List of Abbreviations


Active Benefits Realisation


Australian Institute of Project Managers


Academy for Project Management


Australian Stock Exchange


Body of Knowledge


Balanced Scorecard


Cost Benefit Analysis


Corporate Governance


Capability Maturity Model


Committee of Sponsoring Organizations of the Treadway Commission


Corporate Performance Management


Discounted Cash Flow


Enterprise Risk Management


Functional Matrix Organisation


Human Resources Management


Internal Rate of Return


Information Systems Audit and Control Association


International Organization for Standardization


Information Technology


Information Technology Governance Institute


Key Process Area


Net Present Value


Organisation for Economic Co-operation and Development


Organisational Project Management Maturity Model


Portfolio, Programme and Project Management Maturity Model


Project-Based Organisation


Political/Legal, Environmental, Sodo-cultural and Technological analysis


Project Governance


Project Management Body of Knowledge


Project Management Institute


Project Management Maturity model


Project Management Office


Payback Period


Project Portfolio Management Office


Project Risk Governance


Projects IN Controlled Environments


Risk Breakdown Structure


Risk Management Capability Maturity Model


Return on Investment


Standard Operating Environment


Strengths, Weaknesses, Opportunities and Threats analysis


Work Breakdown Structure

About the Author

Dieter Fink is an Associate Professor in the School of Management at Edith Cowan University in Perth, Western Australia. He previously worked as a Systems Engineer for IBM and as Manager, Information Technology Consulting, for Arthur Young (now Ernst & Young) for whom he carried out a number of project management assignments. He teaches a Master's-level course in project risk management in his university. In 2011, the Australian Institute of Project Management provided him with research support to identify from its membership the key issues in project risk management for the next three to five years. Over the past 20 years he has authored a book on security management and published over 70 refereed research papers in a wide range of international journals and conference proceedings.


Our lives have become more complex as a multitude of situations demand our attention, virtually on a daily basis. We are confronted by numerous issues which are often complex and unrelated. Many choices present themselves but how we react must take into account the consequences of our actions. They have to be carefully evaluated in order to make decisions with our best interests in mind.

Risk plays a crucial role in our deliberations primarily because of the uncertainty of the outcomes of our actions. Most of us perceive the existence of risk as the precursor of negative outcomes, and therefore something to be avoided or at least mitigated as far as possible. Should the identified risk be considered too great, we are likely to act defensively, for example by rejecting a 'risky' proposition that has been put to us.

Yet without taking on risk we cannot prosper. Our way of life seeks to gain continuous improvement, and this is not possible without innovation and entrepreneurship. New developments, be they in technology, transportation, medicine or other endeavours, depend on our ability to 'risk' capital, time and effort in order to achieve a breakthrough. To avoid risk is to stifle our ability to realise the value of opportunities as they become apparent, despite the opportunity, at first glance, looking risky.

A shift in attitude is required to see both positive and negative outcomes in the presence of risk. While the latter has traditionally been the primary focus of risk management, the former is a strategy in which risk is perceived as a value-creating opportunity that can be exploited. In the past, the emphasis was on value-protecting through controlling the impact of negative risks, whereas now to take a risk is to gain advantage. Those organisations prepared to take on risks and applying sound risk management practices will prosper in an increasingly competitive environment.

Hanstad (2012) provided an excellent example of the subtleties in the choice facing the risk manager. He referred to the conundrum that confronted the Norwegian Winter Olympic team as it prepared for the 2010 Olympic Winter Games in Vancouver and evaluated the uncertainty of embarking on high-altitude training. On the one hand, there was the risk of illness when undertaking this type of training, due to exposure to a new environment. On the other hand, the team could potentially gain a competitive advantage over others by increasing the number of red blood cells, which are important in, for example, cross-country skiing. The response of minimising the risk of illness would mean that the team missed out on the opportunity to gain an advantage as a result of taking the risk.

Risk management as a concept has been around since the 1950s and was originally closely associated with the insurance industry. It subsequently expanded across a broad range of disciplines, including medicine, engineering and construction. When applied to projects, it systematically applies management policies, procedures and practices to identify, analyse, monitor and respond to project risk. The significance of project risk management increased as organisations began to manage their businesses in project mode. This is most evident in Project-Based Organisations (PBOs), where projects have become vectors of organisational strategy. It is only through effective management of a portfolio of projects and dose alignment of their objectives with business strategy that project risk can be harnessed to generate positive business outcomes.

With multiple projects operating across the organisation, PBOs developed new organisational structures, revised accountabilities and responsibilities, and improved management decision-making. The way in which project risk is perceived and managed at all levels of an organisation is critical for organisational success. This requires a Project Risk Governance approach to integrate corporate and project risk adivities.

While risk management is a well-developed discipline at the project level, the same cannot be said for the governance level. This book provides knowledge and guidance on managing project risk, both of a negative and positive nature, beyond the project level. The objective is to manage uncertainty through the implementation of value-protecting strategies, while taking advantage of opportunities through value-creating strategies, as a function of project risk governance.

Dieter Fink

< Prev   CONTENTS   Next >