Project Risk Management: Popular Fallacies and Overlooked Best Practices

Project Risk Management: Popular Fallacies and Overlooked Best Practices

Yuri Raydugin (Risk Services & Solutions Inc., Canada)
DOI: 10.4018/978-1-5225-1790-0.ch001
OnDemand PDF Download:
No Current Special Offers


Project risk management (PRM) is considered a relatively new project management knowledge area by many project practitioners that still possesses traits of an emergent discipline and a signature of immaturity. PRM borrows various methodologies from more mature disciplines to address its challenges. As a result, multiple versions and realizations of PRM have emerged. Quite a few national and international standards have been developed to guide and regulate PRM. At the same time PRM practitioners complain on lack of practical and efficient PRM methods and tools that are recognized and accepted by PRM community at large. Moreover, the practicality void opens a door to practitioner's prolific creativity and, unfortunately, to multiple PRM fallacies. Some of fallacies already reside in PRM standards. This chapter analyses most popular PRM fallacies and puts forward several proven PRM practices to handle and displace corresponding fallacies.
Chapter Preview


On the Origins of Fallacies

Project Risk Management (PRM) being a relatively new project discipline has been adopting various methodologies from other more mature areas. These have been both traditional parts of project management (engineering, estimating, scheduling, health & safety, quality management, etc.) and quite distant from it in most cases (mathematics, physics, military, security, intelligence, etc.). Inbreeding of the kind has been quite fruitful in many cases. At the same time, it has led to multiple versions and realizations of PRM accompanied by a number of fallacies (Raydugin, 2013).

As a result, there is no universal standard of PRM as well as of risk management at large for the time being. Instead, there are multiple competing national and international standards including:

  • ISO 31000 Standard (International Organization for Standardization, 2009),

  • A standard by Project Management Institute (PMI) (Project Management Institute, 2009),

  • A standard by Construction Industry Institute (CII) (Construction Industry Institute [CII], 2013),

  • A standard by Federation of European Risk Management Associations (FERMA) (Federation of European Risk Management Associations [FERMA], 2003), etc.

In case of some standards there seems to be a certain lack of consistency and internal logic in identification, assessment and addressing of risks. Several gaps including lack of practical and efficient PRM tools and methodologies could be pointed out.

Attempts are undertaken regularly to improve risk standards. New versions of standards have been issued every now and then. However, pretty much the same old mantras are repeated all over again. Situation is even more diversified at the working level as almost every PRM practitioner, not to mention a PRM consultant, has his or her own ‘original’ methodology:

  • Apparently a standard’s practicality void opens a door to practitioner’s prolific creativity and, unfortunately, to multiple PRM fallacies.

These fallacies, if embedded to PRM practices of particular projects, can be considered systematic errors in identification, assessment or addressing of risks which is rather consistent with a definition of psychological and organizational bias. At best some fallacies could be perceived as innocent PRM placebo effect phenomena or ‘risk management ritual dances’ (Raydugin, 2013). At worst, they may lead to project failures, i.e.

  • Severe overspending,

  • Delays,

  • Inefficiency,

  • Environmental contamination,

  • Reputational damage, etc., as well as

  • Loss of lives.

A situation like this is rather unthinkable in more mature and traditional disciplines. For instance, there are multiple advancements in mechanical or process engineering these days although there is no diversity in mechanical or process engineering basics. In other words, all these points above are symptoms of low maturity (Kwak & Ibbs, 2000) and, possibly, poor efficiency and credibility of PRM as a discipline. An example from biology may shed additional light on current stage of PRM development.

Biology in its early days was based on ‘external morphology’ approach that was concentrated on description of external appearances of species. Although when rich empirical material was collected and analysed ‘external morphology’ was replaced by ‘internal morphology’ through systematic introduction of classes of species (Darwin, 2015). However, it took some time to develop fully consistent classes of species.

Risk management at large and PRM in particular seem to be in a similar transition. And most of existing risk management standards supported by various interest groups of consultants and for-profit certification bodies should be treated accordingly, i.e. with a grain of salt. In other words, multiple competing standards should be eventually replaced by a single fully consistent and highly efficient PRM standard that will be recognized by PRM practitioners globally. This could be done only through systematic analysis and recognition of various PRM fallacies and introduction of few proven practices. Their selection should be a call for comprehensive adequacy and efficiency. Deeper understanding of uncertainties pertaining to projects (‘classes of uncertainty’) as well as their various realizations in project (‘risk objects’) is thought to be a solid foundation for risk fallacies’ and practices’ review.

At this point a reader of this chapter may begin suspecting the author in an ambitious intent to develop an ultimate PRM standard which is completely wrong: it is still slightly utopian and rather premature.

A way more modest and realistic goal is set instead:

  • To describe some most notorious fallacies pertaining to modern PRM and put forward several proven practices to displace those fallacies. Getting back to the biology analogy, this goal is still attached to empirical PRM. However, reaching this goal could contribute to development of the next more mature phase of PRM and, possibly, of risk management at large.

To sum up, the purpose of this chapter is to:

  • Introduce ‘classes of uncertainty’ pertaining to PRM.

  • Introduce all relevant ‘risk objects’ to be considered in PRM based on classes of uncertainty.

  • Point to popular PRM fallacies stemming from misunderstanding of PRM ‘uncertainty classes’ and ‘risk objects’.

  • Introduce best PRM practices to displace popular PRM fallacies.

By popular fallacies we understand not only fallacies that are consciously discussed or promoted based on somebody’s hidden agendas. Some PRM fallacies that are not even well understood being imbedded in and supported by existing risk standards de facto are also in focus of this chapter. (Usage of a language in two previous sentences that normally pertains to studies on psychological and organizational bias is not accidental. As will be discussed below, various PRM fallacies overviewed in this chapter could be treated as realizations of various types of psychological and organizational bias.)

Only fallacies and best practices related to risk identification, addressing and assessment are in focus of this chapter. There are several fallacies related to risk monitoring, responding and closing that were left out in this chapter.

Occasionally references to particular standards are done in the text. However more neutral references such as ‘some standards’ are used more often due to certain sensitivity of discussed topics. However, a knowledgeable PRM practitioner could easily recognize those.

Additional discussions related to best practices introduced in this chapter may be found in the other chapters of this book. They are devoted to various topics from probabilistic risk analysis and risk-based decision making, to complexity theory to psychological bias.

Complete Chapter List

Search this Book: