Open access peer-reviewed chapter

Process of Risk Management

Written By

K. Srinivas

Submitted: 19 April 2018 Reviewed: 08 August 2018 Published: 08 March 2019

DOI: 10.5772/intechopen.80804

From the Edited Volume

Perspectives on Risk, Assessment and Management Paradigms

Edited by Ali G. Hessami

Chapter metrics overview

2,512 Chapter Downloads

View Full Metrics


Cost saving and timely performance are of utmost importance to all stakeholders who are involved in a construction project that is owner, contractor, consultant and subcontractor. The prime causes of risks in construction projects involve delay and failure to complete the work at specified cost and within the agreed time frame. Unexpected delays in construction projects are caused by internal and external environments embedding several risk factors which may occur concurrently. The cost overrun and schedule overrun not only influence the construction industry’s completion of a project but can also have profound effect on the economy of a country. Even though the failure of the construction projects to get completed within the budgeted cost and time has received attention by researchers, lot more need to be researched as to what can be done to have tight leash on construction projects so that they can be brought on track. In order to meet the stiff deadlines involving complexity of construction projects, the scheduling of projects should be flexible enough to accommodate changes without negatively affecting the overall project cost and duration. This chapter deals with Perspectives on Risk Assessment and Management Paradigms as applicable to any project in general and construction industry in particular.


  • risk management
  • risk assessment
  • risk mitigation

1. Definition of risk

Risk is defined in terms of uncertain events which may have positive or negative effect on the project objectives. Risks include circumstances or situations, the existence or occurrence of which, in all reasonable foresight, results in an adverse impact on any aspect of the implementation of the project. Various definitions of risks are presented in Table 1.

Sl. noSourceDefinition
1Project Management Institute [10]An uncertain event or a condition that if it occurs has a positive or negative effect on project objectives
2Institute of Risk Management [7]The combination of a probability of an event and its consequences
3Association of Project Management Body of Knowledge [1]Project Risk is an uncertain event or condition, that, if it occurs, has a positive/negative effect on project objectives. A risk has a cause and if it occurs, a consequence.
4British Standard BS IEC 62198:2001Combination of probability of an event occurring and its consequences on project objectives probability or threat of damage, injury, liability, loss, or any other negative occurrence that is caused by external or internal vulnerabilities and that may be avoided through preemptive action.
6Fundamentals of Risk Management [9]“A chance or possibility of danger, loss, injury or other adverse consequences” and the definition of risk is “exposed to danger.” However, taking risk can also result in positive outcome. A third possibility is risk related to uncertainty of outcome.
7Adams [8]Risk is the probability “that a particular adverse event occurs during a stated period of time, or results from a particular challenge.”
8Philosophy of Risk [3]Risk has been interpreted as Risk = hazard × exposure where Hazard is defined as the way in which a thing or situation can cause harm and exposure as the extent to which the likely recipient of the harm can be influenced by the hazard

Table 1.

Definitions of risk.


2. Classification of risks

Classification and definition of risks is furnished in Table 2.

Pure riskA risk which has chance of loss or no loss. Example. A building may get affected by fire or not. These are best covered by insurance
Speculative riskInvolves chance of gain/loss. Example. A builder may take a risk by promoting a new venture depending upon the prevailing conditions in the vicinity of proposed project, but it may bring him gain/loss.
Fundamental riskThese are external to a project and which, if they materialise, would be on a large scale and cannot be prevented. These risks are associated with major natural, economic, political or social changes and generate large scale losses. Examples are: Floods, earthquakes, fluctuation of exchange rates, etc. This risk may or may not be insurable.
Particular riskThese are project specific risks and are identified within the parameters of a project and can be controlled during the implementation of a project, e.g. quality risks, safety risks, legal risks, etc.

Table 2.

Classification of risks and their definitions.

Source: Project Risk Management, D Van Well-Stam et al., Kogan Page Publications, 2003.


3. Introduction to risk management

Risk management is a planned and a structured process aimed at helping the project team make the right decision at the right time to identify, classify, quantify the risks and then to manage and control them. The aim is to ensure the best value for the project in terms of cost, time and quality by balancing the input to manage the risks with the benefits from such act. It is just a cost benefit analysis.

Risk management is a continuous process which is to be implemented in any project from inception to completion. However, in order to realise its full potential, risk management should be implemented at the earliest stage of a project, i.e. feasibility design and construction. Risk is an uncertain event or condition that, if occurs, has a positive or negative effect on a project’s objectives. Components of risk are the probability of the occurrence of an event and the impact of the occurrence of that event. There are many sources of uncertainty in construction projects, which include the performance of construction parties, resources availability, contractual relations, etc. because of which, construction projects face problems that cause delay in the project completion time. Success of a project is measured by its ability to get completed within the budgeted cost and time. These goals are interrelated where each parameter has an impact when other parameters get affected. An accurate cost estimating and scheduling should be performed in order to meet the overall budget and time deadline of a project. As such, risk management becomes an integral part of construction management which intends to identify and manage potential and unforeseen risks during the period of implementation of the project; hence, the necessity of risk management [5].


4. Definitions of risk management

Definitions of risk management are presented in Table 3.

Sl. noDefinition of risk management
Risk Management is the identification, evaluation, and prioritization of risks followed by coordinated and an economical application of resources to minimise, monitor, and control the probability or impact of unfortunate events [6] or to maximize the realization of opportunities.
2Nadeem Ehsan et al., 2012
Risk Management in a project involves the identification of influencing factors which could have negative impact on the the cost, schedule and quality objectives of the project and quantification of impact of potential risk and implementation of mitigation measures to minimise the potential impact of risk
3Bahamid et al., 2017
Risk Management is defined as organized and comprehensive method tailored towards “ organizing”, “identifying” and “responding” to risk factors in order to achieve project goals.
Risk Management in construction consists of planning, monitoring and implemeting the measures needed to prevent exposure to risk. To do this, it is necessary to identify the hazards, assess the extent of risks, provision of measures to control the risks and to manage residual risk
Risk management is a systematic method of identifying, analysing, treating and monitoring the risks that are all involved in any activity/ process and is a systematic method that minimises the risks which may be an impediment to attainment of objectives
6Cleden [4]
Risk is exposure to the consequences of uncertainty. In a project context, it is the chance of something happening that will have an impact upon objectives. It includes the possibility of loss or gain, or variation from a desired or planned outcome, as a consequence of the uncertainty associated with following a particular course of action. Risk thus has two elements: the likelihood or probability of something happening, and the consequences or impacts if it does.
7Project Risk Management, D Vanwell-Stam, Kogan Page India publications, 2004
The entire set of activities and measures that are aimed at dealing with risks in order to maintain control over a project
Risk Management is a means of dealing with uncertainty – identifying sources of uncertainty and the risks associated with them, and then managing those risks such that negative outcomes are minimized (or avoided altogether), and any positive outcomes are capitalised upon.
9Risk Management in Construction Projects by NICMAR [2]
Risk Management is the planned and structured process of bringing the project team make the right decisions at the right time by identifying, classifying and quantifying the risks and then for managing and controlling them,
10Dr Patrick et al., 2006 retrieved from
Risk Management is “a systematic way of looking at areas of risk and consciously determining how each should be treated. It is a management tool that aims at identifying sources of risk and uncertainty, determining their impact, and developing appropriate management responses”
Risk Management refers to the practice of identifying potential risks in advance, analysing them and taking precautionary steps to reduce/curb the risk.

Table 3.

Definitions of risk management.


5. Importance of risk management in construction projects

Construction projects are extremely complex and fraught with uncertainty. Risk and uncertainty can potentially have damaging consequences for the construction projects. Hence, risk analysis and risk management has come to be a major feature of the project management in construction projects. Construction projects are unique, inherently complex, dynamic and risks emanate from multiple sources. The interests of individuals and organisations who are actively involved in a construction project may be positively or negatively affected depending upon the course which a project takes from concept to completion. Multiple stakeholders with varied experience and skills have different expectations and interests in the project which creates problems for smooth execution of the project. Risk management is a concept which many construction companies have never thought of, despite the fact that, the risks can be better controlled if they are identified in the first instance and a well-structured mitigation mechanism is in place. Risk management helps the key project participants namely the client, contractor/developer, consultant and supplier to meet their commitments and to minimise negative impacts on construction project performance in relation to cost, time and quality objectives. Success of a construction project is associated with three aspects of time, cost and quality outcomes.

Successful commissioning of any project, necessarily calls for sound planning on various fronts and getting the project executed in a competent manner. An organisation executing a project would have to reckon with the various risks to which the project may be exposed to and these have to be managed effectively. The construction industry, being vulnerable is potentially more prone to risks and uncertainties than any other industry. The process of taking a project from the conceptual stage to its final completion and putting into operation is quite complex and entails painstaking process at every stage. Construction industry is highly fragmented in that each of its participants—designers, constructors, planners, suppliers, etc. can be highly skilled in their own area and yet there is no clear perspective as to how all the players can come on the same platform for achieving the objectives.

Construction industry is also dependent on quality of its people rather than technology. The increasing technological complexity and more complex interdependencies and perpetual shortage of resources namely materials, equipment, technical/supervisory staff, finance, etc. calls for a comprehensive risk management framework which will insulate the risks of the participants to a great extent.

Given the nature of the construction sector, risk management is an extremely important process. It is most widely used in such of those projects where susceptibility to risks is very high and is characterised by planning, monitoring and controlling the risks in a more structured and formal manner. The most efficient method of identifying the risks is to study a project of similar size which was executed in the recent past which gives an insight into the failure/success of the project. In order to be sure that the project objectives are met, the portfolio of risks associated with all stakeholders should be considered across the project life cycle (PLC). In later stages, risk management when applied systemically helps to control those critical elements which can negatively impact project performance. Keeping track of identified threats will result in early warnings to the project manager if any of the objectives, time, cost or quality, are not being met. There are a plethora of risks which are to be identified in the construction industry and which can be faced in each construction project at any point of time regardless of its size and scope. Frequent change in scope is one of the major risks in any construction project. If revised scope or design is implemented, it can have effect in the form of additional resources of time and cost. Early project completion may be as troublesome as delays in a schedule. Completing too early which may be a result of insufficient planning or design problems can lead to a low quality of final product and increased overall cost. Thus it is important to keep a balance in the concept of time–cost-quality trade-off, which more widely is becoming an important issue for the construction sector. Risks may vary depending on the project scope, types and are to be treated accordingly.


6. Risk management process

Risk management process is shown in Figure 1.

Figure 1.

Risk management process.

6.1 Identification of risks

Risk identification, the first step in the risk management process is usually informal and is performed in various ways, depending on the organisation and the project team. Identification of risks relies mostly on past experience and study of similar executed projects. This being a preliminary stage, a combination of tools and techniques may be used to identify the risks in any project. Here are many methods that fit specific types of challenges and projects especially at identification stage. Risks and threats may be difficult to eliminate, but when they have been identified, it becomes easy to take actions and have control over them. Risk management will be more effective if the source of the risks have been identified and allocated before any problems occur. The main purpose of risk management is that the stakeholders should prepare for potential problems that can occur unexpectedly during the course of a project. Risk management will not only facilitate anticipating problems in advance, but also preparing oneself for the potential problems that may occur unexpectedly. Handling potential threats is not only a way to minimise the losses within a project, but also a way to transform risks into opportunities which can lead to economic and financial profitability. The purpose of identifying risks is to obtain a list of risks which has got the potential to have a cascading effect on the progress of project and different techniques are applied for managing/mitigating the same. In order to find all potential risks which might impact a specific project, different techniques are applied. The project team should use a method they are familiar with so that the exercise will be effective. Effective identification of risks is the first step to a successful risk management.

Documentation reviewsA structured review of project documentation, study of history of execution of similar projects and quality of plans as well as the consistency between those plans and project requirements/ assumptions would be an indicator of risks in the project
Information gathering techniques
  • Brainstorming

  • Delhi technique

  • Checklist analysis

  • Cause and effect diagram

  • Questionnaires

  • SWOT analysis

  • Expert judgement

Table 4.

Identification of risks: tools and techniques.

6.1.1 Risk identification techniques

Tools and techniques for risk identification are presented in Table 4.

