Domain 03 - Risk Analysis 4Perform Qualitative Risk Analysis Qualitative risk analysis evaluates the importance of each risk in order to categorize and prioritize individual risks for further attention. It also provides a mechanism for evaluating the level of overall Portfolio, program, or project risk.Purpose Of Perform Qualitative Risk Analysi€9 Qualitative techniques are used to gain a better understanding of individual risks. Qualitative techniques consider a range of characteristics such as probability or likelihood of occurrence, degree of impact on the objectives, manageability, timing of possible impacts, relationships with other risks, and common causes or effects. Assessing individual risks using qualitative risk analysis evaluates the probability that each risk, if it occurs, would have on the portfolio, program, or project objectives. This assessment does not directly address the overall risk that results from the combined effect of all risks and their potential interactions with each other. This can, however, be achieved through the use of quantitative risk analysis techniques.Purpose Of Perform Qualitative Risk Analysi€9 Qualitative risk analysis is applied to the list of risks created or updated by the Identify Risks process to provide management with the characteristics of the risks that have the most influence (positive or negative) on achieving the objectives. Risks that are assessed as high priority, which either threaten or enhance the achievement of objectives, are highlighted in the Plan Risk:Responses process. These risks may be further analyzed using quantitative risk analysis Low priority risks will be kept in watch list.Perform Quantitative Risk Analysis &4 The Perform Quantitative Risk Analysis process provides insight into the combined effect of identified risks on the desired outcome. This process takes into account probabilistic or component-wide effects, such as correlation between risks, interdependency, and feedback oops. It provides an indication of the degree of overall isk faced}by the portfolio, program, project.Purpose Of Perform Quantitative Risk Analy$3 The Perform Quantitative Risk Analysis process provides a numerical estimate of the overall effect of risk on the objectives. Results from this analysis are used to > evaluate the likelihood of success in achievirig objectives. > Estimate any contingency reserves. Quantitative risk analysis is not always required or possible. Therefore, during the Plan Risk Management process, the benefits. of quantitative risk analysis should be weighed against the effort required to ensure that the additional insights and value justify the additional effort. The risks that threaten objectives beyond the stakeholders’ tolerance may be targeted for vigorous risk responses aimed at protecting the objectives that are most important to the stakeholders. DuHUBsPor Sinan se 72Qualitative and Quantitative Project risk &4 Amatysis The evaluation of risks at the project level is performed by taking into account the degree of impact on the project objectives and probability of occurrence: The purpose of these analyses is to evaluate whether or not the impact can be contained within the limits of the project budget and the boundary, oPaccountability of the project manager. Risks that have ah impact evaluated as cortainable within the limits of accountability of the project manager and team are dealt with in the project risk management plan and strategy. Every risk impact that exceeds the limits of accountabi level. escalated to the appropriate governance When the impact of the risk is determined to be containable within the limit of the project budget and accountability of the project manager and team, it is addressed at the project level. DuHUBsPor sisaas-058 7512Program Risk Qualitative And Quantitative &4 Analyses Evaluation of the risks at the program level is performed by taking into account the depth of each isk’s impact on the realization of the expected [Link] the development of the expected organizational capability. The aim of these analyses is to evaluate whethér or not the impact can be contained within the limits of the program budget. When the impact affects the ability ofthe program to deliver its benefits or organizational capabilities, then the risk is addressed at the program level. When the impact affects the ability of the organization to deliver the performance and value expected to be obtained from the benefits and capabilities created by the program, then the risk and its treatment are escalated to the enterprise or portfolio domain. The risk and its treatment are escalated when the risk affects the expected financial and operational performance anticipated from the new capabilities beyond the agreed thresholds.Portfolio Risk Qualitative And Quantitative &4 Analyses ‘The evaluation of risks at the portfolio level is performed by taking into account the impact of risks on the realization of the expected business performance or the execution of the organizational strategy. One of the reasons these analyses are conducted is [Link] whether the level of impact can be contained within the scope of the portfolio manager's accountability. When the impact brects the portol’s buys performance or strategie objectives, then the impacts typically addressed at the portfolio level id an operational manner. When the impact affects the ability of the organization to execute strategy and realize the intended value, the risk and responsibility to respond to the risk is escalated to a higher governance level.Inputs, Tools and Techniques, &4 and Output The t of the inputs, tools and techniques, and outputs of Perform Qualitative Risk Analysis ‘© Affinity Diagrams + Risk register + Analytic Hierarehy Process + Project documents updates + Risk management plan ‘© Influence Diagrams + Scope baseline + Nominal Group Technique + Enterprise + Probability And impact environmental factors Matrix + Organizational process a et Ae assets + Assessment Of Other Risk Parameters ‘© System DynamicsInputs The inputs required to Perform Qualitative Risk Analysis Risk register Risk management plan Scope baseline Enterprise environmental factors Organizational process assets & pee Contains the list of identified risks. Contains important information on roles and assignments in risk management, risk categories, the probability and impact matrix, scheduled activities for risk management, and revised stakeholders’ risk tolerances. Projects with first-of-its-kind technology will have more uncertainties and this will be addressed in scope baseline, Provide insight and context to risk assessment, like industry studies of similar projects by risk specialists, risk databases available from the industry, or proprietary sources. Include information on prior completed projects of similar scope.Tools and Techniques - Affinity Diagrams An affinity diagram is used to organize specific ideas or factors that contribute to a risk. It helps to sort risks by similarities or generic risk categories.Tools and Techniques - Analytic Hierarchy Proces$ 9 Analytical Hierarchy Process (AHP) is a tool used to determine the preferences for achieving the project objectives. 1 Equally Preferred 2 Mildly preferred 3 Moderately preferred 4 Greatly preferred 5 Always preferred t Instep 1, Preference factors are determined, Input Mati PreferenceFactos) a coe tnstep 2, 2s aaa. | 020 Each constraint is compared to one soo GRR srother and scored. Quality is always ne) 22) preferred to cost. Then calculate “preference factor foreach and score. Cost 005 O12 01 ‘Example: 1/13=.08 Then Time 031 016 016 01502 QUIN ETE CHEHrOWTO etermine preference li Scope 023 016 0:16 01502 ‘of quality, scope, time Quality 038 064 063 059 06 cael teh ERE :Tools and Techniques - Influence Diagrams &4 ‘An influence diagram is a diagrammatic representation of a situation showing the main entities, decision points, uncertainties, and outcomes, indicating the relationships (influences) between them. When combined with sensitivity analysis or Monte Carlo simulation, the influence diagram can identify risks to reveal their sources. DuHUBsPor sercesndabtnot comTools and Techniques - Nominal Group Technique ‘The nominal group technique is an adaptation of brainstorming where participants share and discuss all issues before evaluation, with each participant participating equally in evaluation, Cece Cigar) corn and group brainstorming eee Fast and effectiveTools and Techniques - Nominal Group Technique The process to perform Nominal Group Technique (NG — OD rrsicne _— meeting Introduce the participants (between 6 and 8) Introduce the | maa Define the scope in facilitator J Start the meeting and state the rules, |mmp| time, and process Oia writes down Facilitator writes '==p| down the first risk of each participant the second risk of each RS) Fil up the list of identifie =>) tisks (prioritized) articipant a Ocapmcaaiins creates his/her own risk list Each participants orders his/her risks Consolidate the finalTools and Techniques - Probability And Impact Matrix 3 ‘A probability and impact matrix allows the user to prioritize risks for further analysis or responses. It helps to distinguish between those risks that will have a minor impact on business activities and those that will have a major impact. It usually classifies risks according to theifimpact probability, such as very high, high, moderate, low, and very low. al-lel=|= “Impact (Opportunies) DuHUBsPor serena 08 TETools and Techniques - Risk Data Quality Analysis &4 Results of the risk analysis are only as good as the data collected. Review of the reliability and sufficiency of the data ensures that the analysis is based on high-quality information. Data that are deemed to be of lesser quality may be further researched or excluded from the rigk analysis. Care should be taken when excluding poor quality data to avoid a less-than-robust qualitative analysis. It is necessary to be unbiased in data gathering, which is important when relying on expert judgment for information, DuHUBsPor sercesndabtnot comTools and Techniques - Assessment Of Other Risk Parameters ¢ Other characteristics of risk (in addition to probability and impact) can be considered when prioritizing risks for further analysis and action. These characteristics may include but are not limited to: Urgency. The period of time within which a response to a risk is to be implemented in order to be effective. Ashort period indicates high urgency. Proximity. The period of time before a risk might have an impact on one or more objectives. A short period indicates high proximity. | Detectability. The ease with which the results ofa risk occurring, or being about to occur, can be detected and recognized. When the risk occurrence can be detected easily, detectability is high. Dormancy. The period of time that may elapse after a risk has occurred before its impact is discovered. A short period indicates low dormancy. ‘Manageability. The ease with which a risk owner (or owning organization) can manage the occurrence or impact of a risk. When management is easy, manageability is high.Tools and Techniques - Assessment Of Other Risk Parameters (con 9 Other characteristics of risk (in addition to probability and impact) can be considered when prioritizing risks for further analysis and action. These characteristics may include but are not limited to: Controllability. The degree to which a risk owner (or owning organization) is able to control the risk’s outcome. When the outcome can be controlled easily, controllability is high. Connectivity. The extent to which a risk is related to other individual risks. When a risk is connected to many other risks, connectivity js high. Strategic impact. The potential for a risk to have a positive or negative effect on the organization's strategic goals. When a risk has a major effect on strategic goals, strategic impact is high. Stakeholder impact. The degree to which a risk is perceived to matter by one or more stakeholders. When a risk is perceived as very significant, stakeholder impact is high.Tools and Techniques - System Dynamics &4 System dynamics (SD) is a particular application of influence diagrams and can be used to further identify risks within a given situation. The SD model represents entities and information flows, and analysis of the ‘model can reveal feedback and feed-forward loops that |é@d to uncertainty or instability. In addition, the results of an SD analysis can show the impact of risk events on overall results. Analyses of changes in the ‘model or assumptions can indicate the system's sefsitvity to specific events, some of which may be risks. System dynamics exposes unexpected interrelationships between elements (feedback and feed-forward loops). It can genetate counterintuitive perspectives not available through other techniques. The result is a view of the overall impact of all included zis. ee CainerTools and Techniques - System Dynamics &4 The System Dynamics (SD) model represents the flow of information and interactions among stakeholders or teams on a project Gas otOutput &4 Following is the Output required to Perform Qualitative Risk Analysis: The project documents updates include risk register updates and assumptions log updates. Updates to the risk register include new information based on qualitative risk analysis Of individual risks like probability, impact, ranking, urgency, as well as categorization; ‘and watch list for high-priority and low-priority risks respectively. ‘Assumptions log updates are required if there is any change in the assumptions due to analysis. This may be updated in a project scope statement.Document the Results &4 The probability, impact, and priority (specific objective or overall project) of risks are documented in the risk register. + The risk register lists the prioritized risks, which are posted to stakeholders for further analysis or action. + Risks of high priority are analyzed futher and monitored frequently. + Risks of low priority are under watch list and are reviewed less often for changes in their status. DuHUBsPor sercesndabtnot comKey Success Factors For Qualitative Risk Analysis ‘Success in achieving the objectives of the Perform Qualitative Risk Analysis process includes, but is not limited to: v Use agreed approach, > Use agreed definitions of risk terms, > Collect credible information about risks, and, > Perform iterative qualitative risk analysis.Inputs, Tools and Techniques, and Output The inputs, tools and techniques, and outputs required for Perform Qua (eee + Risk register + Risk management plan + Cost management plan + Schedule management plan + Enterprise environmental factors + Organizational process assets, & ive Risk Analysis + Project documents updates Contingency Reserve Estimation Decision Tree Analysis Estimating Techniques Applied To Probability And Impact Expected Monetary Value FMEA/Fauit Tree Analysis. Monte Carlo simulation Pert (Program Or Project Evaluation And Review Technique)Inputs &4 The inputs required for Perform Quantitative Risk Analysis proce: Risk register Identifies and categorizes risks, potential risk responses, and triggers warning signs. RE TnanSaerneTa Includes roles and responsibilities, budgets and schedule for risk management activities, Risk Fant Breakdown Structure (RBS), risk categories, probability and impact matrix, and risk tolerances. Cost management Establishes the criteria for making plans, structuring, preparing an estimate, plan budgeting, and establishing control over project costs. Schedule Knows the scheduling methodology, the scheduling tool(s) to be used, and the format and areeerter pen established criteria for developing and controlling the project schedule. Provide context and insight to risk assessment, such as industry studies conducted by risk Ene ones specialists for similar projects, and risk databases obtained from proprietary sources or the environmental factors *Pe Designated as higher impact for threats ohopportunities as they move from very low to very high for a specific obje > Defined by the organization as causing the same amount of pain or gain for each level across objectives, and > Tailored or scaled by stakeholders to the specific work. The definitions, appropriately tailored, can be used for opportunities and threats. Ifa risk’s impact is uncertain and could be assigned to more than one level of impact (e.g., from moderate to high), the analyst may choose to assign the risk to the impact level that represents the expected or average impact. Alternatively, the risk may be flagged for extra analysis in order to reduce the range of uncertainty to fit within a single range. eee CainerTools and Techniques - FMEA/Fault Tree Analysis (1) &4 Failure modes and effects analysis (FMEA) or fault tree analysis uses a model structured to identify the various elements that can cause system failure by themselves, or in combination with others, based on the logic of the system. Fault tree analysis is often used in engineering contexts. It can be adapted for use to identify risks by analyzing how risk impacts mightt arise, or the probability of failure (or of reliability, mean time between failure, etc.) of the overall system, indicating the level of quality of the system or product. If the level of reliability is not acceptable, the fault tree can indicate where the system can be made more reliable; therefore, it is useful in the design and engineering phase of a program or project. Failure-mode effect analysis assesses and analyzes the potential reliability of a system and/or products. Itis used together with failure-mode effect and criticality analysis as part of the general program to assess reliability of a system and potential failure modes. Using historical data, the analysis of similar products/services, warranty data, customer data complaints, and any other information available may lead to the use of inferential statistics, mathematical modeling, simulations, concurrent engineering, and reliability engineering to identify and define possible failures. ee CainerTools and Techniques - FMEA/Fault Tree Analysis (2) 4 ‘This model is structured to identify the points of failure that are risks by themselves, or in combinations with one another. P= ,001 oF in 1000 ifthe 5000 cars use the road every year then its antiipated that Sto 6 crashes May occur Failure-mode effect and efticalty analysis (FMECA) isthe logical extension of