What are the nature and sources of project risks? What are the nature and function of the project risk assessment? How do companies select risk mitigation strategies? What is the correlation between optimal risk mitigation strategies and effective project risk assessment? How do companies achieve their financial objectives through statistical and quality management methods? The answers to these strategic questions are critical to the effective formulation and execution of an optimal risk mitigation strategy that equates the marginal cost with the marginal benefit of risk mitigation. In addition, the optimal risk mitigation strategy minimizes the known likelihood and incidence of project risks and maximizes the company’s profit-producing capacity.
In this review, we examine some of the relevant and existing academic literature on effective project risk assessment and optimal mitigation strategies. Each risk mitigation strategy has costs and benefits. Therefore, the objective function is to maximize the net benefit of risk mitigation strategies. In practice, the optimal risk mitigation strategy equates the marginal cost to the marginal benefit of the risk mitigation strategy by minimizing the incidence of project risks and maximizing the profit-producing capacity of the company. The project risk measured by the project standard deviation is the weighted average of the possible deviations from the expected value (mean). The project standard deviation captures the probability that any uncertain event or condition could negatively affect a project and prevent it from executing as planned.
In practice, project risks, such as financial risks, are derived from the weighted average of possible variations in expected results based on historical data. Therefore, companies must understand the nature and sources of variations in order to formulate effective risk mitigation strategies consistent with the company’s profile that allow it to achieve the planned financial objectives through statistical and quality management methods. .
Not all project risk-variations are adverse. Some risk events, such as innovative approaches or methods to complete an activity or favorable conditions, such as lower prices for certain materials, reduce risk and can facilitate project completion. These favorable events or conditions are called opportunities; but they still need to be treated as project risks: possible deviations from the expected value (mean).
Some operational guidance
Not all project risks can be effectively mitigated. To formulate and execute effective project risk mitigation strategies, companies must develop a culture of continuous evaluation and improvement. Companies cannot apply or manage what they do not understand, and they cannot measure or understand what they do not know; and they cannot know what they do not believe. Therefore, companies should always inspect what they expect by designing and implementing a robust evaluation model that informs the collection and analysis of relevant, accurate and timely data.
Sources and types of variation
In operations, identifying the source of variation for projects is critical to improving product quality. Many techniques for identifying sources of variation are based on a linear failure quality model, in which the correlation between process failures and product quality measurements are linear. In practice, many quality measurements are related non-linearly to process failures. A critical aspect of process characterization is identifying and quantifying various sources and types of variation so that they can be minimized.
In addition, the ability to detect and minimize variation in project processes gives companies a competitive advantage, allowing them to offer superior quality products to their clients in the global marketplace and achieve planned financial goals through statistical methods. and quality management. Traditional quality control focuses on statistical process control (SPC), to detect anomalies and deviations based on product and process measurements. However, this approach does not provide specific operational guidelines for identifying sources of variance, a critical step toward variance reduction, and derivative project risk mitigation strategies.
In addition, the availability of project and process evaluation data, as well as the criticality of the problems caused by project and process variation, led to the significant development of innovative methodologies for identifying sources of variation. In the case of a common variation of normal causes, the process is stable to control and therefore predictable. This means that, based on the current process pattern, a company can predict how it will behave in the future, that is, always within control limits. In the case of special causes, exceptional variation, the process is out of control, unstable and therefore unpredictable. In other words, based on the current process pattern, a company cannot predict how the process will behave in the future.
As you know, not only are there different sources of variation, but there are also different types of variation. Common cause variation describes the random variability that is inherent to the process, and special cause or assignable cause variation is due to specific circumstances. The two types of variation are controlled variation and uncontrolled variation. Controlled variation is characterized by a stable and constant pattern of variation over time. This type of variation is random and indicates a uniform fluctuation around a constant level. Uncontrolled variation is characterized by a pattern of variation that changes over time and is therefore unpredictable.
The concept of controlled / uncontrolled variation is essential to determine if a process is stable and under control. A process is considered stable and in control if it runs consistently and predictably. This means that the mean value of the process is consistent and variability is controlled. If the variation is uncontrolled, the process is out of control, then the expected value of the process (mean) is not consistent, or the process variation is changing, or both.
Risk assessment and mitigation strategies
In practice, project risk management is a process that includes risk assessment and mitigation strategy for identifiable and predictable risks. The project risk assessment includes both the identification of potential risks with known probabilities and the evaluation of the potential impacts of the project risks thus identified. Risk mitigation strategies are designed to eliminate or minimize the impact of risk events – occurrences that have a negative or adverse impact on the project. Identifying risk is a creative and systematic process. The creative process includes actively developing new knowledge about situations and applying innovative and unique solutions to project problems. And the systems approach implies the ability to anticipate and understand the implications of project risks and mitigation strategies across the enterprise.
Finally, there is empirical evidence compiled in the existing academic literature that suggests that during process characterization, companies should strive to isolate, eliminate, or minimize all sources of uncontrolled variation. In the planning stage of the project, the risks are still uncertain because they have not yet occurred. But eventually, some of the anticipated risks will occur and the company must address them. There are four basic strategies for managing project risks:
1. Risk avoidance: the best thing a company can do with the risk of a project is to avoid it. If a company can prevent a risk from occurring, it will not negatively affect the project. The easiest way to avoid project risk is to walk away, but this may not be a viable option. A common technique to avoid risks is to use proven and existing methods rather than adopting innovative methods, although innovative methods may indicate better potential results. Risk avoidance is often effective but rarely practical.
2. Risk reduction: If a company cannot avoid risk, it can mitigate or minimize the impact. This means taking some actions that will minimize the severity of damage to the project. The effective use of the management information system, the warning system and the early problem detection system are some of the best practices in the industry.
3. Risk transfer: One of the most effective ways to deal with project risk is to pay a third party to accept the risk. The most common way to do this is through insurance or reinsurance.
4. Shared risk: involves partnering with other companies to share responsibility for risky activities. Partnering with another company to share the risk associated with one part of the project is useful when the other company has experience or distinctive competencies, resources and capabilities that one company lacks.
5. Risk retention: this is the planned assumption of risk by a company. When a company cannot avoid, mitigate, transfer or share the risk of a project, it must retain / accept part or all of the risk. The most common way to do this is through self-insurance, copays, or deductibles.
In short, there are always costs and benefits to every business decision and strategy. Therefore, companies must always weigh the costs and benefits of project risk assessment and mitigation strategies to decide whether the benefits justify the costs. The optimal mitigation strategy equates marginal cost to marginal benefit, ceteris paribus.