Tip of the Week #54                     Tip Index

Go to the Prior Tip The Ostrich Factor: Our Population Myopia
Go to the Next Tip Critical path concept is the key idea for a new drillship design
Return to MaxValue Home Page

Practical Risk Assessment for Project Management

by Stephen Grey, 1995, John Wiley & Sons Ltd., 140 pages, about US$60, hardbound, Wiley series in Software Engineering Practice. ISBN 0-471-93979-X.

This is a fine book about the reason-for, process and practice of project risk management. "If there was no risk in a project the need for project management would fade away" (ix).

Uncertainty in activity costs or completion times should be represented as continuous distributions, and Grey seems to like triangle distributions.  Risks are primarily discussed as discrete events.  For example, a rework activity may be necessary, and the likelihood of this is assigned a probability.

Risks are unwanted. Contingencies that have potentially positive outcomes are called "opportunities," instead. There seems to be growing acceptance of this taxonomy.  Interestingly, on a graph of cumulative profit:

With all the words in English, it seems incredible that there is no antonym for "risk." Project management seems to be settling on "opportunity."  This troubles me: Risk is the potential for something unwanted to happen to you.  Opportunity requires you to take some action to realize the potential benefit. Perhaps this taxonomy is the best we can do, yet I'm somehow not satisfied..

Practical Risk Assessment for Project Management provides a fine introduction to Monte Carlo simulation.  Gray recommends using the @RISK simulation tool from Palisade (http://www.palisade.com).   He uses Excel and @RISK examples throughout the book. @RISK for Microsoft Project was available at the time the book was written; Grey prefers not to use Project because of its modeling limitations (the conditional branching capability has since been added).

The mathematical concepts are reasonably well explained, and Gray provides lots of guidance about how to actually do project risk management in the real world. Examples are drawn from information technology projects, though translating to other industries is obvious. A reader who is not planning to use Excel for project risk model may find some of the detail boring. For persons interested in actually performing project risk evaluationactually building modelsand management, I heartily recommend this book.


—John Schuyler, May 1999

Copyright 1999 by John R. Schuyler. All rights reserved. Permission to copy with reproduction of this notice.