Construction Quality and Risk

Management

Dr. Manuel M. Muhi

Dr. Danilo Pilar
Dr. Guillermo O. Bernabe
Engr. Joseph Raniel A. Bianes
Course Description

This course is an advanced study of engineering high quality on Construction projects.

Quality does not happen; it must be planned, promoted, and practiced intentionally and
deliberately. Also examines the various models and methods for assessing and
managing project risk. This course also applies both qualitative and quantitative risk
analysis to minimize project risk.

Course Objectives:

Upon successful completion of this course, the student will:

1. Examine the various tools, techniques, principles, and practices of quality control and
quality assurance (QA/QC) programs.
2. Appraise the tenets of project quality management and assess various quality
maturity models.
3. Assess the models and methods for assessing project risk.
4. Apply qualitative and quantitative risk analysis to risk assessment and management.
5. Examine the various project risks mitigation tools and techniques.
6. Apply methods of monitoring and controlling risks
 Module 1
Intro to Construction Quality and Risk Management

Construction is inherently risky but, it is argued, is less technically complex than

projects in industries such as software, defense and engineering. This is because it is
simply about using specialists in design and construction to produce a project within a
specified timescale (Rafferty in Cooke & Williams, 2004, p71).

Historically construction has been risky for several reasons, including:

➢ Poor record of completion to cost and time.
➢ High levels of disputes and litigation.
➢ Intense competition for work.
➢ Low margins and profit risk.
➢ Poor safety and occupational health record.
➢ Pressure to produce a high return on funds invested.
➢ Pressure to save time and money.
Pressure on health and safety provision.

Quality Risk Management

Quality Risk Management is a systematic, risk-based approach to quality

management. The process is composed of the assessment, control, communication, and
review of quality risks. It is especially critical in the pharmaceutical industry, where product
quality can greatly affect consumer health and safety.

Quality Risk Management Principles

According to the International Council for Harmonization of Technical

Requirements for Human Use (ICH), quality risk management has two primary principles,
which are:
1. Quality risk evaluation should be based on scientific knowledge, such as data and
research, and ultimately work towards the protection of consumers.
2. The higher the risk level, the stronger a QRM process should be. The level of effort,
formality, and documentation should be equal to the risk level.

Why Quality Risk Management is Important?

Quality risk management is important because it can facilitate better and more
informed decisions. With QRM, decision-making has the following qualities:
➢ Decisions are data-driven instead of subjective.
➢ The potential impact on the lives of consumers is prioritized.
 ➢ Companies can use risk level as the basis for prioritization, leading to a more
efficient use of resources. Moreover, it helps build a culture of trust and
transparency among companies and regulatory authorities.
➢ Quality risk management is also a requirement of GDP, an internationally
recognized set of standards for ensuring the quality of medicines throughout the
supply chain. While GDP is primarily enforced in Europe, there has been an
increase in its use in the United States and other countries.

Solid arrow – Required, Broken arrow – Optional; If risk control is unacceptable or

ineffective, perform risk assessment again.
The following steps are based on ICH Q9, a guideline developed by the organization to
standardize quality risk management:

Step 1: Before Starting

Form a cross-functional team and choose a leader. Example QRM team:

Each member of this team will be responsible for coordinating quality risk management
across various functions and departments in the company.

Step 2: Risk Assessment

• Define the problem: Ask “What might go wrong?”

• Risk identification: Identify hazards related to the problem.
• Risk Analysis: Estimate risk associated with identified hazards. For each estimated
risk, define the likelihood of occurrence and the severity of consequences.

Risk evaluation: Based on risk analysis, evaluate each risk using a 3×3 risk matrix, 4×4
risk matrix, or 5x5 risk matrix based on your needs
To quantify the expression of risk, assign a numeric value to each likelihood and severity
category. The formula for calculating the risk level based on these values is up to you.
➢ Set rules for defining the overall risk level: For example, if more than half of the
risks are high, then the overall risk level is high.
The output of the risk assessment will either be a numeric value or qualitative
description expressing the overall level of risk posed by the problem.

Step 3: Risk Control Selection

The key focus of this step is choosing between risk reduction and risk acceptance.
Answer and discuss the guide questions below with other QRM team members before
making a decision:
➢ Is the risk above an acceptable level?
➢ What can be done to reduce or eliminate the risk?
➢ What is the appropriate balance among benefits, risks, and resources?
➢ Are new risks introduced as a result of initial risk being controlled?
Also keep in mind that the amount of effort used for risk control should be equal to
the significance of the risk/s. If needed, refer to the output of the risk assessment in Step
2 or conduct a cost-benefit analysis to help determine the appropriate risk control.

Step 4: Risk Control Implementation

➢ Risk reduction is the set of actions taken to minimize the likelihood of occurrence
and the severity of consequences. It may also include improving the detectability
of hazards (i.e. making hazard identification easier) and risks (i.e. catching risks
before they cause further damage).
➢ Risk acceptance is a decision to accept risk since it cannot be eliminated. This
form of risk control is typically only chosen when mitigating the risk is out of the
QRM team’s control. Another case where it may be the best option is when risk
reduction has already been applied and the remaining risk is at an acceptable
level.

Step 5: Risk Review & Risk Communication

Once risk control has been implemented, establish a system for monitoring its
effectiveness. Quality risk management should be continuously reviewed, especially
when:
• there is new research, experience, knowledge, or data on specific risks;
➢ there are events that may have an impact on the original decision/s; and
➢ factors influencing the overall risk level have changed.
Meanwhile, risk communication involves sharing information on the entire process
with stakeholders who are not part of the QRM team. It also includes documenting the
QRM team’s thought process at each step and the results they were able to achieve after
completing a step.
Quality Risk Management Tools

While following the steps of the quality risk management process above is
sufficient for starting with QRM, certain industries or companies may need the help of
recognized tools to fully deploy their strategy. Below are 3 quality risk management tools,
their descriptions, and templates to help get you started:

FMEA

Failure Mode Effects Analysis (FMEA) is a systematic method of anticipating potential

failures in a process, product, or design and mitigating the negative impact of those
failures on consumers. Key elements of this tool are mechanism of failure, risk priority
number (RPN), and follow-up corrective actions

HACCP
Hazard Analysis Critical Control Points (HACCP) is a monitoring system for identifying
and controlling hazards. First, a hazard analysis is performed on each step in the
production process. If there is an opportunity to prevent, mitigate, or eliminate a hazard,
the step is considered a critical control point.

HAZOP
Hazard Operability Analysis (HAZOP) is a risk management technique used to
determine functional flaws in manufacturing systems. Similar to FMEA, it involves
exploring different scenarios where a process, design, or procedure could deviate from
its intended function.

QUALITY MANAGEMENT is the act of overseeing all activities and tasks needed to
maintain a desired level of excellence. Quality management includes the determination
of a quality policy, creating and implementing quality planning and assurance, and quality
control and quality improvement.

THE GOAL OF QUALITY MANAGEMENT

To lead and operate an organization successfully, it is necessary to direct and
control it in a systematic and transparent manner.

Success can result from implementing and maintaining a management system that
is designed to continually improve performance while addressing the needs of all
interested parties (customer and supplier).

MANAGING AN ORGANIZATION ENCOMPASSES QUALITY MANAGEMENT (QM)

AMONGST OTHER MANAGEMENT DISCIPLINES.
QM KEY PRINCIPLES

THE EIGHT QM KEY PRINCIPLES

Customer focus
Leadership
People involvement
Process Approach
System approach to management
Continual improvement
Factual approach to decision making
Mutually beneficial supplier relationships

CUSTOMER FOCUS

Organizations depend on their customers and therefore should understand current

and future customer needs, should meet customer requirements and strive to exceed
customer expectations.
LEADERSHIP

Leaders establish unity of purpose and direction of the organization.

Leaders should create and maintain the internal environment in such a way that
people can become fully involved and committed in achieving the organization's
objectives.

TO BECOME A REAL LEADER, NOT JUST THE BOSS!

PEOPLE INVOLVEMENT

People at all levels are the essence of an organization and their full involvement
enables their abilities to be used for the organization's benefit.

IT’S EVERYBODY’S BUSINESS. UNITY MAKES STRENGTH.

PROCESS APPROACH

A desired result is achieved more efficiently when activities and related resources
are managed as a process.
 PROCESS APPROACH IS BASED IN THE PDCA PRINCIPLE

CONTINUAL IMPROVEMENT

Continual improvement of the organization's overall performance should be a permanent

objective.

WE ARE GOOD... BUT WE CAN BE EVEN BETTER!

SYSTEM APPROACH TO MANAGEMENT

Identifying, understanding and managing interrelated processes as a system contributes

to the organization's effectiveness and efficiency in achieving its objectives.

FACTUAL APPROACH TO DECISION MAKING

Effective decisions are based on the analysis of data and information.

WE BELIEVE IN PEOPLE... BUT MUCH MORE IN THE FACTS.

MUTUALLY BENEFICIAL SUPPLIER RELATIONSHIPS

An organization and its suppliers are interdependent and a mutually beneficial

relationship enhances the ability of both to create value.

ONE HAND WASHES THE OTHER... AND BOTH WASH THE BODY!

KEY ELEMENTS IN QUALITY MANAGEMENT

QUALITY MANAGEMENT CONNOTATIONS

➢ Ethic value (performing at own best effort!).

➢ Documented procedures and records help to ensure traceability and dependability.
➢ Mutually beneficial outcome for supplier and customers.
➢ Customer satisfaction increases.
➢ Supplier organization efficiency, competence and capabilities enhance
continuously.

BENEFITS OF QUALITY MANAGEMENT SYSTEMS

Implementing a quality management system affects every aspect of an

organization's performance. Benefits of a documented quality management system
include:
➢ Meeting the customer’s requirements, which helps to instill confidence in the
organization, in turn leading to more customers, more sales, and more repeat
business
➢ Meeting the organization's requirements, which ensures compliance with
regulations and provision of products and services in the most cost- and resource-
efficient manner, creating room for expansion, growth, and profit

These benefits offer additional advantages, including:

• Defining, improving, and controlling processes
• Reducing waste
• Preventing mistakes
• Lowering costs
• Facilitating and identifying training opportunities
• Engaging staff
• Setting organization-wide direction
• Communicating a readiness to produce consistent results

ISO 9001:2015 AND OTHER QMS STANDARDS

ISO [Link] is the most recognized and implemented quality management system
standard in the world. ISO 9001:2015 specifies the requirements for a QMS that
organizations can use to develop their own programs.

Other standards related to quality management systems include the rest of the
ISPO 9000 series (including ISO 9000 and ISO 9004), the ISO 14000 series
(Environmental Management Systems), ISO 13485 (Quality Management Systems for
Medical Devices), ISO 19011 (auditing management systems), and IATF 16949 (quality
management systems for automotive-related products).
ELEMENTS AND REQUIREMENTS OF A QMS

Each element of a quality management system helps achieve the overall goals of
meeting the customers’ and organization’s requirements. Quality management systems
should address an organization’s unique needs; however, the elements all systems have
in common include:
• The organization’s quality policy and quality objectives
• Quality manual
• Procedures, instructions, and records
• Data management
• Internal processes
• Customer Satisfaction from product quality
• Improvement opportunities
• Quality analysis

ESTABLISHING AND IMPLEMENTING A QMS

Before establishing a quality management system, your organization must identify

and manage various connected, multi-functional processes to help ensure customer
satisfaction. The QMS design should be influenced by the organization’s varying
objectives, needs, and products and services provided. This structure is based largely on
the Plan-Do-Check-Act (PDCA) Cycle and allows for continuous improvement to both the
product and the QMS.

The basic steps to implementing a quality management system are as follows:

1. Design
2. Build
3. Deploy
4. Control
5. Measure
6. Review
7. Improve

DESIGN AND BUILD

The design and build portions serve to develop the structure of a QMS, its
processes, and plans for implementation. Senior management should oversee this
portion to ensure the needs of the organization and the needs of its customers are a
driving force behind the systems development.

DEPLOY

Deployment is best served in a granular fashion by breaking each process down

into subprocesses and educating staff on documentation, education, training tools, and
metrics. Company intranets are increasingly being used to assist in the deployment of
quality management systems.
CONTROL AND MEASURE

Control and measurement are two areas of establishing a QMS that are largely
accomplished through routine, systematic audits of the quality management system. The
specifics vary greatly from organization to organization depending on size, potential risk,
and environmental impact.

REVIEW AND IMPROVE

Review and improve detail how the results of an audit are handled. The goals are
to determine the effectiveness and efficiency of each process toward its objectives, to
communicate these findings to the employees, and to develop new best practices and
processes based on the data collected during the audit.

INDUSTRIAL INFLUENCE ON QUALITY AND STANDARDIZATION

The history of quality can trace its roots back centuries when craftsmen began
organizing into unions called guilds. When the Industrial Revolution came, early quality
management systems were used as standards that controlled product and process
outcomes. As more people had to work together to produce results and production
quantities grew, best practices were needed to ensure quality results.

Eventually, best practices for controlling product and process outcomes were
established and documented. These documented best practices turned into standard
practices for quality management systems.

Quality became increasingly important during World War II, for example, when bullets
made in one state had to work with rifles made in another. The armed forces initially
inspected virtually every unit of product. To simplify the process without sacrificing safety,
the military began to use quality techniques of sampling for inspection, aided by the
publication of military-specification standards and training courses in Walter Shewhart’s
Statistical Process Control techniques.

The importance of quality only grew after the war. The Japanese enjoyed a quality
revolution, improving their reputation for shoddy exports by fully embracing the input of
American thinkers like Joseph M. Juran and W. Edwards Deming and shifting focus from
inspection to improving all organization processes through the people who used them. By
the 1970s, the U.S. industrial sectors, such as electronics and automobiles, had been
broadsided by Japan’s high-quality competition

The Rise of Quality Management Systems

The American response to the quality revolution in Japan gave birth to the concept
of Total Quality Management (TQM), a method for quality management that emphasized
not only statistics but approaches that embraced the entire organization.
 In the late 20th century, independent organizations began producing standards to
assist in the creation and implementation of quality management systems. It is around
this time that the phrase “Total Quality Management” began to fall out of favor. Because of the
multitude of unique systems that can be applied, the term “Quality Management System” or
“QMS” is preferred.

At the start of the 21st century, QMS had begun to merge with the ideas of sustainability
and transparency, as these themes became increasingly important to consumer satisfaction.
 Module 2
Tools for Quality Management

THE 7 BASIC QUALITY TOOLS

"The Old Seven."
"The First Seven."
"The Basic Seven.”

Quality pros have many names for these seven basic tools of quality, first emphasized
by Kaoru Ishikawa, a professor of engineering at Tokyo University and the father of
"quality circles."

1. Cause and effect Diagram (also called Ishikawa or fishbone diagrams): Identifies
many possible causes for an effect or problem and sorts ideas into useful categories.

When to use the Cause and Effect Diagram

1. When identifying possible causes for a problem
2. When a team’s thinking tends to fall into ruts

Example of Cause and Effect Diagram

2. Check List. A check sheet is a structured, prepared form for collecting and
analyzing data. This is a generic data collection and analysis tool that can be adapted
for a wide variety of purposes.
When to use Check List
1. When data can be observed and collected repeatedly by the same person or at
the same location
2. When collecting data on the frequency or patterns of events, problems, defects,
defect location, defect causes, or similar issues
3. When collecting data from a production process

3. Control Chart. (Also called: Shewhart chart, statistical process control chart). The
control chart is a graph used to study how a process changes over time. Data are plotted
in time order. A control chart always has a central line for the average, an upper line for
the upper control limit, and a lower line for the lower control limit. These lines are
determined from historical data. By comparing current data to these lines, you can draw
conclusions about whether the process variation is consistent (in control) or is
unpredictable (out of control, affected by special causes of variation). This versatile data
collection and analysis tool can be used by a variety of industries and is considered one
of the seven basic quality tools.
When to use Control Chart
1. When controlling ongoing processes by finding and correcting problems as they
occur
2. When predicting the expected range of outcomes from a process
3. When determining whether a process is stable (in statistical control)
4. When analyzing patterns of process variation from special causes (non-routine
events) or common causes (built into the process)
5. When determining whether your quality improvement project should aim to prevent
specific problems or to make fundamental changes to the process

4. Histogram. A frequency distribution shows how often each different value in a set of
data occurs. A histogram is the most commonly used graph to show frequency
distributions. It looks very much like a bar chart, but there are important differences
between them.

When to use Histogram

1. The data are numerical
2. You want to see the shape of the data’s distribution, especially when determining
whether the output of a process is distributed approximately normally
3. Analyzing whether a process can meet the customer’s requirements
4. Analyzing what the output from a supplier’s process looks like
5. Seeing whether a process change has occurred from one time period to another
6. Determining whether the outputs of two or more processes are different
7. You wish to communicate the distribution of data quickly and easily to others
5. Pareto Chart. (Also called: Pareto diagram, Pareto analysis) A Pareto chart is a bar
graph. The lengths of the bars represent frequency or cost (time or money), and are
arranged with longest bars on the left and the shortest to the right. The chart visually
depicts which situations are more significant. This principle effectively states that the
majority of errors come from only a handful of causes. Or, in ratio terms, 80 percent of the
problems are linked to 20 percent of the causes. So, the point of this tool is to focus on
that 20 percent that causes the problems.

When to use the Pareto Chart

1. When analyzing data about the frequency of problems or causes in a process
2. When there are many problems or causes and you want to focus on the most
significant
3. When analyzing broad causes by looking at their specific components
4. When communicating with others about your data

6. Scatter Diagram. (Also called: scatter plot, X-Y graph). The scatter diagram graphs
pairs of numerical data, with one variable on each axis, to look for a relationship between
them. If the variables are correlated, the points will fall along a line or curve. The better
the correlation, the tighter the points will hug the line.
When to use Scatter Diagram
1. When you have paired numerical data
2. When your dependent variable may have multiple values for each value of your
independent variable
3. When trying to determine whether the two variables are related, such as:
• When trying to identify potential root cause of problems
• After brainstorming causes and effects using a fishbone diagram to
determine objectively whether a particular cause and effect are related
• When determining whether two effects that appear to be related both occur
with the same cause
• When testing for autocorrelation before constructing a control chart.

7. Stratification. Stratification is defined as the act of sorting data, people, and objects
into distinct groups or layers. It is a technique used in combination with other data analysis
tools. When data from a variety of sources or categories have been lumped together, the
meaning of the data can be difficult to see.
 Sample of Stratification Diagram

When to use Stratification

1. Before collecting data
2. When data come from several sources or conditions, such as shifts, days of the
week, suppliers, or population groups
3. When data analysis may require separating different sources or conditions
Examples of different sources that might require data to be stratified:
- Equipment
- Shifts
- Departments
- Materials
- Suppliers
- Day of the week
- Time of day
- Products

13 Quality Management Tools to Drive Process Improvements

1. PDCA / DMAIC (or some process improvement framework)
2. Statistical Process Control
3. Process Mapping
4. Cause and Effect Diagrams (and Cause and effect with cards, often called
CEDAC)
5. Brainstorming
6. Pareto Charts
7. Control Charts
8. Check Sheets
9. Bar Charts
 10. Matrix Analysis
11. Scatter Diagrams
12. Dot Plot charts
13. Histograms

1. Plan Do Check Act: A Simple 4 Step Problem Solving Methodology

Plan Do Check Act is a framework that was created by quality guru, Edward
Deming as a way of structuring problem solving and continuous improvement.
It’s simple in its approach but very powerful in its delivery.
The generic steps of PDCA are:

Plan – Identify the problem, where you want to be and gather the facts. Start to define
the reasons and get to the root causes.
Do – Implement the improvement and test.
Check – Check it’s worked and review the data
Act – If it’s worked, standardize the improvement. If not, tackle the next problem and
repeat PDCA again.

2. Statistical Process Control (SPC)

It’s one of the 7 ‘foundational’ quality management tools. It’s a framework for
measuring and reducing variation in a process’ output.
Variations in processes cause all sorts of inconsistencies from product quality, to lead
time, to cost, and even attitudes and behaviors. Variables cause the most common quality
problems in processes. One minute you get it right. The next, it’s producing nothing but
poor output.

And the theory goes that by controlling these variables in any process, you can
control the outcome. Thus, making it more consistent. And with consistent output comes
stable processes.

And with stable processes, you get less time spent firefighting and handholding
things through that process.
You also get great confidence it in being right every time. Thus, you can even offer
services that your competitors can’t.

SPC is a way of measuring the quality within a certain process. This data is tracked
normally using a Run Chart (or control chart).
The reason for using SPC is that you get real time information to see how stable the
process is and can:
- reduce variability and defects
- improve productivity
- Reduce costs and lost time through firefighting
- Uncover hidden process trends
 - Instantly react to process changes and variation
- Make real-time decisions in the business

3. Process Mapping

One of the first steps to understand a process is to map it. By mapping, we can
gain a picture as to what actually happens.

Not what we think or what should happen.

This give us a tremendous insight into the process and what’s going on. And where
the potential issues are that may be affecting the output and inconsistencies in our
process.

ICOR is a great tool to help do this. ICOR stands for:

- Inputs
- Controls
- Outputs
- Resources

By looking at the inputs, controls, outputs and resources, we can see clues to
help us find the reasons for inconsistency of output.

4. Cause and Effect Diagram

This stands for Cause and Effect with Cards. This method helps you add
observed data to the fishbone diagram and then add improvement ideas to that section.
Effectively, you have two cards, one is the idea for improvement; the other is the data
card.

With CEDAC (Cause and Effect Diagram with the Addition of Cards), the effect
side of the diagram is a quantified description of the problem at the fish head.

In the cause section (the spines of the fish) there are two different colored cards
for writing the facts and the ideas.

The facts are gathered and written on the left of the spines, and the ideas for
improvement on the right of the cause spines.

The team then evaluate them and select, based on feasibility and impact in
improving the problem.

You can use the Fishbone Diagram or CEDAC alternative to help identify root
causes, using data.
5. Brainstorming

➢ Brainstorming is another core member of the quality management tools suite. It’s
used with a team to generate ideas, quickly and effectively.
➢ It can be used in conjunction with identifying root causes through 5 why sessions
and using the cause and effect diagram.
➢ In fact, it can be used just about on any subject where you have a small team
analyzing something.
➢ And it’s a structured way of getting input from the team. And doing it effectively.

➢ The easiest method is to get each team member to write their ideas on post it
notes.
➢ One post it per idea and in a short space of 5 minutes, get them to write as many
ideas as possible.
➢ Add these to the chart (fishbone diagram, ideas board, etc.).
➢ Then discuss. Group the post its that are similar.
➢ Then ask for another round of brainstorming (if they have more ideas).
➢ When the team run out of ideas, get them to agree their priority thoughts and
actions by each scoring their top 1-3 ideas.
➢ Why use it? Each member of the group inputs their ideas of potential root causes
and improvement. Using this method, no idea is a bad idea.
➢ The object is to get as many ideas out on paper, quickly, until the group runs out
of thoughts. At which point, it’s then a case of assigning priorities and actions for
the ideas chosen.

6. Pareto Analysis

➢ Pareto analysis is based around the 80/20 rule, whereby often the vital few things
cause the biggest effect.
➢ That’s 80% of sales come from 20% customers…
➢ 80% of defects come from 20% root causes…
 ➢ And so on.
➢ It might not be exactly 80/20, but you’ll find that the vital few things cause the major
effect.
➢ It’s simple in its approach.
➢ And it’s depicted in the form of a bar chart, whereby frequency or impact is show
in descending order, against specific cause codes, or reasons of failure / problems.
➢ Using this method, you can quickly, see the biggest impact from the vital few
causes.
➢ And once you have this information, you can get to work improving the vital few
root causes.

7. Control Charts

➢ This is the second of the 7 foundational quality management tools. Control charts
are one of the main methods of measuring SPC.
➢ It’s an easy way of showing trends over time, and how a process is performing.
➢ And whether it’s in control or not. On a Control Chart, you’ll find upper and lower
control limits.
➢ These are statistical indicators that show whether the process is statistically in
control.
➢ If it isn’t, it’s time to get to work to stabilize the process.
➢ That stabilization means you need to find the root causes of that inconsistency.
➢ Control charts use the mean and standard deviations to measure whether a
process is statistically in control or not. And if it’s not, it’ll show you when it’s
happening.
➢ Here’s a very simple version of a control chart (below) measuring output over time.
➢ Notice how easy it is to see if, and when it’s out of control?

8. Check Sheet

➢ Check sheets are another simple but effective means within the quality
management tools suite.
➢ Check sheets are simple tally charts, typically showing the number of occurrences
things happen.
➢ Data is collected and ordered by adding tally or check marks against
predetermined categories of items or measurements.
➢ It simplifies the task of analysis.
➢ Once you find a problem affecting the process, tick it immediately. Employees refer
to the check list to understand whether changes incorporated in the system have
brought permanent improvement or not.
➢ Improvement teams can use it to gather important information for further analysis,
too.
9. Bar Charts

➢ Bar charts are another of the 7 foundational quality management tools. They are a
very simple way of demonstrating data; the height of each bar shows the frequency
of the result.
➢ Again, in any form of communication, the less complexity the better, and Bar
Charts are a very simple way of showing results of data.
➢ Here’s a case in point. What’s easier to read?
- A list of data, collected from source.
- Or a bar chart summarizing that data, visually?
➢ Which one is easiest to read?
➢ Which one can you use to spot trends?
➢ Bar charts are a good way of measuring lots of data, quickly and easily.
➢ Bar Charts could be used in the following examples:
- Expenditure each month
- Delivery performance each month
- Attendance scores
- Customer returns / complaints each week

10. Matrix Analysis

➢ A matrix analysis is a simple way of showing the relationship between two data
points.
➢ If you’re about to choose the right improvement project, you’d choose from the top
right of the matrix (high impact and relative ease to implement).
➢ We can then score each factor based on importance to our customer.
➢ What we can then do is filter out the high scoring factors from the low scoring ones.
And then bring these high scoring ones forward for further analysis.
➢ Using this method, we can plough through our ideas and observations quickly and
effectively. And, highlight the biggest impact variables from the rest.
➢ Here’s what it could look like if we sorted all our valve production variables in a
Cause and Effect Matrix:
 Cause and Effect Matrix

11. Scatter Diagrams

➢ A Scatter diagram aims to show a relationship between two variables. And how
one changes in relation to the other.
➢ Why use a scatter diagram?
➢ In lots of cases, we make judgements based on what we see, and often assume
that because one thing happens, and so too another at the same time, then they
must be linked.
➢ For example, two customer returns have been received in the last week. When we
quickly look, we find that both jobs were manufactured on the night shift…
 ➢ It’s very easy to say that there’s a fundamental link between quality and the type
of shift that produced it. But there could just be other factors that we don’t see that
are causing it.
➢ And it could also have been a coincidence that both happened on one shift.

12. Dot plot Charts

➢ Dot plots can be used to keep plotting output from a process that you’re measuring,
using a simple dot for each occurrence.
➢ They’re a great way of showing the dispersion of data and how far the data spreads
across values.
➢ You can also use it to see if the process is random or whether there is special
cause variation.
➢ By random, you should be able to see a bell curve in the data (which normally
signifies the process being stable).

13. Histogram
➢ Histogram is a graphical representation showing the intensity of a problem.
➢ They’re classified as one of the foundational quality management tools.
➢ Histograms are like bar charts and dot plots but they group numbers into ranges.
➢ In a similar way to the dot plot, histograms help identify the causes of problems in
a process, by both the shape and width of the distribution.
➢ What separates them form the dot plot is that the histogram should be used for
larger data sets. This is because the data ranges can be grouped together.
➢ As it’s continuous data that can have be any size measurement (and not pre-set
sizes like our dice example) the histogram could be used instead of the dot plot.
Because data ranges can be grouped at the bottom of the axis.
 Module 3
Modern Quality Management

Introduction

A quality management system (QMS) can be expressed as the organizational

structure, procedures, processes and resources needed to implement quality
management.

Early systems emphasized predictable outcomes of an industrial product production

line, using simple statistics and random sampling.

In the late 80’s or early 90’s, quality management found its place within project
management. Today, no one can deny the fact that project management has become
quality driven. Everyone prefers not just project delivery but ‘quality’ project delivery.
➢ By the 20th century, labor inputs were typically the costliest inputs in most
industrialized societies, so focus shifted to team cooperation and dynamics,
especially the early signaling of problems via a continuous improvement cycle.
➢ In the 21st century, QMS has tended to converge with sustainability and
transparency initiatives, as both investor and customer satisfaction and perceived
quality is increasingly tied to these factors.
➢ Of all QMS regimes, the ISO 9000 family of standards is probably the most widely
implemented worldwide - the ISO 19011 audit regime applies to both and deals
with quality and sustainability and their integration.

Quality improvement, quality control, kaizen, valued added management etc – key
elements in quality management are gaining grounds in project management these days.
A large number of organizations are hugely investing on quality management
professionals in order to ensure the level of quality in projects.

Six Sigma or lean implementation is an approach taken in order to ensure zero

defects in projects. Constant improvement and elimination of errors are the desired
results for all projects and therefore, quality management has emerged as a major factor
in project management. In fact, project quality management is defined as a knowledge
area of project management in PMBOK Guide. In this module, let’s have a look at quality
management processes implemented in a project. Here is an evaluation of various
aspects of quality management within project management.

Quality Characteristics to be Maintained in Project Management

In a project, quality characteristics are defined by the stakeholders. Some of the

most common quality characteristics are performance, functionality, suitability, reliability,
consistency and more. The levels of quality in these terms are measured as per project
and organizational standards. From project initiation and processes to project delivery,
each should be measured in terms of quality standards. In project deliveries, various
things like computers, project equipment, team etc., too matter in terms of ensuring quality
characteristics as desired. Thus, quality management should be in place from the
beginning of a project till the end.

Quality Characteristics to be Maintained in Project Management

In a project, quality characteristics are defined by the stakeholders. Some of the

most common quality characteristics are performance, functionality, suitability, reliability,
consistency and more. The levels of quality in these terms are measured as per project
and organizational standards.

From project initiation and processes to project delivery, each should be measured
in terms of quality standards. In project deliveries, various things like computers, project
equipment, team etc., too matter in terms of ensuring quality characteristics as desired.
Thus, quality management should be in place from the beginning of a project till the end.

What are the Different Phases in Quality Management?

Quality management involves typically three phases – Quality Planning, Quality

Assurance and Quality Control.
➢ Quality Planning: Here, the quality plan is created. Every plan should have a
desired objective or goal and quality plan is no exception. The goal of quality
management should be clearly communicated to all the stakeholders in a project.
After the goal is defined, the measures to ensure the level of standard should be
worked out. How will the customers be satisfied? What is the level of quality that
the stakeholders are expecting? How to determine if the quality measures will lead
to project success? When all the answers to these questions are in place, tasks
should be delegated to respective team members and quality plan is initiated.
➢ Quality Assurance: This is a process that moves along with project throughout
the lifecycle. Quality assurance is all about evaluating if a project is moving towards
delivering quality services. If all the quality characteristics are in place the quality
plan can proceeding in an effective manner. When quality goals are not achieved
or are not in the process of getting achieved, necessary steps and corrective
actions should be identified. Ensuring corrective actions too falls in the phase of
quality assurance.
➢ Quality Control: Here, operational techniques are used in order to ensure quality
standards. Any time a problem arises relating to quality or if the quality plan is not
executed in the desired manner, corrective actions should be effective. Quality
control involves monitoring project results and delivery to check if they are meeting
desired results or not. If not then alternative actions should be implemented.
Quality Control
➢ A process employed to ensure a certain level of quality in a product or service.
➢ It may include whatever actions a business deems necessary to provide for the
control and verification of certain characteristics of a product or service.
➢ Quality Control is a process that measures output relative to a standard and acts
when output does not meet standards.

Basic goal of quality control:

➢ To ensure that the products, services, or processes provided meet specific

requirements and are dependable, satisfactory and fiscally sound.
➢ To ensure that the products, services, or processes provided meet specific
requirements and are dependable, satisfactory and fiscally sound.

Purpose of Quality Control:

➢ To assure that processes are performing in an acceptable manner.

Quality Control and Quality Assurance

➢ Though the two are very similar, there are some basic differences; QC is
concerned with the product, while QA is process oriented.
➢ QC involves evaluating a product, activity, process or service. QA is designed to
make sure processes are enough to meet objectives

QUALITY ASSURANCE
➢ ➢ Relies primarily on inspection previously produced items through acceptance
sampling.
➢ Inspection
➢ ➢ It is an appraisal activity that compares goods or services to a standard where
it occurs at 3 points:
➢ 1. Before production- is to make sure that inputs are acceptable.
➢ 2. During production- is to make sure that the conversion of inputs into outputs
is proceeding in an acceptable manner.
➢ 3. After production- is to make a final verification of conformance before passing
the goods to customers.

Purpose of inspection

To provide information on the degree to which items conform to a standard.

The basic issues are:
✓ How much to inspect and how often?
✓ At what points in the process inspection should occur.
✓ Whether to inspect in a centralized or on-site location.
✓ Whether to inspect attributes (i.e. count the number of times something occurs) or
variables (i.e. measure the value of characteristics)
Typical inspection points:

➢ Raw materials and purchased parts

➢ Finished products
➢ Before a costly operation
➢ Before an irreversible process
➢ Before a covering process

Quality Management

Is a method for ensuring that all the activities necessary to design, develop and
implement a product or service are effective and efficient with respect to the
system and its performance?