Various risks that confront a construction industry are not limited to and include financial, economical, political, legal environmental, technical, contractual, planning/scheduling, design, quality operational labour, stakeholder safety and security, logistics and construction.

6.2 Risk assessment

Risk assessment is the second stage in the risk management process where collated data is analysed for potential risks. Risk assessment is described as short listing of risks starting from low impact highest impact on the project, out of all threats mentioned in the identification phase. Risk assessment consists of qualitative risk assessment and qualitative risk assessment.

6.2.1 Qualitative risk assessment

This involves registration of identified risks in a formal manner. A risk register is used for formalising this process which is not limited to the following

  • Classification and reference

  • Description of the risk

  • Relationship of the risk to other risks

  • Potential impact

  • Likelihood of occurrence

  • Risk response/mitigation strategy

  • Allocation of risks to stakeholders. Classification and reference

Classification is an aid to identifying the source of risk. Examples are furnished below (Table 5).

EnvironmentalSite conditions, health and safety issues at site
ContractualClient, contractor, sub-contractor, etc.
DesignPlanning permission, preliminary and detailed design, etc.

Table 5.

Classification of risk and its reference.

Referencing refers to unique reference number given for each of the identified risks. Description of the risk

This involves giving a brief description of the risk. The description must be unique in order to avoid confusion with similar risks in the risk management process. Relationship to other risks

In any project, it is extremely rare that any activity is independent of activities which occurs concurrently or consequentially and this will always be the case for risks also for successful implementation of risk management, Potential impact (I)

Impact of risk on a project is measured in terms of cost and quality. Since this assessment is done at an early stage of the project, information may not be available to accurately predict the impact of risk on the project. At this stage, the risk is classified suitably and accordingly high impact risks are to be given more fundamental consideration than that of medium/low/negligible risks by ranking the impact of risks on a scale of 1 (low) to 10 (high). Likelihood of occurrence (P) and calculation of risk factor (RF)

Based on intuition and experience, the likelihood of occurrence (P) of risks and its impact (I) is to be given on a suitable scale ex. 1–10 (1 refers to low probability and 10 refers to high probability). The risk factor for each of the identified risks is calculated by the formula RF = P + I – (P*I) (where the values of P and I are brought on a scale of 0–1 by dividing the values with 10). Risk response/mitigation strategy

This action is taken to reduce, eradicate or to avoid the identified risks. The most common among the risk mitigation methods are risk avoidance, risk transfer, risk reduction and risk sharing. Based on the competency in handling the risks, the identified risks are allocated to respective stakeholders who will be responsible for addressing those risks.

6.3 Quantitative risk assessment

This risk assessment is normally taken for such of those risks which are classified are high/critical/unmanageable as per the qualitative risk assessment. The purpose of this assessment is to find the amount of contingency to be inserted in the estimate for the risks undergoing this assessment so that in case the risks occur, there would be sufficient budgeted amount to overcome the extra expenditure.

Quantitative methods need a lot of analysis to be performed. This analysis should be weighed against the effort and outcomes from the chosen method. Complex and larger projects require more in depth analysis as compared to projects which are small in size. The purpose of carrying out quantitative analysis is to estimate the impact of a risk in a project in terms of scope, time, cost and quality. The suitability of this analysis is more for medium and large projects as these projects have more complex risks as compared to smaller projects.

The detailed quantitative assessment of risk is the one which is identified as risk analysis. In undertaking quantitative assessment, the potential impact of risks in terms of time, cost and quality is quantified. While preparing the estimate, it is generally split into two distinct elements, namely (1) base estimate of those items which are known and a degree of certainty exists and (2) contingency allowance for all uncertain elements of a project. Historically, contingencies have been calculated on a rule of thumb basis varying from 5 to 10% on risk-free base estimate. By adopting risk management approach, contingencies are set up to reflect realistically the risks that are inherent in the project. When used correctly, contingency allowances ensure that expenditure against risks is controlled. The methods for quantitative risk assessment are described below.

6.3.1 Scenario technique: Monte Carlo simulation

The Monte Carlo method is based on statistics which are used in a simulation to assess the risks. This is a statistical technique whereby randomly generated data is used within predetermined parameters and produce realistic project outcomes. The overall project outcome is predicted by randomly simulating a combination of values for each risk and repeating the calculation a number of times and all outcomes are recorded. After completing the simulations required, the average is drawn from all of the outcomes, which will constitute the forecast for the risk. It is important to realise that parameters and appropriate distribution within which the random data is simulated is itself a series of subjective inputs. Accurate and realistic project outcomes will not be generated if inaccurate parameters are set. Different scenarios are generated by simulation are used for forecasting, estimations and risk analysis. Data from already executed projects is normally collected for simulation purpose. The data for variables is presented in terms of pessimistic, most likely and optimistic scenarios depending upon the risks encountered, i.e. pessimistic value means lot of risks and optimistic value means least risks. The result from this method is a probability of a risk to occur is often expressed as percentage. The most common way of performing the Monte Carlo simulation is to use the program Risk Simulator Palisade Software, where more efficient simulations can be performed.

6.3.2 Modelling technique: sensitivity analysis

This is a method used to demonstrate the variable impact on the whole caused by a change in one or more element or risk. It is used to test the robustness of choices made where rankings have been established, particularly when those rankings are considered to be marginal. It can identify the point where variation in one parameter will affect decision making. A typical method for carrying out sensitivity analysis is by use of a spider diagram which shows the areas in the project which are the most critical and sensitive The higher the level of uncertainty a specific risk has, the more sensitive it is concerning the objectives. In other words, the risk events which are the most critical to the project are the most sensitive and appropriate action needs to be taken (Heldman, 2005). Disadvantage with this analysis is that the variables are considered separately, which means that there is no connection between them (Perry, 1986 and Smith et al.. 2006). The method requires a project model in order to be analysed with computer software. According to Smith et al. (2006), the project stands to be benefited if the analysis is carried out in the initial phases of a project in order to focus on critical areas during the execution of the project.

6.3.3 Decision tree

Decision tree analysis is commonly used when there is sequence of interrelated possible courses of action and future outcomes in terms of time and cost. This method of analysis is commonly used when certain risks have an exceptionally high impact on the two main project objectives, i.e. time and cost. Where probabilities and values of potential outcomes are known or can be estimated, they are used for quantification to provide a more informed basis for decision making. Each decision process expected value (EV) which forms the basis for decision making process. A sample problem on decision tree is given in Table 6.

MethodDesign time (months)Construction period in months and probabilitiesTotal time (construction period + design time) (months)
Construction management215 (0.6) = 9
18(0.4) = 7.2
Total 16.2 months
Design and construct312(0.3) = 3.6 Total = 13.8 months
14(0.5) = 7
16(0.2) = 3.2
Traditional method810(0.3) = 3
12(0.7) = 8.4
Total 11.4 months

Table 6.

Problem on decision tree.

This can be depicted in the form of decision trees and the expected value (EV) in terms of time for each of the three scenarios is furnished. The least of this i.e. construction management will be preferred since it consumes less time.

6.3.4 Multiple estimating using risk analysis

Multiple estimating using risk analysis (MERA) attempts to provide a range of estimates. These are presented as risk free base estimate, average risk estimate (ARE) and maximum likely risk estimate (MLRE). ARE is the sum of risk free base estimate and average risk allowance and MLRE is the sum of ARE and maximum risk allowance.

MERA attempts to finds a level i.e. the estimate that has a 50% chance of being successful. This is known as average risk estimate (ARE) which is found out by multiplying the average allowance with average probability of occurrence. Maximum risk allowance is found out by multiplying the maximum allowance with maximum probability of occurrence of that risk. This is added to ARE to get MLRE which is the estimate that has 90% chance of not being exceeded.

6.3.5 Quantitative risk assessment: outputs

The output of quantitative risk assessment is presented in Table 7.

