riskmanagement-170228074706trrrrrrrr.pdf
AteedOlaiya
49 views
31 slides
May 28, 2024
Slide 1 of 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
About This Presentation
Risk Management
Slide Content
Arranged by: Harold Malamion
RISK MANAGEMENT AND RISK
ANALYSIS
RISK MANAGEMENT AND RISK
ANALYSIS
If you are never scared or embarrassed or
hurt, it means you never take any chances.
hurt, it means you never take any chances.
Risk Management
“The process involved with identifying,
analyzing, and responding to risk. It includes
maximizing the results of positive risks and
minimizing the consequences of negative
events”
“The process involved with identifying,
analyzing, and responding to risk. It includes
maximizing the results of positive risks and
minimizing the consequences of negative
events”
What is Risk Analysis?
Risk Analysis is a process that helps you identify and manage
potential problems that could undermine key business
initiatives or projects.
To carry out a Risk Analysis, you must first identify the
possible threats that you face, and then estimate the
likelihood that these threats will materialize.
Risk Analysis can be complex, as you'll need to draw on
detailed information such as project plans, financial data,
security protocols, marketing forecasts, and other relevant
information. However, it's an essential planning tool, and one
that could save time, money, and reputations.
Risk Analysis is a process that helps you identify and manage
potential problems that could undermine key business
initiatives or projects.
To carry out a Risk Analysis, you must first identify the
possible threats that you face, and then estimate the
likelihood that these threats will materialize.
Risk Analysis can be complex, as you'll need to draw on
detailed information such as project plans, financial data,
security protocols, marketing forecasts, and other relevant
information. However, it's an essential planning tool, and one
that could save time, money, and reputations.
When to Use Risk Analysis
Risk analysis is useful in many situations:
When you're planning projects, to help you anticipate and neutralize
possible problems.
When you're deciding whether or not to move forward with a project.
When you're improving safety and managing potential risks in the
workplace.
When you're preparing for events such as equipment or technology
failure, theft, staff sickness, or natural disasters.
When you're planning for changes in your environment, such as
new competitors coming into the market, or changes to government
policy.
Risk analysis is useful in many situations:
When you're planning projects, to help you anticipate and neutralize
possible problems.
When you're deciding whether or not to move forward with a project.
When you're improving safety and managing potential risks in the
workplace.
When you're preparing for events such as equipment or technology
failure, theft, staff sickness, or natural disasters.
When you're planning for changes in your environment, such as
new competitors coming into the market, or changes to government
policy.
How to Use Risk Analysis
1.Identify Threats
Human –Illness, death, injury, or other loss of a key individual.
Operational –Disruption to supplies and operations, loss of access
to essential assets, or failures in distribution.
Reputational –Loss of customer or employee confidence, or
damage to market reputation.
Procedural –Failures of accountability, internal systems, or
controls, or from fraud.
Project –Going over budget, taking too long on key tasks, or
experiencing issues with product or service quality.
1.Identify Threats
Human –Illness, death, injury, or other loss of a key individual.
Operational –Disruption to supplies and operations, loss of access
to essential assets, or failures in distribution.
Reputational –Loss of customer or employee confidence, or
damage to market reputation.
Procedural –Failures of accountability, internal systems, or
controls, or from fraud.
Project –Going over budget, taking too long on key tasks, or
experiencing issues with product or service quality.
How to Use Risk Analysis
Financial –Business failure, stock market fluctuations, interest rate
changes, or non-availability of funding.
Technical –Advances in technology, or from technical failure.
Natural –Weather, natural disasters, or disease.
Political –Changes in tax, public opinion, government policy, or
foreign influence.
Structural –Dangerous chemicals, poor lighting, falling boxes, or
any situation where staff, products, or technology can be harmed.
Financial –Business failure, stock market fluctuations, interest rate
changes, or non-availability of funding.
Technical –Advances in technology, or from technical failure.
Natural –Weather, natural disasters, or disease.
Political –Changes in tax, public opinion, government policy, or
foreign influence.
Structural –Dangerous chemicals, poor lighting, falling boxes, or
any situation where staff, products, or technology can be harmed.
How to Use Risk Analysis
2. Estimate Risk
Risk Value = Probability of Event x Cost of
Event
As a simple example, imagine that you've identified a risk that your rent
may increase substantially.
You think that there's an 80 percent chance of this happening within
the next year, because your landlord has recently increased rents for
other businesses. If this happens, it will cost your business an extra
$500,000 over the next year.
So the risk value of the rent increase is:
0.80 (Probability of Event) x $500,000 (Cost of Event) = $400,000
(Risk Value)
2. Estimate Risk
Risk Value = Probability of Event x Cost of
Event
As a simple example, imagine that you've identified a risk that your rent
may increase substantially.
You think that there's an 80 percent chance of this happening within
the next year, because your landlord has recently increased rents for
other businesses. If this happens, it will cost your business an extra
$500,000 over the next year.
So the risk value of the rent increase is:
0.80 (Probability of Event) x $500,000 (Cost of Event) = $400,000
(Risk Value)
How do we manage risk
Use the six risk management processes
Risk Management Planning
Risk Identification
Qualitative Risk Analysis
Quantitative Risk Analysis
Risk Response Planning
Risk Monitoring and Control
Use the six risk management processes
Risk Management Planning
Risk Identification
Qualitative Risk Analysis
Quantitative Risk Analysis
Risk Response Planning
Risk Monitoring and Control
Risk Management Planning
Project Scope
Statement
Enterprise
Environmental
Factors
Organizational
Process
Assets
Project
Management
Plan
Risk
Management
Plan
Planning Meetings and
Analysis
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project Scope
Statement
Enterprise
Environmental
Factors
Organizational
Process
Assets
Project
Management
Plan
Risk
Management
Plan
Planning Meetings and
Analysis
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
What is a Risk Management Plan?
Methodology –Approach, tools, & data
Roles & Responsibilities
Budgeting –Resources to be put into
risk management
Timing –When and how often
Risk Categories –Risk Breakdown
Structure (RBS)
Definitions –Risk probabilities and
impact
Methodology –Approach, tools, & data
Roles & Responsibilities
Budgeting –Resources to be put into
risk management
Timing –When and how often
Risk Categories –Risk Breakdown
Structure (RBS)
Definitions –Risk probabilities and
impact
What is a Risk Mgmt Plan (Cont’d)?
Probability and Impact Matrix
Stakeholder tolerances
Reporting formats
Tracking
Probability and Impact Matrix
Stakeholder tolerances
Reporting formats
Tracking
Risk Breakdown Structure
Lists categories and subcategories where risks
may arise
Project
Technical
Limited Design
Time
Specifications
Adherence
Organizational
Funding
Prioritization
Resource
Availability
Project
Management
Estimates
Scheduling
Communication
Lists categories and subcategories where risks
may arise
Project
Technical
Limited Design
Time
Specifications
Adherence
Organizational
Funding
Prioritization
Resource
Availability
Project
Management
Estimates
Scheduling
Communication
Risk Identification
Project Scope
Statement
Enterprise
Environmental Factors
Organizational
Process Assets
Risk Management
Plan
Risk Register
Documentation Reviews
Information Gathering
Techniques
Checklist Analysis
Assumption analysis
Diagramming techniques
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
Project Scope
Statement
Enterprise
Environmental Factors
Organizational
Process Assets
Risk Management
Plan
Risk Register
Documentation Reviews
Information Gathering
Techniques
Checklist Analysis
Assumption analysis
Diagramming techniques
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
Information Gathering Techniques
Brainstorming
Delphi technique
Successive anonymous questionnaires on
project risks with responses summarized for
further analysis
Interviewing
Root cause identification
Strengths, weaknesses, opportunities,
and threats (SWOT) analysis
Scenario analysis
Brainstorming
Delphi technique
Successive anonymous questionnaires on
project risks with responses summarized for
further analysis
Interviewing
Root cause identification
Strengths, weaknesses, opportunities,
and threats (SWOT) analysis
Scenario analysis
Diagramming Techniques
Cause and Effect Diagrams
Also known as Ishikawa or fishbone
Product
Delivered
Late
Bad
Specs
Insufficient
Resources
Inadequate
Time
Project
Prioritization
Testing
Materials
Potential Causes Effect
Personnel
Cause and Effect Diagrams
Also known as Ishikawa or fishbone
Product
Delivered
Late
Bad
Specs
Insufficient
Resources
Inadequate
Time
Project
Prioritization
Testing
Materials
Potential Causes Effect
Personnel
Risk Register
List of
Identified risks
Potential responses
Root causes
Updated risk categories (if required)
List of
Identified risks
Potential responses
Root causes
Updated risk categories (if required)
Risk Management Planning
Risk
Management
Plan
Organizational
Process
Assets
Project Scope
Statement
Risk Register
Risk Register
(UPDATED)
Risk probability and impact
statement
Probability and impact
matrix
Risk data quality
assessment
Risk categorization
Risk urgency assessment
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Risk
Management
Plan
Organizational
Process
Assets
Project Scope
Statement
Risk Register
Risk Register
(UPDATED)
Risk probability and impact
statement
Probability and impact
matrix
Risk data quality
assessment
Risk categorization
Risk urgency assessment
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Methodologies
Probability and Impact Matrix
Based on Failure Modes and Effects Analysis (FMEA)
From 1950’s analysis of military systems
Probability and Impact Matrix
Based on Failure Modes and Effects Analysis (FMEA)
From 1950’s analysis of military systems
Probability and Impact Matrix
Define Probability Scale & Impact Scale
Likelihood
Class
Likelihood of Occurrence
(events/year)
Not Likely (NL)
<0.01% chance of
occurrence
Low (L)
0.01 -0.1% chance of
occurrence
Moderate (M)
0.1 -1% chance of
occurrence
High (H)
1 -10% chance of
occurrence
Expected (E)
>10% chance of
occurrence
Probability Scale
Consequence Health and Safety
Extreme
Fatality or multiple fatalities
expected
High
Severe injury or disability likely;
or some potential for
fatality
Moderate
Lost time or injury likely; or
some potential for serious
injuries; or small risk of
fatality
Low
First aid required; or small risk
of serious injury
Negligible No concern
Impact Scale
Define Probability Scale & Impact Scale
Likelihood
Class
Likelihood of Occurrence
(events/year)
Not Likely (NL)
<0.01% chance of
occurrence
Low (L)
0.01 -0.1% chance of
occurrence
Moderate (M)
0.1 -1% chance of
occurrence
High (H)
1 -10% chance of
occurrence
Expected (E)
>10% chance of
occurrence
Probability Scale
Consequence Health and Safety
Extreme
Fatality or multiple fatalities
expected
High
Severe injury or disability likely;
or some potential for
fatality
Moderate
Lost time or injury likely; or
some potential for serious
injuries; or small risk of
fatality
Low
First aid required; or small risk
of serious injury
Negligible No concern
Impact Scale
Probability and Impact
Plots
Rate each risk
on scales then
plot on matrix
Develop
mitigation
technique for
risks above
tolerance
Plots
Rate each risk
on scales then
plot on matrix
Develop
mitigation
technique for
risks above
tolerance
Risk Register Update
Add
Probability and Impact Matrix results
Perform quality check on results
Categorize the risks to make them easier to
handle
Perform urgency assessment to determine which
risk need immediate attention
Add
Probability and Impact Matrix results
Perform quality check on results
Categorize the risks to make them easier to
handle
Perform urgency assessment to determine which
risk need immediate attention
Risk Register
Quantitative Risk Analysis
Risk Management
Plan
Organizational
Process Assets
Project Scope
Statement
Risk Register
Risk Register
(UPDATED)
Data gathering
Quantitative risk analysis
and modeling
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
(Schedule & Cost
Plans)
Risk Management
Plan
Organizational
Process Assets
Project Scope
Statement
Risk Register
Risk Register
(UPDATED)
Data gathering
Quantitative risk analysis
and modeling
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
(Schedule & Cost
Plans)
Quantitative Risk Analysis
Analyze numerically the probability and
consequence of each risk
Monte Carlo analysis popular
Decision Tree analysis on test
Diagram that describes a decision and
probabilities associated with the choices
Expected Monetary Value Analysis (EMV)
Analyze numerically the probability and
consequence of each risk
Monte Carlo analysis popular
Decision Tree analysis on test
Diagram that describes a decision and
probabilities associated with the choices
Expected Monetary Value Analysis (EMV)
Expected Monetary Value (EMV)
Building
CostProbability
Optimistic Outcome$150K 0.2 $30K
Likely Outcome $225K 0.5 $113K
Pessimistic
Outcome
$300K 0.3 $100K
Expected Value$243K
Building
CostProbability
Optimistic Outcome$150K 0.2 $30K
Likely Outcome $225K 0.5 $113K
Pessimistic
Outcome
$300K 0.3 $100K
Expected Value$243K
Decision Tree Analysis
Build or
Upgrade
Plant
New
Plant
-$120
Upgrade
Plant
-$50
Strong
Demand
Weak
Demand
Strong
Demand
Weak
Demand
65%
$200
35%
$90
65%
$120
35%
$60
$80
-$30
$70
$10
Decision
Definition
Decision
Node
Chance
Node
Net Path
Value
EMV of New Bldg
Node = $41.5!
EMV of Upgrade
Node = $49!
Build or
Upgrade
Plant
New
Plant
-$120
Upgrade
Plant
-$50
Strong
Demand
Weak
Demand
Strong
Demand
Weak
Demand
65%
$200
35%
$90
65%
$120
35%
$60
$80
-$30
$70
$10
Decision
Definition
Decision
Node
Chance
Node
Net Path
Value
EMV of New Bldg
Node = $41.5!
EMV of Upgrade
Node = $49!
Risk Response Planning
Risk Management
Plan
Risk Register
Risk Register
(UPDATED)
Strategies for negative
risks or threats
Strategies for positive risks
or opportunities
Strategy for both threat and
opportunity
Contingent response
strategy
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
(UPDATE)
Risk-related
contractual
agreements
Risk Management
Plan
Risk Register
Risk Register
(UPDATED)
Strategies for negative
risks or threats
Strategies for positive risks
or opportunities
Strategy for both threat and
opportunity
Contingent response
strategy
Inputs
Outputs
Tools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Project
Management Plan
(UPDATE)
Risk-related
contractual
agreements
Strategies
Negative Risks (or Threats)
Avoid
Transfer
Mitigate
Acceptance
Positive Risks (or Opportunities)
Exploit
Share
Enhance
Acceptance
Negative Risks (or Threats)
Avoid
Transfer
Mitigate
Acceptance
Positive Risks (or Opportunities)
Exploit
Share
Enhance
Acceptance
Risk Monitoring and Control
Approved Change
Requests
Risk Management
Plan
Risk Register
Work Performance
Information
Risk Register
(UPDATED)
Risk reassessment
Risk audits
Variance and trend
analysis
Technical performance
measurement
Reserve analysis
Status meetings
Inputs
OutputsTools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Performance
Reports
Requested
Changes
Recommended
Corrective Actions
Recommended
Preventive Actions
Org Process Assets
(Update)
Project
Management
Plan (Update)
Approved Change
Requests
Risk Management
Plan
Risk Register
Work Performance
Information
Risk Register
(UPDATED)
Risk reassessment
Risk audits
Variance and trend
analysis
Technical performance
measurement
Reserve analysis
Status meetings
Inputs
OutputsTools & Techniques
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Performance
Reports
Requested
Changes
Recommended
Corrective Actions
Recommended
Preventive Actions
Org Process Assets
(Update)
Project
Management
Plan (Update)
Risk Management Summary
Risk Management Planning –New
Risk ID –Develop categories & types
Risk Qualitative –Probability & Impact Analysis
Risk Quantitative –Decision Tree, EMV, Monte Carlo
Risk Response –Mitigation & contingency plans
Risk Monitoring and Control –Recurring evaluations
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Risk Management Planning –New
Risk ID –Develop categories & types
Risk Qualitative –Probability & Impact Analysis
Risk Quantitative –Decision Tree, EMV, Monte Carlo
Risk Response –Mitigation & contingency plans
Risk Monitoring and Control –Recurring evaluations
Risk
Management
Planning
Risk
Identificatio
n
Qualitative
Risk
Analysis
Quantitativ
e Risk
Analysis
Risk
Response
Planning
Risk
Monitoring
and Control
Tags
Categories
BusinessDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 49
- Slides 31
- Age 576 days
Related Slideshows
1
DTI BPI Pivot Small Business - BUSINESS START UP PLAN
MeljunCortes
44 views
1
CATHOLIC EDUCATIONAL Corporate Responsibilities
MeljunCortes
46 views
11
Karin Schaupp – Evocation; lançamento: 2000
alfeuRIO
44 views
10
Pillars of Biblical Oneness in the Book of Acts
JanParon
40 views
31
7-10. STP + Branding and Product & Services Strategies.pptx
itsyash298
51 views
44
Business Legislation PPT - UNIT 1 jimllpkggg
slogeshk98
43 views