Project Risk Management Basic Techniques. Analysis of project risks. Planning for responses

Keywords: PROJECT MANAGEMENT; RISK; LIFE CYCLE OF THE PROJECT; MECHANISMS OF IMPACT; POSSIBLE RISKS; METHODOLOGY; PROJECT MANAGEMENT; RISK; PROJECT LIFE CYCLE; MECHANISMS OF ACTION; THE POTENTIAL RISKS; THE METHODOLOGY.

Annotation: The article describes possible risks in project management, recommendations are given when planning a project in order to identify all possible risks.

Today, when it comes to project management, it is unwittingly associated with the topic of possible risks. Every project, new or old, has its own life cycle. Thus, a project is born with planning, which is aimed at determining and agreeing the best way actions to achieve the goals of the project, taking into account all the factors of its implementation. The planning process does not end with the development and approval of an initial project plan. So, for example, there can often be changes in the course of a project. Changes most often occur within the project, but they also tend to be in the external environment. As a result, the project is often rescheduled or the plans of the ongoing project are clarified, from this we can conclude that the planning process can exist throughout life cycle project.

The project management methodology includes procedures, methods and tools for implementing the processes of initiation, planning, organization of execution, control of execution and completion of the project. Project initiation is a project management process, the result of which is the authorization of the start of a project or the next phase of its life cycle.

To achieve the goals of the project, you need to create special structures that will include: the project team and the project management team. In many ways, the success of the entire project will depend on the effectiveness of such structures.

It is worth noting about the possible risks that may be present along the path of the entire project life cycle. As defined by the American PMBOK Project Management Standard (2004), a project risk is an uncertain event or condition that, if it occurs, has a positive or negative impact on at least one of the project objectives, for example, timing, cost, content or quality. The risk can not only have negative consequences, but also positive ones, leading to an improvement in the quantitative and qualitative indicators of the characteristics of the final goals of the project being implemented. If risk is considered as an integral part of the project life cycle, then an analysis of possible project risks should be carried out. Analyzes of project risks are ranked into qualitative and quantitative.

Qualitative risk assessment is a qualitative analysis process that requires a quick response. This risk assessment can determine the importance of the risk and how to respond to that risk. The availability of information on these risks will help prioritize different criteria and risk categories. Using these tools helps to partially avoid the uncertainties that often occur in a project. During the life cycle of a project, there must be an ongoing reassessment of risks.

A quantitative risk assessment determines the likelihood of risks occurring. It also helps the manager or his group led by him to make the right decisions - the impact of the consequences of risks on the project. Risk assessments such as quantitative and qualitative can be used separately or together. Depends on available budget, time and need for such risk assessments.

A section should be highlighted in the project plan for the results of the risk analysis, which will include a description of the risks, mechanisms of influence, measures to protect against anticipated risks. Risk factors mean events that can occur and have a deviating effect on the implementation of the intended project plan, or any conditions that cause uncertainty about the final result of the situation. Also, some of the events that were indicated could be foreseen, while others were impossible to predict. If we talk about risk analysis, then it is carried out from the point of view of: causes of occurrence, possible negative consequences, the forecast of specific measures to minimize the risk. The main results of a qualitative risk analysis are: identification of specific project risks and their causes; analysis and cost equivalent of hypothetical consequences of the possible realization of the noted risks; proposal of measures to minimize damage and their cost estimate. The risk associated with projects is characterized by the following factors: the likelihood of risk; risk event; cost, non-cost factors at risk.

Application of the method for constructing a project decision tree. When you have a small number of variables and the smallest number of project development scenarios for risk analysis, you can use this method. The great advantage of this method is its clarity. To build a decision tree in risk analysis, a sequential collection of data is carried out, which includes the following steps: determining the composition and duration of the phases of the project life cycle; identification of key events that may affect the further development of the project; determination of the time of occurrence of key events; formulation of all possible solutions that can be taken as a result of the occurrence of each key event; determining the likelihood of making each decision; determination of the cost of each stage of the project. By building a decision tree, you can understand the likelihood of each scenario.

To maximize the possible risks in the project, you can use the Monte Carlo simulation method. It is a collection of techniques for sensitivity analysis and scenario analysis. The result of this method is the likelihood of possible project outcomes. However, there is difficulty in applying this method due to variables that are incorrectly specified and can lead to inaccurate conclusions.

Speaking about the methods of risk reduction, we can say that all methods that allow minimizing project risks can be divided into three groups.

Risk sharing allows you to rank risks between project participants. This distribution between the project participants is effective way... This distribution of risks between project participants increases the reliability of achieving the result. It is most correct to make someone responsible for a specific type of risk, who can qualitatively control the given risk.

Reserve funds to cover sudden (unplanned) expenses. If the project participants cannot ensure the implementation of the project before the risk event themselves, then it is necessary to carry out risk insurance. Risk insurance - transfer of certain risks to an insurance company.

The effectiveness of methods to reduce all risks is determined using a certain algorithm: considering the risk that is of the greatest importance for the project; the cost overrun of these funds is determined, taking into account the likelihood of an adverse event; determination of cost overruns, taking into account the likelihood of an adverse event; a list of possible measures is determined that are aimed at reducing the likelihood and danger of a risk event; additional costs for the implementation of the proposed activities are determined; comparison of the required costs for the implementation of the proposed measures with a possible cost overrun due to the occurrence of a risk event; a decision is made on the implementation or refusal of anti-risk measures; the process of compiling the probability and consequences of risk events with the costs of measures to reduce them is repeated for the next most important risk.

Comprehensive study of all kinds of risks at first initial stage project using these approaches and methods is undertaken not only in the analysis of risks. Through such research, conclusions are helpful during the project implementation phase, as the analysis of such project risks should not be limited to facts. In the process of risk management, certain steps are taken, such as: identifying the anticipated risks; analysis and assessment of project risks; selection of risk management choices; application of the selected methods; assessment of the results of risk management. Risk management is carried out at all stages of the project life cycle through monitoring, control and necessary corrective actions by the project manager.

Characterizing the aspects of project risk management methods, it is necessary to highlight a clear focus, which allows not only to highlight risk factors, but also to model the project implementation process. Assess the possible likelihood of one or another of the resulting consequences of an unfavorable situation. Propose measures that would compensate for the risks, select methods, track the actual dynamics of the project, and adjust the direction in order to improve. Also, at the initial stage of planning a project, its inception, it is necessary to apply all methods to the development of such a project. In order to minimize all possible risks that may arise during the implementation phase and after implementation, various measures should be applied to simulate risks (such as brainstorm, system analysis). The purpose of control project risks is not only deepening the analysis of the project, but also increasing the efficiency of decisions. The role of the main executor of all methods and decision-making related to risk management falls on the shoulders of the project manager or the team with his participation.

So, methods of management in conditions of risk (project risks) can be a powerful tool for the effective implementation of the projects themselves at all levels of management.

Bibliography

1. Burkov V.N., Novikov D.A. How to manage projects. // - M., 2004. - p. 56-57.
2. Baguli F. Project Management. // -M .: FAIR-PRESS, 2004 .-- S. 155.
3. Mazur I.I. Project management: textbook. manual for universities "Management org." // I.I. Mazur, V.D. Shapiro, under total. ed. I.I. Mazura. 2nd ed. - M .: Omega-L, 2004.S. 433-434.

Project risks A project risk is an uncertain event or condition that, if it occurs, will have a positive or negative effect on at least one of the target parameters of the project (time, cost, content, quality). A risk can have one or more causes and, if it occurs, one or more consequences. 2

Business risk is a normal risk associated with entrepreneurial activity After burning, it implies a variety of potential for profit and loss.Net risk (subject to insurance) is: the risk that implies the possibility or probability of loss without any possibility of making a profit risk that needs to be prioritized risk that can be transferred to another party by: conclusion of a contract, issuance of a guarantee, insurance. Main types of risk 4

Project risk management is a systematic process of identifying, analyzing and responding to project risks; it includes processes that are related to: Conducting risk management planning Identity Analysis Response Monitoring and control on the project Objectives: To increase the likelihood and enhance the consequences of positive incidents Reduce the likelihood and mitigate the consequences of adverse incidents Project risk management 5

Risk management planning is the process that defines the approach, planning and implementation of risk management activities for a project: Planning risk management processes is important to: Ensure that the level, type, activity and visibility of risk management are comparable to both the risk itself and with the significance of the design organization; provide sufficient resources and time for project management operations; create a consistent framework for risk assessment; identify and approve methods and stakeholder statements regarding risks; create a risk management plan. Risk Management Planning 7

