Cover Image

Not for Sale

View/Hide Left Panel
Click for next page ( 64

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement

Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 63
63 conduct and document the workshop should not be under- currence and the consequences of such occurrences. Risk as- estimated. The benefits of a workshop include a comprehen- sessment and analysis is the process of evaluating the risk sive list of risks and a firm basis for risk analysis and planning. events documented in the preceding identification step. Risk assessment and analysis has two aspects. The first determines the probability of a risk occurring (risk frequency); risks are 7.2.5 Design Phase Risk Identification Tips classified along a continuum from very unlikely to very likely. The use of appropriate risk identification techniques must The second aspect judges the impact of the risk should it occur be instituted during Design. (consequence severity). Typically, a project's qualitative risk assessment will recog- Risk identification should be a creative brainstorming nize some risks whose occurrence is so likely or whose conse- process. It should not attempt to analyze risks or discuss quences are so serious that further quantitative risk analysis mitigation procedures, which will be completed in the sub- is warranted. A key purpose of quantitative risk analysis is to sequent steps. combine the effects of the various identified and assessed risk At a minimum, risk information should include assump- events into an overall project risk analysis. The overall risk tions, estimate basis uncertainties, and project issues and analysis is used to determine cost and schedule contingency concerns from the estimator, project team, and any partic- values and to quantify individual impacts of high risk events. ipating specialty groups. Ultimately, however, the purpose of quantitative analysis is To be most useful in later risk analyses, the resultant risk not only to compute numerical risk values but to provide a list should be comprehensive and non-overlapping. Com- basis for controlling project costs through effective risk man- bine like risks and separate overlapping risks. agement practices. Only use risk checklists and experience from similar proj- ects to check for missing risks and to help categorize unique 7.3.1 Design Phase Risk Assessment project risks. and Analysis Inputs Upon completion of the risk list, categorize the risk into logical groupings. Use risk checklists and similar project The physical input to risk assessment and analysis is the list risk analyses for possible categorizations. of risks from the identification step. Early in the design phase, When updating the risk lists, identify new risks. Do not rely this will likely be a long list that must be filtered through the on previous identification exercise to detect all risks. assessment and analysis step to help focus the project team on Beware of cost blackouts. Conduct a risk identification ex- a subset of the most critical risks. Later in the Design Phase, ercise whenever new information is discovered during the this will be a list of risks maintained in a risk register that must design process or whenever there is a significant change to be updated with new risk assessments and analyses as the the project scope. project design evolves. The risk identification step will have identified risks, but the identification step should stop short of assessment or analysis. In the risk assessment and analysis step, risk inputs 7.3 Design Phase Risk Assessment will be elicited from project managers, functional experts, es- and Analysis timators, and analysts to gain a clear picture of the risks. Man- The level of effort needed for thorough risk assessment and agers and functional experts tend toward qualitative assess- analysis varies in the design phase, with the purpose of the ment of risks. They evaluate risks relative to their worst case risk analysis. If a thorough risk analysis is completed for the effects and their relative likelihood of occurrence. Analysts baseline estimate at the end of the programming phase as sug- and estimators tend toward quantitative assessment of risks. gested in this guide, then risk assessment and analysis in- They evaluate risk impacts in terms of a range of tangible re- volves an updating process. If a thorough analysis is not con- sults, and they evaluate risk of occurrence in terms of proba- ducted with the baseline estimate or if the project changes bilities. The analyst's focus is on the combined tangible ef- substantially during the design process, then a rigorous and fect of all the risks on project scope, cost, and schedule. A comprehensive risk analysis will need to be conducted to comprehensive risk strategy combines both a qualitative as- properly quantify project risk and determine an appropriate sessment and a quantitative analysis. contingency. As design progresses, risk assessment and analy- Recalling from Chapter 3, the key inputs for risk assess- sis continues with the purpose of managing risk and retiring ment and analysis are the probability of a risk occurring (risk contingency. frequency) and the impact of the risk should it occur (conse- The primary objective of risk assessment is the systematic quence severity). Knowing the probability and impact, risks consideration of risk events focusing on their probability of oc- can be qualitatively ranked to help managers focus on the

