The definition of risk management varies wildly, depending on who you ask. Similarly, what is included and what is not is often a matter of opinion and can change from one person to the next.
At K2 Management we believe risk management is an integrated business decision tool that takes all project elements (technical, legal, financial, political etc) into account. We believe that every time you talk about risks, you should also be addressing opportunities and that risk management should shape decisions.
From factors like health, safety and quality to financial, legal and political, these elements can form both risks and opportunities. We decided to showcase the top 5 myths surrounding risk management and the reality behind these myths.
RISK MYTH #1
Risk management is only about health and safety (HSE).
Incidents and accidents are a part of risk management, but considerations should go far beyond obvious HSE risks. For example, HSE does not factor in project delays, correlation with other risks (financial, legal, strategic) or lost production.
Risks like, currency drop, rise on material prices, commercial reputation and cultural conflicts, are examples of the many non-HSE risks that exist. HSE is therefore only one element of a much larger, holistic view of potential risks.
On the other side of the coin, HSE only looks at risks, not opportunities, and doesn’t factor at a strategic decision-making level, so this single-sided view is contrary to the bigger picture that risk management likes to adopt.
RISK MYTH #2
I’ve completed a risk register so I’ve covered off my risk management responsibilities.
A risk register is a one-dimensional measurement when it comes to risk, as it does not factor in many corresponding elements such as the frequency of events.
For instance, a blade loss during operation will appear on same severity level as paint damage on a tower, but these aren’t comparable in either severity or frequency in a real-life scenario.
Transport damages on several towers are far more likely to happen and accumulated will be costlier than replacing one blade.
A risk register should be step one of the process, but should be followed up by the following steps to give a true picture of the risks and their consequences:
- Quantitative assessment of the risks and opportunities
- Risk analysis and Monte-Carlo simulations
- Identification of risk correlations
- Definition of mitigating actions and cost/benefit analysis
- Simulation of risks following mitigating actions.
RISK MYTH #3
Practicing good project management means that my risk management responsibilities are covered.
Project management does not have any financial or statistical dimensions so cannot be considered as adequate risk management.
Setting fixed standard contingency figures in a budget ignores the fact that no matter how good your project manager is, he or she isn’t invincible and cannot prevent the occurrence of all incidents and accidents.
Project management and risk management should go hand in hand.
RISK MYTH #4
Risk management is project specific.
Risk management is not project specific but is owner specific - it should be a strategic management decision based on the risk appetite of the owner. How aggressive or conservative do you want to be? Can you take a project portfolio risk approach and optimize contingencies and risks across projects? The risk management approach should be based on the risk appetite of the owners and the risk profile of the project should be built around this.
RISK MYTH #5
Risk management should just focus on the construction period.
THE REALITYProper risk management starts in the early development stages and is formed as part of management decisions that occur when deciding where and how you want to invest in/develop projects. It should be considered early on in a project’s life long before anyone strikes a blow on a construction site and the entire risk management strategy should cover everything from the development phase through to the end of the project’s operational life.