FMEA. It evaluates the cticalty and probability of ‘occurrence ofthe failure modes,Tools and Techniques - Monte Carlo Simulation 3 The uses of Monte Carlo analysis: Uses the optimistic, most likely, and pessimistic estimates. Simulates various outcomes. Predicts a range of possible results. Used to predict likely outcome for schedules and costs. Uses sophisticated Software applications. Effective with large number of inputs. Effective while predicting business risks. DuHUBsPor sercesndabtnot comMonte Carlo Analysis The uses of Monte Carlo analysis: Beta Distribution ‘Triangular Distribution Uniform Allow for broader consideration around Is the more conservative distribution and the most likely but is more difficult to recommended if ite else is known beside configure. itis used when there isa high the worst case, best case, and most likely. degree of confidence in the most likely value. & Used when al estimates are the same, The item can not change.Monte Carlo Analysis &4 The uses of Monte Carlo analysis: Normal distribution ‘Standard normal distribution phenomena such as people's heights. Examples of variables | DuHUBsPor sercesndabtnot comMONTE CARLO SIMULATION FOR SCHEDULE RISK ANALYSIS Using: + Schedule network diagram + Duration Estimates (0,,°) 120 + Probability Distribution The Output: | + The probability of achieving the completion date oo * List of completion dates with confidence levels i + Contingency reserves to bring the risk to levels acceptable to the Pa organization + The relative importance of each input in determining the overall project Schedule RiskMONTE CARLO SIMULATION FOR COST RISK ANALYSIS The simulation uses: Tol Project Cost ~ as + Cost estimates (cost line-items) ‘i + Probability Distribution 8 ‘The Output from a cost risk simulation isthe: t 4 + Probability of achieving the cost objective + Uist of total cost with confidence ; + Contingency reserves to bring the risk tolevels acceptable tothe « organization 1 * The relative importance of each input in determining the overall project Cost Risk 2 1 ° ee eePERFORM QUANTITATIVE aes ANALYSIS petal Erojoct Come cen oauo ve Pr Gade: a a 3 1. Total Cost $18,821,540. Whats the probability of achieving the planned cost objective? (The Oo” O-~ @~ 6 3 check the probability beside 1,821,540 = 40%PERFORM QUANTITATIVE RISKANALYSIS Total Project Cost SSeS ans ae (02. Total Cost $18,821,540. Whats the contingency reserve if the confidence level change from P40 to P75% 510,00 Q s10520 E s20:00 0000 From the graph, check the total cost beside 75% = 19,282,240 and the budget beside 40% = 18,821,540, then calcul {hele difference = 460,700. Correct answers APERFORM QUANTITATIVE RISK ANALYSIS Q3. Total Cost $18,821,540. What is the average total cost of the project? (The value in the graph by thousands) @ 518,460,700 © 512,000,600 €@_$18,000,000 ($18,945,350 From the Graph, check the Total Cost beside 50% = $18,945,350. Correct answer is D.PERFORM QUANTITATIVE RISK ANALYSIS es €@ € € &€ € & B 1, Completion date 05 Feb 2015, Whats the probability to complete the project on 05 Jul, 20157 O- Ox @x Ou From the Graph, check the probablit beside date 05 Jl, 2015 = 75% Correct answer IsPERFORM QUANTITATIVE RISK ANALYSIS La E2=! (2, Completion date 05 Feb 2015. Whats the contingency reserve If the confidence level change from P40 to P90, 7 Months &2 Days @ rrertss20% — @smonnsass0.9s — @emonnsacr 09 — @)smonnsa17 007 From the graph check the date beside probability £% = 10 Jan 2015 And beside 90% = 31 Oct 2015, then calculate the diferent = 31 Oct 2015-10 Jan 2015 = 8 Months and 21 Days Correct answersis “eneesmtubstapcn comTools and Techniques - Pert (Program Or Project Evaluation And Review Technique) ey A time-based technique that can be used to quantify risks at a given point in the development of a project or program. DuHUBsPor sercesndabtnot comTools and Techniques - Characteristics Iterative Quantitative Risk Analysis + Itis impossible to know all the risks in advance. + Iterative method is best suitable to analyze risks as the project progresses.Tools and Techniques - Characteristics € Menem eta + Overall contingency reserve in time and cost’Should be reflected in the project's schedule and budget. + If adjustment is required in scope, then the changes are agreed upon and documented, A new quantitative risk analysis is carried out to reflect the new aspects of the project.Basic Principles of Probability 3 The following details the basics on principles of probability and its description: Mean The sum of the events divided by the number of occurrences. 