OCR for page 63
64 most critical risks or quantitatively modeled to determine and application of an Estimate Ranges--Monte Carlo Analy- cost and schedule contingency estimates. sis (R3.5) tool will yield a definitive contingency estimate and detailed sensitivity analysis of the risks that contribute to the contingency. All of these tools can produce updates 7.3.2 Design Phase Risk Assessment to previous risk assessments or analyses throughout the de- and Analysis Tools sign process. Risk assessment and analysis tools that can be used in the De- Recalling from Chapter 3 (Section, the type of out- sign Phase are listed in Table 7.2. Note that project complexity puts that a tool produces is a function of the analytical rigor, has a significant impact on the use of risk assessment and analy- nature of assumptions, or amount of input data. Results from sis tools. Refer to Appendix A for complete tool descriptions. risk analyses may be divided into three groups according to their primary output: single parameter output measures; multiple parameter output measures; and complete distribu- 7.3.3 Design Phase Risk Assessment tion output measures. Please refer to Sections 3.4.3 and 3.4.5 and Analysis Outputs for a full description of risk assessment and analysis outputs. Risk assessment and analysis outputs will depend on the type of decision required, the detail in the input analysis, 7.3.4 Design Phase Risk Assessment and the level of rigor in the selected tools for assessment or and Analysis Relationship analysis. The use of qualitative expert input (I2.5 Expert to Project Complexity Interviews) and the application of a Risk Priority Ranking (R3.7), Probability Impact Matrix (P I) (R3.8), or Risk Risk assessment and analysis are directly tied to project com- Comparison Table (R3.9) tools will yield a ranked set of plexity. This can best be seen in the tie between risk analysis and risks that can help focus management on managing the contingency calculation. The research team has observed nu- highest priority risks. The use of quantitative expert inputs merous methods for analyzing risks and developing contin- gency estimates. These methods fall into three categories (Type I, II, and III Risk Analysis), which directly relate to proj- Table 7.2. Design phase risk assessment ect complexity (minor, moderately complex, and major). and analysis tools. Tool Type I Risk Analysis Risk Identification Moderately Complex and Percentage Contingency Minor Major A Type I risk analysis is the simplest form of risk analysis I2.1 Red Flag Items and applies only to minor projects. A Type I risk analysis in- volves the development Red Flag Items (I2.1) and the use of I2.5 Expert Interviews a Contingency--Percentage (R3.2) tool to estimate the con- R3.2 Contingency Percentage tingency. To estimate contingency, the estimator should ex- R3.3 Contingency Identified amine the list of risks and use judgment within percentage contingency range of acceptable standards set by the agency R3.4 Estimate Ranges Three Point Estimate policies or estimating guidance. R3.5 Estimate Ranges Monte Carlo Analysis R3.6 Risk Workshop Type II Qualitative Risk Analysis and Identified Contingency Items R3.7 Risk Priority Ranking R3.8 Probability x Impact Matrix (P x I) A Type II risk analysis applies to moderately complex projects and involves the use of more rigorous risk assess- R3.9 Risk Comparison Table ment and tools (e.g., P I Matrix (R3.8), Risk Comparison R3.10 Risk Map Table (R3.9), etc.) and the estimate of specific contingency R3.13 Risk Management Information System items using the Contingency Identified (R3.3) tool that complements the percentage-based contingency in the Type I R3.14 Self Modeling Worksheet analysis. A qualitative ranking of the risks and expected val- R3.15 Influence Diagrams ues estimates for contingency on the critical risks are key outputs of this method. When estimating an appropriate R3.16 Decision Trees Analysis contingency in a Type II risk analysis, the range of contin-