Effective project risk assessment and optimal risk mitigation strategies

What are the nature and sources of project risks? What are the nature and role of project risk assessment? How do companies select risk mitigation strategies? What is the correlation between optimal risk mitigation strategies and effective project risk assessment? How do companies achieve their intended financial goals using quality management and statistical methods? The answers to these strategic questions are critical to the effective formulation and execution of an optimal risk mitigation strategy that equates the marginal cost with the marginal benefit of risk mitigation. In addition, the optimal risk mitigation strategy minimizes the known probability and incidence of project risks and maximizes the company’s profit-producing capacity.

In this review, we examine some relevant and existing academic literature on effective project risk assessment and optimal mitigation strategies. Each risk mitigation strategy has costs and benefits. Therefore, the objective function is to maximize the net benefit of risk mitigation strategies. In practice, the optimal risk mitigation strategy equates the marginal cost with the marginal benefit of the risk mitigation strategy by minimizing the incidence of project risks and maximizing the profit-producing capacity of the firm. The project risk measured by the project standard deviation is the weighted average of the possible deviations from the expected value (mean). The project standard deviation captures the probability that any uncertain event or condition could adversely affect a project and prevent it from running as planned.

In practice, the risks of the project, like the financial risks, are derived from the weighted average of the possible variations of the expected results based on historical data. Therefore, companies must understand the nature and sources of variances in order to formulate effective risk mitigation strategies consistent with the company’s profile that enable it to achieve anticipated financial goals through quality management and statistical methods.

Not all risks-variances of the project are adverse. Some risk events, such as innovative approaches or methods to complete an activity or favorable conditions, such as lower prices for certain materials, reduce risk and may facilitate project completion. These favorable events or conditions are called opportunities; but they should still be treated as project risks: possible deviations from the expected (mean) value.

Some operational guidelines

Not all project risks can be effectively mitigated. To formulate and execute effective project risk mitigation strategies, companies must develop a culture of continuous assessment and improvement. Companies can’t apply or manage what they don’t understand, and they can’t measure or understand what they don’t know; and they cannot know what they do not believe. Therefore, companies should always inspect what they expect by designing and implementing a robust assessment model that informs the collection and analysis of relevant, accurate, and timely data.

Sources and types of variation

In operations, identifying the source of variation in projects is critical to improving product quality. Many source of variation identification techniques are based on a linear failure quality model, in which the correlation between process failures and product quality measurements are linear. In practice, many quality measures are nonlinearly related to process failures. A critical aspect of process characterization is identifying and quantifying various sources and types of variation so that they can be minimized.

Additionally, the ability to detect and minimize variation in project processes gives companies a competitive advantage, enabling them to deliver superior quality products to their customers in the global marketplace and achieve anticipated financial goals through statistical methods. and quality management. Traditional quality control focuses on Statistical Process Control (SPC), to detect anomalies and deviations based on product and process measurements. However, this approach does not provide specific operational guidelines for identifying sources of variation, a critical step toward variation reduction, and derivative project risk mitigation strategies.

In addition, the availability of project and process evaluation data, as well as the criticality of problems caused by project and process variation, led to the significant development of innovative methodologies for the identification of sources of variation. In the case of normal causes-common variation, the process is in stable-control and therefore predictable. This means that, based on the current process pattern, a company can predict how it will behave in the future, that is, always within control limits. In the case of special causes-exceptional variation, the process is out of control-unstable and therefore unpredictable. In other words, based on the current process pattern, a company cannot predict how the process will behave in the future.

As you know, there are not only different sources of variation, but also different types of variation. Common cause variation describes random variability that is inherent in the process and special cause or assignable cause variation is due to specific circumstances. The two types of variation are controlled variation and uncontrolled variation. Controlled variation is characterized by a stable and consistent pattern of variation over time. This type of variation is random and indicates a uniform fluctuation about a constant level. Uncontrolled variation is characterized by a pattern of variation that changes over time and is therefore unpredictable.

The concept of controlled/uncontrolled variation is fundamental to determining whether a process is stable and in control. A process is considered stable and in control if it runs consistently and predictably. This means that the average value of the process is consistent and variability is controlled. If the variation is not controlled, the process is out of control, then the expected value of the process (mean) is not consistent, the process variation is changing, or both.

Risk assessment and mitigation strategies

In practice, project risk management is a process that includes a risk assessment and mitigation strategy for identifiable and predictable risks. The project risk assessment includes both the identification of potential risks with known probabilities and the evaluation of the potential impacts of the project risks so identified. Risk mitigation strategies are designed to eliminate or minimize the impact of risk events-occurrences that have a negative or adverse impact on the project. Identifying risk is both a creative and systematic process. The creative process includes the active development of new knowledge about the situations and the application of unique and innovative solutions to the problems of the project. And the systems approach involves the ability to anticipate and understand the implications of project risks and mitigation strategies across the enterprise.

Finally, there is empirical evidence gathered from the existing academic literature that suggests that during process characterization, companies should strive to isolate, eliminate, or minimize all sources of uncontrolled variation. At the project planning stage, the risks are still uncertain because they have not yet occurred. But eventually, some of the anticipated risks will occur, and the company must deal with them. There are four basic strategies for managing project risks:

1. Risk avoidance: The best thing a company can do with project risk is to avoid it. If a company can prevent the risk from occurring, it will not negatively affect the project. The easiest way to avoid project risk is to walk away, but this may not be a viable option. A common risk-avoidance technique is to use existing, proven methods rather than adopt innovative methods, although innovative methods may indicate better potential results. Risk avoidance is often effective, but rarely practical.

2. Risk reduction: If a company cannot avoid the risk, it can mitigate or minimize the impact. This means taking some steps that will minimize the severity of the damage to the project. Effective use of management information system, alert system and early problem detection system are some of the best practices in the industry.

3. Risk transfer: One of the most effective ways to deal with project risk is to pay a third party to accept the risk. The most common way to do this is through insurance or reinsurance.

4. Risk Sharing – This involves partnering with other companies to share responsibility for risky activities. Partnering with another company to share the risk associated with one part of the project is useful when the other company has distinctive expertise or competencies—resources and capabilities that one company lacks.

5. Risk retention: it is the planned assumption of risks by a company. When a company cannot avoid, mitigate, transfer or share a project risk, then it must retain/accept some or all of the risk. The most common way to do this is through self-insurance, copays, or deductibles.

In short, there are always costs and benefits to every business decision and strategy. Therefore, companies should always weigh the costs and benefits of project risk assessment and mitigation strategies to decide if the benefits are worth the costs. The optimal mitigation strategy equates marginal cost with marginal benefit, ceteris paribus.