Q&A What

What are the types of risk mitigation?

Estimated reading time: 5 minutes

Project Risk Management

Project risk management is defined as the process of identifying, analyzing and then responding to any risk that arises over the life cycle of a project to help the project remain on track and meet its goal. Managing project risks is a process that includes risk identification and assessment, to prepare for a risk mitigation strategy. Risk assessment includes both the identification of potential risks with the evaluation of the potential impact of the risk. After which, it is just as crucial to prepare a risk mitigation plan to reduce the likelihood that a risk event will occur and/or reduction of the effect of a risk event if it does occur.

A risk mitigation plan is designed to eliminate or minimise the impact of the risk events that have a negative impact on the project. A good risk mitigation plan should address the following:

  • Characterize the root causes of risks that have been identified and quantified in earlier phases of the risk management process.
  • Evaluate risk interactions and common causes.
  • Identify alternative mitigation strategies, methods, and tools for each major risk.
  • Assess and prioritize mitigation alternatives.
  • Select and commit the resources required for specific risk mitigation alternatives.
  • Communicate planning results to all project participants for implementation.

Some risks, once identified, can readily be eliminated or reduced. However, most risks are much more difficult to mitigate, particularly high-impact, low-probability risks. Therefore, risk mitigation and management need to be long-term efforts by project directors throughout the project. With regards to the techniques for effective project risk management, the 2 main types are qualitative or quantitative risk analysis technique.

Each mitigation technique has its own strength in reducing different types of risk. A comprehensive risk mitigation plan describes the risk mitigation approach for each identified risk event and the steps to take to reduce or eliminate said risks.

Here are the 4 most common risk mitigation strategies:

  • Risk avoidance
  • Risk sharing
  • Risk reduction
  • Risk transfer

Risk avoidance involves an alternative strategy with a higher cost, that would result in a higher probability of success. For example, a common risk avoidance technique uses existing proven methodologies instead of adopting new ones, as they present lower risks. Although the new technologies may present better performance or lower costs, due to the higher risk factor, they are avoided. Another approach is to establish policies and procedures that assist the organization to foresee and avoid high-risk situations. This strategy is usually the most expensive of all risk mitigation options.

Risk sharing involves sharing the responsibility for the risk activities with another party. The most common form of risk sharing done for international projects is through a joint venture agreement. Joint ventures are highly advantageous for both parties as they lend on the expertise and knowledge of the other company. It also helps to reduce the political, legal, labour and others risk types commonly associated with international projects. In the event that the risk event does occur, both companies absorb the negative impacts, hence lowering the costs for both parties.

Risk reduction involves the investment of funds to reduce the risk on a project. On international projects, companies mitigate the risks of fluctuating currency exchange rates by purchasing the guarantee of a currency rate. Another example is by investing in highly skilled project personnel to review the project costing and scope, to reduce as much project risks as possible. Companies also use diversification of products by mixing products, technologies, markets and supply chains to spread and reduce risks.

Lastly, risk transfer is a risk reduction method that hands off the risk to a third party. The most common example is through outsourcing certain operations such as customer services. Another method is through the purchase of insurance, allowing the risk to be transferred from the project to the insurance company. It also safeguards the project team against unpredictable risks such as weather and political unrests, which are outside of the project team’s control.

To provide more information on how to effectively manage project risks, the Project Manager and Designer has jointly developed a guideline to help people cope with threats and opportunities throughout the entire project life cycle. This guideline aims to aid people in identifying, quantifying, preparing a response to, monitoring and controlling project risks. It provides information in the following areas that will help with risk management efforts: a consistent methodology for performing project risk management activities, techniques and tools for project risk management, identification of data requirements for risk analysis input and output, information on how risk management fits into the Capital Project Delivery (CPD) process and guidance on how to proactively respond to risk.

Project Risk Management is a 3-day training course held from 4-6 December 2019 (Kuala Lumpur). In this 3-day course, you’ll work through the proactive approach to threat and opportunity—based on a clear understanding of the powerful nature of both qualitative and quantitative approaches to risk management. You will be able to effectively pinpoint the various types of risks, identify, analyse and prioritise risk, master the various risk-based financial tools and techniques.

Identifying risk is an important first step. It is not sufficient though.

Taking steps to deal with risk is an essential step. Knowing about and thinking about risk is not the same as doing something about risk.

Risk will occur. Some good, some bad. Some minor, some catastrophic. Your ability to mitigate risk allows you to proactively acknowledge and accommodate risks. Let’s talk about four different strategies to mitigate risk: avoid, accept, reduce/control, or transfer.

Avoidance

If a risk presents an unwanted negative consequence, you may be able to completely avoid those consequences. By stepping away from the business activities involved or designing out the causes of the risk you can successfully avoid the occurrence of the undesired events.

One way to avoid risk is to exit the business, cancel the project, close the factory, etc. This has other consequences, yet it is an option.

Another approach is to establish policies and procedures that assist the organization to foresee and avoid high-risk situations. By not starting a project that includes a high unwanted risk successfully avoids that risk.

Testing or screening of products that may have a latent defect which may lead to unwanted and unacceptably high field failures is an option. Screening is not 100% effective yet may reduce the risk of field failures sufficiently.

Design out of a product or process the elements that permit an unwanted risk to arise. A product design change to a more robust material avoids unwanted failures due to unacceptable wear of a less robust material. Implementing engineering design reviews in the product lifecycle process may help identify high-risk areas of a new product or process prior to the decision to start shipping.

Acceptance

Every product produced has a finite chance of failing in the hands of your customer. When that risk is at an acceptable level, sufficiently low estimated field failure rate, then ship the product. Accept the risk.

When the decision to accept the risk is in part based on an estimate or prediction, there is the risk the information incorrectly forecasts the future. Therefore, for high consequence related field failures, closely monitoring field performance or establishing early warning systems may be prudent.

Reduction or control

FMEA, hazard analysis, FTA, and other risk prioritization tools focus help you and your organization identify and prioritize risks. Reducing the probability of occurrence or the severity of the consequences of an unwanted risk (say product failure) is a natural outcome of risk prioritization tools.

If it is not possible to reduce the occurrence or severity, then implementing controls is an option. Controls that either detect causes of unwanted events prior to the consequence occurring during use of the product, or the detection of root causes of unwanted failures that the team can then avoid.

Controls may focus on management or decision-making processes. Improving the ability to find design flaws or to improve the accuracy of field failure rate prediction both improve the ability to make the appropriate decisions concerning risk.

Another method to reduce or control risk is to diversify. Thinking through the mix of products, technologies, markets, operations, and supply chains permit the team the ability to limit the high-risk opportunities to a manageable or acceptable level.

Finally, unwanted events or high field failure rates will occur. Think through both how you will detect the onset of the event and how to respond. It may be wise to stop production and shipping when product failures, even one, has a major consequence (starts a home on fire, for example). Have plans in place. Acting quickly and appropriately may reduce the exposure to more failures/adverse consequences.

Transference

This strategy is to shift the burden of the risk consequence to another party. This may include giving up some control, yet when something goes wrong your organization is not responsible.

This approach may not work to protect your brand image if the product is associated with your organization. Even if the power supply vendor pays for all damages due to failures in their unit, the customer only knows that your product has failed and caused damage. Use this approach with caution.

A conventional means to transfer risk to another organization is with the purchase of insurance. This may require a careful analysis of the presenting risks and probabilities, yet is a viable option in some situations.

Contract terms with suppliers, vendors, contractors, etc may provide a means to shift risk away from your organization. For example, if a power supply fails in an expensive server causing the loss of revenue for a customer, in typical situations, you might ask for and receive a replacement power supply. Or, you could require the power supply vendor to cover the cost of the entire server (which the power supply caused to fail) and the loss experienced by the customer.

Summary of Risk Mitigation Strategies

Avoid, accept, reduce/control, or transfer. For each risk you encounter, you and your organization will have to deal with it. A little forethought and work enable more options than just a major product recall or bankruptcy filing.

Within your organization’s risk management framework there should be both aware of the various strategies along with understanding the guidelines for their implementation.

Engineers and managers throughout the organization make decisions concerning risks every day. Providing a set of clear strategies along with guidance allows the entire organization to appropriately mitigate risks on a daily basis.

Related Posts

What time is 1/4 of an hour?
What was the importance of the formation of the virginia house of burgesses in 1619?
What are ISO standards for quality management?
How long did the invasion of Poland last?
What is the probability of getting a sum greater than 9 when two dice were rolled Express your answer in percentage?
What is the geothermal energy?
When faced with an employee performance problem managers tend?
What are the roots of the equation x² 10x 2 0?
Is simple pendulum takes 32 seconds to complete 20 oscillations What is the time period of the pendulum?
Which of the following provides an accurate explanation for why vestigial structures may occur?

Toplist

Latest post

TAGs

Q&A What When Why Who How to Reviews Best Ways How long Step Deal Review Health Calories Game Guide Lose weight Top List Cryto Eth List Macbook Review Top