45, 76, 2, 10, 33. Mean = (45 +76 +2 +10 + 33)/ S= 33.2 The value of the middlemost observation, obtained after arranging the data in ascending order, is called the median of the data. 4,4, 6, 3, 2. Median = we arrange in ascending 2,3,4,4,6 so the Median is 4. This is a measure of the spread of data, or the statistical dispersion of the values in your data set. Median Standard deviationOutput &4 Plan Risk Management output and its descriptions are as follows: Outputs Project documents Includes a probabilistic analysis of the project, the probability of updates fulfilling cost and time objectives, an updated list of quantified risks arranged in order of priority, and trends in the results of quantitative risk analysis. punussror sericvaadtnptcamComponents of Quantitative &4 Risk Analysis Update The following details the basics on principles of probability and its description: Probabilistic analysis of the project Probability of fulfiling the cost and time objectives Prioritized list of quantified risks: ‘Trends in quantitative isk analysis results ® ription Once risks are qualitatively and quantitatively analyzed, the project team should be able to forecast the possible completion dates and costs, and provide a level of confidence for each decision. Using quantitative risk analysis, the project team can estimate the likelihood of fulfilling the project objectives with the current plan and knowledge of the project risks. Identified risks are prioritized according to the threat they pose or the opportunity they present to the project. This prioritized list includes a measure of the impact of each identified risk. Repeating the quantitative risk analysis process helps the project's risk management team to analyze the trends and make adjustments as necessary. Information on the project schedule, cost, quality, etc., and performance gained through the Perform Quantitative Risk Analysis process will help the team to prepare a quantitative risk analysis report.Key Success Factors For Quantitative Risk Analysis 3 ‘Success in achieving the objectives of quantitative risk analysis includes, but is not limited to: > Prior risk identification and qualitative risk analysis, > Appropriate model, > Competence with the corresponding technical analysis tools, > Commitment to collecting credible risk data, > Unbiased data, and 7 Interrelationships between risks in quantitative risk analysis.Documenting the Results e4 The points which are documented upon completing this process: The contingency reserve calculated in quantitative project cost and schedule risk analysis to be incorporated into the cost estimate and schedule. Contingency reserve established to capture the opportunities that are judged to be priorities of the project. If contingency reserve exceeds the time or r@Source available, changes the scope and plan, then these have to be documented. The results of quantitative risk analysi@must be recorded and passed on to the project. management team for further actions to be taken. ee CainerECO Domain 03 &4 Risk Analysis 23% about 26-27 Questions Task Perform qualitative analysis + Perform a nominal classification or risks in the RBS using classifications from the risk management plan (e.g., environment, organizational, project management, technical, etc.) * Estimate the impact of risk on project schedule, budget, resources, and scope * Prioritize the risk based on impact, and urgency = Apply the risk matrices ‘0 Agreed-upon assessment approach, Historical information, Definitions of probability and. impact, Risk categories, Pre-established criteria * Perform an ordinal classification * Coach stakeholders on risk categorization strategiesECO Domain 03 &4 Risk Analysis 23% about 26-27 Questions ‘Task2 Perform quantitative analysis + Analyze risk data and process performance information against established metrics + Analyze a project's general risks + Perform a forecast and trend analysis on new and historical information + Perform sensitivity analysis 0 Monte Carlo, decision trees, critical path, expected monetary value, etc. ‘= Perform risk weighting and calculate risk priorityECO Domain 03 &4 Risk Analysis 23% about 26-27 Questions Task3 Ider threats and opportunities * Assess project risk complexity ‘©.SWOT analysis, Ishikawa, Tree Diagram * Perform an impact analysis on project objectives © project scopes, schedule cost, and resources, quality, and stakeholders + Assess project compliance objectives against organizational strategic objectives © procedures, project plans, corporate, and project governance, regulatory governance ‘+ Empower stakeholders to independently identify threats and opportunities