Prm handbook 1. We believe that this new scalable approach to managing project risks will ensure that project risks are known, communicated, and accepted as they move through the phases of project delivery.
A survey was conducted as part of the development of this handbook to determine how project risk management was being used in the Department to manage project risks. The survey responses revealed that although project risk management is considered to be valuable, many respondents are not familiar with the current Project Risk Management Handbook or have never participated in developing a risk register. The management of risks requires establishing and nurturing a culture of risk management.
In such an environment, project teams work together through each phase of project delivery to manage risks. The intent is to bring focus to the understanding that the project teams are not only designing roads, bridges, drainage systems, etc. It is written as a handbook for all project team members to use during all phases of delivery.
Training and subject matter experts are available to help project teams effectively implement project risk management. If you have any questions about it or how to implement it for your project, please contact your District Risk Management Coordinator. The project manager, project sponsor, and project team members jointly develop a risk register that enables them to identify, assess, quantify, prepare a response to, monitor, and control project risks.
Project risk management is a scalable activity commensurate with the size and complexity of the project under consideration. Simpler projects may use simple analysis, whereas larger more complex projects may use more robust analysis techniques. This Scalable Project Risk Management Handbook, which may be revised and updated from time to time, is applicable to all projects.
Chapter 1 gives an overview of project risk management, the three levels of project risk management, and the process, roles, and responsibilities. Chapter 2 is designed to help the project manager plan the risk management process, form the project risk management team, and prepare a budget for project risk management activities. Chapter 3 provides instruction about risk identification and starting the risk register. It is applicable to all scalability levels. Proceed to the risk analysis chapter for the level of your project: Level 1 Chapter 4 Level 2 Chapter 5 Level 3 Chapter 6 Chapters 7 through 9 are common to all projects.
Chapter 7 details risk response, and Chapter 8 is about risk monitoring. Chapter 9 addresses the required communication checkpoints for all projects and explains the required accountability checkpoints where deputies must sign off on the risk register. It also includes the Risk Management Performance Measure requirements. Project Risk Management Values Identifying, communicating, and managing project risks requires a risk management culture.
This culture is defined by the values in which we operate. The following attributes depict PRM values required for the development of a successful risk management culture. In the context of a project, we are concerned about potential impacts on project objectives such as cost and time. The uncertainty may be about a future event that may or may not happen and the unknown magnitude of the impact on project objectives if it does happen.
The kinds of risks appearing in a risk register are shown below based on when they might occur during the life cycle of a project. It has a probability of occurrence and an uncertain impact if it does occur. This risk is retired from the register if the claim is dismissed or if it is replaced by a CCO. If there is an estimate in the CCO Log of the project, the uncertainty is expressed as a range around the estimate.
This risk is retired from the register when the CCO is executed with the contractor. Specifics about identifying risks are in Chapter 3, including examples of risk statements.
Risk and issue are two words that are often confused when it comes to their usage. Actually there is some difference between them. A risk is an uncertain event that has a probability associated with it. An issue does not have this attribute. Issues are problems right now that the project team has to do something about.
Think of risk management as a proactive activity, while issue management is reactive. Although the details of risk processes may differ depending on the project, risk management has three important parts: identification, analysis, and action. Before risk can be properly managed, it must first be identified, described, understood, and assessed. Analysis is a necessary step, but it is not sufficient; it must be followed by action.
A risk process which does not lead to implementation of actions to deal with identified risks is incomplete and useless. The ultimate aim is to manage risk, not simply to analyze it. The project risk management process Figure 1 is not difficult. It simply offers a structured way to think about risk and how to deal with it.
A full project risk management endeavor includes these processes: 1. Risk Management Planning — Deciding how to approach, plan, and execute the risk management activities for a project.
Risk Identification — Determining which risks might affect the project and documenting their characteristics. Qualitative Risk Analysis — Prioritizing risks for subsequent further analysis or action by assessing and combining their probability of occurrence and impact.
