“There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know.” – Donald Rumsfield
We all know about OHS risk management. We take 5 to save lives, fill out JSA’s, follow safe work method statements, but there are other very key areas associated with risk management that should be considered. https://probitycorporate.ae/
Do we really cover all bases in our daily practice? Is the focus purely on OHS? What do we do to reduce the unknown unknowns?
Risks can be direct, physical problems such as illness, floods or fire damage, theft or vandalism. But risk can also be less obvious and direct such as poor decision making, poor recruitment processes or investing in inappropriate technology.
Some areas are relatively straight forward to monitor and reduce risk e.g.budget and schedule overruns but they often get overlooked. However there are more complicated areas (e.g. reputation and probity risk that should be considered as part of the risk management plan).
When working on tenders and contracts organisations should consider probity risk from the start of the project. e.g. if there are potential conflicts of interest that could result in embarrassment for the organisation or the organisation’s response being rejected at any point in the process, then perhaps a bid should not be prepared and submitted to the client?
Processes and expectations need to be established so that people working on a tender know what they can and can’t do, in order to manage the organisation’s probity risks. On the side of the organisation issuing a Request for Tender (RFT), there are similar probity risks, and similar requirements to determine how to manage them appropriately – e.g. avoiding any appearance of favouritism. And in any project there will be probity risks – risks of behaviour that falls outside the law or outside social or corporate expectations which could result in criminal or civil charges, or embarrassment for the organisation. For example, some behaviour will be in breach of industry or association codes of conduct, so if an organisation is found to have exhibited this behaviour the result can be public embarrassment, fines, or expulsion from an association – which might make it hard to gain future work.
Cover all bases!
Risks should be assessed at every stage of a project plan. Below are some more pointers on potential non OHS related risks.
Key risk areas outside OHS
Poor scope definition resulting in cost or budget overruns
Errors in time and cost estimation
Poor attitude to quality resulting in rework
Lack of leadership within the project or organisation
Poor communications resulting in confusion, poor quality, rework or delivering a solution that doesn’t meet the client’s needs
Ignoring risk and failing to plan for it
Procurement failures, including poorly constructed contract clauses and a failure to manage contracts appropriately
Ineffective change control on the project resulting in defects
Commercial and legal issues
Resourcing problems, including the unavailability of appropriately skilled resources
Human factors, such a poor performance or conflict within the project team
Technology and technical issues, such as equipment failures or software issues
Problems with management activities, policies and controls
Environmental factors, such as difficulties with office accommodations.
Don’t learn the hard way!
The following key lessons about managing project risks have been learned by experienced Project Managers:
Ignoring project risks won’t make them go away.
A ‘head in the sand’ attitude towards project risk will only lead to continued problems during the project, as each new issue presents a potential crisis which has to be dealt with.
Involve the project team in risk management.
The Project Manager can’t do it all alone, and the better informed the project team is, the easier risk management will be. Responsibility for risk management should be shared and communicated. After all, the person closest to the risk is usually the person best placed to identify and treat the risk.
Don’t treat every risk as a potential show-stopper.
Perspective is required when doing a risk analysis, or you can become overwhelmed by a seemingly endless list of risks, many of which are relatively minor.
Don’t try to control everything.
Some risks can safely be ignored/accepted. Other risks are simply not within the Project Manager’s control and need to be referred to a higher authority.
At the end of the day, life is full of risks, however, through systematic and effective management, the risks are mitigated and pose no significant impact.