# Characterize the relationship between budgeting and risk analysis

Oct 14, The Joint Risk Analysis Methodology enables the Chairman of the Joint. Chiefs of Staff characterization and evaluation), and risk management. levels, mitigation strategies, and acceptable risk levels in relation to problem .. on the CJA2, traditional budget cycles, force readiness, strategic trends since. The Risk Assessment is concerned with identifying, characterizing, prioritizing and For budgeting purposes and to aid in monitoring project progress, calculate the Determine the relationship between work performed in a given task or. (2) Characterize the relationship between budgeting and risk analysis. Determine the different types of resources that require planning. Part #5 1. Per Deming.

These include risks that are not significant in themselves but that can accumulate to constitute a major risk. For example, a cost overrun in one subcontract may not in itself constitute a risk to the project budget, but if a number of subcontracts overrun due to random causes or a common cause i. The National Academies Press.

### Project Management

While individually such risks may not be serious, the problem lies in the combination of a number of them and in the lack of recognition that the cumulative effect is a significant project risk. An obvious example of an incremental risk in construction is weather-related delays, which are not usually major problems in themselves, but a long run of inclement weather that impedes progress on the project may create a serious challenge to the schedule and budget.

The fire started in the cable trays, caused by a workman using a candle to detect leaks. Three independent safety trains were designed to inject cooling water into the core of the reactor. However, the power cables for all three trains were routed through the same cable trays.

Therefore, the risk of all three safety injection pumps failing to operate was just the risk that a fire occurred in the cable tray—the three safety trains were correlated, not independent. This incident led directly to the development of the methodology of probabilistic risk assessment and its required implementation at all nuclear power plants. The lesson learned from this is that independence of risk events is something that must be demonstrated, not merely assumed.

Their likelihood can be very low but their impact can be very large. Examples of such risks are dependence on critical technologies that might or might not prove to work, scale-up of bench-level technologies to full-scale operations, discovery of waste products or contamination that are not expected or not adequately characterized, and dependence on single suppliers or sources of critical equipment.

This estimate of overall project risk may be used as input for a decision about whether or not to execute a project, as a rational basis for setting a contingency, and to set priorities for risk mitigation.

**Risk Budgeting**

While probabilistic risk assessment methods are certainly useful in determining contingency amounts to cover various process uncertainties, simple computation methods are often as good as, or even better than, complex methods for the applications discussed here.

When addressing probabilistic risk assessment, project directors should keep in mind that the objective is to mitigate and manage project risks and that quantitative risk assessment is only a part of the process to help achieve that objective. There are many available methods and tools for quantitatively combining and assessing risks. Some of the most frequently used methods are discussed briefly below. Multivariate Statistical Models Multivariate statistical models for project costs or durations are derived from historical data.

Also known as regression analysis, statistical models are one of two methods of analysis explicitly cited in OMB Circular No. The models are typically either top-down or parametric and do not contain enough detail to validate bottom-up engineering estimates or project networks. These methods are objective in that they do not rely on subjective probability distributions elicited from possibly biased project advocates.

Analysts build linear or nonlinear statistical models based on data from multiple past projects and then compare the project in question to the models. The use of such statistical models is desirable as an independent benchmark for evaluating cost, schedule, and other factors for a specific project, but statistically based methods require a large database of projects, and many owners do not perform enough projects or expend the effort to create such databases.

Owners who have performed many projects but have not developed usable historical project databases have an opportu- Page 33 Share Cite Suggested Citation: Computational methods such as resampling and bootstrapping are also used when data are insufficient for direct statistical methods.

The bootstrap method is a widely used computer-based statistical process originally developed by Efron and Tibshirani to create a proxy universe through replications of sampling with replacement of the original sample. Bootstrapping is used to estimate confidence levels from limited samples but is not applicable for developing point estimates.

Event Trees Event trees, also known as fault trees or probability trees, are commonly used in reliability studies, probabilistic risk assessments for example, for nuclear power plants and NASA space probesand failure modes and effects analyses. The results of the evaluations are the probabilities of various outcomes from given faults or failures. Each event tree shows a particular event at the top and the conditions causing that event, leading to the determination of the likelihood of these events.

These methods can be adapted to project cost, schedule, and performance risk assessments. System Dynamics Models Projects with tightly coupled activities are not well described by conventional project network models which prohibit iteration and feedback. Efforts to apply conventional methods to these projects can lead to incorrect conclusions, counterproductive decisions, and project failures. In contrast, system dynamics models Forrester, describe and explain how project behavior and performance are driven by the feedback loops, delays, and nonlinear relationships in processes, resources, and management.

Because system dynamics models are based on dynamic feedback the models can also be used to evaluate the impacts of various failure modes or root causes, particularly in cases where the root causes can be identified but the ripple effect of their impacts is difficult to estimate with any confidence.

System dynamics models have been effectively used for project evaluation, planning, and risk assessment Cooper, ; Lyneis, Cooper, and Els, ; Ford and Sterman, Although the use of these models is not standard practice for project planning and risk management, they can significantly help owners to improve their understanding of project risks.

Page 34 Share Cite Suggested Citation: A sensitivity coefficient is a derivative: Even if the probability of a particular risk cannot be determined precisely, sensitivity analysis can be used to determine which variables have the greatest influence on the risk. Because a primary function of risk analysis is to break down the problem into essential elements that can be addressed by management, sensitivity analysis can be very useful in determining what decisions the manager should make to get the desired results—or to avoid undesired results.

In the absence of hard data, sensitivity analysis can be very useful in assessing the validity of risk models. Project Simulations Project simulations are group enactments or simulations of operations, in which managers and other project participants perform the project activities in a virtual environment before undertaking them on the project.

This type of simulation may or may not be supported by computers; the emphasis is not on the computer models but rather on the interactions of the participants and the effects of these interactions on project outcomes. For this reason, project simulations are very good for team building before a project actually starts up. They are not inexpensive, but the cost is generally comparable to the costs of the other techniques cited here, and they can be very cost-effective in the long run, compared to the typical approach of jumping into major projects with little or no preparation of the personnel and their working relationships.

Engineering and construction contractors have developed project simulation methods Halpin and Martinez,and owners can develop their own or specify that their contractors should perform such simulations before a project starts, in conjunction with the other preproject planning efforts.

Stochastic Simulation Models Stochastic simulation models are computerized probabilistic simulations that, for computational solution, typically use random number generators to draw variates from probability distributions. Because the computer simulation is performed with random numbers, these methods are also called Monte Carlo simulations. The objective of the simulation is to find the uncertainties empirical probability distributions of some dependent variables based on the assumed uncertainties subjective probability distributions of a set of independent variables, when the relation- Page 35 Share Cite Suggested Citation: Thus each iteration random simulation may be considered an experiment, and a large number of these experiments gives insights into the probabilities of various outcomes.

Monte Carlo simulation is typically used to combine the risks from multiple risk factors and as such is useful to determine whether the total risk of a project is too great to allow it to proceed or to determine the appropriate amount of contingency.

Stochastic simulations differ from multivariate statistical models because they are typically not based on hard data. They can be useful in the absence of real data in that they are based on subjective assessments of the probability distributions that do not require large databases of previous project information.

An often-cited weakness of this method is that subjective assessments of probability distributions often lack credibility, because they may be influenced by bias. This can be overcome to some degree by a carefully structured application of expert judgment Keemey and von Winterfeldt, As is the case with all the other computer methods for quantitative risk analysis discussed here, the validity of the method lies entirely in the validity of the probabilistic models.

Monte Carlo simulation is very versatile because it can be applied to virtually any probabilistic model. However, the validity of the results may sometimes be suspect, due to the following factors: The independent variables may not actually be independent; The number of iterations in the simulation may be insufficient to produce statistically valid results; or The probability distributions assumed for the independent variables are subjective and may be biased if they are provided by project proponents.

It is certainly possible to develop project-specific cost models, for example, by using causal parameters that are totally independent. However, many risk analyses are not based on project-specific models but simply adopt the standard engineering additive cost models, in which the total cost is the sum of work package costs. The simulations simply add up the uncertainties associated with work packages, but they may be inaccurate because these work packages are not necessarily independent.

It is computationally much easier to perform Monte Carlo simulation if the analyst avoids the need to consider interactions between variables by simply assuming that all variables are independent; however, an analysis without consideration of common mode failure can lead to an under- Page 36 Share Cite Suggested Citation: In project risk assessment, a common mode could be an event or environmental condition that would cause many cost variables to tend to increase or decrease simultaneously.

It is widely recognized that a single event can cause effects on a number of systems i. If the event occurs, the costs of these systems will all increase, whereas if it does not occur, they will remain within the budget.

Thus these affected costs are definitely not statistically independent. Collaboration between people who are very conversant with the specific risks of the project and those who are familiar with probabilistic methods is typically required to reduce bias and to produce realistic quantification of project risks. Project owners should ensure that the probabilistic inputs are as objective and unbiased as possible and that the reasons for choosing specific probability distributions are adequately documented.

As with any method, the use of stochastic simulation requires quality control.

## Looking for other ways to read this?

The project director is generally not a specialist in Monte Carlo simulation, and does not need to be, but should understand the advantages and limitations of this approach. This is particularly true now that Monte Carlo simulation is readily available through common spreadsheet software and so can be used by people with little knowledge of statistics. A project director should know enough to be able to critically evaluate the stochastic simulation results for plausibility and should not accept the results just because they come from a computer.

It is common for Monte Carlo simulations to use far fewer iterations than the minimum normally required to get statistically valid answers.

But simulations with insufficient iterations may underestimate the probability in the tails of the distributions, which is where the risks are. See, for example, Alder, Feldman, and Taggo, Therefore, a simulation with fewer random samples may indicate more or less risk than one with more iterations. There are mathematical formulas Breyfogle, that can be used to compute the minimum number of iterations for acceptable confidence limits on the means or the values in the tails of the distribution.

The use of Monte Carlo and other techniques for mathematically combining the risks of individual work packages into a single project risk number should not obscure the fact that the objective is to manage the risks.

Page 37 Share Cite Suggested Citation: