In: Operations Management
1. Risk Identification and Mitigation Plan
The ultimate purpose of risk identification and analysis is to prepare for risk mitigation. Mitigation includes reduction of the likelihood that a risk event will occur and/or reduction of the effect of a risk event if it does occur.
Risk Mitigation Planning:
Risk management planning needs to be an ongoing effort that cannot stop after a qualitative risk assessment, or the setting of contingency levels. Risk management includes front-end planning of how major risks will be mitigated and managed once identified. Therefore, risk mitigation strategies and specific action plans should be incorporated in the project execution plan, or risk analyses are just so much wallpaper. Risk mitigation plans should
· Characterize the root causes of risks that have been identified and quantified in earlier phases of the risk management process.
· Evaluate risk interactions and common causes.
· Identify alternative mitigation strategies, methods, and tools for each major risk.
· Assess and prioritize mitigation alternatives.
· Select and commit the resources required for specific risk mitigation alternatives.
· Communicate planning results to all project participants for implementation.
Although risk mitigation plans may be developed in detail and executed by contractors, the owner’s program and project management should develop standards for a consistent risk mitigation planning process. Owners should have independent, unbiased outside experts review the project’s risk mitigation plans before final approval. This should be done prior to completing the project design or allocating funds for construction. Risk mitigation planning should continue beyond the end of the project by capturing data and lessons learned that can benefit future projects.
Risk Response and Mitigation Tools
Some risks, once identified, can readily be eliminated or reduced. However, most risks are much more difficult to mitigate, particularly high-impact, low-probability risks. Therefore, risk mitigation and management need to be long-term efforts by project directors throughout the project.
Dealing with High-Impact, Low-Probability Risks
High-impact, low-probability events in general cannot be covered by contingencies. In these cases, the computation of the expected loss for an event as the product of the loss if the event occurs times the probability of the event is largely meaningless.
Risk Transfer and Contracting
There is a common adage about risk management—namely, that the owner should allocate risks to the parties best able to manage them.
It is impossible, for example, to assign risks when there is no quantitative measurement of them. Risk allocation without quantitative risk assessment can lead to attempts by all project participants to shift the responsibility for risks to others, instead of searching for an optimal allocation based on mutually recognized risks. Contractors generally agree to take risks only in exchange for adequate rewards. To determine a fair and equitable price that the owner should pay a contractor to bear the risks associated with specific uncertainties, it is necessary to quantify the risks.
Risk transfer can be entirely appropriate when both sides fully understand the risks compared to the rewards. This strategy may be applied to contractors, sureties, or insurance firms. The party that assumes the risk does so because it has knowledge, skills, or other attributes that will reduce the risk. It is then equitable and economically efficient to transfer the risks, as each party believes itself to be better off after the exchange than before and the net project value is increased by the risk transfer.
Risk Buffering
Risk buffering (or risk hedging) is the establishment of some reserve or buffer that can absorb the effects of many risks without jeopardizing the project. A contingency is one example of a buffer; a large contingency reduces the risk of the project running out of money before the project is complete. Buffering can also include the allocation of additional time, manpower, machines, or other resources used by the project. It can mean oversizing equipment or buildings to allow for uncertainties in future requirements.
Risk Control
Risk control refers to assuming a risk but taking steps to reduce, mitigate, or otherwise manage its impact or likelihood. Risk control can take the form of installing data-gathering or early warning systems that provide information to assess more accurately the impact, likelihood, or timing of a risk. If warning of a risk can be obtained early enough to take action against it, then information gathering may be preferable to more tangible and possibly more expensive actions.
Risk Assumption
Risk assumption is the last resort. It means that if risks remain that cannot be avoided, transferred, insured, eliminated, controlled, or otherwise mitigated, then they must simply be accepted so that the project can proceed. Presumably, this implies that the risks associated with going ahead are less than, or more acceptable than, the risks of not going forward. If risk assumption is the appropriate approach, it needs to be clearly defined, understood, and communicated to all project participants.
Types of Risk:
Most Common Project Risks
§ Cost risk, typically escalation of project costs due to poor cost estimating accuracy and scope creep.
§ Schedule risk, the risk that activities will take longer than expected. Slippages in schedule typically increase costs and, also, delay the receipt of project benefits, with a possible loss of competitive advantage.
§ Performance risk, the risk that the project will fail to produce results consistent with project specifications.
Other Types of Risks
There are many other types of risks of concern to projects. These risks can result in cost, schedule, or performance problems and create other types of adverse consequences for the organization. For example:
§ Governance risk relates to board and management performance with regard to ethics, community stewardship, and company reputation.
§ Strategic risks result from errors in strategy, such as choosing a technology that can’t be made to work.
§ Operational risk includes risks from poor implementation and process problems such as procurement, production, and distribution.
§ Market risks include competition, foreign exchange, commodity markets, and interest rate risk, as well as liquidity and credit risks.
§ Legal risks arise from legal and regulatory obligations, including contract risks and litigation brought against the organization.
§ Risks associated with external hazards, including storms, floods, and earthquakes; vandalism, sabotage, and terrorism; labor strikes; and civil unrest.
Project risks include both internal risks associated with successfully completing each stage of the project, plus risks that are beyond the control of the project team. These latter types include external risks that arise from outside the organization but affect the ultimate value to be derived from the project. In all cases, the seriousness of the risk depends on the nature and magnitude of the possible end consequences and their probabilities.
In addition to project risk, project deferral risk can be important. Project deferral risk refers to the risks associated with failing to do a project. Like project risk, project deferral risk can arise from any of the bulleted risk sources listed above (the second list). Project deferral risk can also occur if there is only a limited window of opportunity for conducting a project—if the project is not conducted now, there may be a risk that it might never be possible to effectively do it later.
2. SWOT Analysis:
SWOT stands for Strengths, Weaknesses, Opportunities, and Threats, and so a SWOT Analysis is a technique for assessing these four aspects of your business.
You can use SWOT Analysis to make the most of what you've got, to your organization's best advantage. And you can reduce the chances of failure, by understanding what you're lacking, and eliminating hazards that would otherwise catch you unawares.
Better still, you can start to craft a strategy that distinguishes you from your competitors, and so compete successfully in your market.
Strengths are things that your organization does particularly well, or in a way that distinguishes you from your competitors. Think about the advantages your organization has over other organizations. These might be the motivation of your staff, access to certain materials, or a strong set of manufacturing processes.
Your strengths are an integral part of your organization, so think about what makes it "tick." What do you do better than anyone else? What values drive your business? What unique or lowest-cost resources can you draw upon that others can't? Identify and analyse your organization's Unique Selling Proposition (USP), and add this to the Strengths section.
Then turn your perspective around and ask yourself what your competitors might see as your strengths. What factors mean that you get the sale ahead of them?
Remember, any aspect of your organization is only a strength if it brings you a clear advantage. For example, if all of your competitors provide high-quality products, then a high-quality production process is not a strength in your market: it's a necessity.
Now it's time to consider your organization's weaknesses. A SWOT Analysis will only be valuable if you gather all the information you need. So, it's best to be realistic now, and face any unpleasant truths as soon as possible.
Weaknesses, like strengths, are inherent features of your organization, so focus on your people, resources, systems, and procedures. Think about what you could improve, and the sorts of practices you should avoid.
Opportunities are openings or chances for something positive to happen, but you'll need to claim them for yourself!
They usually arise from situations outside your organization, and require an eye to what might happen in the future. They might arise as developments in the market you serve, or in the technology you use. Being able to spot and exploit opportunities can make a huge difference to your organization's ability to compete and take the lead in your market.
Think about good opportunities you can spot immediately. These don't need to be game-changers: even small advantages can increase your organization's competitiveness. What interesting market trends are you aware of, large or small, which could have an impact?
You should also watch out for changes in government policy related to your field. And changes in social patterns, population profiles, and lifestyles can all throw up interesting opportunities.
Threats include anything that can negatively affect your business from the outside, such as supply chain problems, shifts in market requirements, or a shortage of recruits. It's vital to anticipate threats and to take action against them before you become a victim of them and your growth stalls.
Think about the obstacles you face in getting your product to market and selling. You may notice that quality standards or specifications for your products are changing, and that you'll need to change those products if you're to stay in the lead. Evolving technology is an ever-present threat, as well as an opportunity!
Always consider what your competitors are doing, and whether you should be changing your organization's emphasis to meet the challenge. But remember that what they're doing might not be the right thing for you to do, and avoid copying them without knowing how it will improve your position.
SWOT Analysis is a simple but useful framework for analysing your organization's strengths, weaknesses, opportunities, and threats.
It helps you to build on what you do well, to address what you're lacking, to minimize risks, and to take the greatest possible advantage of chances for success.
It can be used to kick off strategy formulation informally, or in a more sophisticated way as a serious strategy tool. You can also use it to get an understanding of your competitors, which can give you the insights you need to craft a coherent and successful competitive position.
When carrying out your analysis, be realistic and rigorous. Apply it at the right level, and supplement it with other option-generation tools where appropriate.
Some of the common techniques used for risk identification include historical data, brainstorming, workshops, Root Cause analysis, checklists, nominal group technique, Delphi technique, Monte Carlo analysis, decision trees, affinity diagrams, and cause-effect diagrams.
However, there is another technique that is mostly used for developing strategies, which has also proven equally useful in risk identification. This technique is called the SWOT analysis.
Before deep-diving into how you can use SWOT analysis for risk identification, let’s have a look at what exactly risk identification entails, the significance of risk identification and how often to implement it.
By definition, risk identification is the process of determining risks that could potentially prevent the program, enterprise, or investment from achieving its objectives. It includes documenting and communicating the concern. Attempt to identify risks in your project development cycle as follows:
· Early in the project
· In an iterative manner
· In a consistent frequency such as every week
· When change control is performed
· When major milestones are reached
If a risk is poorly identified, it means that the project manager will struggle with or fail to communicate the corresponding risk to team members or other high-level stakeholders.
It will be difficult for the parties involved to understand the dimension or magnitude of the risk. Due to this, in lieu of the risk materializing, the project manager and the team will be rendered ill-prepared.
This is because, despite the risk identification, it was not understood or communicated well in the first place.
When and how to do a SWOT analysis for Risk Identification?
Risk identification and management is a complex field that is carried out with different methods and strategies by professionals. There is no one way to go about it. Instead, project managers need to devise methods according to the situation.
Procedure for efficiently carrying out SWOT analysis for risk identification and management.
1. For the strengths, brainstorm corresponding strength and record them.
2. Analyse and collect suitable strengths.
3. Prioritize strengths in forced rank order or the nominal group method.
4. Follow the same steps (i.e. 1-3) for weaknesses, opportunities, and threats.
5. Define the strategies.
Ways for strategy definition:
· Define strategies that minimize weaknesses and avoid threats.
· To avoid threats, define strategies that use strengths.
· To maximize the advantage of the opportunities at hand, define strategies that use strengths
· Define strategies that take advantage of opportunities by overcoming weaknesses.
The following example for performing SWOT analysis for a product, clock radios:
· Strength: Good product design and strong branding
· Weakness: Incompetent manufacturing skills
· Opportunity: Clock radios (the product) are a fast-growing market
· Threat: A big OEM manufacturer (a competitor) wants to launch its own branded consumer electronics lines
Other than the uses mentioned, she further elaborates usage of SWOT analysis for risk identification. Instead of taking the regular route of listing strengths, weaknesses, opportunities, and threats in the matrix, you can list the strengths and weaknesses as an opportunity or a threat.
This can be achieved by setting the opportunities column as the positive risks you can use to your advantage and setting the threats column as negative risks i.e. those you may want to avoid, mitigate, transfer or accept.
After these entities have been transformed into the matrix, proceed with the risk planning cycle as usual, identifying and prioritizing the actions and action triggers that can be applied.
These examples depict that SWOT analysis can be an effective tool for identifying risks on time. Instead of using the SWOT matrix for other purposes, it can prove to be quite useful in highlighting the potential and existing risks for any project or organization.
Overcoming Obstacles to Risk Management
The goal of a risk management program, of course, is to prepare the organization for future risks and upside opportunities, but reaching that end-state can be elusive. Common impediments include untested assumptions about the impact of potential future conditions and events, a discomfort with uncertainty, and the failure to identify the full range of organizational responses and their potential effects. Other hurdles could include an organization’s failure to test the impacts of future conditions and events on its strategies and responses, or to explore how to strengthen the chances of success of strategic initiatives.
3. Methodologies of HR system.
A human resource strategy is a critical component of the firm's corporate and business strategies, comprising a set of well-coordinated objectives and action programs aimed at securing a long-term, sustainable advantage over the firm's competitors. A human resource strategy should be consistent with the firm's corporate and business strategies, as well as with the other managerial functional strategies. A process and a structured methodology for designing such a human resource strategy is needed.
Any methodology to support the development of human resource strategies should be tailor-made to accommodate the idiosyncrasies of a given firm, the characteristics of its industry and competitive environment, and the managerial style and culture of the organization.
Methodology for Structuring the Development of a Human Resource Strategy:
1. Provide a framework for strategic decision making in human resource management.
2. Assure linkage between corporate, business, and human resource strategies.
3. Conduct an initial strategic audit of the human resource management function
(a) To assess the availability of human resources/personnel data.
(b) To assess the impact of human resources/personnel considerations on strategy formulation.
(c) To detect strengths and weaknesses in the current human resource strategy by each decision category.
4. Develop human strategies for each strategic business unit (SBU).