Probabilistic Analysis of projectEstimates are made of potential project schedule and cost outcomes listing the possible completion dates and costs with their confidence levels. This output is described as cumulative distribution and also risk tolerances for permitting quantification of cost and time contingency reserves. Contingency reserves bring the risk of overshooting stated project objectives to acceptable levels to the organisation
Prioritised list of quantified risksThis list includes risks that pose the greatest threat or present the greatest opportunity in a project. These risks also have the greatest impact on cost contingency
Trends in quantitative risk analysis resultsAs the risk analysis is repeated, a trend becomes apparent that leads to conclusions affecting risk responses, Historical information on project’s schedule, cost, quality and performance reflects new insights gained through quantitative process. This takes the form of quantitative risk analysis report.

Table 7.

Quantitative risk assessment: outputs.

6.4 Risk response planning

The risk response will be in the form of mitigation by adopting necessary strategies in respect of positive and negative risks which is furnished below (Tables 810).

Risk mitigation strategyDescription
Risk avoidanceRisk avoidance involves changing the project management plan to eliminate the threat entirely. The project manager may isolate the project objectives that are in jeopardy. Examples: (a) Extending the schedule of an activity; (b) Changing the strategy or reducing the scope of work; (c) Changes in clauses of contract regarding abnormal price rise of any material or dealing with extra quantum of work.
Risk transferRisk transfer requires shifting some or all of the negative impact of a threat along with ownership of the response to a third party. Examples are
  • Risk transferred to Consultant

    Design Risk, technical Risk and Foundations for all major structures

  • Risk transferred to Insurance Company

    Security of materials at site, Fire Hazards, Boiler operations, safety of electrical rooms, loss in Turbines and Generators, Unforeseen Risks, etc.

Risk reductionRisk reduction implies reduction in the probability and consequence of an adverse risk event to be within acceptable threshold limits. Conducting detailed tests or choosing a more stable supplier are some examples. Risk reduction is adopted where the resultant increase in costs is less than the potential loss that could be caused by the risk being mitigated. Examples are:
  • Preparedness to tackle any natural disaster

  • Detailed site investigation where adverse ground conditions are known to exist but the full extent is not known. A detailed ground investigation was performed upon which an estimate was prepared.

  • Contingency planning

  • Removal of engineering/structural barriers

  • Strengthening the quality assurance procedures

  • Paying higher amount than recommended by Govt for land acquisition

  • Design as per standards

Risk acceptanceThis strategy is adopted when it is not possible to eliminate all risks from a project. This strategy indicated that the project team had decided not to change the project management plan or is unable to identify any other suitable response strategy. This requires no action except to document the strategy leaving the project team to deal with risks as they occur

Table 8.

Strategies for mitigating negative risks.

Risk mitigation strategyDescription
ExploitThis strategy is selected for risks with positive impacts where the organisation wishes to ensure that the opportunity is realised. This strategy seeks to eliminate the uncertainty associated with a particular risk by ensuring that the opportunity is exploited. Examples are assigning the most talented resources of the organisation to the project to reduce the time for completion or providing at a lower cost than originally planned
ShareSharing a positive risk involves allocating some or all of the ownership of the opportunity to a third party capable of capturing the opportunity for the benefit of the project. Risk sharing, joint ventures, etc. are examples of this strategy
EnhanceThis strategy is used to enhance the positive impact of an opportunity. Identifying and maximising key drivers of risks may increase their probability of occurrence. Examples are adding more resources to an activity for completing it before scheduled time
AcceptAccepting an opportunity means willing to take advantage if it comes along, but not pursuing it actively.
Contingent response strategiesSome responses are designed for implementation only if certain events occur. It is appropriate for the project team to prepare a contingency response plan that will be executed under certain predefined conditions if there will be sufficient warning to implement the plan
Expert judgementExpert judgement is from knowledgeable individuals pertaining to the actions to be taken on a specific and a defined risk.

Table 9.

Risk mitigation strategies for positive risks/opportunities.

Source: Project Risk Management, Van Well Stam et al. 2008.

Sl. NoContents
1Identified risk. Their descriptions, areas of project affected, their causes and how they affect project objectives
2Risk owners and assigned responsibilities
3Prioritised list of project risks based on the outputs from quantitative analysis reports
4Agreed upon response strategies and specific actions taken to implement the strategy
5Triggers, symptoms and warning signs of risks occurrence
6Fallback plans as a reaction to a risk that has occurred and primary response proved to be inadequate
7Contingency reserves to be calculated based on quantitative risk analysis of the project and the threshold risk of the organisation.

Table 10.

Contents of risk response: outputs.

6.5 Monitoring and controlling risks: inputs

Inputs to monitoring and controlling of risks are presented in Table 11.

6.5.1 Monitoring and controlling risks: tools and techniques

Tools and Techniques for monitoring and controlling risks are furnished in Table 12.

Risk registerThe key inputs to risk register includes identified risks and owners of risk, agreed upon risk responses, specific actions to be implemented, symptoms/warning signs of any risk, residual/secondary risks, list of low priority risks and contingency measures in terms of time/cost
Risk management planThe risk management plan should contain risk tolerances, assignment of manpower including bearer of risk, time and other resources to project risk management
Work performance informationWork performance information related to various performance results is to be quantified in terms of deliverable status, schedule progress and costs incurred.
Performance reportsPerformance reports will be analysed for variance analysis, earned value data and forecasting the likely date of completion of project

Table 11.

Monitoring and controlling risks—inputs.

Source: [10].

Risk reassessmentMonitoring and controlling of risks will result in identification of new risks, reassessment of current risks and closing of risks that are not a threat to project. Project risk assessment is to be performed regularly. The frequency and depth of assessment depends on how the project progresses relative to the objectives.
Risk auditsThe purpose of risk audits is to examine and document the effectiveness of risk responses in dealing with identified risks and their root causes as well as effectiveness of the risk management process meetings. A separate risk audit meeting may be held or it may be included in routine project review meetings.
Earned value analysisVariance analysis is done by comparing the planned results with actual. Trends in execution of a project are reviewed using performance information and based on earned value analysis, deviation from cost and schedule targets is determined which may indicate potential impact of threat/opportunities.
Technical performance measurementThis measures technical accomplishments during project execution and will help in forecasting degree of success in achieving the project scope and it may expose the degree of technical risk faced by the project
Reserve analysisThis compares the amount of contingency reserves available at any time to the amount of risk remaining in the project to determine whether the reserves are adequate
Status meetingsProject risk management should be an agenda item at all status review meetings. The amount of time for any item will depend on risks that have been identified, their priority and difficulty of response. Frequent discussions about risk make it more likely that concerned stakeholders will identify risks and opportunities.

Table 12.

Monitoring and controlling risks: tools and techniques.

Source: [11].


7. Benefits with risk management

  • To maximise the efficiency of risk management, the risk management process should be continuously developed during the entire project.

  • The benefits from risk management finally go to the stakeholders involved. A clear understanding and awareness of potential risks in the project contributes to better management of risks by suitable mitigation techniques. Another benefit of working with risk management is increased level of control over the whole project and more efficient problem solving processes which can be supported on a more genuine basis

  • Risk management when conducted effectively, reduce sudden surprises. The advantage with risk management is that the stakeholders are aware as to the risk that they have to bear among all the risks that have been identified in a project and can prepare themselves accordingly, should any eventuality occur. No doubt, this formal exercise may translate into extra cost for an activity, but if taken in holistic manner, the benefits will far outweigh the costs. This has another advantage in that there is no passing of buck as risks are either shared/retained or transferred depending upon the ability of the stakeholder to handle the risk. The three approaches to risk management are normally risk natural firm which does not invest much in risk management but is still aware of important risk, risk averse firm where no investments are made and the last one is risk seeker wherein the organisation is prepared to face all risks and is often called gambler. The outcome of the objectives of project naturally depends upon the path adopted by the firms in their approach to risk management.


8. Conclusions

  • The fact that there are manifold risks which can be identified in any construction project is explained by their size and complexity. Bigger the project is, the larger the number of potential risks that may be faced.

  • Occurrence of risk is stimulated by several factors. Most often the risks faced in any project are financial, environmental (surrounding location of project and overall regulations), time, design and quality. The technology used for construction and the internal environment also contributes to risk which can have substantial bearing on the outcome of a project.

  • Risks are directly proportional to complexity of a project. Bigger and more complex a project is, the more resources are required to complete it. In spite of identifying all potential risks, there might be more potential threats. Therefore, the project team should not solely focus on management of those identified risks but also be alert for any new potential risks which may arise during execution.