Risk identification is the process of determining which risks may affect a project and documenting their characteristics; for what it is necessary: ​​to identify the risk that affects the project; indicate internal and external sources of risk; disclose the causes and consequences of the risk; involve relevant specialists in participation, stakeholders and external experts; classify risks into a specific category: project management risks, organizational risks, external risks Risk Identification Process Output - Risk Register Risk Identification 8

Conducting a qualitative risk analysis is the process of assessing and assessing the likelihood of occurrence of identified risks, as well as prioritizing risks in accordance with their potential impact on project objectives; for this it is necessary: ​​to assess the likelihood of occurrence or non-occurrence of each identified risk; to determine the consequences of each risk event about what amount is in question, whether what can be lost; prioritize risks based on their likelihood / consequences; identify risks that can be managed (that can be mitigated). Conducting Qualitative Risk Analysis 11

Risk assessment Assessment factors include: Precedent (Has this risk occurred before?) Knowledge of the operation (Have you ever done this kind of work before?) Resources and skills Time, cost and quality Probability (How likely is the risk to occur?) Impact (What is its impact on the project or business?) 13

Measurement of probability Probability Value Low Schedule failure, cost increase, or potential deterioration in performance is unlikely Moderate Delay in schedule, cost increase, or deterioration in potential results possible High Schedule failure, cost increase, or potential deterioration in results is highly probable 15

1. Prioritize risks to decide if risk cases deserve your attention 2. Prioritize identified risks only after conducting a qualitative analysis 3. Identify top 10 risks Develop mitigation measures for each of them 4. Regularly review and assess top 10 risks 5 . Include Top 10 Risks on the Agenda of Regular Project Meetings Risk Prioritization 20

Rank the analyzed risk cases in order of importance - from high to low Use quantitative systematization tools whenever possible; otherwise, use a qualitative analysis Specify risk cases of similar severity separately Prioritize risk incidents with the whole team Do not plan response strategies as part of this process A practical approach to risk prioritization 21

Quantitative risk analysis is the process of numerically analyzing the likelihood of each risk and their implications for project objectives, as well as numerically analyzing the overall project risk; To do this, it is necessary to: calculate the severity of the risk (exposure to risk) based on the likelihood of the risk and its impact, which were determined at the stage of the qualitative risk analysis; prioritize numerically assessed risks; make a list of risks in descending order of their severity; identify risks that can be managed (that can be mitigated). Performing quantitative risk analysis 22

The main tools and methods for identifying risks include: Collecting data and methods of presenting them Poll - used to numerically analyze the likelihood and impact of risks on project goals Probability distribution - used to represent uncertainty in values ​​(continuous values) or uncertain events (discrete values) Expert evaluations - involve experts, both internal and external, to evaluate the findings and methods Quantitative analysis tools and methods 23

Quantitative analysis tools and techniques Perform quantitative risk analysis and modeling method Sensitivity analysis - helps determine which risks have the greatest potential impact on the project Expected cash value analysis is a statistical approach that calculates the average outcome based on future scenarios that may or may not happen Analysis decision tree - usually structurally represented as a branching decision diagram that describes the situation under consideration and the consequences that all possible choices may have Modeling - translates uncertainties given at the detailed project level into potential impact on project objectives 24

Risk Response Planning is the process of developing options and actions to empower and reduce threats to the project's objectives; for this it is necessary: ​​to identify the risks and their description, the area of ​​the project they affect, the causes of the risks and their possible impact on the goals of the project; determine who owns certain risks and bears responsibility for them; use the results of the qualitative and quantitative risk analysis processes; develop agreed response strategies for each risk in terms of risks; take specific actions to implement the selected response strategies; assess the level of expected residual risk after the strategy is implemented; determine the budget or time for response; assess potential losses and contingency plans. Known Risk Response Plan 26

1. Create a list of risks in terms of their priority for the risk analysis stage. 2. Think over the classes of risks so as not to spend unnecessary efforts. 3. Develop different response alternatives: evaluate alternatives and select the most appropriate alternative for each risk and risk class; include selected alternatives in the risk management plan, other project plans and WBS. 4. Communicate the decisions taken to the relevant stakeholders. Risk reduction strategy (practical approach) 29

Avoid - Avoiding risk involves changing the project management plan to address a threat that comes from an unfavorable risk, isolating project objectives from the impact of the risk, or reducing a goal that is under threat Transfer - Risk transfer requires a transfer negative impact threats and the need to respond to third parties Reduce - risk reduction involves reducing the likelihood and / or impact of a negative risk event to an acceptable threshold Strategies for responding to negative risks and threats 30

