© The College of Estate Management 2002

Paper 0358V1-0

Risk management in construction

Contents

Aims

Learning outcomes

1. Risk management regime

2. Analysing risks in construction projects

3. SERC recommendations
3.1 Contract strategy
3.2 Risk assessment
3.3 Risk allowance
3.4 Risk management

4. The PRAM process

5. Using risk management techniques

5.1 Choice of techniques

6. Risk identification
6.1 Assumption analysis
6.2 Lists
6.3 Brainstorming
6.4 Delphi technique

7. Risk allocation

8. Bearing the risk

9. Methods of dealing with risk

9.1 Qualitative risk analysis stage
9.2 Quantitative risk analysis stage
9.3 Sensitivity and probability analyses
9.4 Decision trees

(Continued)
 Risk management in construction Paper 0358 Page 2

10. Simulation
10.1 Monte Carlo Simulation
10.2 Probability Density Distribution (PDD)

11. Reporting

Aims
z To investigate the risk analysis process, together with the methods of dealing
with risk.

z To explore both qualitative and quantitative stages, including sensitivity and

probability analyses.

Learning outcomes
After studying this paper you should be able to:

z Analyse, appraise and debate the scientific management aspects of decision

making in risk analysis and risk management, as applied to the overall
construction development process.
 Risk management in construction Paper 0358 Page 3

1 Risk management regime

Effective risk management relies on the establishment and implementation of a risk
management strategy.

The responsibility for the overall management of risk lies firmly with the risk
manager or project manager, who should ensure that the individual risks are managed
by the most appropriate party. Procedures should be in place to ensure that
information or reports flow across and between project participants, to enable them to
manage those risks they are responsible for.

FIGURE 1 Risk management regime

Source: Guide to Risk Analysis and Management, by Laxton’s

2 Analysing risks in construction projects

Elements of risk and uncertainty are present throughout all stages of a construction
development.

z At the inception stage the client has to carefully consider the following
questions:

{ Is a new building really necessary, or will expansion or refurbishment

of the present premises suffice?
{ What are the drawbacks of moving to a new location?
{ How much should be invested and how long will it take to reap the
benefits?
 Risk management in construction Paper 0358 Page 4

The risk elements associated with each of these questions must be analysed.
Special attention must be given to the probability of each risk event and their
potential consequences.

z Subsequent stages of the project – feasibility, strategy, pre-construction,

construction and commissioning – will each bring with it a variety of risks and
uncertainties. It is the risk manager or project manager’s job to evaluate and
manage these risks.

z Each ‘what if …?’ scenario will need analysing. The risks must be identified
and recorded, the variables calculated as far as possible, and the potential
consequences of the event assessed. A single risk may have only minor
consequences, but a combination of seemingly ‘minor’ risks could have
serious consequences for the project. Hence the importance of a
comprehensive analysis.

In this way the unpleasant surprises that accompany all construction projects should
be kept to a minimum.

Risk management involves not only identifying the risk events, but also considers
how to prevent, avoid, contain or transfer them (see Figure 2). Events with the highest
element of risk or uncertainty will probably require the closest scrutiny, but this will
depend very much on how critical the event itself is.

It is important to distinguish the sources of risk from their effects. However,

irrespective of their sources, all risks may affect the project objectives and the key
elements of time, cost, and quality.

Risks may be characterised by the following factors:

z Risk event: what may happen to the detriment of the project.

z Risk probability: how likely it is that the event will occur.
z Amount at stake: how much is the possible loss.

Some argue that there is a difference between risk and uncertainty (though others
maintain that the difference is unimportant). They believe that:

z Risk involves an assessment based upon historical data or experience, and

making a decision according to the probability of a particular event occurring.
In other words, a forecast is made on the basis of past data and therefore within
some degree of certainty.
z Uncertainty, on the other hand, arises when no historical data or experience
exists.
 Risk management in construction Paper 0358 Page 5

FIGURE 2 The risk management process

3 SERC recommendations
According to a SERC report, ‘Risk Management in Engineering
Construction’ (1986), some of the main recommendations for dealing with risks are
as follows.

3.1 Contract strategy

z Significant cost savings can be achieved by paying attention to contract

strategy based on systematic consideration of risk. The proposals for funding a
project should therefore include recommendations on contract strategy.
z All too often risk is either ignored or dealt with in an arbitrary way. Simply
adding a 5 percent ‘contingency’ on to the estimated cost of a project is
typical.
 Risk management in construction Paper 0358 Page 6

3.2 Risk assessment

z The greatest uncertainty is during the early stages of a project, which is also
when decisions of greatest impact are made. Risk must be assessed and
allowed for at this stage.
z The client’s departments and advisers should operate as a single team to avoid
the institutional risk of incomplete commitment and inconsistent decisions.
z Flexibility in project design and the risk of later changes should be considered
in detail before completing proposals for sanctioning.
z Quantitative techniques can be used to analyse probabilities and calculate the
sensitivity of predictions to uncertainties in estimates, in order to give a much
more accurate assessment of risks.

3.3 Risk allowance

z Risk techniques are widely used in other industries. These techniques are now
well within the reach of small companies, requiring only a microcomputer to
be put into action.
z The analysis should be carried out by those trained to do so, jointly with
project planners and cost estimators.
z On many construction projects, the client would be deceiving himself if he
used just one single figure estimate of cost and time for appraisal and funding
decisions. Ranges of estimates should be used, including specific
contingencies and tolerances for uncertainty.
z Delay in completion can be the greatest cause of extra cost, inconvenience and
loss of financial return. The first estimate of cost benefits should be based on a
realistic programme for a project, so that the potential effects of delays can be
reasonably predicted.

3.4 Risk management

z For high-risk contracts, project sponsors should specify the allocation of risk
when inviting bids, and require tenderers to state their provision for risk (by
way of available resources) in their bids. Project sponsors should also consider
selecting the contractor on the basis of ‘minimum acceptable risk’ rather than
lowest price. Risk analysis allows such a criterion to be used.
z Clients and all parties involved in construction projects and contracts benefit
greatly from reduction in uncertainty prior to their financial commitment.
Money spent early buys more than money spent late. Willingness to invest in
anticipating risk is a test of a client’s wish for a successful project.
z Risks change during most projects. Risk management should therefore be a
continuing activity throughout the life of a project.
z Much can be learned about the implications and management of project risk
without extensive numerical analysis. Risk analysis is essentially a
brainstorming process of compiling realistic forecasts and answers to ‘what
happens if …?’ questions.
 Risk management in construction Paper 0358 Page 7

z Competitive tendering coupled with traditional contractual arrangements limits

the realistic management of risk. The pressure is always on those bidding for
contracts to keep their tender prices as low as possible, which can put both
them and their clients at great financial risk if things go wrong. Where
provision has been made for eventualities, it is often buried in the total bid.
This hinders the effective management of risk and militates against a
systematic and equitable basis of payments.

In conclusion, risk identification involves indicating all potential risks the project
might face and assessing their impact and probability of occurrence to decide which
risks need to be managed.
 Risk management in construction Paper 0358 Page 8

4 The PRAM process

The Project Risk Analysis and Management Guide was published by the Association
of Project Managers in 1997 to formalise many of the ‘common sense’ approaches to
managing risk that were previously being applied to projects.

The flow chart in Figure 3 shows the processes covered by the PRAM phases. Table 1
explains the steps and documentation required at each phase. Both are taken from this
Guide.

FIGURE 3 The PRAM phases

Í
Define Project
Í

Focus PRAM

Identification

Assessment
– Structure

– Ownership

– Estimate

– Evaluate

Planning

Management
 Risk management in construction
TABLE 1 PRAM structure (Client Perspective/Sanction Stage Initiation)
Phase Purposes
Define Project Consolidate relevant existing
information about the project.
Fill in any gaps uncovered in
the consolidation process.
Focus PRAM Scope and provide a strategic
plan for the PRAM. Plan the
PRAM at an operational level.
Identification Identify where risks might arise.
Identify what might be done
about these risks, in proactive
and reactive terms. Identify
what might go wrong with the
responses.
Assessment Test simplifying assumptions.
– Structure Provide more complex structure
when appropriate.
– Ownership Client/contractor allocation of
ownership and management of
risks and responses. Allocations
of client risks to named
individuals. Approval of
contractor allocations.
– Estimate Identify areas of clear significant
uncertainty. Identify areas of
possible significant uncertainty.
– Evaluate Synthesis and evaluation of
the results of the Estimate phase.
Paper 0358 Page 9
Deliverables (may be
targets not achieved
initially)
A clear, unambiguous,
shared understanding of all
relevant key aspects of the
project and the associated
PRAM process, documented,
verified and reported.
A clear, unambiguous,
shared understanding of all
relevant key aspects of the
PRAM process, documented,
verified and reported.
All key risks and
responses identifled, both
threats and opportunities,
classified, characterised,
documented, verified and
reported.
A clear understanding of
the implications of any
important simplifying
assumptions about risks,
relationships between
responses and base plan
activities.
Clear ownership and
management allocations,
effectively and efficiently
defined, legally
enforceable in practice
where appropriate.
A basis for understanding
which risks and responses
are important. Estimates
of likelihood and impact
in numeric or label (H/M/L)
terms, the latter including
identification of assumptions
or conditions, sometimes
with a focus on ‘show-
stoppers’.
Diagnosis of all important
difficulties and comparative
analysis of the implications of
responses to these difficulties,
with specific deliverables such
as a prioritised list of risks, or
a comparison of base plan and
contingency plans with
possible difficulties and
revised plans.
(Continued)
 Risk management in construction Paper 0358 Page 10

Phase Purposes Deliverables (may be

targets not achieved
initially)
Planning Project plan ready for Base plans in activity terms at
implementation and associated the detailed level required for
Risk Management Plan. implementation, with timing,
precedence, ownership and
associated resource usage/
contractual terms where
appropriate dearly specified,
including milestones initiating
payments, other events or
processes defining
expenditure, and an associated
base plan expenditure profile.
Risk assessment in terms of
threats and opportunities,
pnioritised, assessed in terms
of impact given that no
response is feasible and
potentially desirable, along
with assessment of alternative
potential reactive and
proactive responses.
Recommended proactive and
reactive contingency plans in
activity terms, with timing,
precedence, ownership and
associated resource usage/
contractual terms where
appropriate dearly specified,
including trigger points
initiating reactive contingency
responses and impact
assessment.
Management Monitor. Diagnosis of a need to revisit
Control. earlier plans, and initiation of
Develop plans for immediate replanning as appropriate,
implementation. induding on a regular basis
specific deliverables such as
the monitoring of achieved
performance In reiation to
planned progress, and
prioritised lists of risk/
response issues. Exception
(change) reporting after
significant events, and
associated re-planning.
 Risk management in construction Paper 0358 Page 11

5 Using risk management techniques

5.1 Choice of techniques
Tables 2 and 3 are a good guide as to when to use which technique. However, the
techniques should be tailored to the needs of individual projects. and selected
according to project phase, size and complexity, and resources available.

Not all the techniques are covered in this paper in depth.

TABLE 2 Applicability of risk techniques to project phases

PROJECT PHASE
Technique Feasibility Definition Development/ Production/ Disposal
Implementation Operation
Brainstorming G G F P F
Checklists P G G G G
Prompt lists G F N N G
Assumptions
analysis G G F N G
Delphi technique G P N N G
Interviews P G G P G
Risk register P F G P G
Probability impact
tables G G G P F
Decision trees G F P N F
Influence diagrams G F F N F
Monte Carlo
simulation N G G N G
Sensitivity analysis F G P N P

KEY: G = Good Relatively strong application

F = Fair Average application
P = Poor Relatively weak application
N = None Not applicable
 Risk management in construction Paper 0358 Page 12

TABLE 3 Resource requirements for risk techniques

RESOURCE REQUIREMENTS
Technique Cost of Availability of Time Ease of use
implementing computer tools commitments
1 2 3 4
Brainstorming L N L E
Checklists L N L E
Prompt lists L N L E
Assumptions analysis L N L E
Delphi technique L N M M
Interviews M N H M
Risk register L Y H E
Probability impact tables L N L E
Decision trees M Y M M
Influence diagrams M Y H D
Monte Carlo simulation H Y H D
Sensitivity analysis M Y M M

KEY:1,3 H = High 2 Y = Tools available 4 E = Easy

M = Medium N = No tools available M = Moderate
L = Low D = Difficult
 Risk management in construction Paper 0358 Page 13

6 Risk identification
Once the project and its objectives have been well defined, the process of risk
identification can take place.

There are a number of approaches that can be used. Some or all of the following may
be employed:

z Assumption analysis
z Lists
z Brainstorming
z Delphi technique.

6.1 Assumption analysis

As its name suggests, this is where a risk is assumed based on previous experience
and knowledge. The identified risks are assessed using a description, so that those
with a high probability of occurring and a high impact on the project are considered
for risk management.

6.2 Lists
Checklists permit rapid risk identification and avoid problems being overlooked.
Prompt lists act in a similar way. The typical checklist shown in Figure 4 has been
taken from the PRAM guide.
 Risk management in construction Paper 0358 Page 14

FIGURE 4 Risk identification checklist

1 The following check list gives both generic and specific risk issues likely to be
encountered by most types of project. It is based on a number of more specific check
lists from a variety of sources, and includes lessons learned from particular projects.
2 Each question should be considered in turn by the project team and/or Risk
Consultant, and should be answered by one of NOT APPLICABLE, YES, NO or
UNKNOWN. Every question where the answer is NO or UNKNOWN requires a
risk issue to be raised and risk mitigation or contingency actions to be identified.
3 Respondents should consider both those aspects of the project for which they are
responsible, and the complete project in the broader sense.

RISK
PROJECT: RESPONDENT: DATE:
CONSULTANT:
NA/YES/NO/
RISK TYPE RISK AREA UNCERTAINTY ACTION
UNKNOWN
Is the requirement well
1 Requirement 1.1 Clarity
understood?
Is the requirement
1.2 Volatility
stable?
1.3 Specification Are all required
specifications
available and
adequate?
Are all interfaces well
1.4 Interfaces defined and acceptable
to us?
Is the required user
1.5 User interface clearly
defined?
2 COMPLEXITY 2.1 Project Is the complexity of
the project acceptable,
ie not expected to
cause problem?
2.2 Size Is the size of the
project manageable, ie
not expected to cause
problems?
2.3 Integration Has sufficient
time/effort been
allocated to system
integration?
2.4 Subsystems Are all subsystem
interactions defined
and acceptable?
2.5 CM Is Configuration
Management
adequately controlled?
… etc.
 Risk management in construction Paper 0358 Page 15

6.3 Brainstorming
There are four rules that generally apply to classic brainstorming:

z No criticism is allowed.
z Participants are encouraged to suggest any idea.
z Quantity is required (the more ideas the better).
z Combination and improvement are sought (encourages the generation of better
ideas by building on others).

Normally brainstorming is used as a problem-solving technique, but it works equally

well for risk identification. To ensure that the best outcome is achieved, a facilitator
should set the ground rules and explain the procedures for all members of the team.
The proceedings start with a framework for the session, taken from prompt lists and
checklists, looking first at whole project issues and then focusing on specific phases.

6.4 Delphi technique

The Delphi technique is a structured way of obtaining a group consensus on the risks
and their impact. It is better suited to assessing risks, but can still be effective for risk
identification.

FIGURE 5 Risk identification – cause and effect

 Risk management in construction Paper 0358 Page 16

The technique requires a chairman or co-ordinator to act as the central hub. The
chairman distributes questionnaires or asks for lists of potential risks. These are then
distributed to all members, who consider the probability of the risks occurring. These
independent opinions are collated and redistributed to gain consensus. Once the
process has gone through sufficient iterations and the chairman feels that no further
benefit will be gained from continuing, the results are reported.

No expert should discuss his opinions with any other – a totally different approach
from brainstorming.

7 Risk allocation
It is clear, therefore, that risks and their effects should be considered throughout the
project by all the parties involved in the project.

In general, risk should be allocated on a solid basis of responsibility and control,

and in a manner likely to optimise project performance. The responsibility for
allocating risks should rest with the risk manager or project manager as the client’s
representative – although this will depend to a certain extent upon his delegated
authority.

Sources of risk may be classified under the following headings:

z design
z construction
z environmental
z financial
z legal
z operational
z political
z physical.

Ideally, the allocation of risk should be done by the client through the contract
documents. However, this does mean that a full analysis of all identifiable risks must
be executed at the very start of a contract, and some might argue that this is not
altogether feasible with modern fast-track projects. Nevertheless, the principle
remains true that as much of the analysis as possible should be carried out as early as
possible.

Allocation of risk will depend on the type and conditions of contract. Traditionally
the largest part of the risk is allocated to the main contractor. However, perhaps a
greater concern is whether the client and/or consultants have ascribed responsibilities
to the contractor which are not properly within his scope or control. If so, this
invariably results in tension between the parties.

During this stage all risk is assessed in terms of its probability and size. In
construction projects there are not often many risks that have a high probability of
occurrence and a high impact. However, sometimes there is a long list of such risks to
be considered, and this can make the risk analysis difficult. On the other hand,
sometimes a small number of such risks make up the majority of the total risk. For
example, consideration of seven large risks might cover as much as 85 percent of the
total. This makes the risk analysis easier and enables the contractor or analyst to
concentrate his attention on these relatively few critical sources of risk.
 Risk management in construction Paper 0358 Page 17

Allocation of risks should be based on a thorough appraisal of the relationship

between the party and the risk. Incentives and risk go together. A party that carries
a risk has the incentive to minimise its impact.

The basis for allocation of risks should be:

z control of the risks or their effects by the parties concerned;

z ability to perform a task related to the project; or
z inability of all parties except the client to accept a certain risk.

Whatever principle governs the allocation of risks between contractual parties, there
is always a danger that the allocation has not been done properly, and that a risk
whose allocation is not clear can occur and cause disputes. The fewer the risks that
are unallocated, the smaller the probability of dispute between the parties.

The traditional method for allocating risks in the construction and real estate
industry is as follows:

z From client to designer and contractor(s).

z From either client, designer or contractor (main or sub) to insurer.
z From client, funder, developer, purchaser or tenant to professionals (architect,
engineer) or contractor by collateral warranty.
z From main contractor to subcontractor (domestic and nominated).
z From contractor (main or sub) to guarantors or sureties.

Note that historically this process has been driven from the top downwards. That is,
clients unilaterally assign their risks to designer and contractor regardless of who is
best able to control them. This process, commonly known as ‘risk dumping’, is now
widely considered to be counter-productive and a more collaborative method of risk
allocation by mutual consent is recommended.

It is often possible to reduce risks, and this should be attempted before the allocation
is made. On most projects, certain risks can be reduced at relatively little cost. The
right time to consider the possibility of risk avoidance or reduction is the early stages
of a project. For example, the risk associated with uncertain ground conditions is
always high. It can be reduced by drilling a large number of exploratory boreholes.

It is also possible to transfer the risk by contracting to another party, whether by

insurance or by its inclusion within the implementation contract (see Figure 6).
 Risk management in construction Paper 0358 Page 18

FIGURE 6 Risk categories

RISKS
INVESTMENT DEVELOPMENT POLITICAL DISASTER
Financial Funding National & EU
Funding collapse Taxation Explosion
Project see INVESTMENT Legislation Earthquake
abandonment Environmental Flood
Delay to project Grants Rain
Cost increase Design Planning Lightning
Interest rate changes Governmental Snow/ice
Buildability stability Subsidence
Commercial Errors Fire
Changes Hurricane
Viability of Design choice
International
development Stability
Market changes
National economy Joint ventures
Construction Governmental
Consortium
Programme Foreign aid
Planning Labour movement
Design changes Controls
Site investigation Governmental
Material shortages stability
Safety
Cost increase
Plant breakdown
New techniques
Resource shortages
Stat. authorities
Penalties
Town planning
Weather

Operational

Maintenance
Environmental
Safety
Energy
location

8 Bearing the risk

Risk should be equated to the expertise, role and reward of the party to whom it is
ascribed. A developer who bears the risk of success or failure of a project has the
prospect of substantial profit or loss. The consultant whom the developer employs
will receive a prescribed fee – no more, no less – for providing specialist advice and
services. The responsibilities he undertakes should be appropriate to that role;
similarly for the contractor and all others in a project team.

When ascribing risk, therefore, it is reasonable for a contracting party to bear risk in
any of the following cases:

z If the party can cover a risk by insurance, and it is reasonable for the risk to be
dealt with in this way.
 Risk management in construction Paper 0358 Page 19

z If the risk is of loss due to the party’s own misconduct or lack of reasonable
care.
z If it is in the interests of efficiency to place the risk on the party.
z If the economic benefit of running the risk accrues to the party.

An important consideration when allocating project risks is the willingness of the

respective parties to take on the risks. The allocation of the project risks,
contractually, has historically been in the hands of the client, but modern strategic
procurement techniques now hold that the most cost-effective allocation of risk is
derived from consensus, not decree.

If the client is unwilling to bear a particular source of risk, he can pass it on to one or
more of the other parties involved in the project, including the management
contractor in a management contract if he so wishes. Naturally, the client will pay a
price for passing on this risk, although he does not always fully appreciate the
premium he has to pay for it.

The client may also incur an additional cost, in the impact on the project objectives
that the professionals’ and contractors’ behaviour has over the life of the project. For
example, quality may suffer, delays occur, or claims may arise that increase problems
and potentially add to the project’s cost.

Consultants or contractors who are obliged to bear the project risks have the
following options:

z to continue to bear the risk and manage it for profit, but accept liabilities;
z to pass the risk on to a third party;
z if vulnerable, to try to recover costs from other parties, including the client;
z if vulnerable, to meet liabilities reluctantly, leave the contract or declare
bankruptcy.

FIGURE 7 Classification of risk events

 Risk management in construction Paper 0358 Page 20

9 Methods for dealing with risk

There are several ways of analysing and dealing with risk. Some of these are
demonstrated diagrammatically in Figures 5, 6, 7 and 8.

The degree of risk may also be affected by the type and form of contract. For
example, the Institution of Civil Engineers’ New Engineering Contract
(recommended in the Latham Report to be re-named New Construction Contract)
attempts to advance earlier models in relation to the analysis and allocation of risk.
One of its aims is to reduce the extent of disputes by all interested parties. Such
disputes often arise from unclear procedures in the written contract.

This new form of contract aims to identify the risks more clearly, and the
responsibilities for managing them. The intention is to place the overall management
of risk much more squarely on the shoulders of the project manager (and engineers)
and to reduce significantly the role of the lawyers and insurers on construction
projects. It deals with risk in the following manner:

z By using language which is simpler and more understandable than alternative

forms of contract.
z By outlining a single procedure for compensating the contractor when a risk
occurs.
z By identifying, in one list, a standard risk allocation between client and
contractor as well as allowing a tailored allocation of special risks.
z By directing the user to select his preferred contract strategy, which has the
effect of drawing attention to the differences in the allocation of risk between
the respective strategies.

Whichever contract is selected, a procedure will need to be adopted for dealing with
the particular risks in question. Risk analysis requires a systematic approach which is
designed to suit the model and circumstances in which they are used. The following
method is a fairly general one and consists of two distinct risk analysis stages:

z Qualitative risk analysis

z Quantitative risk analysis.

9.1 Qualitative risk analysis stage

The two aims associated with this process are:

z to identify the risk;

z to make an initial risk assessment.

The process involves compiling a list of the main risk sources with a description of
their likely consequences:

z Examine list of risks compiled from previous projects.

z Investigate potential risks with key project participants.
z Determine possible solutions via brainstorming sessions with the project team.
 Risk management in construction Paper 0358 Page 21

This process not only helps to examine the potential problem areas with a project, but
also brings considerable benefits in terms of understanding the project. It helps to
focus the minds of the project team members by provoking thought about
management response to the risks. A good understanding between the team members
is also a useful side effect.

Assessment of cost and time improves as the project proceeds – but always remember
that the most significant decisions are made during the early stages of a project. So a
realistic estimate of final cost and project duration is required as soon as possible. It is
at this stage that all the potential uncertainties and risks likely to affect the project
should be identified and, hopefully, fully assessed.

This will also encourage the project manager and his project team to concentrate on
strategies for controlling the risks as well as determining the allocation of risk to the
respective parties. It will also help identify what additional design and resources are
most likely needed.

9.2 Quantitative risk analysis stage

Quantitative analysis often involves more sophisticated analysis techniques which
usually require computer application. These are less subjective, although in many
cases the raw data has had considerable subjective input. This method of analysis
requires:

z probabilistic combination of individual uncertainties;

z estimates of uncertainty in predicting the cost and duration of activities.

Computer-generated models and analytical techniques can be useful indicators of

trends and problems for attention, but they should not be relied on as the sole guide to
decisions. Their accuracy depends on the realism of assumptions made, the skill of
the model builder and the accuracy of the data used.

One method for considering project risks is to analyse any risk independently of
others, with no attempt to estimate the probability of occurrence of that risk. The
estimated effects of each risk can then be accumulated to provide maximum and
minimum project outcome values. In other words, neither a subjective nor an
analytical value is given for the probability of occurrence of the risk event. Instead,
each risk event is compounded to determine the possible effect upon the project, and
then, by applying a range of maximum (critical) to minimum (minor – see Figure 7)
project consequences, the full extent of the particular risk can be seen.
 Risk management in construction Paper 0358 Page 22

FIGURE 8 The risk analysis process

9.3 Sensitivity and probability analyses

The next stage, which is more complex, is to apply probabilities to the risks and
consider the interdependencies between the risks. Two useful techniques for doing so
are sensitivity analysis and probability analysis.
 Risk management in construction Paper 0358 Page 23

When undertaking either of these, consider the following:

z type and size of project;

z information available;
z cost of the analysis and the time available;
z expertise of the analysts.

Sensitivity analysis
This technique is used to consider the effect of changes to those events that are
deemed to be a potential risk to the project. It calculates the effects on the project for
a range of values of the event changes. The effect on the project (project outcome) is
usually expressed in terms of NPV, IRR, time or final cost.

For example, there may be a risk that the cost of steel will increase by 2.5, 5, 10 or 15
percent. The project outcome is evaluated for each of these potential cost changes and
the result can be plotted on a graph to show the percentage variation (risk v cost
change).

The results of a sensitivity analysis can be shown graphically on a ‘spider

diagram’ (see Figure 9, based on analysing the possible costs to the contractor of a
contract to construct a motorway). The diagram shows the results of calculating the
sensitivity of the cost to changes in each risk that could affect productivity on site.
For instance, it indicates the effect on the overall project cost of a decrease in drain-
laying output (increase in the duration variable raises costs).

A sensitivity analysis is very useful, because often the effect of a small change in one
variable (eg cost or duration) produces a marked difference in the project outcome.
When several risks are being assessed in this way, a ‘spider diagram’ provides an
effective way of demonstrating risks which are most critical and sensitive. These are
the ones the project manager must act upon.

A sensitivity analysis can be performed for all the risks and uncertainties that may
affect a project, in order to identify those that have a large impact on the cost, time or
other objectives. It may also be used to identify the variables to be considered for
carrying out a probability analysis – see below.

One problem with sensitivity analysis, however, is that each risk is considered
independently, with no attempt made to quantify their probabilities of occurrence.
Another limitation is that in reality a variable would not change without other project
factors changing, and this is not shown in the sensitivity analysis. Eventually,
however, when the user has gained sufficient practice, he can more easily identify
those risks that have a large impact on the project, and so the number of risks in need
of consideration can be reduced.

Probability analysis
This technique can extend beyond the limitations of a sensitivity analysis by
specifying a probability distribution for each risk and then assessing the effects on the
risk events in total. However, careful interpretation of the results is essential.

One important stage in this type of risk analysis is assessing the range of probabilities
that could result. The use of ‘Monte Carlo’ simulation (random sampling) can be
made where calculation of data inserted into an equation would be difficult or
impossible. This procedure may be used in a probability analysis as follows:
 Risk management in construction Paper 0358 Page 24

FIGURE 9 Risk v cost change

1. The variations to the risks being considered are assessed and a suitable
probability distribution of each risk is selected.
2. For each risk a value within its specified range is selected. The value should be
randomly chosen and within the estimated probability distribution.
3. To establish the outcome for the project, a calculation is made based on the
combined values for each risk.
4. The process in (3) is repeated several times in order to produce the probability
distribution of the project outcome.

Simulation is described further in section 10 below.

9.4 Decision trees

For all major projects, the objectives may be achieved by several available routes.
The client or project manager is therefore faced with a variety of alternatives.
 Risk management in construction Paper 0358 Page 25

Decision trees are a useful way of assessing the likely impact of uncertainty on
managerial decision making. They provide a graphic display of the range of possible
outcomes and can be used to help make a particular choice of action(s), or provide
justification for it.

EXAMPLE 1
Management of a manufacturing industry needs to decide whether to build a larger or a
smaller warehouse. Best available estimates suggest that the larger one would cost
approximately £7m, and the smaller one £5m. Profitability over the first five years
depends on demand – which, although unknown, has been forecast to either increase from
current levels or remain about the same. An option that is being seriously considered is to
construct the smaller warehouse first and then expand to the capacity of the larger one (at
an additional cost of £4m) if the market has shown signs of increasing after two years.
Further objective market research has revealed that the probability of experiencing
increasing demand within the first two years is around 0.25, and the conditional
probability of continued rising demand beyond this is 0.5. These probabilities and
associated expected profits, ignoring building costs, after five years of operation are
shown in Figure 10.

Is the two-stage development strategy a sensible one? Or will it be more profitable to

build the larger warehouse immediately, given the likely outcomes after five years?

One method is to evaluate directly the expected value of the profit involved at each
node. This criterion says that the expected value, or worth, of a profit of £x that
materialises with probability p is £(px). Thus the expected value at each circular node
is the sum of all the £(px) quantities. Note that summing just the probabilities p
together out of any one chance node has to equal 1, since precisely one branch must
occur. (Remember that the probability of a certain event is, by definition, 1.)

FIGURE 10 Decision tree: 5-year profits, building costs and probabilities

Note that, by convention, a square node depicts a choice to be made, while circular nodes
correspond to chance events.

To find expected values at each square node, it is necessary to subtract the costs
associated with the particular branch. By working backwards exhaustively through
the entire decision tree, the most appropriate decision at each node can be found
simply by choosing the branch that maximises expected profit at every step. This
enables the best overall strategy to be implemented – or at least gives a more solid
basis on which to make decisions than purely by intuition alone!
 Risk management in construction Paper 0358 Page 26

Figure 11 shows the expected values inserted into the decision tree. The uppermost
circular node has expected value £8,250k, derived from £12m*0.25 + £7m*0.75. The
second chronological decision node (should warehouse be expanded later or not?) has
expected value of £8,000k, being the larger of £8m*0.5 + £6m*0.5 = £7m (if not
expanding), and £14m*0.5 + £10m*0.5 + (–£4m) = £8m (if choosing to expand).

Continuing, the first chronological decision can be seen to be between expected

profits of £1,250k for building the large warehouse immediately, against £2,250k for
the more cautious ‘wait and see’ option.

In this example, therefore, application of the decision tree method strongly supports
building the smaller warehouse for now.

There are some obvious limitations to this technique. Used naively, the user puts faith
in the accuracy of all the probability figures and cost estimates. If any of these happen
to be seriously wrong, so too might be the recommended decision. So how is this
surmounted in practice?

The answer is to conduct a sensitivity analysis, similar to that described above,

especially if there are grounds for reasonable uncertainty of the figures given in the
decision tree – perhaps because not all values are based on well-researched, historic
data. Clearly, if costs and probabilities are no more than wild guesses, the method,
used simplistically, has little more to offer than blind intuition. However, it comes
into its own when large and complex decisions are broken into a series of smaller
ones, any of which can be subjected to minor changes in associated numeric values to
assess its overall impact.

FIGURE 11 Example with expected values (in £m) inserted at nodes

For instance, in the above example one could consider best and worst case scenarios
and see what difference may be made to the initial decision about size of warehouse.
It may turn out that the identical initial decision is recommended regardless of quite
major changes to probabilities and/or expected profits further down the tree. Even if
not, one can ask questions such as: ‘If all but the £14m figure were unchanged from
Figure 10, how large or small would that figure need to be in order to maintain the
overall best choice of building a smaller warehouse to begin with?’ Or: ‘How likely is
it that, instead of the presumed 0.25 probability, demand will increase sufficiently to
justify building the larger warehouse initially?’ (again, all other things, besides the
0.75 complementary probability, being kept equal).
 Risk management in construction Paper 0358 Page 27

Another important consideration in the use of this technique is the appropriateness or

otherwise of the expected value criterion. As a rule of thumb, the more complex the
tree, the better this criterion becomes. A typical structure of a complex tree is
illustrated in Figure 12.

The reason why this rule holds is that, with small trees involving just a handful of
decision nodes and probabilistic outcomes, there is not really scope for expected
value to have direct meaning. Again referring to the example above, one could say
that building the large warehouse will now either make a £5m net profit or break even
(respectively, £12m – £7m and £7m – £7m). Having simplified the state of affairs in
effect to just high and low demand, neither outcome would yield the implied £1,250k.

As an analogy, it may be helpful to recall that one difference between a sample mean
and median is that the mean may not be an attainable value (who really has 2.4
children?), whereas, in general, the median will.

Another use of decision trees is to make judgements involving other criteria besides
expected value. Specifically, it may be in the best interests to use a criterion that
minimises the worst loss – or, perhaps more speculatively, maximises the highest
profit. Such criteria are called ‘minimin’, ‘maximin’ or ‘minimax’, etc. There are
circumstances when it is more prudent to apply such a criterion in place of expected
value. However, for more complex decision trees it is usually sensible to use it. In the
longer run, overestimates and underestimates of expected values tend to balance out –
assuming (importantly) that there is no systematic bias in the allocation of costs and
probabilities.

In summary:

z Decision trees can provide a powerful technique for convincing oneself and
others of the most suitable course of action when faced with uncertainty. Their
graphical representation sometimes makes the solution obvious. By the
addition of estimated costs, values of outcomes and probabilities, it provides a
basis for analysing complex problems. This system can therefore help to
clarify and communicate the option available to the project manager.
z Decision trees can be used when choosing the appropriate procurement route,
the method of construction, or even whether to proceed with a project claim.
Their more obvious use is by clients in choosing between alternative
development projects.
z While this approach to risk and decision making is not without limitations (in
common with most tools in Management Science), a key advantage is that it
encourages the client/project manager/decision maker to assess some degree of
probability of an outcome occurring and to take rational and logical action at
each decision point.
 Risk management in construction Paper 0358 Page 28

FIGURE 12 Typical ‘Decision Tree’ structure for complex problem

 Risk management in construction Paper 0358 Page 29

10 Simulation
10.1 Monte Carlo simulation
Building and analysing a simulation model will be more effective if a substantial
bank of data exists or can be generated. Monte Carlo simulation makes use of random
numbers to generate random data based on known facts or observations.

Tables of random numbers, as found in any statistics textbook, are produced by

computer using various algorithms which ensure that all numbers from 00 to 99
(usually) have equal probability of occurring at any point on the tables. When using
random number tables it is important not to introduce bias: the numbers should be
used strictly in order as shown in the examples.

Throughout this section just a single iteration of the simulation process is described.
In practice, a computer would perform literally hundreds or thousands of such
iterations, and produce a summary of all the results. This summary is quite likely to
reflect reality – provided, of course, that initial assumptions in the simulation model
are valid!

10.2 Probability Density Distribution (PDD)

Simulating a problem using random numbers
Any simulation model should have a factual basis from which probabilities can be
determined. Random numbers used to generate data are allocated in accordance with
the probabilities.

EXAMPLE 2
Consider a stock control situation where the demand for a particular product varies from
day to day. Observations show that the demand per day recorded over a period of 100
days is as follows.

Demand per day Number of days

(items)
0 2
1 8
2 22
3 34
4 18
5 9
6 7

The probability of a particular demand can be calculated:

Demand per day Number of days Probability

0 2 .02
1 8 .08
2 22 .22
3 34 .34
4 18 .18
5 9 .09
6 7 .07
 Risk management in construction Paper 0358 Page 30

Probability density distribution table

Random numbers are allocated in accordance with the probabilities. For each
probability point, one random number is allocated. Since the probability of a demand
of zero items per day is 0.02, two random numbers must be allocated, namely 00–01.
The next eight numbers are allocated to a demand of one item per day, 02–09, and so
on.

The allocation of random numbers may be simplified by considering the cumulative

probabilities as follows:

Demand per day Probability Cumulative Random

probability numbers
0 .02 .02 00–01
1 .08 .10 02–09
2 .22 .32 10–31
3 .34 .66 32–65
4 .18 .84 66–83
5 .09 .93 84–92
6 .07 1.00 93–99

Note the numerical relationship between the cumulative probabilities and the
allocated random numbers.

Using the probability density distribution

Data which simulates the demand per day is generated by reading random numbers
from the tables and looking up the relative demand in the PDD. For example:

Random number Simulated demand per day

84 5
28 2
64 3
49 3
06 1
75 4
09 1
73 4

In order to simulate the stock control problem, a second PDD is required for the
supply or delivery of goods. The recorded delivery times following placing an order,
over fifty deliveries, are as follows:

Time to delivery Frequency

(days)
2 13
3 35
4 17
5 5
Total 70
 Risk management in construction Paper 0358 Page 31

The PDD for delivery and allocation of random numbers is as shown:

Time to delivery Probability Cumulative Random

(days) probability numbers
2 .19 (13/70) .19 00–18
3 .50 .69 19–68
4 .24 .93 69–92
5 .07 1.00 93–99

Simulating the stock control problem

Using the demand and delivery PDDs shown above, run a Monte Carlo simulation
over a period of fifteen days for a stock control situation where the buffer stocks
(level at which an order is placed) are ten, initial stock is fifteen, and the re-order
quantity is twenty.

Day Demand Demand Stock Delivery Days Day

number random level random number
number number
0 – – 15
1 84 5 10 28 3 4
2 64 3 7
3 49 3 4
3 49 3 4
4 06 1 23
5 75 4 19
6 09 1 18
7 73 4 14
8 49 3 11
9 64 4 7 93 5 14
10 39 3 4
11 89 5 out of stock
12 – – out of stock
13 – – out of stock
14 77 4 16
15 86 5 11
159

Average stock = 11559 = 10.6 units.

We could, of course, add in the various costs associated with the ordering and storage
of stock. By varying buffer stock level, re-order quantity etc, a number of simulations
could be carried out to optimise these values.

Queuing models can also be investigated using simulation, and decisions regarding
the number of service points to be installed can be arrived at economically.
 Risk management in construction Paper 0358 Page 32

EXAMPLE 3
Aggregates are delivered by rail to a large civil engineering contract. The trains are
believed to arrive according to a well-known standard probability distribution called
‘Poisson’, with a mean of 1.25 per day. Two unloading services are available for a
maximum of seven hours per day each. The unloading frequencies applicable to both are
shown below.

Unloading time Frequency

per train (hours)
5 15
6 23
7 36
8 41
9 25

a. Use Monte Carlo simulation to predict the arrivals pattern and utilisation of the
unloading facilities over a ten-day period.
b. Is a further unloading point justified?

Using a standard formula (which is beyond the scope of this course) for the arrival
probabilities, the following PDDs can be drawn up.

Arrivals PDD
Arrivals per day Cumulative Poisson Random number
probability* allocation
0 0.29 00–28
1 0.64 29–63
2 0.87 64–86
3 0.96 87–95
4 0.99 96–98
5 1.00 99

*rounded to 2 decimal places

Unloading PDD
Unloading time Frequency Cumulative Random number
probability allocation
5 15 0.11 00–10
6 23 0.27 11–26
7 36 0.53 27–52
8 41 0.82 53–81
9 25 1.00 82–99
140

(Continued)
 Risk management in construction Paper 0358 Page 33

Simulation, using a particular sequence of random numbers gives:

Day Random Arrivals Random Unloading Utilisation of

number number per day number time unloading facilities
No 1 No 2
(hours) (hours) (hours)
1 56 1 77 8 7 –
2 39 1 73 8 1 7
3 69 2 96 9 7 1
89 9 2 7
4 11 0 – – – 2
5 80 2 49 7 7 –
36 7 – 7
6 11 0 – – – –
7 19 0 – – – –
8 03 0 – – – –
9 51 1 77 8 7 –
10 01 0 – – 1 –
Totals 32 24

(32 + 24)
Utilisation factor = × 100 = 40%
10 × 7 × 2

which is the time in use divided by time available for use.

A further unloading point is not justified. Indeed, the evidence suggests that one
unloading point would be adequate.

EXAMPLE 4
A digital simulation model is required for forecasting the likely financial performance for
a company offering a specialist technical service to the building industry. The available
data are given in Tables 4 and 5 below.

a. Simulate a set of twelve monthly sales income values. Use the random number
sequence 3, 47, 43, 73, 86, 3.6, 96, 47, 36, 61, 46, 98 for this purpose.
b. Simulate a set of twelve monthly cost values. Use the random number sequence
16, 22, 77, 94, 39, 49, 54, 43, 54, 82, 17, 37.
c. Define the remaining steps in the sequence of calculations which must be
performed in order to complete the simulation.
d. Comment on the apparent situation of the company and make suggestions for
improvement.

(Continued)
 Risk management in construction Paper 0358 Page 34

TABLE 4 TABLE 5
Gross monthly Observed Total monthly Observed
income (£000s) frequency cost (£000s) frequency
6 1 10 1
8 4 12 7
10 6 14 6
12 3 16 5
14 2 18 4
16 1 20 4
18 2 22 3
20 1
22 7
24 3

Answer

PDD Gross Monthly income

Income Frequency Probability Cumulative Random
probability number
6 1 .03 .03 0–2
8 4 .13 .17 3–16
10 6 .20 .37 17–36
12 3 .10 .47 37–46
14 2 .07 .53 47–52
16 1 .03 .57 53–56
18 2 .07 .63 57–62
20 1 .03 .67 63–66
22 7 .23 .90 67–89
24 3 .10 1.00 90–99
30 1.00

PDD Monthly Cost

Cost Frequency Probability Cumulative Random
probability number
10 1 .03 .03 0–2
12 7 .23 .27 3–26
14 6 .20 .47 27–46
16 5 .17 .63 47–62
18 4 .13 .77 63–76
20 4 .13 .90 77–89
22 3 .10 1.00 90–99
30 1.00

Sales Cost Profit/

Month RN RN Loss
1 03 8 16 12 4
2 47 14 22 12 2
3 43 12 77 20 –8
4 73 22 94 22 0
5 86 22 39 14 8
6 36 10 49 16 –6
7 96 24 54 16 8
8 47 14 43 14 0
9 36 10 54 16 –6
10 61 18 82 20 –2
11 46 12 17 12 0
12 98 24 37 14 10

Σ = +2

(Continued)
 Risk management in construction Paper 0358 Page 35

This completes parts (a) and (b). For (c), you need to describe how this process would be
repeated over and over again by computer, using different random number sequences
every time. Then, it is argued, the summarised results would reflect reality quite well – as
long as initial model assumptions are deemed plausible and sensible.

Finally, for (d), some ‘hypothetical discussion’ can be given based on: ‘Suppose the
average of many simulations turned out to show, as in (c), a small profit of £2000 per
annum for the company …’.

11 Reporting
The main evidence that risk management is taking place on a project is the existence
of a risk-reporting procedure. This means that the risk management can be audited,
measured and provide a background of experience for future projects.

Once the project manager is appointed, it is his responsibility to ensure that reporting
is carried out by those managing the risks. There may be more than one risk manager,
depending on the phase of the project reached, and their reports need to follow a
predetermined format and timing.

Reporting is seen as the outcome of the continual process of monitoring, review,

assessment and reassessment of risk management. The reports need to be appropriate,
concise and accurate.

As with all reports, the four ‘golden rules’ should be implemented:

z Clear and well presented

z Timely
z Relevant
z Reflecting authority.

Consider who will read the report, its purpose and the action anticipated following
receipt of the report. It may be appropriate to ‘layer’ the report, with the summary
written in a non-technical style for the layman to understand, the detail of the report
sufficient for senior management to make decisions, and supporting technical data
and analyses that may require expert knowledge to be fully understood.

Often the risk report is produced by the project manager and presented to the client
with key decisions being required. It must therefore be informative and timely so that
corrective action can be taken as appropriate.

SELF-ASSESSMENT QUESTION
Describe a risk management system that could be introduced at the early design stage of a
management contracting project, to identify the potential risks to completion on time,
within budget and to acceptable quality standards.