Project risk analysis

From CEOpedia | Management online
Jump to: navigation, search
Project risk analysis
Primary topic
Related topics
Methods and techniques

Project risk analysis is a step in risk management process, a part of project risk assessment. It is a two dimensional analysis where likelihood and consequences of risks (or opportunities) are examined. The step consists of:

  • understanding the risks
  • analysis of consequences
  • analysis of likelihood
  • presentation e.g. in risk matrix

Understanding the risks

Risk analysis should lead to better understanding of the risk. It includes consideration of:

  • causes,
  • sources,
  • positive and negative consequences,
  • factors that affect consequences,
  • factors that affect likelihood,
  • affected project objectives.

Each risk can affect multiple objectives, and have multiple consequences.

Consequences analysis

The consequences can be related to:

  • project, e.g. costs, time, integrity, staff, health and security, reputation
  • product, e.g. reliability, durability, achieving objectives
  • surroundings, e.g. politics, local community, natural environment, legislation

The analysis leads to quantification of consequences on scale:

  1. insignificant
  2. minor
  3. moderate
  4. major
  5. catastrophic

The consequences usually can be presented as a monetary value. Therefore to each level on the scale a financial impact should be added. The impact value describes how severe will be occurrence of the risk.

Likelihood analysis

The likelihood can be described in percent (100% - the occurrence is certain). The likelihood can be assessed based on data from other project, experts judgement or other sources. If presentation in percent scale is impossible due to lack of data, the likelihood is quantified on scale:

  1. rare (e.g. less than once in 40 years)
  2. unlikely (e.g. once in 10-40 years)
  3. moderate (e.g. once in 1-10 years)
  4. likely (e.g. once a year)
  5. certain (e.g. several times a year)

Risk level calculation

The risk level is a product of likelihood and consequences.

If consequences are in monetary value and likelihood is in percent, the product of them shows expected impact on the project, e.g.:

  • consequences = 40000$ * likelihood = 1% * expected impact value = 40000$ * 1% = 400$

If the consequences and likelihood are described in 1-5 scale, the product is the risk level, e.g.:

  • consequences = level 3
  • likelihood = level 2
  • risk level = 2 * 3 = 6 (maximum: 25)

In case of multiple consequences of the risk all monetary impact values should be added before calculating expected impact value. In case of using 1-5 scale, usually the highest level of all consequences is used.

Risk matrix

The risks can be presented in risk assessment matrix, where on horizontal axis the consequences are shown and on vertical - the likelihood.

5 certain
4 likely
3 moderate
2 unlikely
1 rare
1 insignificant 2 minor 3 moderate 4 major 5 catastrophic

Each risk can be shown in the matrix. The green zone is an acceptable risk level, the yellow one is increased risk level, while the red one is unacceptable risk level. The project team should aim at lowering risk level from red zone to yellow and green by decreasing the likelihood od consequences.

The quick and simple approach to risk analysis

The extended analysis should be performed during planning phase. During the project implementation often there is no need for such analysis. Many project managers limit analysis to 3 points scale of likelihood and consequences. It's faster, easier and gives the same effect. However it should be limited to project implementation phase only.

See also:


Author: Slawomir Wawak