8 Dimensions of Quality:

1. Performance – is a measure of a product’s primary operating characteristics.

2. Features – are the “bells and whistles” or options that are offered with a product
3. Reliability – relates to the probability that the product will not fail within a specified
time.
4. Durability – relates to the expected operational life of a product and can be measured
as the mean time to replacement.
5. Conformance – reflects how well the product and its individual component meet the
established standards.
6. Serviceability – is concerned with how readily a product can be repaired and the
speed, competence, and courtesy associated with that repair. (i.e. ease cost, friendliness
in service)
7. Aesthetics – is a high degree of individual judgement and that is also highly subjective.
(i.e. appearance and impression)
8. Perceived Quality – is directly related to the reputation of the firm that manufactures
the product. (Brand image)

3 Aspects of Quality:

1. Quality of Conformance – implies that the manufactured product or resource

rendered must meet the standards selected in the design process.
2. Quality of Design – deals with the stringent conditions that the product or service must
minimally possess in order to satisfy the requirements of the customer.
3. Quality of Performance – connected with the operation of the product when actually
put to use or the service when performed and measures the degree to which it satisfies
the customer.
Cost of Quality

The cost of quality is the cost of conformance plus the cost of nonconformance.
Conformance means delivering products that meets requirements and fitness for use.
The cost of nonconformance means taking responsibilities for failure or not meeting
quality expectations.

Quality Output

To be acceptable, all units must conform to all criteria for quality.

Output must be:

1. Appropriate
2. Accurate
3. Complete
4. On Time

What happens when output is not acceptable? Productivity suffers.

Determinants of Quality:
➢ Design
➢ How well it conforms to the design?
➢ Ease of use
➢ Service after delivery

Factors that affects conformance:

➢ Capability of equipment used

➢ The skills, training and motivation of workers
➢ Extent to which the design lend itself to production
➢ Monitoring process to access conformance
➢ Taking of corrective action when necessary

Consequence of Poor Quality:

➢ Loss of business
➢ Liability
➢ Productivity low
➢ Costs

Benefits of Good Quality:

➢ An enhanced reputation for quality

➢ An increased market shares
➢ Lower mobility costs
➢ Fewer product or service problems

A Maturing Model of Quality

Maturity Model (SPC=Statistical Process Control, COQ=Cost of Quality,

CAPA=Corrective and Preventive Action, FCA= Field Corrective Action)

Today, quality systems are transitioning from a heavy focus on data and looking
at past performance through charts and graphs, to a systematic review of each quality
system element, using Maturity Model methodology. With this methodology, each quality
system element has criteria starting at Level 1 (just getting started) to Level 5 (world
class). Systematic assessments are performed at each manufacturing facility to
determine relative maturity level for each element, as well as the gaps to achieving the
next maturity level. The manufacturing sites then prepare quality plans to close those
gaps. At the corporate level, a review of maturity levels for all quality system elements
across all sites enables objective assessment toward progress in growing a quality
system’s maturity. In addition, this approach allows the identification of areas of weakness
and proactive work toward improvement
5 Maturity Models for a Quality Pilot Program

Top Ten Quality Maturity Attributes

1. Optimized set-up and cleaning procedures are documented as best practice process
and rolled out throughout the whole plant.
2. A large percentage of equipment on the shop floor is currently under statistical process
control.
3. For root cause analysis, the firm has standardized tools to get a deeper understanding
of the influencing factors for problems.
4. Goals and objectives of the manufacturing unit are closely linked and consistent with
corporate objectives and the site has a clear focus.
5. Manufacturers have joint improvement programs with suppliers to increase
performance.
6. All potential bottleneck machines are identified and supplied with additional spare parts.
7. For product and process transfers between different units or sites, standardized
procedures exist that ensure a fast, stable and complied knowledge transfer.
8. Charts showing the current performance status, such as current scrap rates and current
up times, are posted on the shop floor and visible for everyone.
9. The firm regularly surveys customers’ requirements.
10. The firm ranks its suppliers and conducts supplier qualifications and audits.
Quality Culture Assessment Model

Category Attributes Elements

Employee Ownership and Understanding Quality Goals Impact on Product Quality

Engagement Patient Impact

Staff Empowerment and Process Ownership and

Engagement Engagement
QMS Processes
Continuous Improvement CAPA Robustness Root Cause
Human Error
Clear Quality Objectives Continuous Improvement

Technical Excellence Utilization of New Technologies Manufacturing Technologies

Maturity of Systems Training

Business Conduct
Quality Risk Management

Category Attributes Elements

Leadership Commitment Commitment to Quality Accountability and Quality

Planning
Enabling Resources Safety Program
Rewards & Recognition
Feedback & Staff Development
Communication & Collaboration Quality Communications Quality Communications
Management Review and Management Review
Metrics Metrics
Internal Stakeholder Feedback Internal Stakeholder Feedback
Quality Culture Survey
 Module 4
The Project Risk Management Knowledge Area

Introduction

The construction industry generally has a bad reputation for its work. The industry
has a reputation for time and cost overruns. This may be summed up in the commonly
held perception that the industry tends to deliver expensive buildings late.

Figure 1. Similarities and Differences between Projects

WHAT IS RISK?

The Project Management Institute in their Guidelines for Project Management

Body of Knowledge (PMBOK-2008) stated that:

Project risk is an uncertain event or condition that, if it occurs, has an effect on at

least one project objective. Objectives can include scope, schedule, cost, and quality. A
risk may have one or more causes and, if it occurs, it may have one or more impacts. A
cause may be a requirement, assumption, constraint, or condition that creates the
possibility of negative or positive outcome.

For example, a cause may be requiring a permit or having limited personnel

assigned to the project. The risk event is that the permit may take longer than planned,
or the personnel may not be adequate for the task. If either of these uncertain events
occurs, there will be a consequence on the project cost, schedule, or quality. Risk
conditions could include aspects of the project environment that may contribute to project
risk such as poor project management practices, or dependency on external participants
that cannot be controlled. Risk arose in the 1940s when it was possible to make a
statistical assessment of the probability of occurrence of a particular event. Risk,
therefore, tended to be insurable. Using the logic, the actual risk to be carried was
quantified as follows (Raftery-1994):

Risk = Probability of event x Magnitude of loss/gain

There will be good reasons for differences in estimates produced by different contractors
for the same project.
Common types of these differences:

Cost of Materials Discount Different Suppliers, speed of payment

vertical integration

Labor Productivity Skill Standard of Workmanship

Labor Cost Wages, Overtime, good staff

Wastage Materials, labor, theft

Plant Amount, type, own/hire

Site Techniques Different Sequence of Operations

Allowance for Fixed Price Future Increase Cost

Effect of Design Team Front Loading and Cash Flow, anticipating

Deliberate Distortion variations
Overheads
Profit

Project Risk Management

The purpose of project risk management is to minimize the risks of not achieving the
objectives of the project and the stakeholders with an interest in it, and to identify and
take advantage of opportunities. In particular, risk management assists project managers
in setting priorities, allocating resources and implementing actions and processes that
reduce the risk of the project not achieving its objectives.

There are three keys to managing project and procurement risk effectively:

1. identifying, analyzing and assessing risks early and systematically, and developing
plans for handling them;
2. allocating responsibility to the party best placed to manage risks, which may involve
implementing new practices, procedures or systems or negotiating suitable contractual
arrangements; and
3. ensuring that the costs incurred in reducing risks are commensurate with the
importance of the project and the risks involved.
The scope of risk management for projects includes :

➢ Business risks include all those risks that might impact on the viability of the
enterprise, including market, industry, technology, economic and financial factors,
government and political influences.
➢ Project risk includes all those risks that might impact on the cost, schedule or
quality of the project.
➢ Operations and processing risks include all those risks that might impact on the
design, procurement, construction, commissioning, operations and maintenance
activities, including major hazards and catastrophic events.

When is project risk management used?

Many organizations undertake projects involving significant capital outlays, or

groups of related projects that together make up large programs. Three aspects of large
projects or programs make risk management desirable.
• Their size implies there may be large potential losses unless they are managed
carefully, and conversely large potential gains if risks are managed well.
• They often involve unbalanced cash flows, requiring large initial investments
before meaningful returns are obtained. In these circumstances, and particularly
for assets with potentially long lives, there may be significant uncertainty about
future cash flows, due to changing economic conditions, advances in technology,
changing patterns of demand for products or services, new competition, or varying
operating requirements.
• Large public sector projects may involve a degree of private sector participation,
either in the form of direct private sector investment or involvement in the through-
life operations of a government-owned asset.

For some projects, risk management may be a formal requirement at specific stages of
the project development. There may be many reasons for this:
➢ Economic viability assessment, for high-level strategic decision-making about
whether or not to proceed with a project;
➢ Financial feasibility assessment, when a finance package is being assembled;
➢ Corporate governance and accountability, for managers, project staff, end-users
and suppliers to demonstrate that they have fully assessed all the material risks,
that the measures taken to control risk are appropriate, and that the economic
reward for taking on the risk that remains is adequate;

Contractual purposes, to assess alternative contractual and legal frameworks for the
project, in the context of deciding who should bear what risks and determining an
equitable allocation and sharing of risks and rewards between the parties involved;
➢ Tendering, when deciding whether or not to bid, or accept a bid, for a proposed
project, and in what form;
 ➢ Regulatory purposes, for legislative, judicial or licensing agencies, or for public
inquiries, to demonstrate accountability in a public or social context;
➢ Communication purposes, to provide information for owners, sponsors, users,
contractors, joint venture partners or other stakeholders, or to demonstrate
capability and competence in an area.

Risk Management Framework

For government procurement, there are likely to be additional requirements that

must be addressed and demonstrated explicitly, and may be subject to external audit and
oversight.
They include:

• value for money;

• open and effective competition;
• ethical behavior and fair dealing;
• maximizing opportunities for local industry to compete;
• environmental aspects;
• quality assurance;
• government sanctions against specified countries;
• social justice policies.

Specific requirements are typically related directly to the project itself. They include
such objectives as:
➢ cost control, ensuring the project is conducted within the available budget;
➢ schedule control, ensuring the project is completed within the time frame allowed;
➢ performance quality control, ensuring the project and its outcomes are suitable for
their intended purpose.

Stakeholder identification and analysis

Stakeholder analysis is important in risk assessments for most activities. It is

usually undertaken at an early stage of planning.

All projects and procurements involve at least two stakeholders: the procuring
entity (the buyer) and the supplier of goods or services (the seller). The differing objectives
of these two parties, and the contractual relationship between them, are key determinants
in the allocation and management of risk in the procurement process.
 Module 5
The Risk Management Plan

Creating the Project’s Risk Management Plan

The Risk Management Plan (RMP) defines the level at which risk management
will be performed for the project and the frequency of risk management meetings and risk
register updates. It lists the members of the Project Risk Management Team (PRMT) by
the various disciplines involved in the project and sets a budget for the risk management
activities. The Risk Management Plan (RMP) should be completed early in project
planning, since it is crucial to successfully performing the other processes described
herein.

This step will ensure that the level, type, and visibility of risk management are
commensurate with both the risk and importance of the project to the organization,
provide sufficient resources and time risk and importance of the project to the
organization, provide sufficient resources and time for risk management activities, and
establish an agreed‐upon basis for evaluating risks.

Basic Steps of Project Risk Management Plan

1. Determine the scalability level for the project.

2. Determine the frequency of risk meetings for the project and the applicable
communication and accountability checkpoints.
3. Decide who will be on the Project Risk Management Team.
4. If significant effort or outside consultants will be involved, include estimates for
project risk management activities in work plans.
5. If applicable, obtain the necessary approvals for the written RMP.

The Project Risk Management Team

The Project Risk Management Team (PRMT) is the core group performing, updating, and
reviewing risk management activities under the direction of the project risk manager. The
PRMT will include members of the Project Development Team (PDT), but not necessarily
all members.

The Project Development Team (PDT) may not continue regular meetings after RTL.
Emphasize that the PRMT is expected to stay together to manage risks until project
completion.
Incorporating Project Risk Management Activities into the Project Schedule

The project schedule (work plan) should incorporate the following:

1. Dates for project risk management meetings.
2. Time to allow team members to prepare for review of the risk register and risk
responses.
3. Milestones for communication and accountability checkpoints.

The First Project Risk Management Meeting

The first time that the Project Risk Management Team (PRMT) meets, the project
manager should brief the team about the following:
1. The importance and objectives of the project risk management process.
2. The process itself .
3. The roles and responsibilities.
4. The risk register.
5. The communication and accountability check points.
6. Risk management activities in the project schedule.
7. Time charge codes for risk management activities.
8. The expectation that risk will be managed, documented, and reported.

At this first meeting, elicit risks from the team members.

If working to Level 2 scalability, determine the impact and probability definitions so

that the team has the same understanding of the meaning of the word descriptions.

The Project Development Team (PDT) may include external stakeholders and
agencies in addition to Organization personnel. At Project Development Team (PDT)
meetings, after regular Project Development Team (PDT) business is concluded, the
Project Risk Management Team (PRMT) members from the PDT can remain to conduct
a project risk management meeting.

Examples of the Content of Risk Project Plan

1. Purpose. Includes methodology, roles and responsibilities, budgeting, timing, risk

categories, definitions of risk probability and impact, probability and impact matrix,
stakeholders’ tolerances, reporting formats, and tracking
2. Risk Management Approval. Usually, Project Manager and the Project Sponsor
3. Version History. Provide information on how the development and distribution of
the risk management plan up to the final point of approval was controlled and
tracked.
4. Methodology. This section defines how risk management will be performed for
this particular project. This risk management plan does not contain any identified
 risk or their related risk response strategies. It simply describes how to approach
plan, and execute all activities related to managing risks for a particular project
5. Roles and Responsibilities. This section describes the roles and responsibilities
of the project team regarding the risk , risk identification, analysis, response
planning, and monitoring and control.
6. Budget. This section outlines the budget allocated to performing risk management
by the entire project team.
7. Risk Management Schedule. This section contains meetings for the purpose of
discussing and making decision on Project risk will be held. The risk management
identification, analysis and response planning shall occur throughout the entire
lifecycle of the project; from Project Initiation Document (PID) through
Construction, including close-out.
8. Definition and Probability of Impact. The table shown in this section can vary
from project to project. See Risk Management Handbook .
9. Stakeholder Tolerances for Risk. This section describes the tolerance level of
the project sponsor/s in terms of risk to show those stakeholders based on their
level of influence on the program in generating and responding to program risk. It
also considers the organization’s culture regarding risk management.
10. Risk Reporting and Formats. This section describes the risk related reports, and
their format, that will be used to communicate the project risks to the interested
project sponsors as well as stakeholders. Typically a copy of Risk Register
Template can be attached to this Risk Management Plan. The timing of
disseminations of such reports should also be contained in this section.
11. Risk Tracking. This section describes the process to follow to track identified risks
and to recognize any new risks that may affect the program. It also describes how
the program’s risk management process will be audited and the frequency of the
audits, as well as the process to document lessons learned based on the program’s
risk management activities.
12. Appendix. References
 Module 6
Qualitative and Quantitative Risk Analysis

Qualitative Risk Analysis - Level 1

Qualitative risk analysis includes methods for prioritizing the identified risks for
further action, such as risk response. The PRMT can improve the project’s performance
effectively by focusing on high‐priority risks. Team members revisit qualitative risk
analysis during the project’s lifecycle. When the team repeats qualitative analysis for
individual risks, trends may emerge in the results. These trends can indicate the need for
more or less risk management action on particular risks or even show whether a risk
mitigation plan is working.

Risk Assessment

Qualitative risk analysis for Level 1 projects assigns a Risk Rating to each risk in
the risk register. The risk ratings determine where the greatest effort should be focused
in responding to the risks. They facilitate structured risk response action and resource
allocation.

The three ratings for Level 1 projects are:

• “High” – First priority for risk response.
• “Medium” – Risk response as time and resources permit.
• “Low” – No risk response required at this time.

The qualitative risk analysis of each risk is entered into the following columns of the Level
1 risk register:

Risk Rating Rationale

LOW

COLUMN CONTENTS
Risk Rating Select “High”, “Medium”, or “Low” as a measure of the importance of this risk
for response action.
Rationale Describe the reasons the PRMT selected this risk rating.
Qualitative Risk Analysis – Level 2

Qualitative risk analysis includes methods for prioritizing the identified risks for
further action, such as risk response. The PRMT can improve the project’s performance
effectively by focusing on high‐priority risks. Team members revisit qualitative risk
analysis during the project’s lifecycle. When the team repeats qualitative analysis for
individual risks, trends may emerge in the results.

These trends can indicate the need for risk management action on particular risks
or even show whether a risk mitigation plan is working.

Qualitative risk analysis for Level 2 projects\ assesses the priority of identified risks
using their probability of occurring and the corresponding impact on project objectives if
the risks occur.

Probability and Impact Ratings for Level 2 Projects

Table 1 is the lists of standard definition of risk probability and impact ratings. The
cost impact ratings may be easier to apply if expressed in terms of dollars. The ratings for
the project serve as a consistent frame of reference for the PRMT in assessing the risks
during the life of the project. The table is intended as a guide – the PRMT may define
dollar and time ranges as appropriate for the project. The impacts are to the overall
project. Schedule delay applies to risks that are on the critical path (the longest path).
During the Planning and Design phase, delay impacts to RTL may be of primary interest.
During construction, delays impact project completion. Cost impacts are based on the
sum of Capital.

Outlay (CO) and Capital Outlay Support (COS) costs.

Table 1. Definitions of Impact and Probability Ratings

Rating >> Very Low Low Moderate High Very High

Cost Impact Insignificant cost <5% cost 5‐ 10‐ >20% cost

of increase increase 10% cost 20% cost increase
Threat increase increase
(CO + COS)
Cost Impact Insignificant cost <1% cost 1‐3% cost 3‐5% cost >5% cost
of reduction decrease decrease decrease decrease
Opportunity
(CO + COS)
 Schedule Insignificant <1 1‐ 3‐ >6
Impact of slippage month 3 months 6 months months
Threat slippage slippage slippage slippage
Schedule Insignificant improve <1 month 1‐ 2‐ >3 months
Impact of ment improvem 2 months 3 months improvem
Opportunity ent improvem improvem ent
ent ent
Probability 1–9% 10–19% 20–39% 40–59% 60–99%

Performing Qualitative Risk Analysis

The PRMT assesses each identified risk in turn and assesses:

• The rating for the probability of the risk occurring, and
• The rating of cost and time impact of each risk, should it occur.

The risk matrix in Figure 2 is used to determine the importance of each risk impact
based on the probability and impact ratings. Each word descriptor of the rating has an
associated number; the product of the probability number and impact number defines the
risk score.

Performing Qualitative Risk Analysis

Very High

High

Moderate
Probability Rating

Low

Very Low

1 2 4 Moderate 8 16
Very Low Low High Very High
Impact Rating
 FIGURE 2. RISK MATRIX

For a particular impact, the combination of the probability rating of the risk
occurring and the impact rating positions the risk into one of the three colored zones in
the risk matrix. The color of the zone indicates the priority of the risk for risk response:
red zone signifies high importance, yellow is medium importance, and green is low
importance. For example, a risk having a “Moderate” probability and a “High” impact falls
into the red zone. Its impact score is 3 x 24 = 48.

Entering Assessments into the Risk Register

The qualitative risk analysis of each risk is entered into the following columns of the Level
2 risk register.
RISK ASSESSMENT

Cost Impact Time Impact

Probability Cost Impact Cost Score Time Impact Time Score Rationale

COLUMN CONTENTS

Probability Select the probability level from the drop‐down list.

Cost Impact Select the cost impact level from the drop‐down list.

Time Impact Select the time impact level from the drop‐down list.

Rationale Describe the rationale for these assessments.

The “Cost Score” is equal to the Probability number times the Cost Impact number.
 The “Time Score” is equal to the Probability number times the Time Impact
number. The risks in a colored zone may be further prioritized for risk response according
to their Cost and Time

Quantitative risk analysis is a way of numerically estimating the probability that

a project will meet its cost and time objectives. Quantitative analysis is based on a
simultaneous evaluation of the impact of all identified and quantified risks, using Monte

Carlo simulation by @Risk, Crystal Ball, or Primavera Risk Analysis software.

The result is a probability distribution of the project’s cost and completion date based on
the identified risks in the project.

Quantitative risk analysis simulation starts with the model of the project and either
its project schedule or its cost estimate, depending on the objective.

The degree of uncertainty in each schedule activity and each line‐item cost
element is represented by a probability distribution. The probability distribution is usually
specified by determining the optimistic, the most likely, and the pessimistic values for the
activity or cost element. This is typically called the “3‐point estimate.” The three points are
estimated by the project team or other subject matter experts who focus on the schedule
or cost elements one at a time.

Specialized simulation software runs (iterates) the project schedule or cost

estimate model many times, drawing duration or cost values for each iteration at random
from the probability distribution derived from the 3‐point estimates for each element. The
software produces a probability distribution of possible completion dates and project
costs. From this distribution, it is possible to answer such questions as:
• How likely is the current plan to come in on schedule or on budget?
• How much contingency reserve of time or money is needed to provide a sufficient
degree of confidence?

Which activities or line‐item cost elements contribute the most to the possibility of
overrunning schedule or cost targets can be determined by performing sensitivity analysis
with the software.

Quantifying the Risks

The project risk manager leads the PRMT in quantifying cost and schedule risks.
• The probability of the risk occurring is expressed by two values: “Low” and
“High” that cover the range.
• Three‐point estimates are used for cost and schedule impacts. The three‐point
estimate consists of determining the “Low” (optimistic), “High” (pessimistic) and
“Most Likely” values for the cost and time. The most likely value may be omitted if
 it cannot be established credibly. The cost impacts include direct costs only; they
exclude any cost of delay (determined from the output of a schedule risk analysis).

Schedule impacts are expressed in days of potential delay due to the risk. Some
risks may not have both cost and schedule impacts.

The potential delay during construction is converted to cost using a daily rate that
includes time‐related overhead and the direct costs associated with time (equipment,
etc.). It is carried in the risk register separately from the Ready to List (RTL) delay risk.

Entering Quantifications into the Risk Register. The qualitative risk analysis of
each risk is entered into the following columns of the Level 2 risk register

RISK ASSESSMENT
Probability Cost Impact Time Impact (Days)
High Low Low Most High Probable Low Most High Probable Rationale
Likely Likely
10% 30% Php Php Php 10 30 4
50,000 150,000 20,000

COLUMN CONTENTS
Probability Enter the “Low” to “High” values.
Cost Impact If there is a cost impact, enter a “Low” and “High” cost. If there
is reason for a credible “Most Likely” cost, enter it; otherwise,
leave this entry blank. If no cost impact, leave these cells blank.
Time Impact If there is a time impact, enter a “Low” and “High” time in days.
If there is reason for a credible “Most Likely” time, enter it;
otherwise, leave this entry blank. If there is no time impact,
leave these cells blank.
Rationale Enter the rationale for these assessments

“Probable Cost” is calculated from the average value of the Probability range mul
tiplied by the average value of the Cost Impact range.
“Probable Time” is calculated from the average value of the Probability range mul
tiplied by the average value of the Time Impact range.

The risks are prioritized for risk response in descending order of their “Probable
Cost” and/or “Probable Time”.
Producing the Risk Probability Curves

The quantifications in the risk register should be combined to produce probability curves
of the total cost of the risks and the total delay to the project. This requires knowledge of
special risk modeling tools such as @Risk, Crystal Ball, or Primavera Risk Analysis for
schedule risk modeling. The project risk manager may perform these risk analysis tasks,
if trained, or they may be performed by a department specialist. The District Risk
Management Coordinator can obtain expert services as needed.

Cost Risk Curve

The Risk Cost (RC) is the probability distribution of the total cost of all risks in the project
risk register.

FIGURE 1 – RISK COST PROBABILITY DISTRIBUTION

The chart shows the curves for the current assessment and the previous assessment, if
available. Selected values of RC at 90%, 50%, and 10% probability levels accompany
the chart.

Current Previous
90% chance RC is greater than 144 M 164 M
50% chance RC is greater than 185 M 206 M
10% chance RC is greater than 226 M 248 M
Schedule Risk Analysis

Schedule risk analysis may be performed using a simple model that combines
delay risks on the critical path to RTL and project completion. This simple version can be
modeled using @Risk This approach is satisfactory if a Critical Path Method (CPM)
schedule is not available. If a CPM schedule is available, the schedule is imported into
Primavera Risk Analysis, and the delay risks are inserted. This tool runs the simulation
and produces output probability curves for selected milestones. Expert knowledge is
required to use this tool. The curve will look like Figure 1 except the horizontal axis will
be a time scale. If none of the above approaches are available, the PRMT can estimate
the overall delay to RTL and project completion and quantify them in the risk register. The
cost of the potential delay to RTL and project completion determined by any of the above
methods, should be captured in the risk register as two specific risks.

