Project-to-Organization Matching: An Integrated Risk Assessment Approach

Project-to-Organization Matching: An Integrated Risk Assessment Approach

Fereshteh Mafakheri (University of Greenwich, UK), Michèle Breton (HEC Montreal, Canada) and Satyaveer Chauhan (Concordia University, Canada)
DOI: 10.4018/jitpm.2012070104


Recent studies show that the capacity of organizations to cope with risk is usually neglected in project risk analysis (see for instance Bannerman, 2008 in the context of software projects). Using single-dimension risk assessment approaches, vulnerability, or conversely competence of the organization, is not taken into account in the decision to or not to undertake a risky project. This paper proposes a two-dimensional multi criteria approach with the aim of providing a more complete risk assessment decision support to project managers, by jointly considering the degree of risk of projects along with the risk management capability of organizations.
Article Preview


In the Project Management body of knowledge, risk management is defined as “the systematic process of identifying, analyzing, and responding to project risks” (Project Management Institute, 2004). Many studies have shown that there is a direct relationship between risk management practices and success of a project (Elkington & Smallman, 2002; Raz et al., 2002; Hongxia & Baihua, 2010). Failure to identify risk events and develop an appropriate risk response/management plan may result in failure to meet time, budget and quality goals of project.

A project risk analysis/evaluation process aims at assessing the impact of identified risk events on given projects. Traditionally, several rules of thumb, derived from experience and intuition, have been used to do so. Such approaches rarely deal with uncertainty, do not systematically address risks, and are useful only in specific contexts and cases. As complexity and uncertainty in projects increase, using rules of thumb and intuition is no longer helpful, and is sometimes misleading. In this sense, the development of systematic project risk evaluation processes has received a growing attention (Mustafa & Al Bahar, 1991; Barki et al., 1993; Miller & Lessard, 2001; Bodea & Dascalu, 2010; Locatelli & Mancini, 2010).

Current evaluation techniques can be classified into two groups: qualitative or quantitative. Some of the most commonly used qualitative methods are probability impact risk rating matrices, and risk breakdown structure. Quantitative methods include simulation, decision trees, and sensitivity analysis (Kerzner, 2001). Both groups of methods are associated with some limitations. In probabilistic models, for instance, detailed quantitative information is usually required, which is not often available in real-world projects; moreover, since in many cases decision making may heavily rely on experts’ judgments, the models should be capable of dealing with subjectivities, in addition to quantitative aspects.

To deal with the multidimensionality of project risk analysis, multi-criteria decision models have been proposed for project risk evaluation (Dey, 2002; Millet & Wedley, 2002; Tüysüz & Kahraman, 2006). The Analytic Hierarchy Process (AHP) is the most cited multiple criteria decision making approach (Wallenius et al., 2008); this method allows considering both subjective and objective factors in an evaluation process. The literature reports many instances where AHP has been applied in evaluating project risk. In Mustafa and Al Bahar (1991), Dey (2002), Dey and Ogunlana (2002), and Zayed et al. (2008) AHP is used to estimate the likelihood of various risk events. Millet and Wedley (2002) applied AHP in risk modeling through several case studies. Tüysüz and Kahraman (2006) proposed the use of fuzzy AHP to evaluate project risks on the basis of heuristic knowledge of project managers. The main criticism of AHP is the fact that it can give rise to “rank reversal,” that is, it may happen that when additional alternatives are added to the decision problem, the ranking of the previously considered alternatives may change. Although this is a controversial issue and there are two schools of thoughts about it, it is worthwhile mentioning that there exists a version of AHP (the “ideal synthesis”) that prevents rank reversal (Forman & Gass, 2001; Saaty, 2001).

The general outline for using AHP in project risk assessment consists in defining risk levels (e.g., high, moderate and low) at the bottom of the hierarchy, risk factors (events) and their sub risk factors as the second and third layers, and the collective project risk evaluation as the top overall goal layer. Note that in such applications, there are some differences with the classical AHP approach, as the impact of a risk event is the confluence of the event’s likelihood and magnitude.

Complete Article List

Search this Journal:
Open Access Articles
Volume 11: 4 Issues (2020): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2019): 2 Released, 2 Forthcoming
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing