Organisational Risk Management in Project Management

Organisational insecurity Management in construe ManagementCHAPTER 2 2.1 Preview This chapter provides the reader ab start the manageableness and rule behind the use of Organisational bump of exposure abstract (ORA) on puke instruction and its methodologies available in the market. It aloneow for also cover the work of various authors to reach better understanding of the subjected bea i.e. purpose concern, bump summary and Organisational gamble abstract. The source of entropy of this books review is distinguishedly from books, journals and white papers. 2.2 entryway by this literature review genius prat know what former(a)s understanding ab turn verboten this study i.e. nothing but historical perspectives. First part of the literature focuses on jut out vigilance and gamble abbreviation and fortune depth psychology types, second part of this literature focuses on Organisational danger Analysis (ORA) and Role of ORA in bulge make outment. It mainly concentrates on Project anxiety, stake abridgment and makeupal attempt abridgment. 2.3 Introduction to Project Management PMBOK (Project Management Body of Knowledge as specify by the Project Management Institute PMI)Project foc exploitation is the application of knowledge, skills, tools and techniques to jut out activities to meet ensure requirements. (PMI 2004) jibe to James P. Lewis The Project trouble is facilitating the planning, programming and autocratic of all activities that must be through to progress to object objectives (James P. Lewis 2007) PRINCE 2 estimate c be methodology The planning, monitoring and control of all thoughts of the depict and the motif of all those convolute in it to acquire the suffer objectives on sequence and to the specified cost, quality and performance. A declargon oneself is usually one clock natural process with a well defined set of desired and results. It slew be divided into subtasks that must be acc omplished in order to achieve the project goals. In this day and age also it is assumed that project management earth-closet be enhanced by scientific methods. thither is a truly strong reason why these beliefs be created, it all accounts to the fact that todays modern ball has given professionals numerous amount of opportunities to execute their projects successfully. Such argon the agreeable of investment options that be given to project investors. They atomic number 18 briefed with all the minute details so that they feel that their investment is secure. They also make confident(predicate) that the estimated time of limit and the end arsehole be figure at the beginning of the project itself. The decisions that atomic number 18 interpreted on a technical bum or which argon taken looking at the low opportunity costs that it collapses are reversible in temper. The demand for resources cigarette also be calculated once the initial parameters such(prenominal) as the duration and time frame of the project are estimated. Due to the advancement in technology pull d profess the approximately terrible consequences can be predicted. The failure of the project was due to the lack of skills rather than an in enchant feasibility, suitability or acceptability of the solution. This is a sane acquisition view of project management. (Charette and Robert, 1996) The projection of ideas and activities into new accomplishments are one of the common characteristics of all projects. There are m each different definitions of what constitutes project management such as An unique set of co-ordinated activities, with definite starting and finishing points, undertaken by an individual or a aggroup to meet specific objectives at heart a definite result of time, cost and performance parameters (Office of Government Commerce). (Web4, 2009) J. Pinto and Prescott (1990) stated, seekers in project management subscribe to first and close bigly offer a comprehensi ve, inclusive, and lay down definition of project success before attempting to undertake studies of the project implementation process. (J.Pinto and Prescott, 1990) The modern project management started in 1950s, before this period projects were punish in an un aforethought(ip) manner and the methods and tools used for execution were not professional in nature. The importance of project management is a truly authoritative victoriouss because all disposals i.e. either be they are small or large shapings, those are touch in implementing new accomplishments. These accomplishments whitethorn be diverse, such as, the mitigatement of an innovative product, introducing a new range of products in a manufacturing ignorant, a promotional advertisement or a major construction project. In the eighties the focus was to a greater extent on the quality of work. Globalisation played a huge role in the 1990s as we were toilsome to improve our economy, the 2000s precept projects with decr eased time frames. A new field known as project management was bob uping from all new areas of application which include construction, engineering, tele conferences, and defence. This acclivitous field has now become an important part of our economy as it has weed a string of fabulous results. Hence it is now being utilise by the corporate world as well as the government. Duncan Haughey (2008) explained some main definitions of what project management is Project management is not a unbroken process. It has a definite beginning and end. Project management uses various tools to measure accomplishments and track project tasks. These include Work Breakdown Structures, Gantt charts and PERT charts. Projects frequently deal resources on an ad-hoc basis as opposed to organisations that name only dedicated full-time positions. Project management reduces bump and increases the chance of success. Successful project management is delivering your projects on time, to brief and within bu d set out. (Duncan Haughy, 2008) 2.3.1 Methodology of Project Management According to Bradley (2002) Project management methodology means Project Management Methodology focuses on the project and can be in every industry and any type of projects ranging from construction to aerospace industries and from projects of Financial to IT in nature, it encompasses all projects The above diagram shows the main ingredients of one of the main project management methodology. Some of the elements like project start-up and project closure occur only once. The remaining elements like planning, managing and controlling, form an interactive pass that may repeat many another(prenominal) times before the completion of the project. In other words we can also articulate project management is the orbit of planning, organising and managing resources to bring rough the successful completion of specific projects goals and objectives. Each and every project is different in nature. Any project would dissemble a current amount of run a encounteriness and hence require perfect planning and execution if they fork over to succeed. The main aim of project management is to predict any complications or problems in the project well before hand so that when the project plan is make all these factors can also be taken into amity and hence the chances of the project being completed successfully would be much higher. Al about every project we do in todays business world involve a try of some variety show change in customer needs, unrealistic time scales, in leave staff, poor project specifications , failure to manage user expectations could delay the project. Projects need to be performed and delivered under trustworthy constraints. Traditionally these constraints have been listed as scope, time and quality. This is also called as project management triangle. unmatched ramp of the triangle cannot be changed without affecting others. The time constraint refers to the amount of time available to complete a project, scope refers to what must be make to produce the projects end result and cost refers to the bud stomached amount available for the project. increase Scope ( Increasing Time + Increasing represent Decreasing Time ( Increasing Cost + Reducing Scope Tight Budget ( Increase Time + Reducing Scope. If we modify any of the factors, the other two has to be changed, if not the chance may appear high. and full-dress gamble compendium and risk management can sustain you to assess these risks and decide what action to take to diminish disruptions to your project plans. According to J. Davidson Frame (2007) the elemental outline of project management is described below Project coach-and-fours bear ultimate responsibility for making things happen. Traditionally, they have carried out this role as mere implementers. To do their jobs they needed to have basic administrative and technical competencies. Today they play a far broader role. In entree to the traditional skills, they need to have business skills, customer relations skills, and political skills. Psychologically, they must be results-oriented self-starters with a high tolerance for ambiguity, because little is absolved in todays tumultuous business environment. Shortcomings in any of these areas can lead to project failure. (J. Davidson Frame, 2007) Project management is discipline that applies to any project every smart set has their own way of doing their projects. The project management is not very easy it is totally a leadership position and with technical talent it cannot be done. Project manager without enough experience cannot hold for a long-time on the same project if the assumption of the troupe goes wrong in selecting the project manager it depart be in risk. (Sanjay Murthi, Preventive assay Management for Software Projects) 2.4 stake Analysis The word RISK derives from the early Italian risicare, which means TO DARE. (Websters Dictionary 1989) ad ept of the closely important activities in project management is to post and manage the uncertainties and problems during the project tenure. When dealing with research and development projects it must be made beak of that the do of events present are very high which could alter the course of the project The amount of risk involved in the project would mainly regard on the size of the project. The contractors of the project are the people who deal with the risks of the project, their main duties would involve to identify risks. thence they study them and find as solution so that could attain or minimize them. Apart form this they should also have a clear understanding of the different types of risk involved and ways as to how they can be managed and projects can be completed in a risk free manner. (The Owners Role in Project insecurity Management content Research Council (U.S.A). Committee for Oversight and Assessment of U.S. the national academic press, Washington DC). A report that shows assets, vulnerabilities, likelihood of ravish, estimates of the costs of recovery, summaries of possible defensive measures and their costs and estimated presumptive nest egg from better nurseion. A risk analysis is the process of assessing the level of risk involved, this is also known as a panic and risk estimate. A brat is a harmful act such as the deployment of a virus or illegal network penetration. A risk is the expectation that a threat may succeed and the dominance damage that can occur. (Web1, 2009) gamble analysis allows you to examine the risks that your governing faces. It is the process of systematically identifying and assessing the potentiality risks and uncertainties that occur when trying to achieve a certain goal (like reaching a target income or finishing a project), and then finding a feasible system for most efficiently controlling those risks. The systematic process to understand the nature of and to deduce the level of risk. It provides the basis for risk evaluation and decisions about risk treatment. (AS/NZS 43602004 (p. 4). According to Michael R. Greenberg Risk Analysis ranked among the top 10 journals in the ISI Journal Citation Reports under the social sciences, mathematical methods category is designed to meet the need for organization, consolidation, and communication and provide a focal point for new developments in the field. (Michael R. Greenberg 2008) Evidence from the literature suggests that project managers perform risk analysis because somebody else, e.g. their client, the call forth company or the Government, has demanded it (Boothroyd, 1996 Smith, 1998). The analysis of risk is being increasingly viewed as a field in itself, and the demand for a more orderly and formal treatment of risk is great. This international journal is committed to publishing unfavorable empirical research, conference proceedings, and commentaries dealing with risk issues. In other terms we can say the measur e of risk can be determined as a product of threat, vulnerability and asset shelter in an organisation. Risk = summation * threat * Vulnerability. Risk analysis may play an important role in cost- benefit studies, which compare the costs of a finicky action or project against its potential benefits. It is a systematic study of uncertainties and risks we encounter in business, engineering and many other areas. Risk analysts seek to identify the risks face by an organization or a business unit, understand how and when they arise, and estimate the meet of adverse outcomes. Techniques used in risk analysis include sensitivity analysis, opportunity analysis, subterfuge and modeling. Risk analysis may be used to develop an organizational risk profile, and also may be the first s pronouncee in risk management program. Risk analysis may be undertaken to varying degrees of detail faceing upon the risk, the purpose of the analysis, and the information, data and resources available. I n todays world where competition has become global, it is very important that firms control the different kinds of risk that they are dealing with as it has become an essential part in achieving corporate success. The people who are involved such as customers, investors and others asking companies for complete transparency on their investments. Thus risk analysis is necessary to protect an organisations competitive position. virtually industries are oddly plagued by risks, but it has been slow in realising the potential benefits of sound and systematic risk management (Al-Bahar and Crandall, 1990 Ward et. al. 1991 Thomson and Perry, 1992 Flanagan and Norman, 1993 R after(prenominal)y, 1994 Fellows, 1996 Edward and Bowen, 1998).While coming for the software industries risk analysis and management are a sequential progression that help in guiding a software team in understanding and managing risks. A risk is a potential problem, it might happen, it might not. But regardless of the o utcome it is really good idea to identify it, assess its probability of occurrence, estimate the impact and construct a contingency plan should the problem actually occurs. According to Bernstein the mystery of risk is a critical step in the development of modern society. genius can discuss the validity of his conclusion, but there should be no doubt that risk and uncertainty are important concepts to address for supporting decision-making in many situations. This Risk Analysis may be qualitative, semi-qualitative or numerical or a combination of these three, depending on the circumstances. The criticality of risk analysis doesnt exclusively depend on identifying the risk factors. It also depends on categorizing them according to their threat level. So let us see how the whole concept of risk analysis starts. There are two types of risk analysis. Both these methods are very important in the legal opinion of risk and can be executed in any order. It is very important to under stand the difference between these two risks as there is a very thin line separating them. Those are decimal Risk Analysis qualitative Risk Analysis (Identification of types of risk analysis) 2.5. Quantitative Risk Analysis Quantitative Risk Analysis has become an important component of project management. Quantitative risk analysis attempts to assign independently objective monetary ranges to the components of the risk assessment and to the assessment of the potential liberation. According to chair to the Project Management Body of Knowledge (PMBOK Guide, Third edition 2004, Project Management Institute) Quantitative Risk Analysis is performed on risks that have been prioritized by the qualitative Risk Analysis process as potentially and impregnablely impacting project s completing demands. The Quantitative Risk Analysis process analyzes the effect of those risk events and assigns a numerical rating to those risks. (PMBOK Guide, 2004) This method gives the project manager a foresight as to how the project would progress if risks associated with it would occur. Hence due to this method the project mangers are able to counter these risks and also account to better execution of projects. A quantitative risk analysis offers the following distinct advantages much more neutrality is involved in this assessment offers much more advantages to management when compared to assessment techniques More powerful selling tool to management It is very limber in nature and can be moulded to different situations. It can be adjusted according to the needs of specific industries. Its appeal is very universal in nature and hence does not give rise to much disagreements The base facts of the analysis are very convincing ones. In order to implement quantitative risk analysis, the total estimated abide by that would account to the losses that would occur due to time delay, theft or loss of data is to be calculated. Then a probability analysis is done so that the chance s of the risk occurring can be calculated. After all this is done in the final step the annual loss expectancy is calculated. (Miller). A quantitative risk analysis analyses the results that certain controversial units would have on outcomes that we are most concerned about such as loss, wampum and investment returns. Quantitative risk gives different perspectives on different people To the security consultant To attract newly started businesses by adapting quantitative analysis to nettle projects that were out of reach in the past. If the projects met up to the predicted return on investment then it could serve as a better tool for marketing. To the companys speed management Less vulnerable to company politics time required for assessing proposal validity is very less Inter- relates final results to financial aims and goals. Quantitative risk analysis assists managers in analyzing whether the projects can be completed in a particular time frame and within the required estima ted budget. It also helps in finding out the key parameters that would determine the success or failure of the project. It also helps in finding out whether the project is worth investing in for investors. But all these data should have some historical backing otherwise they would be rendered meaningless. These data should be updated from time to time during the due course of the project taking the actual input parameters into consideration. This in other terms is also known as Garbage In Garbage Out. Even though all this is done project management is subject to certain biases. The most basic solution is to collect data from qualitative project management software. This kind of integration has already been implemented and has been successful in the past as well. Quantitative risk analysis tools initiate Monte Carlo process to find out how risks would have an impact on project schedules. The most well known methods for simulating risks and other problems is Event Chain Methodology. In this methodology all the projects tat are present are effected by certain external parameters which could in turn change the face of the project. These events should be analysed with the help of the qualitative risk management software. This is an important aspect as these measures could give rise to event chains that can alter the course of the project. By finding out these event chains the risks involved can be reduced. Quantitative risk analysis is more related to implementing safety measures when compared to qualitative risk analysis is. This risk analysis when implemented by companies tries to protect the firm from every defined risk. It also helps in determining which counter method can be used for minimizing the risks involved with projects. In this method the risk assessments are generally represented in graphs and probability charts which generates a clear understanding among firms and hence is also favoured by management teams. 2.6 Qualitative Risk Analysis Qualitativ e risk analysis forms as primary source of data for further evaluations. It acts as an initial masking piece for all activities associated with the project to identify the possible risks that may or may not require further analysis (Quantitative). Sometimes managers tend to overlook simple risks which may cause substantial damage while looking for more complex ones which might not be that important. Also studying the project document and technologies used might help identifying certain generic risks. For example, a project which uses widely used or known components poses minimal threats when compared to using first to use or more go technology. Qualitative analysis helps prioritizing such risks according to the level they affect the final project objectives. This helps the managers with the decision making on how best they can plan the project in a safe way. While doing qualitative risk analysis, managers generally tend to include their personal and previous experiences in dealing with similar kind of projects or tasks. They asses the importance of risk factors according to their experience. In this process we first identify what are the main sources from where risk can originate. This is done by conducting interviews and acquiring feedback fro questioners. Then an assessment is done to increase the level of understanding of each risk and the extent to which they could affect the project. For this qualitative risk analysis process there is no probability database required and it is widely used analysis by the organisations. 2.7 Techniques used for Qualitative Analysis The most common methods of obtaining necessary data for screening risks are To know the stakeholders and shareholders interests regarding the current project. Collecting critical information from stakeholders and clients to analyze the final objectives in a realistic way. Understanding the organizational structure and policies to go out the task efficiently. Using effective benchmarking techni ques from projects handled previously. Understanding the key objectives and criticality of each task associated with the project to categorize risks according to their importance. However, after collecting the information and charge the risk factors to different grids or categories, the managers need to decide on the need to go for further investigation and to implement effective risk management plans. In order to do this, every manager should ask themselves a few questions such as What are the critical phases in the project and where the potential risks are going wrong during that phase? The effect of that risk in carrying out the tasks related to the respective phases and how its delaying the overall project. Weather the potential risks can be eliminated by simple methods or changes in the project plan or they are far too complex to minimize without using further analysis and train techniques. When a manager could answer these questions, he would be in a position to effectively plan and implement risk aversion plans by using appropriate tools or techniques. The Qualitative risk analysis gives the manager a true power of information to make his decision. Generally the qualitative risk analysis impart be succeeded by quantitative risk analysis which gives more insight on numbers such as project period, completion dates and budget. 3. Organisational Risk Analysis The combination of a threat and the resulting impact to the organisation defines the risk to the organisation. It is an important task that we asses all the intricate issues that the organisation is facing. Only after this assessment we can know the overall risk that the firm is facing and the appropriate counter methods that can be implemented in minimizing these risks. When a risk assessment is carried out we take an over all perspective on behalf of the organisation. We first find out every major business processes that take rear in the organisation and then we focus on the situations from wher e risks would arise. We then provide detailed list to management of the different types of risk involved so that management can counter with them.. The National Audit Office Report Managing Risks to Improve Public Services ( NAO 2004) determine five key aspects of organisational risk analysis and made recommendations for meliorate organisational risk analysis practice in central government. Sufficient time, resource and top level commitment needs to be devoted to handling risks in an organisation. Responsibility and accountability for risks need to be clear, backed up by scrutiny and robust challenge to provide assurance. In an Organisation, departments need to base their judgements about risks on reliable, timely and up to date information. Risk analysis needs to be applied throughout departments delivery networks. Departments need to continue to develop their understanding of the common risks they share and work together to manage them. An Organisational Risk Analysis is a tool for governance and acquire its Students Paper take summons getting its right is important. Selecting the correct method for performing the analysis is http//www.thefreelibrary.com/Assessing+ organizational+Risk.-a063326228 getting it right is important. Selecting the correct method for performing the assessment is analysis is a critical first step. Successful audit staff or risk analysis team creates evaluation criteria that impart be used to evaluate the risks to the organisation. The analysis team reviews each risk and assigns it an impact value. Successful audit staff uses some basic glide pathes to determine which technique will provide the most value for the organisation. Organisational Risk Analysis is a very important factor while handling projects for all organisations in todays business world. In any project that is undertaken risk is present. It depends on the nature of the project. Some projects are riskier when compared to others this is due to the kind of risk, the technology present and the environment in which they are encountered. Project management has been designed to organise and be in charge of complicated and different business processes in different field such as IT and industrial sectors. (Web2, 2009) This above diagram shows how an organisation relates with other departments like software, technology and environment etc. Handling with any of them causes uncertainties or risks. To overcome those risks associated in projects, ORA (Organisational Risk Analysis) helps. Risk is uncertainty of outcome, and good risk analysis allows an organisation to Have increased confidence in achieving its desired outcomes Effectively constrain threats to acceptable levels Take informed decisions about exploiting opportunities. When ever we will get a change this risk occurs for those organisations. It is important to understand effect of change and the results of change as these are important in devising an appropriate strategy. Those a re Developmental It is a change which enhances or corrects existing aspects of an organisation, often focusing on the progress of a skill or process. Transitional It is episodic, planned and fundamental. Most of the organisational change literature is based on this type of change only. Transformational It is radical in nature it requires a change in assumptions made by the organisation and by its people. Using these types of changes and its characteristics can be placed beside two scales radical- incremental and core- peripheral (Pennington 2003). The diagram above shows us how difficult it is introduce a particular decision into the market and the number of changes that may result in introducing this decision. If major changes are made to the central business then it would initiate a mete out of disturbance. The processes that are associated with the core business can be changed as they can be adjusted in the due course of time this is broadly speaking for firms who are involv ed with continuous melioration. Successful audit staff or risk analysis team generally use any of the three basic approaches. The database approach The algorithm approach The matrix approach Understanding the strengths and weakness of each method is essential for determining which technique will provide the most value for the organisation. 3.1 The Database Approach For assessing any kind of organisational risk, compiling a risk database is a popular method. Here each work group is interviewed and the main products and processes are identified where the risks associated with each process are displayed. These are then stocked in a database from where similar reports can be accessed for reference so that the risk faced by the work unit can be analysed. This database approach is chosen by so many accounting firms and it is favoured by them, which may tag it as risk profiling Students Paper Direct advert the analysis is a critical first step. Successful audit staff or risk http//www. thefreelibrary.com/Assessing+Organizational+Risk.-a063326228 the assessment is a critical first step. Successful audit staffs generally use or risk analysis team creates evaluation criteria that will be used to evaluate the risks to the organisation. The analysis team reviews each risk and assigns it an impact value. Successful audit staff uses some basic approaches to Students Paper Direct Quote approaches to determine which technique will provide the most value for the organisation. Organisational http//www.thefreelibrary.com/Assessing+Organizational+Risk.-a063326228 is essential for determining which technique will provide the most value for the organization. THE organisation. Organisational Risk Analysis is a very important factor while handling projects for all organisations in todays business world. In any project that is undertaken risk is present. It depends on the nature of the project. Some projects are riskier when compared to others this is due to the kind of risk, the technology present and the environment in which they are encountered. Project management has been designed to ordain and be in charge of complicated and different business processes in different field such as IT and industrial sectors. (Web2, 2009) This above diagram shows how an organisation relates with other departments like software, technology and environment etc. Handling with any of them causes uncertainties or risks. To overcome those risks associated in projects, ORA (Organisational Risk Analysis) helps. Risk is uncertainty of outcome, and good risk analysis allows an organisation to Have increased confidence in achieving its desired outcomes Effectively constrain threats to acceptable levels Take informed decisions about exploiting opportunities. When ever we will get a change this risk occurs for those organisations. It is important to understand effect of change and the results of change as these are important in devising an appropriate strategy. Those are D evelopmental It is a change which enhances or corrects existing aspects of an organisation, often focusing on the progress of a skill or process. TransitionalOrganisational Risk Management in Project ManagementOrganisational Risk Management in Project ManagementCHAPTER 2 2.1 Preview This chapter provides the reader about the theory and rationale behind the use of Organisational Risk Analysis (ORA) on project management and its methodologies available in the market. It will also cover the work of different authors to afford better understanding of the subjected area i.e. Project management, Risk analysis and Organisational risk analysis. The source of information of this literature review is mainly from books, journals and white papers. 2.2 Introduction Through this literature review one can know what others understanding about this study i.e. nothing but historical perspectives. First part of the literature focuses on project management and risk analysis and risk analysis types, s econd part of this literature focuses on Organisational Risk Analysis (ORA) and Role of ORA in Project management. It mainly concentrates on Project management, risk analysis and organisational risk analysis. 2.3 Introduction to Project Management PMBOK (Project Management Body of Knowledge as defined by the Project Management Institute PMI)Project management is the application of knowledge, skills, tools and techniques to project activities to meet project requirements. (PMI 2004) According to James P. Lewis The Project management is facilitating the planning, scheduling and controlling of all activities that must be done to achieve project objectives (James P. Lewis 2007) PRINCE 2 project management methodology The planning, monitoring and control of all aspects of the project and the motivation of all those involved in it to achieve the project objectives on time and to the specified cost, quality and performance. A project is usually one time activity with a well defined s et of desired and results. It can be divided into subtasks that must be accomplished in order to achieve the project goals. In this day and age also it is assumed that project management can be enhanced by scientific methods. There is a very strong reason why these beliefs are created, it all accounts to the fact that todays modern world has given professionals numerous amount of opportunities to execute their projects successfully. Such are the kind of investment options that are given to project investors. They are briefed with all the minute details so that they feel that their investment is secure. They also make sure that the estimated time of completion and the end can be calculated at the beginning of the project itself. The decisions that are taken on a technical basis or which are taken looking at the low opportunity costs that it presents are reversible in nature. The demand for resources can also be calculated once the initial parameters such as the duration and time fram e of the project are estimated. Due to the advancement in technology even the most terrible consequences can be predicted. The failure of the project was due to the lack of skills rather than an inappropriate feasibility, suitability or acceptability of the solution. This is a normalscience view of project management. (Charette and Robert, 1996) The projection of ideas and activities into new accomplishments are one of the common characteristics of all projects. There are many different definitions of what constitutes project management such as An unique set of co-ordinated activities, with definite starting and finishing points, undertaken by an individual or a team to meet specific objectives within a definite period of time, cost and performance parameters (Office of Government Commerce). (Web4, 2009) J. Pinto and Prescott (1990) stated, Researchers in project management need to first and most importantly offer a comprehensive, inclusive, and clear definition of project success before attempting to undertake studies of the project implementation process. (J.Pinto and Prescott, 1990) The modern project management started in 1950s, before this period projects were executed in an unplanned manner and the methods and tools used for execution were not professional in nature. The importance of project management is a very important topic because all organisations i.e. either be they are small or large organisations, those are involved in implementing new accomplishments. These accomplishments may be diverse, such as, the improvement of an innovative product, introducing a new range of products in a manufacturing base, a promotional advertisement or a major construction project. In the 1980s the focus was more on the quality of work. Globalisation played a huge role in the 1990s as we were trying to improve our economy, the 2000s saw projects with decreased time frames. A new field known as project management was developing from all new areas of application which included construction, engineering, telecommunications, and defence. This emerging field has now become an important part of our economy as it has produced a string of fabulous results. Hence it is now being applied by the corporate world as well as the government. Duncan Haughey (2008) explained some main definitions of what project management is Project management is not a continuous process. It has a definite beginning and end. Project management uses various tools to measure accomplishments and track project tasks. These include Work Breakdown Structures, Gantt charts and PERT charts. Projects frequently need resources on an ad-hoc basis as opposed to organisations that have only dedicated full-time positions. Project management reduces risk and increases the chance of success. Successful project management is delivering your projects on time, to brief and within budget. (Duncan Haughy, 2008) 2.3.1 Methodology of Project Management According to Bradley (2002) Project managemen t methodology means Project Management Methodology focuses on the project and can be in any industry and any type of projects ranging from construction to aerospace industries and from projects of Financial to IT in nature, it encompasses all projects The above diagram shows the main components of one of the main project management methodology. Some of the elements like project start-up and project closure occur only once. The remaining elements like planning, managing and controlling, form an interactive cycle that may repeat many times before the completion of the project. In other words we can also say project management is the discipline of planning, organising and managing resources to bring about the successful completion of specific projects goals and objectives. Each and every project is different in nature. Any project would involve a certain amount of risk and hence require perfect planning and execution if they have to succeed. The main aim of project management is to pr edict any complications or problems in the project well before hand so that when the project plan is made all these factors can also be taken into consideration and hence the chances of the project being completed successfully would be much higher. Almost every project we do in todays business world involve a risk of some kind change in customer needs, unrealistic time scales, inappropriate staff, poor project specifications , failure to manage user expectations could delay the project. Projects need to be performed and delivered under certain constraints. Traditionally these constraints have been listed as scope, time and quality. This is also called as project management triangle. One side of the triangle cannot be changed without affecting others. The time constraint refers to the amount of time available to complete a project, scope refers to what must be done to produce the projects end result and cost refers to the budgeted amount available for the project. Increasing Scope ( Increasing Time + Increasing Cost Decreasing Time ( Increasing Cost + Reducing Scope Tight Budget ( Increase Time + Reducing Scope. If we modify any of the factors, the other two has to be changed, if not the risk may appear high. But formal risk analysis and risk management can help you to assess these risks and decide what action to take to minimize disruptions to your project plans. According to J. Davidson Frame (2007) the basic outline of project management is described below Project managers bear ultimate responsibility for making things happen. Traditionally, they have carried out this role as mere implementers. To do their jobs they needed to have basic administrative and technical competencies. Today they play a far broader role. In addition to the traditional skills, they need to have business skills, customer relations skills, and political skills. Psychologically, they must be results-oriented self-starters with a high tolerance for ambiguity, because little is clear-c ut in todays tumultuous business environment. Shortcomings in any of these areas can lead to project failure. (J. Davidson Frame, 2007) Project management is discipline that applies to any project every company has their own way of doing their projects. The project management is not very easy it is totally a leadership position and with technical talent it cannot be done. Project manager without enough experience cannot hold for a long-time on the same project if the assumption of the company goes wrong in selecting the project manager it will be in risk. (Sanjay Murthi, Preventive Risk Management for Software Projects) 2.4 Risk Analysis The word RISK derives from the early Italian risicare, which means TO DARE. (Websters Dictionary 1989) One of the most important activities in project management is to identify and manage the uncertainties and problems during the project tenure. When dealing with research and development projects it must be made note of that the number of events p resent are very high which could alter the course of the project The amount of risk involved in the project would mainly depend on the size of the project. The contractors of the project are the people who deal with the risks of the project, their main duties would involve to identify risks. Then they study them and find as solution so that could remove or minimize them. Apart form this they should also have a clear understanding of the different types of risk involved and ways as to how they can be managed and projects can be completed in a risk free manner. (The Owners Role in Project Risk Management National Research Council (U.S.A). Committee for Oversight and Assessment of U.S. the national academic press, Washington DC). A report that shows assets, vulnerabilities, likelihood of damage, estimates of the costs of recovery, summaries of possible defensive measures and their costs and estimated probable savings from better protection. A risk analysis is the process of assessin g the level of risk involved, this is also known as a threat and risk assessment. A threat is a harmful act such as the deployment of a virus or illegal network penetration. A risk is the expectation that a threat may succeed and the potential damage that can occur. (Web1, 2009) Risk analysis allows you to examine the risks that your organization faces. It is the process of systematically identifying and assessing the potential risks and uncertainties that occur when trying to achieve a certain goal (like reaching a target income or finishing a project), and then finding a feasible strategy for most efficiently controlling those risks. The systematic process to understand the nature of and to deduce the level of risk. It provides the basis for risk evaluation and decisions about risk treatment. (AS/NZS 43602004 (p. 4). According to Michael R. Greenberg Risk Analysis ranked among the top 10 journals in the ISI Journal Citation Reports under the social sciences, mathematical methods category is designed to meet the need for organization, integration, and communication and provide a focal point for new developments in the field. (Michael R. Greenberg 2008) Evidence from the literature suggests that project managers perform risk analysis because somebody else, e.g. their client, the parent company or the Government, has demanded it (Boothroyd, 1996 Smith, 1998). The analysis of risk is being increasingly viewed as a field in itself, and the demand for a more orderly and formal treatment of risk is great. This international journal is committed to publishing critical empirical research, conference proceedings, and commentaries dealing with risk issues. In other terms we can say the measure of risk can be determined as a product of threat, vulnerability and asset value in an organisation. Risk = Asset * Threat * Vulnerability. Risk analysis may play an important role in cost- benefit studies, which compare the costs of a particular action or project against its po tential benefits. It is a systematic study of uncertainties and risks we encounter in business, engineering and many other areas. Risk analysts seek to identify the risks faced by an organization or a business unit, understand how and when they arise, and estimate the impact of adverse outcomes. Techniques used in risk analysis include sensitivity analysis, probability analysis, simulation and modeling. Risk analysis may be used to develop an organizational risk profile, and also may be the first stage in risk management program. Risk analysis may be undertaken to varying degrees of detail depending upon the risk, the purpose of the analysis, and the information, data and resources available. In todays world where competition has become global, it is very important that firms control the different kinds of risk that they are dealing with as it has become an essential part in achieving corporate success. The people who are involved such as customers, investors and others asking comp anies for complete transparency on their investments. Thus risk analysis is necessary to protect an organisations competitive position. Most industries are particularly plagued by risks, but it has been slow in realising the potential benefits of sound and systematic risk management (Al-Bahar and Crandall, 1990 Ward et. al. 1991 Thomson and Perry, 1992 Flanagan and Norman, 1993 Raftery, 1994 Fellows, 1996 Edward and Bowen, 1998).While coming for the software industries risk analysis and management are a sequential progression that help in guiding a software team in understanding and managing risks. A risk is a potential problem, it might happen, it might not. But regardless of the outcome it is really good idea to identify it, assess its probability of occurrence, estimate the impact and establish a contingency plan should the problem actually occurs. According to Bernstein the mystery of risk is a critical step in the development of modern society. One can discuss the validity of his conclusion, but there should be no doubt that risk and uncertainty are important concepts to address for supporting decision-making in many situations. This Risk Analysis may be qualitative, semi-qualitative or quantitative or a combination of these three, depending on the circumstances. The criticality of risk analysis doesnt wholly depend on identifying the risk factors. It also depends on categorizing them according to their threat level. So let us see how the whole concept of risk analysis starts. There are two types of risk analysis. Both these methods are very important in the assessment of risk and can be executed in any order. It is very important to understand the difference between these two risks as there is a very thin line separating them. Those are Quantitative Risk Analysis Qualitative Risk Analysis (Identification of types of risk analysis) 2.5. Quantitative Risk Analysis Quantitative Risk Analysis has become an important component of project management. Quanti tative risk analysis attempts to assign independently objective monetary values to the components of the risk assessment and to the assessment of the potential loss. According to Guide to the Project Management Body of Knowledge (PMBOK Guide, Third edition 2004, Project Management Institute) Quantitative Risk Analysis is performed on risks that have been prioritized by the Qualitative Risk Analysis process as potentially and substantially impacting project s completing demands. The Quantitative Risk Analysis process analyzes the effect of those risk events and assigns a numerical rating to those risks. (PMBOK Guide, 2004) This method gives the project manager a foresight as to how the project would progress if risks associated with it would occur. Hence due to this method the project mangers are able to counter these risks and also account to better execution of projects. A quantitative risk analysis offers the following distinct advantages much more neutrality is involved in this assessment offers much more advantages to management when compared to assessment techniques More powerful selling tool to management It is very flexible in nature and can be moulded to different situations. It can be adjusted according to the needs of specific industries. Its appeal is very universal in nature and hence does not give rise to much disagreements The base facts of the analysis are very convincing ones. In order to implement quantitative risk analysis, the total estimated value that would account to the losses that would occur due to time delay, theft or loss of data is to be calculated. Then a probability analysis is done so that the chances of the risk occurring can be calculated. After all this is done in the final step the annual loss expectancy is calculated. (Miller). A quantitative risk analysis analyses the results that certain controversial units would have on outcomes that we are most concerned about such as loss, profit and investment returns. Quantitati ve risk gives different perspectives on different people To the security consultant To attract newly started businesses by adapting quantitative analysis to access projects that were out of reach in the past. If the projects met up to the predicted return on investment then it could serve as a better tool for marketing. To the companys upper management Less vulnerable to company politics time required for assessing proposal validity is very less Inter- relates final results to financial aims and goals. Quantitative risk analysis assists managers in analyzing whether the projects can be completed in a particular time frame and within the required estimated budget. It also helps in finding out the key parameters that would determine the success or failure of the project. It also helps in finding out whether the project is worth investing in for investors. But all these data should have some historical backing otherwise they would be rendered meaningless. These data should be updated from time to time during the due course of the project taking the actual input parameters into consideration. This in other terms is also known as Garbage In Garbage Out. Even though all this is done project management is subject to certain biases. The most basic solution is to collect data from qualitative project management software. This kind of integration has already been implemented and has been successful in the past as well. Quantitative risk analysis tools initiate Monte Carlo process to find out how risks would have an impact on project schedules. The most well known methods for simulating risks and other problems is Event Chain Methodology. In this methodology all the projects tat are present are effected by certain external parameters which could in turn change the face of the project. These events should be analysed with the help of the qualitative risk management software. This is an important aspect as these measures could give rise to event chains that can alter t he course of the project. By finding out these event chains the risks involved can be reduced. Quantitative risk analysis is more related to implementing safety measures when compared to qualitative risk analysis is. This risk analysis when implemented by companies tries to protect the firm from every defined risk. It also helps in determining which counter method can be used for minimizing the risks involved with projects. In this method the risk assessments are generally represented in graphs and probability charts which generates a clear understanding among firms and hence is also favoured by management teams. 2.6 Qualitative Risk Analysis Qualitative risk analysis forms as primary source of data for further evaluations. It acts as an initial screening for all activities associated with the project to identify the possible risks that may or may not require further analysis (Quantitative). Sometimes managers tend to overlook simple risks which may cause substantial damage while l ooking for more complex ones which might not be that important. Also studying the project document and technologies used might help identifying certain generic risks. For example, a project which uses widely used or known components poses minimal threats when compared to using first to use or more advanced technology. Qualitative analysis helps prioritizing such risks according to the level they affect the final project objectives. This helps the managers with the decision making on how best they can plan the project in a safe way. While doing qualitative risk analysis, managers generally tend to include their personal and previous experiences in dealing with similar kind of projects or tasks. They asses the importance of risk factors according to their experience. In this process we first identify what are the main sources from where risk can originate. This is done by conducting interviews and getting feedback fro questioners. Then an assessment is done to increase the level of un derstanding of each risk and the extent to which they could affect the project. For this qualitative risk analysis process there is no probability database required and it is widely used analysis by the organisations. 2.7 Techniques used for Qualitative Analysis The most common methods of obtaining necessary data for screening risks are To know the stakeholders and shareholders interests regarding the current project. Collecting critical information from stakeholders and clients to analyze the final objectives in a realistic way. Understanding the organizational structure and policies to carry out the task efficiently. Using effective benchmarking techniques from projects handled previously. Understanding the key objectives and criticality of each task associated with the project to categorize risks according to their importance. However, after collecting the information and assigning the risk factors to different grids or categories, the managers need to decide on the need to go fo r further investigation and to implement effective risk management plans. In order to do this, every manager should ask themselves a few questions such as What are the critical phases in the project and where the potential risks are going wrong during that phase? The effect of that risk in carrying out the tasks related to the respective phases and how its delaying the overall project. Weather the potential risks can be eliminated by simple methods or changes in the project plan or they are far too complex to minimize without using further analysis and sophisticated techniques. When a manager could answer these questions, he would be in a position to effectively plan and implement risk aversion plans by using appropriate tools or techniques. The Qualitative risk analysis gives the manager a true power of information to make his decision. Generally the qualitative risk analysis will be succeeded by quantitative risk analysis which gives more insight on numbers such as project period, completion dates and budget. 3. Organisational Risk Analysis The combination of a threat and the resulting impact to the organisation defines the risk to the organisation. It is an important task that we asses all the intricate issues that the organisation is facing. Only after this assessment we can know the overall risk that the firm is facing and the appropriate counter methods that can be implemented in minimizing these risks. When a risk assessment is carried out we take an over all perspective on behalf of the organisation. We first find out every major business processes that take place in the organisation and then we focus on the situations from where risks would arise. We then provide detailed list to management of the different types of risk involved so that management can counter with them.. The National Audit Office Report Managing Risks to Improve Public Services ( NAO 2004) identified five key aspects of organisational risk analysis and made recommendations for impr oving organisational risk analysis practice in central government. Sufficient time, resource and top level commitment needs to be devoted to handling risks in an organisation. Responsibility and accountability for risks need to be clear, backed up by scrutiny and robust challenge to provide assurance. In an Organisation, departments need to base their judgements about risks on reliable, timely and up to date information. Risk analysis needs to be applied throughout departments delivery networks. Departments need to continue to develop their understanding of the common risks they share and work together to manage them. An Organisational Risk Analysis is a tool for governance and getting its Students Paper Direct Quote getting its right is important. Selecting the correct method for performing the analysis is http//www.thefreelibrary.com/Assessing+Organizational+Risk.-a063326228 getting it right is important. Selecting the correct method for performing the assessment is analy sis is a critical first step. Successful audit staff or risk analysis team creates evaluation criteria that will be used to evaluate the risks to the organisation. The analysis team reviews each risk and assigns it an impact value. Successful audit staff uses some basic approaches to determine which technique will provide the most value for the organisation. Organisational Risk Analysis is a very important factor while handling projects for all organisations in todays business world. In any project that is undertaken risk is present. It depends on the nature of the project. Some projects are riskier when compared to others this is due to the kind of risk, the technology present and the environment in which they are encountered. Project management has been designed to coordinate and be in charge of complicated and different business processes in different field such as IT and industrial sectors. (Web2, 2009) This above diagram shows how an organisation relates with other departments like software, technology and environment etc. Handling with any of them causes uncertainties or risks. To overcome those risks associated in projects, ORA (Organisational Risk Analysis) helps. Risk is uncertainty of outcome, and good risk analysis allows an organisation to Have increased confidence in achieving its desired outcomes Effectively constrain threats to acceptable levels Take informed decisions about exploiting opportunities. When ever we will get a change this risk occurs for those organisations. It is important to understand effect of change and the results of change as these are important in devising an appropriate strategy. Those are Developmental It is a change which enhances or corrects existing aspects of an organisation, often focusing on the progress of a skill or process. Transitional It is episodic, planned and fundamental. Most of the organisational change literature is based on this type of change only. Transformational It is radical in nature it require s a change in assumptions made by the organisation and by its people. Using these types of changes and its characteristics can be placed beside two scales radical- incremental and core- peripheral (Pennington 2003). The diagram above shows us how difficult it is introduce a particular decision into the market and the number of changes that may result in introducing this decision. If major changes are made to the central business then it would initiate a lot of disturbance. The processes that are associated with the core business can be changed as they can be adjusted in the due course of time this is mostly for firms who are involved with continuous improvement. Successful audit staff or risk analysis team generally use any of the three basic approaches. The database approach The algorithm approach The matrix approach Understanding the strengths and weakness of each method is essential for determining which technique will provide the most value for the organisation. 3.1 The Databas e Approach For assessing any kind of organisational risk, compiling a risk database is a popular method. Here each work group is interviewed and the main products and processes are identified where the risks associated with each process are displayed. These are then stocked in a database from where similar reports can be accessed for reference so that the risk faced by the work unit can be analysed. This database approach is chosen by so many accounting firms and it is favoured by them, which may tag it as risk profiling Students Paper Direct Quote the analysis is a critical first step. Successful audit staff or risk http//www.thefreelibrary.com/Assessing+Organizational+Risk.-a063326228 the assessment is a critical first step. Successful audit staffs generally use or risk analysis team creates evaluation criteria that will be used to evaluate the risks to the organisation. The analysis team reviews each risk and assigns it an impact value. Successful audit staff uses some basic approaches to Students Paper Direct Quote approaches to determine which technique will provide the most value for the organisation. Organisational http//www.thefreelibrary.com/Assessing+Organizational+Risk.-a063326228 is essential for determining which technique will provide the most value for the organization. THE organisation. Organisational Risk Analysis is a very important factor while handling projects for all organisations in todays business world. In any project that is undertaken risk is present. It depends on the nature of the project. Some projects are riskier when compared to others this is due to the kind of risk, the technology present and the environment in which they are encountered. Project management has been designed to coordinate and be in charge of complicated and different business processes in different field such as IT and industrial sectors. (Web2, 2009) This above diagram shows how an organisation relates with other departments like software, techno logy and environment etc. Handling with any of them causes uncertainties or risks. To overcome those risks associated in projects, ORA (Organisational Risk Analysis) helps. Risk is uncertainty of outcome, and good risk analysis allows an organisation to Have increased confidence in achieving its desired outcomes Effectively constrain threats to acceptable levels Take informed decisions about exploiting opportunities. When ever we will get a change this risk occurs for those organisations. It is important to understand effect of change and the results of change as these are important in devising an appropriate strategy. Those are Developmental It is a change which enhances or corrects existing aspects of an organisation, often focusing on the progress of a skill or process. Transitional