Strategies for responding to unforeseen circumstances Plan for potential losses in case of risks: prepare an action plan in case of a risk occurrence Funds for possible losses or Risk reserve - The amount of money or time, in excess of planned, necessary to reduce the risk of exceeding the target parameters of the project to an acceptable level for the organization (the most typical adoption strategy) 33

Monitoring and risk management - the process of tracking identified risks, monitoring residual risks, identifying new risks, implementing risk response plans and assessing their effectiveness throughout the entire life cycle of the project, including: conducting control examinations by external specialists; identification of new risks that may arise as a result of changes; implementation of a plan to respond to risks in the event of their occurrence. Monitoring and risk management 34

Make sure risk management is really happening! Involve the team and stakeholders in the process, don't do it yourself. Incorporate risk management into project management planning processes. Choose the right risk management strategies (eg containment or back-up) for each risk case. Monitor and manage risks on a regular basis. Reevaluate the risk after each risky event to measure the likelihood, consequences and new incidents. Communicate risks to stakeholders appropriately. Ensure that the risk management plan is being followed Role of the project manager in risk management 35

Risk management is essential to project success Use risk management to maximize positive outcomes and minimize negative impacts Document risk management standards and procedures and revise them regularly with the project team Key messages 36

Key messages in this section Take steps to assess and control each element of risk Formally assess the outcome of each action Risk includes both the potential for profit and the potential for loss Risk management is an iterative process that occurs throughout the life of a project 37

Project management risks include production, financial and investment risks.

The main sources occupational risk production defects, poor conditions at construction sites, payment of increased taxes, deductions and fines, planning errors, lack of coordination of work, changes in personnel project management, incidents, accidents, shortages and lack of personnel with the necessary qualifications to carry out project work. In Russian conditions, these factors are added to the low discipline of supplies, interruptions in fuel and electricity, physical and obsolescence of equipment.

Financial risk takes into account cash expenses, losses and losses. Feature financial risk is the likelihood of damage occurring as a result of any transactions in the financial and credit and exchange spheres, transactions with stock securities, i.e. the risk that arises from the nature of these operations. Financial risks include the following:

Credit risk - the risk of non-payment by the borrower of the principal and interest due to the lender;

Interest rate risk - the danger of financial losses by commercial banks, credit institutions, investment funds as a result of the excess of interest rates paid by them on borrowed funds over the rates on loans provided;

Currency risk - the danger of currency losses associated with a change in the exchange rate of one foreign currency in relation to another, including the national currency during foreign economic, credit and other currency transactions.

Financial risk, like any risk, has a mathematically expressed probability of losses occurring, which is based on statistical data and can be calculated with a sufficiently high accuracy. To quantify the amount of financial risk, it is necessary to know all the possible consequences of any particular action and the likelihood of the consequences themselves. Probability means the possibility of getting a certain result. As applied to economic problems, the methods of probability theory are reduced to determining the values ​​of the probability of occurrence of events and to choosing the most preferable from possible events based on the largest value of the mathematical expectation. In other words, the mathematical expectation of an event is equal to the absolute value of this event, multiplied by the probability of its occurrence.

At any economic activity there is always a danger of losses arising from the specifics of certain business operations. The danger of such losses is commercial(business) risks. Commercial risk means uncertainty about the possible result, the uncertainty of this activity result. Commercial risks are associated, in particular, with the unpredictability of changes in the purchase price of goods, increased distribution costs, losses and damage to raw materials, materials and equipment during storage and transportation.

Depending on the industry, a distinction is made between clean,(simple) and speculative commercial risks. The presence of pure risks means the possibility of a loss or "zero" result: this risk is designed only for loss. Speculative risks express the possibility of obtaining both positive and negative results.

Investment risk can be defined as the deviation of the actual income from the expected income. An investment is considered not risky if the income on it is guaranteed. Treasury securities are one example of a non-risky investment, as the chances that the government will not be able to buy back its securities is almost zero. On the contrary, when investing in a project associated, for example, with production, in principle new products, or going to new market, or the purchase of securities of any company, there is always some possibility that as a result of unforeseen circumstances the payment of income on them will not be made or not made in full.

Total or cumulative risk is the sum of all risks associated with the implementation of a project and is classified according to various criteria.

By temporary attribute the following types of general risk are distinguished:

Short-term - associated with individual phases of the project life cycle and terminated with the completion of the phase;

Long-term - associated with several or all phases of the project.

By scale and likelihood of losses distinguish between risks:

High - a high probability of the occurrence of risk events and a large scale of losses and costs to overcome the consequences of a risk event;

Weak - low loss rate.

Depending on the degree impact on the financial position of the project stand out:

Acceptable risk - the threat of a slowdown in the implementation of the project or an increase in its cost in acceptable limits;

Critical risk - the risk associated with the threat of a significant deviation of the project in terms of time and cost;

Catastrophic risk is the most dangerous risk leading to a high probability of early termination of a project or causing irreparable damage to social and natural systems.

By areas of manifestation highlight the following risks:

Economic - associated with changes in the economic factors of the project;

Political - associated with a change in the political course of the country, region;

Social - related social problems(for example, the risk of strikes);

Environmental - related to the threat environmental disasters and disasters;

Regulatory - related to changes in legislation and regulatory framework.

Depending on the sources of occurrence and the possibility of elimination, project risks are:

non-systemic(specific) risks - risks caused by such special events for the project as a shortage of raw materials, materials, labor, successful or unsuccessful programs of interaction with project stakeholders, non-performance of contracts by subcontractors, ineffective outsourcing activities, mistakes in acceptance management decisions, accidents caused by violation of norms, rules, technologies and much more. Such risks are individual, specific to each project, and their management largely depends on the experience, knowledge and skills of the project manager;

systemic risks arise from external events affecting the market as a whole: war, inflation, economic downturn, high interest rates, etc. Systematic risk accounts for up to 50% of the total project risk. Systemic risks that have common roots, but different manifestations in different projects, are easier to predict and for them it is easier to compose general rules and recommendations to minimize their negative impact on the project.

Risks arise when risk factors act - situations arise that generate risks. By itself, the risk factor does not lead to the disruption of project work or their rise in cost, it only increases the likelihood of an adverse event, which, in principle, may not occur. The risk factor may be the project itself, if such projects have not been done in the organization. The pressure of this factor can be relieved, for example, by inviting an experienced project manager.

It is useful to consider the risk factors that appear at different phases of the project development (Table 8.1), having previously reminded that the development of the project involves the passage of the following stages: definition, planning, execution and completion.

Table 8.1 . Risk factors in different phases of the project

Project phase	Risk factors
Definition	The source of the idea of ​​the project is unclear. The project arose as a result of a spontaneous decision, not a balanced reflection. Not enough information was collected to start the project. The feasibility of the project has not been sufficiently explored. The experience of implementation of similar projects by other organizations was not taken into account. It was not necessary to work with this customer in the past. Cost-benefit comparative analysis has not been carried out
Planning	Project constraints are undefined or vaguely defined. Planners have no prior experience with projects like this. Parts of the plan are missing, required extra work but planning
Planning	The project budget has not been prepared. The contractors did not take any part in the development of the project work plans. Stakeholders who are not familiar with the plan constantly have questions. The plan does not include the name, quantity and delivery time of all the necessary resources. The plan does not provide for full workload of all project staff. The project management was not formed on the basis of team principles of work, aimed at the implementation of project tasks. Conflict resolution procedures have not been developed
Performance	Schedule and planned resource requirements are based on incomplete or inaccurate information. The project uses new, untested work methods. Job descriptions are not detailed enough. Some work is entrusted to people who do not have sufficient experience and skills. New or untrained personnel are involved in the project. The needs of the customer have changed. Inaccurate and conflicting performance reports. Contractors fail to meet their obligations. The project stakeholders were replaced. The prices for materials and services have changed. When performing individual works, changes are introduced that are not coordinated with the project as a whole
Completion	There are no methods for assessing the planned results. The customer does not accept certain types of project work. Administrative bodies are delaying the issuance of permits. Project staff quit before completion of delivery
In all phases	Nobody is responsible for the project as a whole. There is no main supporter of the project. The organization's management has little interest in the project. The resources allocated for the completion of the phase are insufficient. The project proceeds to the next phase without completing the previous one. The project requires a large number of scarce specialists. Many departments of the organization will be involved in the project

The main and main reason why project risks arise is the uncertainty that accompanies each project. Some project risks may be known, these are those risks that have been identified, assessed and for which it is possible to develop a plan to manage these risks. But there are unknown project risks - these are risks that are not identified and cannot be assessed in this moment... Although the specific risks and the conditions for their occurrence are often not identified, experienced project managers know that a fairly large part of the risks can be foreseen.

Carrying out projects with a high degree of uncertainty in areas such as goals and technologies to achieve them, many companies pay attention to the development and application corporate practices project risk management. These methods take into account both the specifics of projects and the specifics of corporate management methods.

The American Project Management Institute (PMI), which develops and publishes standards in the field of project management, has significantly revised the sections governing risk management procedures. IN new version PMBoK (expected to be adopted in 2000) describes six risk management procedures. In this article, we will take a quick look at the risk management procedures.

Project Risk Management- these are processes associated with the identification, analysis of risks and decision-making, which include maximizing the positive and minimizing the negative consequences of the occurrence of risk events. The project risk management process typically includes the following procedures:

• Risk management planning- selection of approaches and planning of project risk management activities.
• Risk identification- identifying risks that could affect the project and documenting their characteristics.
• - a qualitative analysis of risks and the conditions for their occurrence in order to determine their impact on the success of the project.
• Quantification- quantitative analysis of the likelihood and impact of the consequences of risks on the project.
• Risk response planning- determination of procedures and methods to mitigate the negative consequences of risk events and use the potential benefits.
• Monitoring and control of risks- risk monitoring, identification of remaining risks, implementation of the project risk management plan and assessment of the effectiveness of actions to minimize risks.

All of these procedures interact with each other as well as with other procedures. Each procedure is performed at least once in every project. Although the procedures presented here are considered discrete elements with well-defined characteristics, in practice they may overlap and interact.

Risk management planning

Risk management planning- the process of making decisions on the application and planning of risk management for a specific project. This process may include organizational decisions, staffing of project risk management procedures, selection of preferred methodology, data sources for risk identification, time frame for situation analysis. It is important to plan risk management appropriate to both the level and type of risk and the importance of the project to the organization.

Identification of project risks

Identification of project risks determines what risks can affect the project. It also documents the parameters of these risks. Risk identification will be ineffective if it is not done regularly. The most important condition successful work with risks is their constant identification, otherwise, the project manager runs the risk of missing important risks, which, in turn, can lead to the collapse of the entire project.

That is why the project manager, in order to identify the risks of the project, should involve as many participants as possible: the project team, customers, users, independent experts.

Risk identification is an iterative process. Initially, risk identification can be done by a part of the project managers or by a group of risk analysts. Further identification can be handled by the core group of project managers. Independent specialists can participate in the final stage of the process to form an objective assessment. A possible response can be determined during the risk identification process.

Qualitative assessment of project risks

- the process of qualitative analysis of identified risks and identification of risks requiring special attention or rapid response. A qualitative risk assessment determines the degree of importance of the risk and chooses a response method. The availability of accompanying information makes it easier to prioritize different categories risks.

A qualitative risk assessment helps to identify the conditions under which individual project risks arise, as well as to assess the degree of risk impact on the project. Using this method helps to partially avoid the ambiguities that often occur in a project. Project risks need to be reassessed throughout the entire project lifecycle.

Figure 1 - Qualitative risk assessment

Quantitative assessment of project risks

A quantitative risk assessment is necessary to determine the likelihood of risks occurring, as well as the impact of the consequences of risks on the project. This process is very important because helps the project management team make the right decisions and avoid ambiguities.

A quantitative assessment of project risks allows you to determine:

• The likelihood of the project being successful;
• Impact of risk on project and scope additional costs that are necessary to work with risks;
• Critical project risks requiring an urgent response from the project team;
• Additional costs of the entire project associated with work with risks, as well as a forecast of the timing of the completion of the project.

A quantitative risk assessment usually accompanies a qualitative risk assessment; moreover, both of these processes, for their effective use, require a risk identification process.

Quantitative and quantitative risk assessment can be used separately or together, it all depends on the experience of the project management team, the available budget and time.

Fig. 2 - Quantitative risk assessment

Project Risk Response Planning

Risk response planning is finding and developing ways to reduce or increase the impact of risks on a project. Those project risks that negatively affect the project, the project team strives to reduce to zero, and the project risks that positively affect the project result, the team strives to bring closer and increase.

Project risk response planning involves identifying and ranking each risk by category. The effectiveness of this process determines to what extent the consequences of exposure to risks on the project will be positive or negative.

The response planning strategy should be appropriate to the types of risks, resource availability and time costs. Usually, for each of the important risks, several variants of strategies for responding to project risks are developed.

Monitoring and control of project risks

Monitoring and control - determine the residual risks of the project, ensure the implementation of the risk plan and assess its effectiveness, taking into account the risk reduction. Risk indicators associated with the implementation of the conditions for the fulfillment of the plan are recorded. Project risk monitoring and control should be carried out throughout the project.

A well-established process of monitoring and controlling project risks helps to make effective decisions to prevent the emergence of new risks. The project manager must always remember that effective risk monitoring requires interaction between all project participants.

The purpose of monitoring and control is:

• How well the project risk response is applied;
• Identification of changes in risks compared to the previous period;
• Revealing the onset of risks;
• Confidence that all necessary risk response measures have been taken;
• The exposure to the risks was planned or an accidental result.

Figure 3 - Monitoring and control

Monitoring and control may entail the development of alternative strategies, the adoption of adjustments, or the rescheduling of the entire project to successful implementation project.

Andrius Kutis

Views: 35 860

The analysis of project risks begins with their classification and identification, that is, with their qualitative description and definition - what types of risks are inherent in a particular project in a given environment under the existing economic, political, legal conditions.

Risk analysis - procedures for identifying risk factors and assessing their significance, in fact, an analysis of the likelihood that certain undesirable events will occur and negatively affect the achievement of project objectives. Risk analysis includes risk assessments and methods to mitigate risks or mitigate associated adverse effects.

Risk assessment is a quantitative or qualitative determination of the magnitude (degree) of risks.

The analysis of project risks is subdivided into qualitative (a description of all anticipated project risks, as well as a cost estimate of their consequences and mitigation measures) and quantitative (direct calculations of changes in project efficiency due to risks).

The analysis of project risks is based on risk assessments, which consist in determining the magnitude (degree) of risks. Methods for determining the criterion for quantitative risk assessment include:

• · statistical methods estimates based on the methods of mathematical statistics, i.e. variance, standard deviation, coefficient of variation. To apply these methods, a sufficiently large amount of initial data and observations is required;
• Methods expert assessments based on the use of expert knowledge in the process
• · Analysis of the project and taking into account the influence of qualitative factors;
• · Methods of analogies based on the analysis of similar projects and the conditions for their implementation to calculate the probability of losses. These methods are used when there is a representative basis for analysis and other methods are unacceptable or less reliable, these methods are widely practiced in the West, since in the practice of project management, project evaluations are practiced after their completion and significant material is accumulated for subsequent use;
• · Combined methods include the use of several methods at once.

Methods for constructing complex probability distributions (decision tree) are also used, analytical methods(sensitivity analysis, break-even point analysis, etc.), scenario analysis.

Risk analysis - critical stage analysis investment project... The analysis solves the problem of reconciling two practically opposite aspirations - maximizing profits and minimizing project risks.

The result of the risk analysis should be a special section of the project business plan, including a description of the risks, the mechanism of their interaction and the cumulative effect, measures to protect against risks, the interests of all parties in overcoming the danger of risks; assessment of the risk analysis procedures performed by experts, as well as the initial data used by them; a description of the structure of risk distribution between the project participants under the contract, indicating the stipulated compensation for losses, professional insurance payments, debt obligations, etc .; recommendations on those aspects of risks that require special measures or conditions in the insurance policy.

One of the areas of risk analysis for an investment project is a qualitative analysis or identification of risks.

A qualitative analysis of project risks is carried out at the stage of developing a business plan, and a mandatory comprehensive examination of an investment project allows us to prepare extensive information for analyzing its risks.

The first step in identifying risks is to specify the classification of risks in relation to the project being developed.

In the theory of risks, the concepts of a factor (cause), a type of risk and a type of loss (damage) from the onset of risk events are distinguished.

The factors (causes) of risks are understood as such unplanned events that can potentially occur and have a deviating effect on the planned progress of the project, or some conditions that cause uncertainty in the outcome of the situation. At the same time, some of these events could be foreseen, while others were not possible to predict.

Risk type - classification of risk events for the same type of reasons for their occurrence.

Type of loss, damage - classification of the results of the implementation of risk events.

Risk analysis is carried out in terms of:

• Origins, causes of occurrence of this type risks;
• · Probable negative consequences caused by the possible realization of this risk;
• · Specific predictable measures to minimize the considered risk.

In fig. 1.It illustrates the relationship between project risks and projected profit from its implementation.

Rice. one.

The higher the risk of the project, the lower the level of expected profit.

The main results of a qualitative risk analysis are:

• · Identification of specific risks of the project and the causes that give rise to them;
• · Analysis and cost equivalent of hypothetical consequences of the possible realization of the noted risks;
• · Proposal of measures to minimize damage and, finally, their cost estimate.

In addition, at this stage, the boundary values ​​(minimum and maximum) of the possible change in all factors (variables) of the project that are checked for risks are determined.

The mathematical apparatus of risk analysis is based on the methods of probability theory, which is due to the probabilistic nature of uncertainty and risks. Quantitative risk analysis tasks are divided into three types:

• · Straight lines, in which the assessment of the level of risks is based on a priori known probabilistic information;
• · Inverse, when an acceptable level of risks is set and the values ​​(range of values) of the initial parameters are determined, taking into account the established restrictions on one or several variable initial parameters;
• · The tasks of studying the sensitivity, stability of the effective, criterial indicators in relation to the variation of the initial parameters (distribution of probabilities, areas of change of certain values, etc.).

This is necessary due to the inevitable inaccuracy of the initial information and reflects the degree of reliability of the results obtained in the analysis of project risks.

Developing a business plan is not limited to calculating future income and expenses. At various stages of work - from the appearance of the initial idea to the analysis of the final results - it is necessary to calculate the possible risks of the investment project, which will allow to level them down to a level acceptable for the company. Existing methods for identifying and analyzing risk can be conditionally divided into three groups

Qualitative methods mainly allow for a logical analysis of possible events and their consequences (see Table 1). Their strong point is that they are applicable at the earliest stages of project development, starting from the moment the concept was created. The main disadvantage is the inability to rank risks based on any methodology. Of course, the ranking can be carried out by the analyst intuitively and expressed in the fact that he will pay more attention to the analysis of some risks than others.

QUALITATIVE RISK ANALYSIS METHODS Table 1

		A comment
Analogy method	Assumes a comparison by a number of features of the planned project with previously carried out projects	Requires historical information and a clear understanding of the degree of its applicability in a particular situation
Due diligence	It involves the collection and detailed study of information about the prospective counterparty or the place of the project implementation	Requires significant management will of the management, since it is often associated with the cost of information and external services, as well as with an increase in terms
Causal Analysis	It involves the heuristic identification of risk events, a formal logical analysis of their possible causes and the development of anti-risk measures	Applicable at the earliest stages design analysis... Allows you to critically examine decisions taken, stimulates the search for options and "increasing the reliability of the project" as a whole
Event-Consequence Method (HAZOR, Hazard and Operability Research)	It involves dividing the project (system) into elements, determining their results and identifying risks using a special algorithm and a set of keywords	Applicable to identifying, in principle, any specific risks.

Quantitative and qualitative methods are based on the use of expert assessments, expressed either in points or in categories, for example, “moderate”, “significant”, “acceptable” (see Table 2). Strong side- bringing priorities into qualitative analysis. The disadvantage is the "tendency to discretize", the result of the analysis is either the order of preferences, or a judgment about belonging to a category.

QUANTITATIVE AND QUALITATIVE RISK ANALYSIS METHODS Table 2

		A comment
Expert additive models	It is supposed to determine the composition of the assessment parameters, their weight coefficients and the assessment of one or more projects using a weighted sum, on the basis of which a decision is made on the degree of risk	We will apply it already at the stage of developing a project concept. Allows you to rank and select projects and their variants in the early stages of analysis
Risk profile, risk diagram	Assumes project risk assessments for a number of parameters and their reflection on a group of appropriate scales. Scales can be parallel or ray diagrammed. As a result of the graphical connection of the obtained estimates, a "profile" is obtained, which is compared with the "acceptable" or "reference" profile	It is a tool to visualize the project's risk structure and formally assess whether the project is in line with the organization's risk policy. Requires that this policy is in fact in the organization, and in this case is a mandatory tool for use
Risk map	It involves the positioning of the project in various risk coordinates and the development of an appropriate risk management policy in the project	Likewise

Quantitative methods give not point, but interval and probabilistic estimates of the project parameters, in particular, its effectiveness (see Table 3). This is their undoubted advantage. However, if they are not based on qualitative analysis, their application can be reduced to formal manipulation of numbers, which can be misleading.

QUANTITATIVE RISK ANALYSIS METHODS Table 3

BusinessBass Service. We offer a service cargo wash at an affordable price.