Quantitative Risk Analysis — Analyzing probabilistically the effect of identified risks on overall project objectives. Risk Response — Developing options and actions to enhance opportunities and to reduce threats to project objectives. Risk Monitoring — Tracking identified risks, monitoring residual risks, identifying new risks, executing risk response plans, and evaluating their effectiveness throughout the project life cycle. The questions constitute a process, shown in Figure 1, indicating how the different elements of project risk management interact and describing how risk management can be implemented.
The process has a circular form to highlight that it is a continuous process throughout the life cycle of a project. The arrows signify the logical flow of information between the elements of the process. Communication is the core of this process. It is the means by which all the information flows and the project team continuously evaluates the consistency and reasonableness of risk assessments and their underlying assumptions. Accordingly, three ranges were selected for the scalability levels of Project Risk Management.
The risk management requirements are listed in Table 1. The project team may choose to work at a higher scalability level than required or work at a lower level if approved by the SFP. However, the project team should consider other factors to determine what level of risk management effort is needed. Any of these factors may warrant employing a higher scalability level.
All levels perform the other processes. Level 3 quantifies risks in probabilistic forecast terms of cost and time, whereas Levels 1 and 2 do not. Need more Contingency? A fully developed risk management plan with a quantitative risk assessment would be an acceptable document to help justify an exception to the 5 percent contingency. The members of the PRMT should collectively have all of the expertise required to identify, assess, and respond to risks of the project. However, they should not hesitate to draw on the extensive talent pool available to the project for assistance.
Representatives from other agencies, if any, may be invited to participate at PRMT meetings to ensure that all parties are fully informed, and thus avoid surprises. The project manager generally acts as the PRM for Level 1 and 2 projects. In scheduling PDT meetings, the project manager should indicate when risk discussions will be on the agenda so that PRMT members can plan to attend for risk discussions as well as other agenda items.
Discussing Risks as a Team has Value Conducting risk management meetings as a team has value. The team listens to its members discuss risks, and the team can provide input from different perspectives. In discussing risks, the work of individual team members can have an impact on the work of the rest of the team. Listening to team members, and discussing their challenges, provides a greater likelihood that the impact of a risk will be assessed properly.
The project manager should involve all functional units and Construction in the risk management process from inception to project completion. The communication and accountability checkpoints are detailed in Chapter 2. They are relative to the existing standard milestones in the Caltrans Work Breakdown Structure. The latest risk register is communicated at each checkpoint. Communication ensures that all parties are fully informed, and thus avoids unpleasant surprises.
Regular reporting is an important component of communication. Reports on the current status of risks and risk management are required for managers and other parties to understand the risks. They complement other management reports in developing this understanding.
The project risk manager will prepare and issue periodic risk management reports as required by the project manager To ensure a clear audit trail, the project risk manager will ensure that the risk management process is documented in such a way that it can be reviewed, the structure and assumptions can be examined, and the reasons for particular judgments and decisions can be identified.
It depends on the project size and complexity and the amount of risk management effort that will be required. The project manager and the PDT may decide if it is necessary. The Risk Management Plan RMP defines the level at which risk management will be performed for the project and the frequency of risk management meetings and risk register updates. It lists the members of the Project Risk Management Team by the various disciplines involved in the project and sets a budget for the risk management activities.
The RMP should be completed early in project planning, since it is crucial to successfully performing the other processes described herein. Emphasize that the PRMT is expected to stay together to manage risks until project completion.
If working to Level 2 scalability, determine the impact and probability definitions so that the team has the same understanding of the meaning of the word descriptions.
See Table 5 on page 20 for guidance. The PDT may include external stakeholders and agencies in addition to Caltrans personnel. It produces a deliverable — the project risk register — that documents the risks and their characteristics. The risk register is subsequently amended by the qualitative or quantitative risk analysis, risk response, and risk monitoring processes. The same word can also describe uncertainties that, if they occurred, would be helpful. In short, there are two sides to risk: threats and opportunities.
