Qualitative risk analysis: Difference between revisions

From CEOpedia | Management online
(The LinkTitles extension automatically added links to existing pages (<a target="_blank" rel="noreferrer noopener" class="external free" href="https://github.com/bovender/LinkTitles">https://github.com/bovender/LinkTitles</a>).)
m (Infobox update)
Line 3: Line 3:
<ul>
<ul>
<li>[[Quantitative risk analysis]]</li>
<li>[[Quantitative risk analysis]]</li>
<li>[[Risk management process]]</li>
<li>[[Project risk assessment]]</li>
<li>[[Risk analysis in project]]</li>
<li>[[Project risk analysis]]</li>
<li>[[Failure Mode and Effects Analysis]]</li>
<li>[[Evaluation of risk]]</li>
<li>[[Feasibility analysis]]</li>
<li>[[Design risk assessment]]</li>
<li>[[Indirect loss]]</li>
<li>[[Risk evaluation]]</li>
<li>[[Risk policy]]</li>
<li>[[Project status report]]</li>
<li>[[PFMEA]]</li>
<li>[[Risk assessment framework]]</li>
<li>[[SWOT analysis]]</li>
<li>[[Scenarios of possible events]]</li>
</ul>
</ul>
}}
}}





Revision as of 00:03, 20 March 2023

Qualitative risk analysis
See also


Qualitative risk analysis is one of approaches to project risk assessment. The second is quantitative risk analysis. It can be used also to other areas of management, not only projects. It is important to state that both approaches are complementary. Usually all risks should be evaluated using qualitative risk analysis, while only some of them using quantitative one. The latter requires more data and more time, which sometimes are not available or they cost too much.

Differences between qualitative and quantitative risk analysis

Qualitative risk analysis is:

  • oriented on risk level,
  • uses subjective evaluation,
  • is quicker and easier,
  • no special software is requi,
  • it's less precise.

Quantitative risk analysis is:

  • oriented on object (e.g. project, product, process),
  • uses hard data - probabilistic estimates of costs, time, etc.,
  • requires more time,
  • may require specialised software, especially in large projects,
  • tends to be more precise.

The decision is between being more precise vs. cost more and use more time.

How to use qualitative risk analysis

Not having hard data on likelihood and consequences, the risk management team has to assess how important risk factors are. Therefore, a pefined scale is used. The likelihood and consequences are described on the scale usually using 5 levels, however different configuration is possible. The risk level is result of combination of estimates of likelihood and consequences. The qualitative risk analysis should be followed by quantitative analysis of risks that are the most important. It should be repeated on different stages of the project to determine new information that can impact estimation of probability and impact. All levels should be well defined to reduce influence or bias.

Table 1. Example of qualitative risk assessment matrix

Probability Threats Opportunities
5 certain
4 likely
3 moderate
2 unlikely
1 rare
1 insignificant 2 minor 3 moderate 4 major 5 catastrophic 5 great 4 major 3 moderate 2 minor 1 insignificant

The risk analysis guides risk response. In case of high probability and impact, the response should have priority over other risks. The organization should not undertake a project if the risk level is too high and no response have been established. Available risk responses are described in separate article: Risk management strategies.

Qualitative risk analysis in standards

In Project Management Body of Knowledge (PMBoK) performing qualitative risk analysis is one of processes in Project Risk Management together with:

  • Plan Risk Management,
  • Identify Risks,
  • Perform Quantitative Risk Analysis,
  • Plan Risk Response,
  • Monitor and Control Risks.

The PMBoK indicates that risk can be assessed for each objective separately. But this can lead to repeating the same risks and underestimation of their impact or probability. Therefore, on some stage all the risks should be integrated in one catalogue, e.g. using spreadsheet.

The result of qualitative risk analysis should be:

  • the risk register updates,
  • ranking of risks,
  • identified causes of risks,
  • propositions of responses in short and long term,
  • watch-lists of low-priority risks,
  • trends.

Examples of Qualitative risk analysis

  • Identifying the probability and impact of a risk: One common example of qualitative risk analysis is identifying the probability and impact of a risk. For example, when evaluating a project, one might identify that a certain risk has a low probability of occurring but a high impact if it does, making it a higher priority.
  • Prioritizing risks: Another common example of qualitative risk analysis is prioritizing risks. For example, when evaluating a project, one might prioritize the risks that have the highest probability of occurring and the greatest potential impact.
  • Developing risk mitigation strategies: Qualitative risk analysis can also be used to develop risk mitigation strategies. For example, when evaluating a project, one might use qualitative risk analysis to identify potential strategies to reduce the probability or impact of a certain risk.

Advantages of Qualitative risk analysis

Qualitative risk analysis is a valuable tool for project risk assessment. It has several advantages:

  • It is more efficient and cost-effective compared to quantitative risk analysis.
  • It allows to identify and prioritize the risks in a relatively short time.
  • It helps to identify potential risks that can be further investigated with more detailed quantitative analysis.
  • It provides a good overview of the risks and their likelihood of occurring.
  • It facilitates the communication of risks among project stakeholders and helps to align expectations.
  • It provides a useful starting point for developing strategies to address risks.

Limitations of Qualitative risk analysis

Qualitative risk analysis is a process of evaluation and ranking risks in order to prioritize and decide how to manage them. However, this approach has several limitations. These include:

  • Lack of detailed data. Qualitative risk analysis is based on subjective information and does not provide precise data about the probability of a problem occurring or the impact it may have.
  • Difficulty in comparing different types of risks. Different types of risks, such as financial, technical, or social, cannot be easily compared and evaluated against each other.
  • Difficulty in predicting the behavior of stakeholders. Qualitative risk analysis is based on subjective assumptions and estimates, which can sometimes be inaccurate.
  • Difficulty in tracking changes. Qualitative risk analysis relies on static data and does not take into account changes in the environment, which can quickly change the risk profile of a project.

Other approaches related to Qualitative risk analysis

Qualitative risk analysis is one approach to risk assessment, which allows to identify and prioritize risks. Other approaches related to it include:

  • Risk Management, which is a broader approach to risk assessment. It is a process of analyzing, assessing, and controlling the risks that can potentially affect the project.
  • Risk Scoring, which is a method of assessing the probability and severity of risks. A risk score is calculated based on the likelihood and impact of a risk.
  • Risk Rating, which is a method of assessing the severity of the risks. A risk rating is assigned based on the probability and severity of the risk.
  • Risk Mitigation, which is a process of reducing or eliminating the risk. Risk mitigation strategies include, but are not limited to, risk avoidance, risk transfer, and risk acceptance.

In summary, Qualitative Risk Analysis is one approach to risk assessment, and other approaches related to it include risk management, risk scoring, risk rating, and risk mitigation. All these approaches are used to identify and prioritize risks, and ultimately, to reduce or eliminate the impact of risks on a project.

References

Author: Slawomir Wawak