  • Risk management is a tool for managing risks in a project and a project manager should be prepared for managing uncertainties not included in a risk management plan.

  • Effective management of risky project demands rapid and realistic predictions of alternative courses of action and positive decision making and requires flexible attitudes and procedures.

  • Perception of severity and frequency of occurrence of risk is to be done in tandem between the stakeholders. This will eliminate lot of unnecessary correspondence as well as misunderstanding and friction between the stakeholders

  • Insurance is just one aspect of risk mitigation and it cannot absorb all the risks. Insurance is project specific and it should be taken as per the needs of client/contractor. Other ways of risk mitigation needs to be explored.

  • Adoption of good project management practices like proper planning and implementation, willingness of stake holders to share the risks in the project is essential for success of a project

  • Executing a complex project requires meticulous planning, i.e. planning to the smallest details, and this can be achieved through concerted dedication from the concerned stakeholders.

  • Risks are to be thoroughly studied and understood before bidding for the project.

  • Special care should be taken regarding the seasonal variation of labourers, so that the construction activities does not get delayed due to shortfall in manpower resources during execution, which can have adverse effects on cost and time

  • Proper risk allocation techniques should be framed between the stakeholders so that in the event of occurrence of a risk, this will eliminate doubts as to which stakeholder should address the risk

  • Given its complexity, risk management is a very important process in construction projects. It is most widely used in those projects which exhibits high level of uncertainty. Formal planning, assessment and monitoring/control process characterises risk management in such projects.

  • Risk management procedures should be initiated in the early stages of the project where planning and contracting of work, together with the preliminary capital budget are being chalked out. In later stages, Risk management applied systemically, helps to control those critical elements which can have negative impact on project performance.

  • Keeping track of identified threats, will result in early warnings to the project manager if any of the objectives, time, cost or quality, is being met or not.

  • Risks in complex construction projects can be mitigated by entering into various agreements like execution, operation/maintenance, etc.

  • Proper risk strategy formulation and research is necessary based on real life experiences so that identification of potential risks and providing solutions can produce effective and efficient risk strategies to overcome impacts of risk events.

  • Risk identification is the first step in the risk management process. It means that the identification of risks which is informal relies mostly on past experience of similar executed projects and that of advice from experts. There are a good number of methods for identifying the risks in a project and a combination of methods may be used for identification of risks in a project.

  • Handling potential threats is not only a way to minimise losses within the project, but also a way to transform risks into opportunities, which can lead to economical profitability and finally, .it is suggested that if risks are given due care at all stages of the project, stakeholders will be showered with manifold benefits subsequent to commissioning of project


  1. 1. Association of Project Management Body of Knowledge. Retrieved from:
  2. 2. Banaitiene N, Banaitis A. Risk Management in Construction Projects. Retrieved from:
  3. 3. Chicken JC, Posner T. The Philosophy of Risk, Vol. 21. London: Thomas Telford; 1998
  4. 4. Cleden D. Managing Project Uncertainty, 1st ed. Great Britain: Gower Publishing Ltd; 2009
  5. 5. Cooper D, Grey S, Raymond G, Walker P. Project Risk Management Guidelines—Managing Risk in Large Projects and Complex Procurements. Wiley Publishers; 2005. ISBN 9780470022825
  6. 6. De Marco A, Thaheem MJ. Risk analysis is construction projects—A practical selection methodology. American Journal of Applied Sciences. 2014;11(1):74-84
  7. 7. Institute of Risk Management. Retrieved from:
  8. 8. Adams J. 1995. Retrieved from:
  9. 9. Hopkin P. Fundamentals of Risk Management. 5th ed. Great Britain: Kogan Page Limited; 2013
  10. 10. Project Management Institute. Guide to Project Management Body of Knowledge. 4th ed. USA: PMI; 2008. ISBN 978-1-933890-51-7
  11. 11. Risk Management. India: School of Distance Education, National Institute of Construction Management and Research

Written By

K. Srinivas

Submitted: 19 April 2018 Reviewed: 08 August 2018 Published: 08 March 2019