Transcript:

In this module, you will learn about risk analysis in project management.

Course Objectives

By the end of this lesson, you should be able to:

• Define risk analysis.

• Identify potential risks.

• Recognize and deal with risks when they occur.

• Know how to read and complete a risk assessment form.

What Is Risk Analysis?

Risk analysis is defined as a systematic process of identifying, analyzing, and resolving a project’s risk issues, including maximizing the probabilities and consequences of positive events and minimizing the probability and consequences of adverse events against project objectives. In nonprofits, risks range from misuse of funds to volunteer liability. Risk analysis is essential in nonprofits and can prevent and mitigate adverse events.

In the following video, Jennifer Bridges explains risk analysis and why it is important.

The Process of Risk Analysis

The chart above shows the risk analysis process. It is important to establish the context of the risk and where it fits in within the project. As you can see by the graph, risk analysis is something that is continuously happening throughout a project or within an agency. It starts with identifying a risk and determining its severity and the likelihood of it happening. If the risk is misuse of funds, it is a severe risk that needs to be dealt with as soon as possible. After determining the severity of the risk, it is important to manage the risk. If there is a misuse of funds, it’s important to determine who is doing it, how much it is, and what the action steps are. When it is all said and done, it is important to monitor and review. This step is important as it could possibly prevent the same thing from happening again. As we see at the end of the cycle, the risk analysis process is something that is continuous. Keeping the process going mitigates risk as much as possible.

Types of Risk: Technological, Insurance-Related, Environmental Safety, Regulatory, and Financial

There are many types of risk. Among them are technological, insurance-related, environmental safety, regulatory, and financial. An example of a technological risk can be a breach of data in an organization’s network. An insurance-related risk could be a volunteer getting hurt while volunteering for an organization. An environmental safety risk could be occupational hazards, such as slipping and falling while working. An example of a regulatory risk could be using funds for financial or political gain.

The Importance of Financial Risk in the Risk Analysis Process

When it comes to nonprofits, financial risks can be among the most important, as organizations can face any number of major and minor financial risks. Financial risks can include investments, fraud, misuse of funds, tax liabilities, tax exempt status, fundraising, and physical assets.

Zwikael and Ahn suggest that risk analysis is important because “projects usually possess high levels of uncertainty derived from their compressed schedules, inadequate or uncertain budgets, designs that are near the feasible limit of achievable performance, and frequently changing requirements.” Risk analysis can identify potential risks and prevent them from happening or deal with them before they have serious effects. Risk analysis can also prevent future risks from happening after they happen once. Policies developed after a risk happens can prevent the risk from happening again.

Important Tools and Techniques for the Risk Management Process

The risk management process involves continuous risk identification, risk evaluation, risk mitigation and contingency measure definition, risk monitoring and control, and risk identification efficiency measurement. To help do this, there are a number of tools and techniques to help identify risks.

• One of them is brainstorming, which is done with a group of people who focus on the identification of risk for the project.

• The Delphi Technique is when a team of experts have been consulted anonymously. A list of required information is sent to experts, responses are compiled, and results are sent back for further review until a consensus is reached.

• Interviewing is when interviews are conducted with project participants, stakeholders, and experts to identify risks.

• Root cause analysis is a systematic process used to identify the fundamental risks that are embedded in a project. This usually occurs after a problem has developed and aims to find the causes.

• SWOT Analysis stands for strengths, weaknesses, opportunities, and threats. SWOT allows for analysis and cross-reference by looking at strengths, weaknesses, opportunities, and threats.

• Finally, assumption analysis identifies different assumptions of the project and determines their validity. This further helps in identifying risks for the project. In the next three slides, we will look at three different risk assessments.

The Risk Matrix

After risks are identified, matrixes are often used to assess the risk. The risk matrix is an effective tool that assists in risk evaluation by considering the probability or likelihood against severity linked with the potential risks of a project. A risk matrix is a visual representation of the risks involved in a particular project to help in preparing a mitigation plan and decision making. In short, it is a tool that assists in reducing the risk impact that might cost business adversely otherwise.

The Impact Classification Matrix

An Impact Classification matrix: a score represents bottom thresholds for the classification of risks assuming “normal” conditions. An upgrade of the score to the next or even next + 1 level is necessary, if the risk is impacted by critical factors such as:

• How important the specific stakeholder is,

• Whether the project is critical for the further development of the relationship with the stakeholder,

• The risk is already in the focus of the stakeholder

• Specific penalties for deviations from project targets are agreed in the contract with the stakeholder.

A Checklist

The last risk assessment example is a checklist. This is fairly straightforward. In the example we see three options: yes, no, and not available. While other assessments focused on severity of risks, the simplicity of the checklist shows risks as black and white. If “no” is answered for something like “are exits clearly marked?” you have the answer right there. In nonprofits, this can be helpful if you need to stay up to code to avoid environmental safety risks.

Review: Why is Risk Analysis Important?

In conclusion, risk analysis is incredibly important in project management because:

• It can prevent adverse events and can mitigate them if they occur.

• Risk analysis is a systematic process of identifying, analyzing, and resolving a project’s risk issues.

• Risk analysis is something that begins before a project and happens all the way until it is finished.

• Risk assessments are used to predict, identify, and mitigate risks, and identifying risks can prevent or mitigate adverse events in a project.