not progress as planned. It is based on the determination of how much work remains to be done and how much time is left until the project is completed (Winslow, 2001, pp. 54-57). If the project manager determines that the necessary work cannot be completed on time, he must take immediate action. He or she must accelerate the implementation of certain activities or adjust the project plan. Of course, the project risk can also be reduced within the framework of project management.
Projects are becoming more and more important nowadays, as the fierce competition on the global market, increasing customer requirements, constant technological and other changes and the rapid development of knowledge require the most efficient way of association work. Therefore, more and more institutions are using the project approach in their companies, which is one of the ways to gain a competitive advantage. More and more authors devote their works to the characteristics of projects and their execution. There is always a risk in project work because projects are one-off activities with which project participants come into contact for the first time and about which they have little information. The need for risk management is therefore usually present in projects, but the part about project risk and the manager with it is still relatively small. Moreover, the future in which the projects will take place is never fully known. One has to be aware that only predictions about the future are always possible, because one cannot know exactly what the future will look like. The result of good planning is always only an approximation of what will actually be realized in the future. Many different types of project risks are known, but the types of risks are most often exposed according to their relationship to the project objectives. These types are the time risk, the financial risk and the risk due to the quality of the project effects. However, the risk can be divided into direct and indirect, depending on the way in which the project objectives are affected.
Author of the article: Milan Krajnc, pedagogue, entrepreneur & crisis manager
I teach you to look “at yourself” as a third person. For more information or an introductory meeting, write to me at firstname.lastname@example.org
Dynamic Leadership model
The purpose of the book is to present a dynamic leadership model, which in more than a hundred cases has proven to be a great way to get out of business and personal crisis and how to overcome difficulties without even going into crisis.