Practical Risk Management: The 5 “W’s” for the Win!

Oh no, watch out! Oh no, better jump!

As construction professionals, we are fully aware of the many risks that surround our projects and understand the actions needed to manage and mitigate them. We know these risks can hamper the outcome of projects and quick reactions by project personnel are usually not well thought out or vetted. So why not get started right now, proactively identifying project risks and engaging your project team instead of waiting to react to them after they hit?  

Construction risk management does not need to be an elaborate or costly endeavor since the process can take on different approaches depending on the size and complexity of the project. A more formal approach can include risk workshops facilitated by a risk professional, and a less formal approach can be site personnel discussing risks during progress meetings and maintaining a risk register. We term the latter “practical risk management” and encourage you to consider it.

In this blog, we’ll explore the importance of practical risk management and how to get started, but before we dive deeper, let us define risk management. As defined by AACE International, risk management is the process of identifying, quantifying, managing, and communicating risks or uncertainties that may impact an asset investment or project. Ways to mitigate risk factors include continuously monitoring for the occurrence of risk factors, and continuing to identify, quantify, manage, and close out risks throughout the life cycle of the project or asset.

Who and Where do you go for input?

In a perfect world, we would interview every member of the project team and all stakeholders to gather every potential known risk, but the reality is these individuals are unlikely to have the time nor the budget for an extensive risk management exercise. A great place to start is a conversation with the project’s owner. Understanding the owner’s risk tolerance and key concerns is a good launching point for your risk register and will frame the scope and extent of your risk discovery efforts. Remember that as you gather risks, you should also gather information about the risk’s probability of occurrence, the time horizon for the risk, and the impact it would have if it occurred.  

The contractor’s project and field management team are the experts, and it is imperative that they are involved in risk identification. Not only are they familiar with the challenges of installing the work, but they have the pulse of the industry. Most often, the greatest risks are not those on the project site. Availability of skilled labor, supplier capacity, and industry economics, to name a few, often pose the greatest risks to a project.

The Architect/Engineer (A/E) of record should know the project like the back of their hand, right? They did design it! A/E’s bring a valuable point of view to risk identification through their knowledge of similar projects, lessons learned of what went wrong and what went right. Lessons learned are some of the best inputs to the risk identification process because they define realized risks, actual impacts, and point to proper future mitigation strategies.

What should we be doing?

Start by developing a risk structure. It is first important to identify risk factors that could jeopardize the project. Although these risk factors should be specific, they can be categorized: financial, legal, design, construction, environmental, and safety. Much like developing a work breakdown structure, plan out your risk breakdown structure (RBS). The RBS starts with the highest-level categories and increases in granularity as you move further towards the risk. A recommended business practice is to develop a catalog of potential risk categories that all project teams in the organization may reference. Use those as a “tickler” to kick-start identification.

Once you have risk categories, survey the team and brainstorm. Send out a questionnaire asking the team to list their top five to ten risks. Follow up with a brainstorming session to identify duplicates, refine the risks, and generate new ones. The risks identified should be realistic, relevant, and tangible, and can be easily conveyed with an if-then statement.

Once the team is satisfied with the initial set of risks, figure out the response plan, otherwise known as mitigation strategy. Develop strategies that fit into one of the following categories: avoid, accept, transfer, and limit. Perhaps the contractor substitutes a long-lead item with something more readily available. This is risk avoidance. Or maybe it is better for the owner to award a specialty contract rather than use the general contractor. This is risk transfer. Sometimes the best mitigation strategy is just to accept the risk. Perhaps the owner has a large contingency budget and is willing to accept the possibility of the risk impact.

Once risk mitigation strategies are in place, the team can move into the monitoring and controlling phase. Each risk is assigned to an “action officer” who tracks the risk status including mitigation efforts. Remember to revisit the risk register often and do not be afraid to identify new risks!

When should we do this?

Early and often is ideal, but no matter where you are in the project, you can start. Just remember, risk management is a proactive, continuous, and iterative process. You may only have ten risks early on, but every risk identification cycle may present additional risks. The risk register cannot be developed and then placed on a shelf. Make it a part of your project’s ongoing progress monitoring and check in in with all action officers. It is important to keep communication clear, concise, and compelling so that the message is not lost.

It is important for the project team to recognize that the cycle of risk identification, analysis, response planning, and monitoring/controlling will be ongoing throughout the project lifecycle. The team will need to keep the momentum going and require the team to think proactively. Proactive thinking may be different than the team has been operating, simply reacting to events as they occur.

Something else to consider is conducting a dedicated risk management meeting at each transition point in your project. Design development to construction documents? Risk workshop. Sitework and foundations to superstructure? Risk workshop. It is an easy way to keep the team focused on continuous risk monitoring. By implementing periodic risk workshops and reviewing top risks during progress meetings, your team is set up for success.

Why are we doing this?

By engaging in some form of risk management, the team is showing they are invested in protecting the project outcome from potential harmful impacts to cost, time, safety, continuity of operations, or quality. The benefits of risk management include a better constructed project through both efficiency and risk mitigation by the contractor as well as providing satisfaction to the owner with a well-delivered project. Additionally, sharing this common project goal will go a long way to cementing a collaborative and high-performing team. The quality and frequency of communication amongst the team will improve. The level of creativity and problem-solving will grow. And the team’s confidence in the accuracy of project forecasts will increase because every team member will have contributed to forward looking thinking and planning.

Risk management does not need to be complicated or burdensome, and implementing it only increases the chance of project success. As construction professionals, we do not want to leave our project outcomes up to chance – take control!

Categories:
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *