You probably havent thought much about it, but each of us applies or is affected by a variety of risk-based assessment methods every day.
We decide where and how to invest savings for our kids college education. A traffic light turns yellow and we decide to brake or accelerate. Our health and life insurance premiums are based on an underwriters assessment of the risk our current health and lifestyle pose. Before surgery our doctor explains the risks. TV commercials for any number of medicines identify the benefits and side effects. We diversify our retirement investments to minimize the impact of global events.
The benefits associated with risk management is well documented and receiving more and more credibility with each passing day.
For example, in 2001 the U.S. Food and Drug Administration (FDA) began encouraging the life science industry to apply risk-based assessments in determining if new processes and/or technologies can be used to safely produce health care products.
Or consider that for more than two decades, process industry safety experts have been applying risk-based assessments to determine the appropriate level of protection that a safety-instrumented system (SIS) must achieve.
While the rest of the world seems to be relying more and more on risk management, few projects include a formal risk management plan, which is unfortunate because managing risk is what project management is all about.
Among the outmoded thinking that prevents using risk-based assessments as part of project management are:
- It is not part of our organization's culture.
- As soon as you start to think about all the potential risks, the number and variety become overwhelming.
- Risk management requires too much effort. ("Besides, we always include contingency money!")
Changing such perceptions takes time accompanied by celebrated successful projects. A really good first step to change such outmoded thinking is to apply risk management techniques when selecting a project management organization.
Where to begin
Each and every risk assessment model requires identifying the risks or harmful events.
To a process safety expert, too much temperature or too little pressure may represent a safety risk. For each identified risk, these experts seek to answer two questions: Whats the likelihood the risk will actually occur? and What will be the likely consequences?
Once these questions are answered, the safety experts working in conjunction with process, mechanical, and instrumentation experts, redesign the process or add other forms of protection to reduce the likelihood and/or mitigate the consequences.
The same is true with project management. Certainly an experienced project manager is important, but automation projects are successful because the entire project team the project manager, engineers, technicians, systems, product support, management commitment, financial resources, and more performs in harmony.
Thats whats being referred to when we talk about project management organizations. The presence or absence of all these elements is what determines the quality, depth and suitability of a project management organization.
Certainly organizations exist with really talented lead engineers who are also capable project managers, and for some projects that may be all thats needed. However, without a risk assessment, users wont know which project management organization is most experienced and best equipped to mitigate identified project risks.
Meeting that challenge requires users begin by identifying and documenting obvious project risks (events) and then quantifying the likelihood and consequences associated with each of those risks before beginning the project management organization search.
Consider P&IDs (Piping and Instrumentation Diagrams) and detailed process descriptions as two typical project scope items. The risk of not completing these standard inputs for an automation vendor is determined by the likelihood that they are approved for construction by a certain date, and the consequences if they are not. Thus the risk, likelihood and consequences associated with P&IDs and process descriptions is understood, and the information provides for valuable dialogue with candidate project management organizations.
Logistics may also represent an automation system project risk. For example, what if the automation system is to be engineered in the U.S., integrated and tested in Asia, and installed in the Middle East? Such a situation definitely represents a logistical risk that users and candidate project management organizations must discuss.
These are but two examples of possibly hundreds of automation project risks. Eliminating or at least mitigating project risks requires identifying and documenting as many risks as possible before the project launch date. Not only will such an exercise help minimize project risk; it will also serve as a valuable means of evaluating candidate project management organizations.
After automation project risks are identified, quantified, and documented, users are ready to begin evaluating candidate project management organizations.