Projects in design have the greatest potential for opportunities because the project is still open to changes. Risk reduction and avoidance are opportunities, as are value analyses, constructability reviews, and innovations in design, construction methods, and materials. Once a project enters construction, the project objectives scope, time, and cost are fixed contractually, so opportunities to save money and time are fewer.
Any changes must be made using a contract change order CCO , and only a negative CCO such as one resulting from a Value Engineering Change Proposal by the contractor would still afford an opportunity to save money and time. So, the risk management focus during construction is on reducing or eliminating risks.
It is a living document — a comprehensive listing of risks and the manner in which they are being addressed as part of the project risk management process. The risk register is maintained as part of the project file that also includes information related to uncertainties in the cost estimate and schedule. Although not desirable, project team members sometimes change, and the project experiences change over the course of the project.
Communication among project team members about the project objectives, costs, risks, etc. The risk register communicates project risks and helps the team members understand the status of the risks as a project moves from inception toward completion. Managers should view the risk register as a management tool through a review and updating process that identifies, assesses, manages, and reduces risks to acceptable levels. Thereafter, a full review and update of the risk register should be undertaken at the beginning of each subsequent phase of the project.
The register will be updated at least quarterly during the construction phase of the project. The project team decides the most beneficial use of the risk register, with the objective of minimizing the risk impact. Resolving Disputes Successful implementation of a risk mitigation measure is one of the most important aspects of project risk management.
When PRMT members are at odds on whether or not these measures can be implemented, the dispute should be elevated to assist in its resolution. The team should have a Dispute Resolution Ladder DRL that outlines when and how disputes will be elevated and subsequently resolved.
Disputes should be elevated once all relevant information is known, and agreement is not reached or a decision cannot be made. Risk identification documents risks that might affect the project and their characteristics of probability and impact. A common challenge in risk identification is avoiding confusion between causes of risk, genuine risks, and the effects of risks. A risk may have one or more causes and, if it occurs, one or more effects. Examples include the need to use an unproven new technology, the lack of skilled personnel, or the fact that the organization has never done a similar project before.
Causes themselves are not uncertain since they Examples include the possibility that planned completion targets might not be met, escalation rates might fluctuate, or the chance that requirements may be misunderstood.
These uncertainties should be managed proactively through the risk management process. Examples include early milestone completion, exceeding the authorized budget, or failing to meet agreed quality targets.
Effects are contingent events, unplanned potential future variations which will not occur unless risks happen. As effects do not yet exist, and they may never exist, they cannot be managed directly through the risk management process. Including causes or effects in a list of identified risks obscures genuine risks, which may not receive the appropriate degree of attention they deserve. It is not intended as an exhaustive list, nor is it a substitute for other methods of identifying risks.
Some of the items are issues and not risks The difference is explained in the sidebar on page 4. The information is entered into the risk register. The risk register is reviewed and updated throughout the project. The project manager, at his option, may elicit initial risk registers from the functional units and consolidate the contributions into a single project risk register.
Alternatively, the project risk register may be developed during a PRMT meeting. This makes it difficult to determine environmentally sensitive areas or subsurface information needed to design roadways and foundations. The team needs to recognize the uncertainty that arises from this lack of information and provide the means to address it in the construction phase.
Some options for addressing the risks from unknown conditions: 1. Execute a service contract to determine the information during the design phase, and revise contract documents accordingly.
Provide language in the Special Provisions for the contractor to provide access to the job site for the Department's personnel as a first order of work. Provide language in the Special Provisions for the contractor to hold off on ordering materials whose quantity may be impacted by this new information. A design change that is outside the parameters contemplated in the Environmental Document triggers a supplemental EIR which causes a delay due to the public comment period. Environmental Potential lawsuits may challenge the environmental report, delaying the start of construction or threatening loss of funding.
Nesting birds, protected from harassment under the Migratory Bird Treaty Act, may delay construction during the nesting season. Not visiting the site creates uncertainties about conditions, which must be recognized as risks. The project team was unaware that the work was part of a corridor project constructed under several contracts. This risk could have been prevented with a site visit. In this instance, the design was performed by another district, and travel to the job site was deemed impractical.
Consequently, risks stemming from site conditions were not identified. While this timely action reduced delays to the project, significant contingency funds were expended, necessitating a request for supplemental funds. ID Enter a unique identifying number for the risk. Description Write a complete description of the event and its potential impacts on the project if this risk were to occur. Updated Enter the date the risk was created.
Other columns in the risk register will be completed or updated by the qualitative Chapter 4 or quantitative Chapter 5 risk analysis and risk response processes in Chapter 7. So as not to take space from a crowded risk register, if a trigger is identified for a risk, it should be described in relation to the risk response.
When the team repeats qualitative analysis for individual risks, trends may emerge in the results. These trends can indicate the need for more or less risk management action on particular risks or even show whether a risk mitigation plan is working.
The risk ratings determine where the greatest effort should be focused in responding to the risks. They facilitate structured risk response action and resource allocation. Other columns in the risk register will be completed or updated by the risk response process in Chapter 7. Qualitative risk analysis for Level 2 projects assesses the priority of identified risks using their probability of occurring and the corresponding impact on project objectives if the risks occur.
The cost impact ratings may be easier to apply if expressed in terms of dollars. The ratings for the project serve as a consistent frame of reference for the PRMT in assessing the risks during the life of the project.
The table is intended as a guide — the PRMT may define dollar and time ranges as appropriate for the project. The impacts are to the overall project. Schedule delay applies to risks that are on the critical path the longest path. During construction, delays impact project completion. The risk matrix in Figure 2 is used to determine the importance of each risk impact based on the probability and impact ratings.
Each word descriptor of the rating has an associated number; the product of the probability number and impact number defines the risk score. The color of the zone indicates the priority of the risk for risk response: red zone signifies high importance, yellow is medium importance, and green is low importance.
Rationale Describe the rationale for these assessments. This valuable new edition includes an exclusive collection of interactive multiple-choice questions from recent FRM exams. Authored by renowned risk management expert Philippe Jorion, with the full support of GARP, this definitive guide summarizes the core body of knowledge for financial risk managers.
Offers valuable insights on managing market, credit, operational, and liquidity risk Examines the importance of structured products, futures, options, and other derivative instruments Contains new material on extreme value theory, techniques in operational risk management, and corporate risk management Financial Risk Manager Handbook is the most comprehensive guide on this subject, and will help you stay current on best practices in this evolving field.
Written with the full support of GARP, and containing questions and solutions from previous exams, this book is a valuable resource for professionals responsible for or associated with financial risk management. The Professional Risk Managers' Guide to Financial Markets examines how financial risk management takes place in the world's major financial markets.
Sponsored by PRMIA and edited by risk management experts Carol Alexander and Elizabeth Sheedy, this authoritative resource features contributions from eleven global experts who explore the major financial instruments, the valuation methods most appropriate for each, and strategies for assessing the associated market risks.
The Professional Risk Managers' Guide to Financial Instruments offers step-by-step guidance in: The main types of bonds Futures and forward contracts Caps, floors, and interest rate options Swaps and swaptions Convertible bonds and other hybrid instruments Options, including exotic and path dependent pay-offs Using instruments for hedging and speculation. Sponsored by the PRMIA Institute and edited by renowned analyst Peter Fusaro, the book includes contributions from 20 world experts who discuss every aspect of energy trading and the risks associated with specific investment vehicles and energy sectors.
The Authoritative Guide to the Best Practices in Operational Risk Management Operational Risk Management offers a comprehensive guide that contains a review of the most up-to-date and effective operational risk management practices in the financial services industry.
The book provides an essential overview of the current methods and best practices applied in financial companies and also contains advanced tools and techniques developed by the most mature firms in the field. The author explores the range of operational risks such as information security, fraud or reputation damage and details how to put in place an effective program based on the four main risk management activities: risk identification, risk assessment, risk mitigation and risk monitoring.
The book also examines some specific types of operational risks that rank high on many firms' risk registers.
0コメント