projectmanagement 5577
DESCRIPTION
Project Managment 5577 Spring 2010TRANSCRIPT
Project Management (5577)
Muhammad Idrees (03006719422) Page 1
Approved Study Center
ALLAMA IQAL OPEN UNIVERSITY (AIOU)
ASSIGNMENT # 01
COURSE: PROJECT MANAGEMENT (5577)
Level Executive MBA/MPA (3rd) Semester: SPRING 2010
Submitted to
MR.QALANDAR HAYAT
Submitted By
Muhammad Idrees
Roll # AD514761
Project Management (5577)
Muhammad Idrees (03006719422) Page 2
ACKNOWLEDGEMENT
I would like to thank first of all my teacher Mr. Qalandar Hayat for his kind
briefing regarding this Assignment.
My teachers and internet were a big source in accomplishment of my
Assignment.
My class fellows also deserve an Appreciation and Gesture of thankfulness
since their guidance also helped a lot.
Project Management (5577)
Muhammad Idrees (03006719422) Page 3
Project Management (5577)
Muhammad Idrees (03006719422) Page 4
Q. 1 Define project. Write a detail note on project lifecycle
and explain different steps of project life cycle.
Project:
Introduction
Clear and accurate definition of a project is one of the most important actions you can take to ensure the project's success. The clearer the target the more
likely you are to hit it. Defining a project is a process of selection and reduction of the ideas and perspectives of those involved into a set of clearly defined
objectives, key success criteria and evaluated risks.
This definition process should culminate in the production of a Project
Definition document, sometimes called a Project Charter. The Project Definition document should be approved and issued by a manager with the
authority to apply organizational resources to the project activities. Therefore, the seniority of the manager or the management team will be commensurate
with the size, cost and business value of the project. As a minimum, the Project Definition should include a statement of the business need that the
project seeks to address and the description of the product, service or deliverable business objectives that will be its output. When a project is
performed under a contract between seller and buyer, the signed contract may well serve as the project charter for the seller. However this may not
necessarily be the case for the buyer whose project may include more than the
product or service purchase under the contract.
The way to define a project is to ask a standard set of questions of yourself (as project leader) the project team, colleagues with particular expertise and
senior managers. The questions fall into the categories given below.
The Purpose (or Mission)
This is the reason for doing the project
Project Management (5577)
Muhammad Idrees (03006719422) Page 5
The Goals
These are the targets we want to meet
What is it we want to achieve? When do we want to achieve it?
What are our specific aims? Why are these goals essential to the project?
The Beneficial Gains or Scope
This is how our organization will gain. Here we define our performance criteria and set our quality standards for the project.
nd the proposed solution?
achieve the goals an important part of the beneficial gain?
I. E. Is it a learning project?
satisfied?
First, imagine that you have no constraints. Use brainstorming and other techniques to generate ideas that most succinctly describe the Purpose, Goals
and Beneficial Gains. Now reduce these down to the fundamentals.
Objectives
We need to define specific measurable objectives from our broad aims.
These objectives will tell us if we have met our goals and to what standard.
From our list of specific goals for the project we must develop a set of measurable objectives that will confirm that we have reached certain project
milestones (or way points) including the final one of project completion.
Project Management (5577)
Muhammad Idrees (03006719422) Page 6
The measurable objectives (when achieved) demonstrate the extent to which
the beneficial gains have been achieved, the goals have been met and that the purpose of the project has been achieved.
E.G.
Aim: A Local Authority has a statutory duty to provide accommodation for homeless people. It needs to develop a temporary housing strategy
that removes the need for expensive bed and breakfast accommodation for homeless people.
Measurable Objectives:
op links with Housing Associations and Shelters to ensure that we have sufficient capacity to meet our expected (150 per
annum) homeless needs.
100 to 0. modating homeless people has
reduced by at least 10%.
Project Constraints
Every project has constraints. The primary ones are the trade off between Time, Resources and Performance Criteria. We must define
our project so that we can manage these constraints.
Project Management (5577)
Muhammad Idrees (03006719422) Page 7
To define our project we have to make some hard choices to select and
balance these constraints. Let us look first at Resources and Performance Criteria and then Time.
Resources
Resources are people, equipment and money. They may be internal or external and include suppliers, contractors, partners, statutory bodies, governments,
banks, loans, grants, expert opinion (Lawyers, Accountants, Consultants), etc.
Generally, we are reasonably good at estimating or obtaining estimates for the use and costs of external resources. Where we aren't we can obtain expert
opinion (another cost). Where we often fail is in estimating the cost of the use
of our internal resources, particularly people.
Aside from the employment costs, there are:-
the costs to the service provision they normally perform, the cost of substitution to maintain the service,
the loss of opportunity for them to work on other projects (i.e. the loss of
the benefit those projects would deliver), and the cost of training associated with the project work.
Because internal resources are so constrained it is vital that we select our
projects with the utmost care to maximise the use of that resource. Defining projects helps us to make this selection objectively and rationally. Consider
these definitions :-
Work in a project is proportional to the number of Objectives and the Performance Criteria
Clearly, if we reduce the number of our objectives and the performance
standard (e.g. 5% rather than 10% improvement of sales or reduction of costs then we can reduce the work required to complete the project.
Number of resources deployed x Time = Work
So, another way of expressing work is in the number of resources we will need
and the time those resources will have to be deployed on the project. If we can reduce the work we can reduce the time and/or the number of resources. It
must be borne in mind that the relationship between the number of resources deployed and the time it takes to do a given amount of work is not linear.
Often, just adding people to a project can increase the time because they have to be trained, managed and their work co-ordinated with others. All this takes
work and therefore time.
Project Management (5577)
Muhammad Idrees (03006719422) Page 8
If we decide that all the objectives must be met and we cannot reduce the
work then what other options do we have?
Time =Work ÷ Resource Capability
Sometimes we can speed up the work by using bigger, faster, more powerful machines (computers, plant and machinery) but, of course, this has a cost.
When the resource is people we can employ more highly skilled, more intelligent and more capable people (if we can find them and persuade them to
work on the project). But, whether it is machines or people :-
Resource Capability is normally directly proportional to Resource Cost
And
Work x Resource Cost = Total Cost
Therefore, to reduce the cost of a project and/or to conserve resources for other projects we need to keep the work to a minimum consistent with
achieving the aims and objectives of the project. But as the Work is reduced by increasing the Resource Capability there is a trade off between resource cost
and Total Cost. There may also be a reduction in overall project time and this
may have its own opportunities, benefits and/or cost savings.
Performance Criteria
The Performance Criteria are the things the project will deliver and to what
quality standard they will be delivered. For example:-
project to connect travelling or home workers to the corporate computer network may have 3 possible sets of
performance criteria. 1. Every external employee must have modem access to corporate and
external E-mail via the Internet
2. Every external employee must have access to corporate E-mail and one departmental server via ISDN connections
3. Every employee must have access to all corporate computer systems via ISDN (from home) and modem (from
hotels)
The equipment costs; the number and complexity of tasks and the
knowledge requirement associated with each of these performance
Project Management (5577)
Muhammad Idrees (03006719422) Page 9
criteria is very different. For example it is not possible to deliver
the same performance using a modem as it is using an ISDN line so further definition is required if performance criteria 3 is selected.
One of the main reasons for producing a well defined Project Definition is to
ensure that the Performance Criteria are set and agreed. We must define what it will NOT deliver, what it will deliver, and to what quality standard. The clear
aims and the measurable objectives derived from the definition process enable us to set the Performance Criteria and the quality standard. Why is this
important?
The number, size and complexity of Project Tasks are directly proportional to
the Performance Criteria
which have been set for the project. The Performance Criteria, therefore, determines the amount of work to be done.
When looking at resource decisions we have seen that these are directly affected by the amount and type of work that has to be done. Therefore, the
time the project will take and the amount that it will cost can be expressed as follows:-
The Performance Criteria are directly proportional to the Resource Days required divided by the Resource Capability available for each task
And: as Resource Days x Time = Work
And: Time =Work divided by Resource Capability
And: Resource Capability is proportional to Resource Cost
And: Work x Resource Cost = Total Cost
And therefore
Increased Performance Criteria = Increased Project time and Project Cost
So, to increase the performance criteria it is almost always necessary to increase the Work or to obtain resources with greater capabilities (i.e. they
can perform the same work in a shorter period of time). For example by using machines or highly skilled staff we can decrease the Resource Days or we can
choose to keep these the same and increase the Performance.
Time
If we choose to reduce the Resource Days by increasing the Resource
Capability this will not necessarily reduce the Total Cost because the
Project Management (5577)
Muhammad Idrees (03006719422) Page 10
reduction in resource days may be out weighed by the increased Resource
Cost.
However, improved Resource Capability will reduce the task time and there is often a delivery Time Cost associated with a project so that the cost to the
organisation will be less or its income improved. This is the so called 'window of opportunity' factor.
So it is self evident that there is always a trade off decision to be made between Time, Resources and Performance Criteria. This is why the
Project Definition is so important. It allows us to define that trade off, to have the senior managers approve it and the consequent allocation of resources.
Risk Analysis
We need to identify, quantify and make contingency plans to deal with project risks.
The constraints on a project are one form of risk. The project may well have
specific constraints that lead to identifiable risks. What do we mean by project
risk? A risk is anything that will have a negative impact on any one or all of the primary project constraints - Time, Resources and Performance Criteria.
Some examples might be:-
key person with specialist skills is required for several projects. If one of
those projects over run then that person will be required to work on several
projects at the same time. If this is not practical then the other projects will be delayed.
A person selected to do work on a project may not have the skills to do the work. If this risk is identified then the project plan can allow for training time and learning curve time. Alternatively,
another resource may be identified.
A vital machine may be scheduled for maintenance during the time
it is required for the project. Both the fact of the maintenance schedule must be known and the effect of early or late
maintenance or even machine substitution must be assessed and built into the project plan.
Let us take the example of a new computer system implementation and look at
what is often one of the most time consuming tasks (one that is so often prone to increased duration) and see how we might reduce the associated risks.
Project Management (5577)
Muhammad Idrees (03006719422) Page 11
implementing a new computer system the quantity and difficulty of
data transfer (extracting data from the existing system, reformatting it and importing it into the new system) is often under grossly estimated. The time
the work will take has a great sensitivity to:-
a. IT staff programming skills, their technical knowledge of both
systems as well as their knowledge about how the old and new systems will be operated.
b. the similarity of previous transfers by the supplier for other customers (even similar ones will not be exactly the same),
c. the similarity between the data in the old and new systems, d. the quality of the data to be transferred,
e. the knowledge and skill of the staff who must validate the data transferred.
f. The importance of historic data to the satisfactory operation of the new system or the service level provision to customers.
quantity and type of data transferred the greater the work in constructing the
data transfer programs and in validating the take-on data.
What are the risks?
That the 'live' date will be delayed.
That the system may not operate correctly.
That the customers will be dissatisfied.
That the organisation will be publicly criticised.
That, in consequence, the organisation will lose income or
market share.
Risk can be reduced by analysing what is essential data, what is accurate data and what is merely nice to have. Risk is minimised by transferring only
essential data that is also accurate. Re-enter essential but inaccurate data and store the rest on CD-ROM when the data transfer part of the project is
complete. You may never use this data but you will have a warm and comfortable feeling for having done it. Obviously, putting only your best people
on the project will also substantially reduce the risk of delay and the consequences of having inaccurate data.
Project Management (5577)
Muhammad Idrees (03006719422) Page 12
Product lifecycle management
Global product’s lifecycle.
Product lifecycle management (PLM) is the process of managing the entire lifecycle of a product from its conception, through design and manufacture, to
service and disposal. PLM integrates people, data, processes and business systems and provides a product information backbone for companies and their
extended enterprise.
Product lifecycle management' (PLM) should be distinguished from 'Product life
cycle management (marketing)' (PLCM). PLM describes the engineering aspect of a product, from managing descriptions and properties of a product through
its development and useful life; whereas, PLCM refers to the commercial management of life of a product in the business market with respect to costs
and sales measures.
Project Management (5577)
Muhammad Idrees (03006719422) Page 13
Product lifecycle management is one of the four cornerstones of a corporation's
information technology structure. All companies need to manage communications and information with their customers (CRM-Customer
Relationship Management), their suppliers (SCM-Supply Chain Management), their resources within the enterprise (ERP-Enterprise Resource Planning) and
their planning (SDLC-Systems Development Life Cycle). In addition, manufacturing engineering companies must also develop, describe, manage
and communicate information about their products.
A form of PLM called people-centric PLM. While traditional PLM tools have been deployed only on release or during the release phase, people-centric PLM
targets the design phase.
Recent (as of 2009) ICT development (EU funded PROMISE project 2004-2008)
has allowed PLM to extend beyond traditional PLM and integrate sensor data and real time 'lifecycle event data' into PLM, as well as allowing this
information to be made available to different players in the total lifecycle of an individual product (closing the information loop). This has resulted in the
extension of PLM into Closed Loop Lifecycle Management (CL2M).
Benefits
Documented benefits of product lifecycle management include:
Reduced time to market
Improved product quality Reduced prototyping costs
More accurate and timely Request For Quote generation
Ability to quickly identify potential sales opportunities and revenue contributions
Savings through the re-use of original data A framework for product optimization
Reduced waste Savings through the complete integration of engineering workflows
Documentation that can assist in proving Compliance for RoHS or Title 21 CFR Part 11
Ability to provide Contract Manufacturers with access to a centralized product record
Areas of PLM
Within PLM there are five primary areas;
1. Systems Engineering (SE)
Project Management (5577)
Muhammad Idrees (03006719422) Page 14
2. Product and Portfolio Management (PPM)
3. Product Design (CAx) 4. Manufacturing Process Management (MPM)
5. Product Data Management (PDM)
Systems Engineering is focused on meeting all requirements, primary meeting customer needs, and coordinating the Systems Design process by involving all
relevant disciplines. Product and Portfolio Management is focused on managing resource allocation, tracking progress vs. plan for projects in the new product
development projects that are in process (or in a holding status). Portfolio management is a tool that assists management in tracking progress on new
products and making trade-off decisions when allocating scarce resources.
Product Data Management is focused on capturing and maintaining information on products and/or services through their development and useful life.
Introduction to development process
The core of PLM (product lifecycle management) is in the creations and central management of all product data and the technology used to access this
information and knowledge. PLM as a discipline emerged from tools such as CAD, CAM and PDM, but can be viewed as the integration of these tools with
methods, people and the processes through all stages of a product‟s life. It is not just about software technology but is also a business strategy.
Project Management (5577)
Muhammad Idrees (03006719422) Page 15
For simplicity the stages described are shown in a traditional sequential engineering workflow. The exact order of event and tasks will vary according to
the product and industry in question but the main processes are:
Conceive o Specification
o Concept design Design
o Detailed design
o Validation and analysis (simulation) o Tool design
Realize o Plan manufacturing
o Manufacture o Build/Assemble
o Test (quality check) Service
Project Management (5577)
Muhammad Idrees (03006719422) Page 16
o Sell and Deliver
o Use o Maintain and Support
o Dispose
The major key point events are:
Order
Idea Kick-off
Design freeze Launch
The reality is however more complex, people and departments cannot perform
their tasks in isolation and one activity cannot simply finish and the next activity start. Design is an iterative process, often designs need to be modified
due to manufacturing constraints or conflicting requirements. Where exactly a customer order fits into the time line depends on the industry type, whether
the products are for example Build to Order, Engineer to Order, or Assemble to
Order.
History
Inspiration for the burgeoning business process now known as PLM came
when American Motors Corporation (AMC) was looking for a way to speed up its product development process to compete better against its larger
competitors in 1985, according to François Castaing, Vice President for Product Engineering and Development. After introducing its compact Jeep Cherokee
(XJ), the vehicle that launched the modern sport utility vehicle (SUV) market, AMC began development of a new model, that later came out as the Jeep
Grand Cherokee. The first part in its quest for faster product development was computer-aided design (CAD) software system that make engineers more
productive. The second part in this effort was the new communication system
that allowed conflicts to be resolved faster, as well as reducing costly engineering changes because all drawings and documents were in a central
database. The product data management was so effective, that after AMC was purchased by Chrysler, the system was expanded throughout the enterprise
connecting everyone involved in designing and building products. While an early adopter of PLM technology, Chrysler was able to become the auto
industry's lowest-cost producer, recording development costs that were half of the industry average by the mid-1990s.
Phases of product lifecycle and corresponding technologies
Project Management (5577)
Muhammad Idrees (03006719422) Page 17
Many software solutions have developed to organize and integrate the different
phases of a product‟s lifecycle. PLM should not be seen as a single software product but a collection of software tools and working methods integrated
together to address either single stages of the lifecycle or connect different tasks or manage the whole process. Some software providers cover the whole
PLM range while others a single niche application. Some applications can span many fields of PLM with different modules within the same data model. An
overview of the fields within PLM is covered here. It should be noted however that the simple classifications do not always fit exactly, many areas overlap
and many software products cover more than one area or do not fit easily into one category. It should also not be forgotten that one of the main goals of PLM
is to collect knowledge that can be reused for other projects and to coordinate simultaneous concurrent development of many products. It is about business
processes, people and methods as much as software application solutions. Although PLM is mainly associated with engineering tasks it also involves
marketing activities such as Product Portfolio Management (PPM), particularly
with regards to New product introduction (NPI).
Phase 1: Conceive
Imagine, specify, plan, and innovate
The first stage in idea is the definition of its requirements based on customer,
company, market and regulatory bodies‟ viewpoints. From this specification of the products major technical parameters can be defined. Parallel to the
requirements specification the initial concept design work is carried out defining the visual aesthetics of the product together with its main functional
aspects. For the Industrial Design, Styling, work many different media are used from pencil and paper, clay models to 3D CAID Computer-aided industrial
design software.
Phase 2: Design
Project Management (5577)
Muhammad Idrees (03006719422) Page 18
Describe, define, develop, test, analyze and validate
This is where the detailed design and development of the product‟s form starts,
progressing to prototype testing, through pilot release to full product launch. It can also involve redesign and ramp for improvement to existing products as
well as planned obsolescence. The main tool used for design and development is CAD Computer-aided design. This can be simple 2D Drawing / Drafting or 3D
Parametric Feature Based Solid/Surface Modeling. Such software includes technology such as Hybrid Modeling, Reverse Engineering, KBE (Knowledge-
Based Engineering), NDT (Nondestructive testing), Assembly construction.
This step covers many engineering disciplines including: Mechanical, Electrical,
Electronic, Software (embedded), and domain-specific, such as Architectural, Aerospace, Automotive, ... Along with the actual creation of geometry there is
the analysis of the components and product assemblies. Simulation, validation and optimization tasks are carried out using CAE (Computer-aided engineering)
software either integrated in the CAD package or stand-alone. These are used to perform tasks such as:- Stress analysis, FEA (Finite Element Analysis);
Kinematics; Computational fluid dynamics (CFD); and mechanical event simulation (MES). CAQ (Computer-aided quality) is used for tasks such as
Dimensional Tolerance (engineering) Analysis. Another task performed at this stage is the sourcing of bought out components, possibly with the aid of
Procurement systems.
Phase 3: Realize
Manufacture, make, build, procure, produce, sell and deliver
Once the design of the product‟s components is complete the method of manufacturing is defined. This includes CAD tasks such as tool design; creation
of CNC Machining instructions for the product‟s parts as well as tools to manufacture those parts, using integrated or separate CAM Computer-aided
manufacturing software. This will also involve analysis tools for process simulation for operations such as casting, molding, and die press forming.
Once the manufacturing method has been identified CPM comes into play. This involves CAPE (Computer-aided Production Engineering) or CAP/CAPP –
(Production Planning) tools for carrying out Factory, Plant and Facility Layout and Production Simulation. For example: Press-Line Simulation; and Industrial
Ergonomics; as well as tool selection management. Once components are manufactured their geometrical form and size can be checked against the
original CAD data with the use of Computer Aided Inspection equipment and
Project Management (5577)
Muhammad Idrees (03006719422) Page 19
software. Parallel to the engineering tasks, sales product configuration and
marketing documentation work will be taking place. This could include transferring engineering data (geometry and part list data) to a web based
sales configurator and other Desktop Publishing systems.
Phase 4: Service
Use, operate, maintain, support, sustain, phase-out, retire, recycle and
disposal
The final phase of the lifecycle involves managing of in service information. Providing customers and service engineers with support information for repair
and maintenance, as well as waste management/recycling information. This
involves using such tools as Maintenance, Repair and Operations Management (MRO) software.
All phases: product lifecycle
Communicate, manage and collaborate
None of the above phases can be seen in isolation. In reality a project does not run sequentially or in isolation of other product development projects.
Information is flowing between different people and systems. A major part of PLM is the co-ordination of and management of product definition data. This
includes managing engineering changes and release status of components;
configuration product variations; document management; planning project resources and timescale and risk assessment.
For these tasks graphical, text and metadata such as product bills of materials
(BOMs) needs to be managed. At the engineering departments level this is the domain of PDM – (Product Data Management) software, at the corporate level
EDM (Enterprise Data Management) software, these two definitions tend to blur however but it is typical to see two or more data management systems
within an organization. These systems are also linked to other corporate systems such as SCM, CRM, and ERP. Associated with these systems are
Project Management Systems for Project/Program Planning.
This central role is covered by numerous Collaborative Product Development
tools which run throughout the whole lifecycle and across organizations. This requires many technology tools in the areas of Conferencing, Data Sharing and
Data Translation. The field being Product visualization which includes technologies such as DMU (Digital Mock-Up), Immersive Virtual Digital
Prototyping (virtual reality) and Photo realistic Imaging.
Project Management (5577)
Muhammad Idrees (03006719422) Page 20
Product development processes and methodologies
A number of established methodologies have been adopted by PLM and been
further advanced. Together with PLM digital engineering techniques, they have been advanced to meet company goals such as reduced time to market and
lower production costs. Reducing lead times is a major factor as getting a
product to market quicker than the competition will help with higher revenue and profit margins and increase market share.
These techniques include:-
Concurrent engineering workflow
Industrial Design
Bottom-up design Top-down design
Front loading design workflow Design in context
Modular design NPD New product development
DFSS Design for Six Sigma DFMA Design for manufacture / assembly
Digital simulation engineering Requirement driven design
Specification managed validation
Project Management (5577)
Muhammad Idrees (03006719422) Page 21
References
1. "About PLM". CIMdata. http://www.cimdata.com/plm.html.
2. "What is PLM?". PLM Technology Guide.
http://plmtechnologyguide.com/site/?page_id=435. 3. Evans, Mike. "The PLM Debate". Cambashi.
http://www.cambashi.com/the-plm-debate---outsourcing-upsets-the-it-integration-pillars.
4. Day, Martyn (2002.04.15). "What is PLM". Cad Digest. http://www.caddigest.com/subjects/PLM/select/day_plm.htm.
5. Hill, Sidney (2006.12.01). "A winning strategy". Manufacturing Business Technology.
http://www.mbtmag.com/current_issues/2006/sept/coverstory1.asp?CategoryID=66.
6. Teresko, John (2004.01.02). "The PLM Revolution". IndustryWeek. http://www.industryweek.com/CurrentArticles/Asp/articles.asp?ArticleId
=1558. 7. Stackpole, Beth (2003.05.15). "There's a New App in Town". CIO
Magazine. http://www.cio.com/archive/051503/app.html.
8. Goul, Lawrence (2002.06.05). "Additional ABCs About PLM". Automotive Design and Production.
http://www.autofieldguide.com/articles/120506.html. 9. Sidney Hill, Jr., "How To Be A Trendsetter: Dassault And IBM PLM
Customers Swap Tales From The PLM Front", retrieved on March 28, 2008.
10. Incose SYSTEMS ENGINEERING HANDBOOK, A “HOW TO” GUIDE For All Engineers, Version 2.0, July 2000. pg 358
Project Management (5577)
Muhammad Idrees (03006719422) Page 22
Q. 2 Elaborate your understanding about scope planning, also explain its needs
and importance in project management.
Scope (project management)
Project Scope "The work that needs to be accomplished to deliver a product, service, or result with the specified features and functions."
Product Scope "The features and functions that characterize a product, service, or result." Notice that Project Scope is more work-oriented, while
Product Scope is more oriented toward functional requirements. If requirements are not completely defined and described and if there is no
effective change control in a project, scope or requirement creep may ensue.
Scope creep management is important for effective project management. Projects are expected to meet strict deadlines with resource restraints, and an
unvetted and unapproved change in the scope can affect the success of the project. Scope creep sometimes causes cost overrun.
Scope creep is a term which refers to the incremental expansion of the scope of a project, which may include and introduce more requirements that may not
have been a part of the initial planning of the project, while nevertheless failing to adjust schedule and budget. There are two distinct ways to separate scope
creep management. The first is business scope creep, and the second is called features (also technology) scope creep. The type of scope creep
management is always dependent upon on the people who create the changes.
Business scope creep management occurs when decisions that are made
with reference to a project are designed to solve or meet the requirements and needs of the business. Business scope creep changes may be a result of poor
requirements definition early in development, or the failure to include the users of the project until the later stage of the systems development life cycle.
Scope management plan is one of the major Scope communication
documents. The Project Scope Management Plan documents how the project scope will be defined, managed, controlled, verified and communicated to the
project team and stakeholders/customers. It also includes all work required to
complete the project. The documents are used to control what is in and out of the scope of the project by the use of a Change Management system. Items
deemed out of scope go directly through the change control process and are not automatically added to the project work items. The Project Scope
Management plan is included in as one of the sections in the overall Project Management plan. It can be very detailed and formal or loosely framed and
informal depending on the communication needs of the project.
Project Management (5577)
Muhammad Idrees (03006719422) Page 23
Features (Technology) scope creep occurs when the scope creep is
introduced by technologists adding features not originally contemplated. Customer-pleasing scope creep occurs when the desire to please the customer
through additional product features adds more work to the current project rather than to a new project proposal. Gold-plating scope creep occurs when
technologists augment the original requirements because of a bias toward "technical perfectionism" or because the initial requirements were insufficiently
clear or detailed.
Scope Planning
The Project scope management plan describes:
How project scope will be defined
How detailed project scope statement will be developed
How work breakdown structure will be created
How scope verification will be performed
How project scope control will be done
Importance of Scope in Project Management
Introduction
Project scope management is management of the process required to ensure
that the project includes all the work required and to complete the project
successfully.
Scope Planning
Scope Definition
Create WBS
Scope Verification
Scope control
Scope Definition
Scope definition process is a detailed project which is critical to project success.
In this process the project is defined with greater details and with more specific information about the project. Stakeholder needs and expectations are
detailed in this document. The assumptions and constraints are analyzed and detailed.
Project Management (5577)
Muhammad Idrees (03006719422) Page 24
Creating WBS (Work Breakdown Structure)
The Work Breakdown Structure is a deliverable-oriented hierarchical decomposition of the work to be performed by the project team to create deliverables.
The WBS subdivides the project work into smaller, more manageable pieces of work. Each lower level of the WBS represents further detailed breakup of the
project work. Each lower level of the WBS represents further detailed break-up of the project work. The Lowest level WBS nodes are called work packages,
which can be scheduled, estimated, monitored, and controlled by an individual or a team.
A Work Breakdown structure is a result-oriented family tree that captures all
the work of a project in an organized way. It is often portrayed graphically as a hierarchical tree; however, it can be a tabular list “element" categories and
task or the indented task list that appears in your Gantt chart schedule.
The WBS is commonly used at the beginning of a project for defining project
scope, organizing Gantt schedules and estimating costs. It lives on, throughout the project schedule and often is the main path for reporting project costs. On
larger projects, the WBS may be used throughout the project to identify and track work packages, to organize data for Earned Value Management (EVM)
reporting and for tracking deliverables.
Scope Verification
Scope verification is the process of completed project scope and deliverables by stakeholders. This includes performing review and getting formal
acceptance from stakeholders.
Scope verification process is different from quality control process as in scope verification is concerned with the deliverables and work as per project scope
while the quality control process focuses on meeting the quality requirements specified for the deliverables. Usually quality control is performed before scope
verification, but sometimes these processes can be performed in parallel.
Scope Control
Project Scope Control process controls the factors which induce changes in project scope. It also controls the impact of those changes on project scope.
Scope Control is associated with Integrated Change Control Process. This process makes sure that all requested changes and recommended corrective
actions are processed through the Integrated Change Control process.
Project Management (5577)
Muhammad Idrees (03006719422) Page 25
This process also manages the actual changes when they occur in coordination
with other control processes. It controls scope creeps, which is one of the biggest reasons of unsuccessful projects.
Project Management (5577)
Muhammad Idrees (03006719422) Page 26
Q. 3 What is resource planning and principles of cost management in project
management?
Resource Plan
This Project Resource Management Plan helps you to identify all of the
resources required to complete your project successfully.
Using this Resource Plan, you will be able to identify the quantity of labor, equipment and materials needed to deliver your project.
You will then create a resource schedule, which enables you to plan the consumption of each type of resource, so that you know that you will have
enough resources to complete the project.
This Resource Planning template will help you identify the:
Types of labor required for the project Roles and key responsibilities for each labor type
Number of people required to fill each role Items of equipment to be used and their purposes
Types and quantities of equipment needed Total amount of materials needed
This Resource Plan template will also help you to:
Plan the dates for using or consuming these resources
Identify the amount of resource required per project activity Create a detailed resource utilization schedule
By purchasing this resource planning template, you can schedule the resources
needed to complete your project successfully.
What is a Resource Plan?
A Resource Plan summarizes the level of resources needed to complete a
project. A properly documented Resource Plan will specify the exact quantities
of labor, equipment and materials needed to complete your project. This Resource Planning template also helps you gain approval from your Sponsor,
ensuring their buy-in.
Project Management (5577)
Muhammad Idrees (03006719422) Page 27
When do I use a Resource Plan?
A Resource Plan is created during the Resource Planning phase of the project. Anyone responsible for Project Resource Management will need to create a
comprehensive Resource Plan, to ensure that all of the resources needed to
complete the project are identified. By implementing proper Resource Planning practices, it also helps you with budgeting and forecasting project expenditure.
Principles of Cost Management in project management
Many information technology projects are never initiated because information technology professionals do not understand the importance of knowing basic
accounting and finance principles. Important concepts such as net present value analysis, return on investment, and payback analysis are discussed as Project Scope Management. Likewise, many projects that are started never finish because of cost
management problems. Most members of an executive board understand and are more interested in financial terms than information technology terms. Therefore
information-technology project management professionals need to be able to present project information in financial ten as well as in technical terms. In addition to net present value analysis, return on investment, and payback analysis, project managers
must understand several other Cost management principles, concepts, and terms. This section describes general topics such as profits, life cycle costing, cash-flow
analysis, internal rate of return, tangible and intangible costs and benefits, direct costs, sunk costs, learning curve theory, and reserves. Another important topic and one of the key tools and techniques for controlling project costs, earned value
management, is described in detail in the section on cost control.
Profits are revenues minus expenses. To increase profits, a company can increase revenues, decrease expenses, or try to do both. Most executives are
more concerned with profits than with other issues. When justifying investments in new information systems and technology, it is important to
focus on the impact on profits, not just revenues or expenses. Consider an
electronic commerce application that you estimate will increase revenues for a $100 million company by ten percent. You cannot measure the potential
benefits of the system without knowing the profit margin. Profit margin is the ratio between revenues and profits. If revenues of $100 generate $2 in profits,
there is a 2 percent profit margin. If the company loses $2 for every $100 in revenue, there is a -2 percent profit margin.
Life cycle costing allows one to take a picture view of the cost of a project
over its entire life. This helps you to develop a more accurate projection a benefits. Life cycle costing considers the total cost of owner or development
plus support costs, for a project. For example, a company might complete a
project to develop and implement a new customer service system in one or
Project Management (5577)
Muhammad Idrees (03006719422) Page 28
two years, but the new system could be in place for ten years. Project
managers should create estimates of the costs and benefits of the project for its entire life, or ten years in the preceding example. Recall that the n present
value analysis for the project would include the entire ten-year period of costs and benefits. Senior management and project managers need to consider the
life cycle costs of projects when they make financial decisions.
Cash flow analysis is a for determining the estimated annual costs and benefits for a project and the resulting annual cash flow. It must be done to
determine set net present value (Google “Project Scope Management” for more on this topic). Most con summers understand the basic concept of cash flow. If
they do not have enough money in their wallets or checking accounts, they
cannot purchase something. Managers must take cash flow concerns into account when selecting projects in which to invest. If managers select too
many projects having high cash flow needs in the same year, the company will not be able to support all of the projects and maintain its profitability. It is
important to define clearly the year on which the dollar amounts are based. For example, if you based all Costs on 2002 estimates, you would need to account
for inflation and other factors when projecting costs and benefits in future-year dollars.
Internal rate of return (IRR) is the rate that makes net present value equal
to zero. It is also called the time-adjusted rate of return. Some companies
prefer to estimate the internal rate of return instead of, or in addition to, net p value and set minimum values that must be achieved for projects to be
selected or continued. For example, assume a three-year project had projected costs in year one of $100 and projected benefits in years two and three of
$100 each year. Assume there were no benefits in year one and no costs in years two and three. Using a 10 percent discount rate, you could compute the
net present value to be about $67 (Google for details on “performing net present value calculations”.) The internal rate of return for this project is the
discount rate that makes the net present value equal to zero. In this example, the internal rate of return is 62 percents
Tangible and intangible costs and benefits are categories for determining how definable the estimated costs and benefits are project. Tangible costs or
benefits are those costs or benefits that can be easily measured in dollars. For example, suppose that the surveyor‟s assistant project described in the
opening case included a preliminary feasibility study. If a firm completed this study for $100,000, the tangible cost of study is $100,000. If Juan‟s
government estimated that it would have cost them $150,000 to do the study themselves, the tangible benefits of the study would be $50,000. In contrast,
intangible costs or benefits are costs or benefits that are difficult to measure in monetary terms. Suppose Juan and a few other people, out of personal
interest, spent some time using government-owned computers, books, and
Project Management (5577)
Muhammad Idrees (03006719422) Page 29
other resources to research areas related to the study. Although their hours
and the government-owned materials were not billed to the project, they could be considered to he intangible costs. In benefits of the study might be the
perceived potential benefit of having a system that could help the government lay water lines or fiber-optic cable faster or for less money. Because intangible
costs and benefits are difficult to quantify, they are often harder to justify.
Direct costs are costs related to a project that can be traced back in a cost-effective way. You can attribute direct costs directly to a certain project. For
example, the salaries of people working full-time on the project and the cost of hardware and software purchased specifically for the project are direct costs.
Project managers should focus on direct costs, since they can control them.
Indirect costs are costs related to a project that cannot be traced back in a
cost-effective way. For example, the cost of electricity, paper towels, etc. in a large building housing a thousand employees who work on many projects
would be indirect costs. Indirect costs are allocated to projects, and project managers have very little control over them.
Sunk cost is money that has been spent in the past. Consider it gone like a sunken ship that can never be returned. When deciding what projects to invest
in or continue, you should not include sunk costs. For example, in the opening case, suppose Juan‟s office had spent $1 million on a project over the past
three years to create a geographic information system, hut nothing valuable was ever produced. If his government was evaluating what projects to fund
next year and someone suggested that they keep funding the geographic information sys tem project because they had already spent $1 million on it, he
or she would he incorrectly making sunk cost a key factor in the project selection decision. Many people fall into the trap of considering how much
money has been spent on a failing project and, therefore, hate to stop spending money on it. This trap is similar to gamblers not wanting to stop
gambling because they have already lost money. Sunk costs should be forgotten.
Learning curve theory states that when many items are produced repetitively, the unit cost of those items decreases in a regular pattern as more
units are produced. For example, suppose the surveyor‟s assistant project would potentially produce 1,000 hand-held devices that could run the new
software and access information via satellite. The cost of the first hand-held device or unit would be much higher than the cost of the 1,000 unit. Learning
curve theory should be used to estimate costs on projects involving the production of large quantities of items. Learning curve theory also applies to
the amount of time it takes to complete some tasks. For example, the first time a new employee performs a specific task, it will probably take longer than
the tenth time that employee performs a very similar task.
Project Management (5577)
Muhammad Idrees (03006719422) Page 30
Reserves are dollars included in a cost estimate to mitigate cost risk by allow
for future situations that are difficult to predict. Contingency reserves allow for future situations that may be partially planned for (sometimes called known
unknowns) and are included in the project cost For example, if an organization knows it has a 20 percent rate of turnover for information technology
personnel, it should include contingency reserves to pay for recruiting and training costs for project personnel. Management reserves allow for future
situations that are unpredictable (sometimes called unknown unknowns). For example, if a project manager gets sick for two weeks or an important supplier
goes out of business, management reserve could be set aside to cover the resulting costs.
Project Management (5577)
Muhammad Idrees (03006719422) Page 31
Q.4 Explain the implementation of motivational theories in project
management.
Motivational Theories
Introduction
Great leaders are invariably great motivators too.
Understanding some basics of motivational theories will help you to become
a successful project manager. You will already have read that the main roles of a project manager are to plan, organize, co-ordinate, control and lead. It
is the role in which you are a leader that will require you to be at your very best in motivating others. Pretty well any one can manage other people when
it is simply a job of telling them what to do, the difference between managing someone and leading them is that a leader will engage people in working on a
task such that they feel ownership and responsibility for it, raising their self-esteem and ensuring the best possible job is done. So, just how might you
motivate people working for you?
Needs, intrinsic and extrinsic motivation basics.
A definition of motivation could be – that which compels us to participate in an activity or maintains particular behaviors. Acting entirely in our
subconscious we are all in a state of eternal motivation. Whether it is being motivated to eat when hungry or sleep when tired – we are motivated to do so
according to our basic needs. In turn everyone has two types of needs that are referred to as intrinsic and extrinsic ones, for which we can be intrinsically
or extrinsically motivated to attain them. An intrinsic motivation to do something arises when you decide you want to do something; it is something
that gives you feelings of great personal causation or satisfaction in doing it. The alternative is extrinsic motivation, which is when you receive some form
of reward as a result of doing something, the easiest example to cite here would be money; but it could just as easily be winning a trophy or medal and
Project Management (5577)
Muhammad Idrees (03006719422) Page 32
even a threat against you can be an extrinsic motivation to do something. The
feelings of personal causation that arise from intrinsic motivation are what drives people on to making that extra effort and taking that extra pride in
their work, which we all know are vital to the success of a project. However, before anyone is capable of becoming concerned with their intrinsic needs their
extrinsic needs have to be satisfied.
Needs theory and motivation.
Some people can only be motivated by money to satisfy basic needs.
Our basic needs can be organized into the five following categories:
Physiological - that which we need to physically survive. Safety – having satisfied our physiological needs we can become concerned with our safety
which could be something as relatively minor as maintaining a routine we are comfortable with or as important as securing our homes. Social - far more
than just how many friends we have or where we go with them. This need includes love, affection, and our sense of belonging and acceptance;
particularly regarding our family relationships. Esteem – everyone wants and needs to feel valued and respected by others in order to maintain their self-
esteem. Your level of self-esteem is established according to your sense of achievement and confidence. Self-Actualization – the desire to reach your
maximum of potential in all that you do. In a hierarchy of needs this would
be the highest one. In theory once the previous four needs were met, self-actualization would be a persistent goal. As once we felt we had reached our
maximum potential we would then seek other new and higher goals. However, the significant point about understanding „needs‟ in motivational theory is
that the first four needs in that list are extrinsic ones and only self-actualization is an intrinsic need. Until the first four needs are satisfied
humans cannot move on to consider being motivated by their intrinsic need of self-actualization – which is the one that will be of most benefit to you and
your project.
Project Management (5577)
Muhammad Idrees (03006719422) Page 33
Cognitive dissonance theory.
Founded on principles of Gestalt psychology, the cognitive dissonance
theory of motivation arises from the need to reconcile two conflicting cognitions at the creative sub-conscious level. To exemplify this theory imagine
that you have a broken window in your home, you recognize that something
isn‟t right and determine to fix the window. At the sub-conscious level you have a dissonance between something being wrong and the need to fix it, a
cognitive dissonance that won‟t be resolved until the window is fixed. Individuals level‟s of cognitive dissonance can vary, but in the workplace staff
who are sensitive to cognitive dissonance issues will persist in seeing tasks through to completion and to the very best of their ability, they will also often
make the best problem solvers. Cognitive dissonance is a good example of intrinsic motivation, where the person concerned constantly seeks to
improve themselves.
Goal setting theory and motivation.
Not everyone needs the 'stick and carrot' approach to motivation.
Goal setting can work in several ways but is most simply seen as the setting of goals to be achieved by someone else or an individual setting themselves
goals. In the latter case people who are able to set themselves goals and achieve them to a high degree are often using a combination of cognitive
dissonance and goal setting to achieve something. In essence the setting of goals simply breaks down a large task into smaller components, as each goal
is attained the owner of the goals has feelings of empowerment in achieving something, driving them on to successfully complete the next goal or
objective. The acronym SMART is often applied to goal setting, where goals
have to be: Specific, Measurable, Attainable, Relevant and Timed. In setting goals that are SMART you are giving the person to whom they are assigned a
clear framework in which they need to accomplish them. This level of direction can be needed as some people, when given a task to do, will try and find ways
of not doing the task without actually not doing any work, creative avoidance; this is as different again to someone who is simply incapable of
doing the task, in which case they should not have been assigned he task
Project Management (5577)
Muhammad Idrees (03006719422) Page 34
anyway. On the other hand without making the goals SMART someone might
seek perfection to such a degree that they seemingly can never finish it.
The incentive theory of motivation.
No matter what the level of salary some people are on they always seek, or
even expect, further reward for their work. Incentive theory tells us that some people can be motivated to work by both tangible and intangible
rewards, in both cases the incentive instills in the person receiving it the desire to repeat the behavior that resulted in the reward. Tangible and
intangible rewards can, of course, be directly related to the extrinsic and intrinsic needs theory of motivation, in that receiving the reward satisfies an
apparent need.
Project Management (5577)
Muhammad Idrees (03006719422) Page 35
Q.5 Define and explain the process of Project Risk Management?
Risk management
Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether
positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of
unfortunate events or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project failures, legal liabilities,
credit risk, accidents, natural causes and disasters as well as deliberate attacks
from an adversary. Several risk management standards have been developed including the Project Management Institute, the National Institute of Science
and Technology, actuarial societies, and ISO standards. Methods, definitions and goals vary widely according to whether the risk management method is in
the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.
The strategies to manage risk include transferring the risk to another party,
avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk.
Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk even though the
confidence in estimates and decisions increase.
Introduction
In ideal risk management, a prioritization process is followed whereby the risks
with the greatest loss and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled
in descending order. In practice the process can be very difficult, and balancing
between risks with a high probability of occurrence but lower loss versus a risk with high loss but lower probability of occurrence can often be mishandled.
Intangible risk management identifies a new type of a risk that has a 100%
probability of occurring but is ignored by the organization due to a lack of identification ability. For example, when deficient knowledge is applied to a
situation, a knowledge risk materializes. Relationship risk appears when ineffective collaboration occurs. Process-engagement risk may be an issue
when ineffective operational procedures are applied. These risks directly reduce the productivity of knowledge workers, decrease cost effectiveness,
profitability, service, quality, reputation, brand value, and earnings quality.
Project Management (5577)
Muhammad Idrees (03006719422) Page 36
Intangible risk management allows risk management to create immediate
value from the identification and reduction of risks that reduce productivity.
Risk management also faces difficulties in allocating resources. This is the idea of opportunity cost. Resources spent on risk management could have been
spent on more profitable activities. Again, ideal risk management minimizes spending and minimizes the negative effects of risks.
Method
For the most part, these methods consist of the following elements, performed, more or less, in the following order.
1. identify, characterize, and assess threats 2. assess the vulnerability of critical assets to specific threats 3. determine the risk (i.e. the expected consequences of specific types of attacks
on specific assets) 4. identify ways to reduce those risks
5. prioritize risk reduction measures based on a strategy
Principles of risk management
The International Organization for Standardization (ISO) identifies the
following principles of risk management:
Risk management should:
create value be an integral part of organizational processes
be part of decision making explicitly address uncertainty
be systematic and structured be based on the best available information
be tailored take into account human factors be transparent and inclusive
be dynamic, iterative and responsive to change be capable of continual improvement and enhancement
Project Management (5577)
Muhammad Idrees (03006719422) Page 37
Process
According to the standard ISO 31000 "Risk management -- Principles and
guidelines on implementation," the process of risk management consists of
several steps as follows:
Establishing the context
Establishing the context involves:
1. Identification of risk in a selected domain of interest
2. Planning the remainder of the process. 3. Mapping out the following:
o the social scope of risk management o the identity and objectives of stakeholders o the basis upon which risks will be evaluated, constraints.
4. Defining a framework for the activity and an agenda for identification. 5. Developing an analysis of risks involved in the process.
6. Mitigation or Solution of risks using available technological, human and organizational resources.
Identification
After establishing the context, the next step in the process of managing risk is to identify potential risks. Risks are about events that, when triggered, cause
problems. Hence, risk identification can start with the source of problems, or with the problem itself.
Source analysis Risk sources may be internal or external to the system that is
the target of risk management.
Examples of risk sources are: stakeholders of a project, employees of a company or the weather over an airport.
Problem analysis Risks are related to identified threats. For example: the threat of losing money, the threat of abuse of privacy information or the threat of accidents and casualties. The threats may exist with various entities, most
important with shareholders, customers and legislative bodies such as the government.
When either source or problem is known, the events that a source may trigger
or the events that can lead to a problem can be investigated. For example: stakeholders withdrawing during a project may endanger funding of the
project; privacy information may be stolen by employees even within a closed network; lightning striking a Boeing 747 during takeoff may make all people
onboard immediate casualties.
Project Management (5577)
Muhammad Idrees (03006719422) Page 38
The chosen method of identifying risks may depend on culture, industry
practice and compliance. The identification methods are formed by templates or the development of templates for identifying source, problem or event.
Common risk identification methods are:
Objectives-based risk identification Organizations and project teams have objectives. Any event that may endanger achieving an objective partly or
completely is identified as risk. Scenario-based risk identification In scenario analysis different scenarios
are created. The scenarios may be the alternative ways to achieve an objective,
or an analysis of the interaction of forces in, for example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk -
see Futures Studies for methodology used by Futurists. Taxonomy-based risk identification The taxonomy in taxonomy-based risk
identification is a breakdown of possible risk sources. Based on the taxonomy
and knowledge of best practices, a questionnaire is compiled. The answers to the questions reveal risks.
Common-risk checking In several industries, lists with known risks are available. Each risk in the list can be checked for application to a particular situation.
Risk charting This method combines the above approaches by listing resources at risk, Threats to those resources Modifying Factors which may
increase or decrease the risk and Consequences it is wished to avoid. Creating a matrix under these headings enables a variety of approaches. One can begin
with resources and consider the threats they are exposed to and the consequences of each. Alternatively one can start with the threats and examine which resources they would affect, or one can begin with the consequences and
determine which combination of threats and resources would be involved to bring them about.
Assessment
Once risks have been identified, they must then be assessed as to their potential severity of loss and to the probability of occurrence. These quantities
can be either simple to measure, in the case of the value of a lost building, or impossible to know for sure in the case of the probability of an unlikely event
occurring. Therefore, in the assessment process it is critical to make the best educated guesses possible in order to properly prioritize the implementation of
the risk management plan.
The fundamental difficulty in risk assessment is determining the rate of
occurrence since statistical information is not available on all kinds of past incidents. Furthermore, evaluating the severity of the consequences (impact) is
often quite difficult for immaterial assets. Asset valuation is another question that needs to be addressed. Thus, best educated opinions and available
statistics are the primary sources of information. Nevertheless, risk assessment should produce such information for the management of the
Project Management (5577)
Muhammad Idrees (03006719422) Page 39
organization that the primary risks are easy to understand and that the risk
management decisions may be prioritized. Thus, there have been several theories and attempts to quantify risks. Numerous different risk formulae exist,
but perhaps the most widely accepted formula for risk quantification is:
Rate of occurrence multiplied by the impact of the event equals risk
Composite Risk Index
The above formula can also be re-written in terms of a Composite Risk Index,
as follows:
Composite Risk Index = Impact of Risk event x Probability of Occurrence
The impact of the risk event is assessed on a scale of 0 to 5, where 0 and 5 represent the minimum and maximum possible impact of an occurrence of a
risk (usually in terms of financial losses).
The probability of occurrence is likewise assessed on a scale from 0 to 5, where
0 represents a zero probability of the risk event actually occurring while 5 represents a 100% probability of occurrence.
The Composite Index thus can take values ranging from 0 through 25, and this
range is usually arbitrarily divided into three sub-ranges. The overall risk assessment is then Low, Medium or High, depending on the sub-range
containing the calculated value of the Composite Index. For instance, the three
sub-ranges could be defined as 0 to 8, 9 to 16 and 17 to 25.
Note that the probability of risk occurrence is difficult to estimate since the past data on frequencies are not readily available, as mentioned above.
Likewise, the impact of the risk is not easy to estimate since it is often difficult
to estimate the potential financial loss in the event of risk occurrence.
Further, both the above factors can change in magnitude depending on the
adequacy of risk avoidance and prevention measures taken and due to changes in the external business environment. Hence it is absolutely necessary
to periodically re-assess risks and intensify/relax mitigation measures as necessary.
Project Management (5577)
Muhammad Idrees (03006719422) Page 40
Risk Options
Risk mitigation measures are usually formulated according to one or more of
the following major risk options, which are:
1. Design a new business process with adequate built-in risk control and
containment measures from the start.
2. Periodically re-assess risks that are accepted in ongoing processes as a normal feature of business operations and modify mitigation measures.
3. Transfer risks to an external agency (e.g. an insurance company)
4. Avoid risks altogether (e.g. by closing down a particular high-risk business area)
Later research has shown that the financial benefits of risk management are less dependent on the formula used but are more dependent on the frequency
and how risk assessment is performed.
In business it is imperative to be able to present the findings of risk assessments in financial terms. Robert Courtney Jr. (IBM, 1970) proposed a
formula for presenting risks in financial terms. The Courtney formula was accepted as the official risk analysis method for the US governmental agencies.
The formula proposes calculation of ALE (annualised loss expectancy) and
compares the expected loss value to the security control implementation costs (cost-benefit analysis).
Potential risk treatments
Once risks have been identified and assessed, all techniques to manage the risk fall into one or more of these four major categories:
Avoidance (eliminates, withdraw from or not become involved)
Reduction (optimise - mitigate) Sharing (transfer - outsource or insure) Retention (accept and budget)
Ideal use of these strategies may not be possible. Some of them may involve
trade-offs that are not acceptable to the organization or person making the risk
management decisions. Another source, from the US Department of Defense, Defense Acquisition University, calls these categories ACAT, for Avoid, Control,
Accept, or Transfer. This use of the ACAT acronym is reminiscent of another ACAT (for Acquisition Category) used in US Defense industry procurements, in
which Risk Management figures prominently in decision making and planning.
Project Management (5577)
Muhammad Idrees (03006719422) Page 41
Risk avoidance
This includes not performing an activity that could carry risk. An example would be not buying a property or business in order to not take on the legal
liability that comes with it. Another would be not be flying in order to not take the risk that the airplane were to be hijacked. Avoidance may seem the answer
to all risks, but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. Not entering a business to
avoid the risk of loss also avoids the possibility of earning profits.
Hazard Prevention
Hazard prevention refers to the prevention of risks in an emergency. The first and most effective stage of hazard prevention is the elimination of hazards. If
this takes too long, is too costly, or is otherwise impractical, the second stage
is mitigation.
Risk reduction
Risk reduction or "optimisation" involves reducing the severity of the loss or the likelihood of the loss from occurring. For example, sprinklers are designed to put out a fire to reduce the risk of loss by fire. This method may cause a
greater loss by water damage and therefore may not be suitable. Halon fire
suppression systems may mitigate that risk, but the cost may be prohibitive as a strategy.
Acknowledging that risks can be positive or negative, optimising risks means
finding a balance between negative risk and the benefit of the operation or activity; and between risk reduction and effort applied. By an offshore drilling
contractor effectively applying HSE Management in its organisation, it can optimise risk to achieve levels of residual risk that are tolerable.Modern
software development methodologies reduce risk by developing and delivering software incrementally. Early methodologies suffered from the fact that they
only delivered software in the final phase of development; any problems
encountered in earlier phases meant costly rework and often jeopardized the whole project. By developing in iterations, software projects can limit effort
wasted to a single iteration.
Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability at managing or reducing risks. For example, a
company may outsource only its software development, the manufacturing of hard goods, or customer support needs to another company, while handling
the business management itself. This way, the company can concentrate more on business development without having to worry as much about the
Project Management (5577)
Muhammad Idrees (03006719422) Page 42
manufacturing process, managing the development team, or finding a physical
location for a call center.
Risk sharing
Briefly defined as "sharing with another party the burden of loss or the benefit of gain, from a risk, and the measures to reduce a risk."
The term of 'risk transfer' is often used in place of risk sharing in the mistaken
belief that you can transfer a risk to a third party through insurance or outsourcing. In practice if the insurance company or contractor go bankrupt or
end up in court, the original risk is likely to still revert to the first party. As such in the terminology of practitioners and scholars alike, the purchase of an
insurance contract is often described as a "transfer of risk." However, technically speaking, the buyer of the contract generally retains legal
responsibility for the losses "transferred", meaning that insurance may be described more accurately as a post-event compensatory mechanism. For
example, a personal injuries insurance policy does not transfer the risk of a car
accident to the insurance company. The risk still lies with the policy holder namely the person who has been in the accident. The insurance policy simply
provides that if an accident (the event) occurs involving the policy holder then some compensation may be payable to the policy holder that is commensurate
to the suffering/damage.
Some ways of managing risk fall into multiple categories. Risk retention pools are technically retaining the risk for the group, but spreading it over the whole
group involves transfer among individual members of the group. This is different from traditional insurance, in that no premium is exchanged between
members of the group up front, but instead losses are assessed to all members
of the group.
Risk retention
Involves accepting the loss, or benefit of gain, from a risk when it occurs. True self insurance falls in this category. Risk retention is a viable strategy for small
risks where the cost of insuring against the risk would be greater over time than the total losses sustained. All risks that are not avoided or transferred are
retained by default. This includes risks that are so large or catastrophic that they either cannot be insured against or the premiums would be infeasible.
War is an example since most property and risks are not insured against war, so the loss attributed by war is retained by the insured. Also any amounts of
potential loss (risk) over the amount insured is retained risk. This may also be acceptable if the chance of a very large loss is small or if the cost to insure for
greater coverage amounts is so great it would hinder the goals of the organization too much.
Project Management (5577)
Muhammad Idrees (03006719422) Page 43
Create a risk management plan
Select appropriate controls or countermeasures to measure each risk. Risk
mitigation needs to be approved by the appropriate level of management. For
instance, a risk concerning the image of the organization should have top management decision behind it whereas IT management would have the
authority to decide on computer virus risks.
The risk management plan should propose applicable and effective security controls for managing the risks. For example, an observed high risk of
computer viruses could be mitigated by acquiring and implementing antivirus software. A good risk management plan should contain a schedule for control
implementation and responsible persons for those actions.
According to ISO/IEC 27001, the stage immediately after completion of the
risk assessment phase consists of preparing a Risk Treatment Plan, which should document the decisions about how each of the identified risks should be
handled. Mitigation of risks often means selection of security controls, which should be documented in a Statement of Applicability, which identifies which
particular control objectives and controls from the standard have been selected, and why.
Implementation
Implementation follows all of the planned methods for mitigating the effect of the risks. Purchase insurance policies for the risks that have been decided to
be transferred to an insurer, avoid all risks that can be avoided without
sacrificing the entity's goals, reduce others, and retain the rest.
Review and evaluation of the plan
Initial risk management plans will never be perfect. Practice, experience, and
actual loss results will necessitate changes in the plan and contribute information to allow possible different decisions to be made in dealing with the
risks being faced.
Risk analysis results and management plans should be updated periodically. There are two primary reasons for this:
1. to evaluate whether the previously selected security controls are still applicable and effective, and
2. to evaluate the possible risk level changes in the business environment. For example, information risks are a good example of rapidly changing business environment.
Project Management (5577)
Muhammad Idrees (03006719422) Page 44
Limitations
If risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time
assessing and managing unlikely risks can divert resources that could be used
more profitably. Unlikely events do occur but if the risk is unlikely enough to occur it may be better to simply retain the risk and deal with the result if the
loss does in fact occur. Qualitative risk assessment is subjective and lacks consistency. The primary justification for a formal risk assessment process is
legal and bureaucratic.
Prioritizing the risk management processes too highly could keep an organization from ever completing a project or even getting started. This is
especially true if other work is suspended until the risk management process is considered complete.
It is also important to keep in mind the distinction between risk and uncertainty. Risk can be measured by impacts x probability.
Areas of risk management
As applied to corporate finance, risk management is the technique for measuring, monitoring and controlling the financial or operational risk on a
firm's balance sheet. See value at risk.
The Basel II framework breaks risks into market risk (price risk), credit risk
and operational risk and also specifies methods for calculating capital requirements for each of these components.
Enterprise risk management
In enterprise risk management, a risk is defined as a possible event or circumstance that can have negative influences on the enterprise in question.
Its impact can be on the very existence, the resources (human and capital), the products and services, or the customers of the enterprise, as well as
external impacts on society, markets, or the environment. In a financial institution, enterprise risk management is normally thought of as the
combination of credit risk, interest rate risk or asset liability management,
market risk, and operational risk.
In the more general case, every probable risk can have a pre-formulated plan to deal with its possible consequences (to ensure contingency if the risk
becomes a liability).
Project Management (5577)
Muhammad Idrees (03006719422) Page 45
From the information above and the average cost per employee over time, or
cost accrual ratio, a project manager can estimate:
the cost associated with the risk if it arises, estimated by multiplying employee costs per unit time by the estimated time lost (cost impact, C where C = cost
accrual ratio * S). the probable increase in time associated with a risk (schedule variance due to
risk, Rs where Rs = P * S):
o Sorting on this value puts the highest risks to the schedule first. This is intended to cause the greatest risks to the project to be attempted first
so that risk is minimized as quickly as possible. o This is slightly misleading as schedule variances with a large P and small
S and vice versa are not equivalent. (The risk of the RMS Titanic sinking
vs. the passengers' meals being served at slightly the wrong time). the probable increase in cost associated with a risk (cost variance due to risk,
Rc
where Rc = P*C = P*CAR*S = P*S*CAR)
o Sorting on this value puts the highest risks to the budget first. o see concerns about schedule variance as this is a function of it, as
illustrated in the equation above.
Risk in a project or process can be due either to Special Cause Variation or Common Cause Variation and requires appropriate treatment. That is to re-
iterate the concern about extremal cases not being equivalent in the list immediately above.
Risk management activities as applied to project management
In project management, risk management includes the following activities:
Planning how risk will be managed in the particular project. Plan should include
risk management tasks, responsibilities, activities and budget. Assigning a risk officer - a team member other than a project manager who is
responsible for foreseeing potential project problems. Typical characteristic of risk officer is a healthy skepticism.
Maintaining live project risk database. Each risk should have the following
attributes: opening date, title, short description, probability and importance. Optionally a risk may have an assigned person responsible for its resolution and
a date by which the risk must be resolved. Creating anonymous risk reporting channel. Each team member should have
possibility to report risk that he/she foresees in the project. Preparing mitigation plans for risks that are chosen to be mitigated. The
purpose of the mitigation plan is to describe how this particular risk will be
handled – what, when, by who and how will it be done to avoid it or minimize consequences if it becomes a liability.
Project Management (5577)
Muhammad Idrees (03006719422) Page 46
Summarizing planned and faced risks, effectiveness of mitigation activities, and effort spent for the risk management.
Risk management techniques in petroleum and natural gas
For the offshore oil and gas industry, operational risk management is regulated by the safety case regime in many countries. Hazard identification and risk
assessment tools and techniques are described in the international standard
ISO 17776:2000, and organisations such as the IADC (International Association of Drilling Contractors) publish guidelines for HSE Case
development which are based on the ISO standard. Further, diagrammatic representations of hazardous events are often expected by governmental
regulators as part of risk management in safety case submissions; these are known as bow-tie diagrams. The technique is also used by organisations and
regulators in mining, aviation, health, defence, industrial and finance.
Risk management and business continuity
Risk management is simply a practice of systematically selecting cost effective
approaches for minimising the effect of threat realization to the organization. All risks can never be fully avoided or mitigated simply because of financial and
practical limitations. Therefore all organizations have to accept some level of
residual risks.
Whereas risk management tends to be preemptive, business continuity planning (BCP) was invented to deal with the consequences of realised residual
risks. The necessity to have BCP in place arises because even very unlikely events will occur if given enough time. Risk management and BCP are often
mistakenly seen as rivals or overlapping practices. In fact these processes are so tightly tied together that such separation seems artificial. For example, the
risk management process creates important inputs for the BCP (assets, impact assessments, cost estimates etc.). Risk management also proposes applicable
controls for the observed risks. Therefore, risk management covers several
areas that are vital for the BCP process. However, the BCP process goes beyond risk management's preemptive approach and assumes that the
disaster will happen at some point.
Risk communication
Risk communication is a complex cross-disciplinary academic field. Problems
for risk communicators involve how to reach the intended audience, to make the risk comprehensible and relatable to other risks, how to pay appropriate
respect to the audience's values related to the risk, how to predict the audience's response to the communication, etc. A main goal of risk
Project Management (5577)
Muhammad Idrees (03006719422) Page 47
communication is to improve collective and individual decision making. Risk
communication is somewhat related to crisis communication.
Bow tie diagrams
A popular solution to the quest to communicate risks and their treatments
effectively is to use bow tie diagrams. These have been effective, for example, in a public forum to model perceived risks and communicate precautions,
during the planning stage of offshore oil and gas facilities in Scotland. Equally, the technique is used for HAZID (Hazard Identification) workshops of all types,
and results in a high level of engagement. For this reason (amongst others) an increasing number of government regulators for major hazard facilities (MHFs),
offshore oil & gas, aviation, etc. welcome safety case submissions which use diagrammatic representation of risks at their core.
Communication advantages of bow tie diagrams:
Visual illustration of the hazard, its causes, consequences, controls, and how controls fail.
The bow tie diagram can be readily understood at all personnel levels. "A picture paints a thousand words."
Seven cardinal rules for the practice of risk communication
Accept and involve the public/other consumers as legitimate partners. Plan carefully and evaluate your efforts with a focus on your strengths,
weaknesses, opprtunities, and threats.
Listen to the public's specific concerns. Be honest, frank, and open.
Coordinate and collaborate with other credible sources. Meet the needs of the media. Speak clearly and with compassion.
Project Management (5577)
Muhammad Idrees (03006719422) Page 48
References
1. Hubbard, Douglas (2009). The Failure of Risk Management: Why It's Broken
and How to Fix It. John Wiley & Sons. p. 46. 2. ISO/IEC Guide 73:2009 (2009). Risk management — Vocabulary. International
Organization for Standardization. http://www.iso.org/iso/iso_catalogue/catalogue_ics/catalogue_detail_ics.htm?csnumber=44651.
3. ISO/DIS 31000 (2009). Risk management — Principles and guidelines on implementation. International Organization for Standardization.
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=43170.
4. "Committee Draft of ISO 31000 Risk management" (PDF). International
Organization for Standardization. http://www.nsai.ie/uploads/file/N047_Committee_Draft_of_ISO_31000.pdf.
5. CMU/SEI-93-TR-6 Taxonomy-based risk identification in software industry 6. Common Vulnerability and Exposures list
7. Crockford, Neil (1986). An Introduction to Risk Management (2 ed.). Cambridge, UK: Woodhead-Faulkner. p. 18. ISBN 0859413322.
8. Disaster Recovery Journal
9. Dorfman, Mark S. (2007). Introduction to Risk Management and Insurance (9 ed.). Englewood Cliffs, N.J: Prentice Hall. ISBN 0-13-224227-3.
10.IADC HSE Case Guidelines for MODUs 3.2, section 4.7 11.Roehrig, P (2006). "Bet On Governance To Manage Outsourcing Risk". Business
Trends Quarterly. http://www.btquarterly.com/?mc=bet-governance&page=ss-
viewresearch. 12.http://www.bowtiexp.com.au/bowtiexp.asp#aboutBowTies
13.Covello, Vincent T.; Allen., Frederick H. (April 1988). Seven Cardinal Rules of Risk Communication. Washington, DC: U.S. Environmental Protection Agency. OPA-87-020.
Project Management (5577)
Muhammad Idrees (03006719422) Page 49