Using the Probability Curves

The probability distributions of cost and schedule may be used by Project Management
to accomplish the following: For a project in the Planning and Design phase:
• Set project cost and schedule targets.
• Evaluate if cost estimates and schedules are realistic.
• Evaluate the adequacy of contingency reserves.
• Request a contingency exceeding the standard allowance.
• Evaluate the probability (risk) of exceeding specific cost.
• and time targets
• Determine the sensitivity of the output probability distribution to input risks (Risk
Sensitivity Diagram), highlighting the main risk drivers.

For a project in the Construction phase:

• Perform risk‐based budget analyses and forecasting cost at completion.

• Assess the adequacy of remaining contingency.
• Request supplemental funds.
• Evaluate the probability of meeting completion targets.
 Module 7
The Risk Response

Risk response is the process of developing strategic options, and determining

actions, to enhance opportunities and reduce threats to the project’s objectives. A project
team member is assigned to take responsibility for each risk response. This process
ensures that each risk requiring a response has an owner monitoring the responses,
although the owner may delegate implementation of a response to someone else.

Risk Response Planning

After identifying and quantifying risks, you must decide how to respond to them.

Four main response strategies for negative risks:

Risk Avoidance
Risk Acceptance
Risk Transferee
Risk Mitigation

Table 1. General Risk Mitigation Strategies for Technical, Cost, and Schedule
Risks
Technical Risks Cost Risks Schedule risks
Emphasize team support Increase the frequency of Increase the frequency of
and avoid stand-alone project monitoring project monitoring
project structure
Increase project manager Use WBS and CPM Use WBS and CPM
authority
Improve problem handling Improve communication, Select the most
and communication project goals experienced project
understanding, and team manager
support
Increase the frequency of Increase project manager
project monitoring authority
Use WBS and CPM

Response Strategies for positive risks

Risk Exploitation: doing whatever you can to make sure the positive risk happens.
Risk Sharing: allocating ownership of the risk to another party.
Risk Enhancement: Changing the size of the opportunity by identifying and maximizing
key drivers of the positive risk.
Risk Acceptance: the project team cannot or choose not to act toward a risk.
Risk Response Strategy

For Threats For Opportunities

Avoid. Risk can be avoided by removing Exploit. The aim is to ensure that the
the cause of the risk or executing the opportunity is realized. This strategy seeks
project in a different way while still aiming to eliminate the uncertainty associated
to achieve project objectives. Not all risks with a particular upside risk by making the
can be avoided or eliminated, and for opportunity happen. Exploit is an
others, this approach may be too aggressive response strategy, best
expensive or time consuming. However, reserved for those “golden opportunities”
this should be the first strategy having high probability
Transfer. Transferring risk involves finding Share. Allocate risk ownership of an
another party who is willing to take opportunity to another party who is best
responsibility for its management, and able to maximize its probability of
who will bear the liability of the risk should occurrence and increase the potential
it occur. The aim is to ensure that the risk benefits if it does occur. Transferring
is owned and managed by the party best threats and sharing opportunities are
able to deal with it effectively. Risk transfer similar in that a third party is used. Those
usually involves payment of a premium, to whom threats are transferred take on
and the cost effectiveness of this must be the liability and those to whom
considered when deciding whether t opportunities are allocated should be
allowed to share in the potential benefits
Mitigate. Risk mitigation reduces the Enhance. This response aims to modify
probability and*or impact of an adverse the “size” of the positive risk. The
risk event to an acceptable threshold. opportunity is enhanced by increasing its
Taking early action to reduce the probability and*or impact, thereby
probability and or impact of a risk is often maximizing benefits realized for the
more effective than trying to repair the project. If the probability can be increased
damage after the risk has occurred. Risk to 100 percent, this is effectively an exploit
mitigation may require resources or time response
and thus presents a trade of between
Acceptance. This strategy is adopted when it is not possible or practical to respond to
the risk by the other strategies, or a response is not warranted by the importance of the
risk. When the project manager and the project team decide to accept a risk, they are
agreeing to address the risk if and when it occurs. A contingency plan, workaround plan
and/or contingency maybe developed for that eventuality
 Table 6. Example Risk Responses

Risk Statement Risk Response

Inaccuracies or incomplete Mitigate: Work with surveys
information in the survey file to verify that the survey files
could lead to rework of the accurate and complete.
design. perform additional surveys
as needed.
A design change that is outside Avoid: Monitor design
DESIGN of the parameters changes against ED to avoid
contemplated in the reassessment of ED unless
environmental document the opportunity outweighs
triggers a supplemental EIS the threat.
which causes a delay due to
the public comment period.
Potential lawsuits may Mitigate: Address concerns
challenge the environmental of stakeholders and public
report, delaying the start of during environmental
construction or threatening loss process. Schedule additional
of funding public outreach.
ENVIRONMENTAL Nesting birds, protected from Mitigate: Re-sequence the
harassment under the work to enable ROW
Migratory Bird Treaty Act, may Certificate.
delay construction during the
nesting season.
Due to the complex nature of Mitigate: Work with Right of
the staging, additional right of Way and Project
way or construction easements Management to prioritize
may be required to complete work and secure additional
the work as contemplated, right-of-way resources to
resulting in additional cost to reduce impact.
the project.
Due to the large number of Accept: Ensure storage
R/W parcels and businesses, the space will be available
condemnation process may
have to be used to acquire R/W,
which could delay start of
construction by up to one year,
increasing construction costs
and extending the time for
COS.
Unanticipated buried man- Accept: Include a
made objects uncovered during supplemental. Work item to
CONSTRUCTION construction require removal cover this risk
 and disposal resulting in
additional costs

Following identification and analysis of project risks, the PRMT takes action to
improve the odds in favor of project success. Ultimately, it is not possible to eliminate all
threats or take advantage of all opportunities - but they will be documented to provide
awareness that they exist and have been identified. 1uccessful risk response will change
the risk profile through the project life cycle, and risk exposure will diminish.

Risk response involves:

• The PRMT determining which risks warrant a response and identifying which
strategy is best for each risk.
• Assigning an action to the Risk owner to identify options for reducing the
probability or impacts of each risk. The Risk owner takes the lead and can involve
experts available to the project.
• Evaluating each option for potential reduction in the risk and cost of implementing
the option.
• Selecting the best option for the project.
• Requesting additional contingency, if needed.
• Assigning an action to the Risk 5wner to execute the selected response action.
The Risk owner is the lead and may assign specific tasks to other resources to
have the response implemented and documented.

If the PRMT judges that a risk should be accepted, it may assign an action to the Risk
owner to prepare a contingency plan if deemed necessary.

A RISK PERSPECTIVE CAN ENHANCE DECISIONS

When considering risk mitigation methodology, it is important to recognize the

impacts of the decision. The impact of responding to a risk may make sense in the short
term: e.g. saves design costs, allows team to meet schedule; but the impact of the risk
needs to be taken as a whole.

For example, the impact of just a few unknown conditions can affect the
construction schedule to the point where an environmental work window requires the
project to be suspended. It is important to recognize how much of an impact there would
be in making a decision. While the direct cost of resolving the unknown condition may be
less than the cost of a site visit, the overall impact of the change may be a significant
delay to the contract if not recognized.
Entering Risk Responses into the Risk Register

The risk response action for each risk is entered into the (Response Actions)
column of the risk register. Risk responses are options and actions that enhance
opportunities or reduce threats. The PRMT, PRM, PM or project team decide upon the
response action to risks listed in the risk register. The response action is then assigned
to one person, the person responsible for executing and monitoring the risk response that
is chosen. 2lanned risk responses must be appropriate to the significance of the risk, cost
effective in meeting the challenge, realistic within the project content and agreed upon by
all parties involved, and owned by a single person. Risk responses must also be timely.
 Module 8
Monitoring and Controlling Risks

Risk Monitoring

Continuous monitoring by the project risk manager and the project team ensures
that new and changing risks are detected and managed and that risk response actions
are implemented and effective. Risk monitoring continues for the life of the project.

Risk monitoring and control keeps track of the identified risks, residual risks, and
new risks. It also monitors the execution of planned strategies for the identified risks and
evaluates their effectiveness.

Risk monitoring and control continues for the life of the project. The list of project
risks changes as the project matures, new risks develop, or anticipated risks disappear.
Risk ratings and prioritizations can also change during the life project cycle.

Typically, during project execution, risk meetings should be held regularly to update
the status of risks in the risk register and add new risks. Periodic project risk reviews
repeat the process of identification, analysis, and response planning.

If an unanticipated risk emerges, or a risk’s impact is greater than expected, the

planned response may not be adequate. The project manager and the PRMT should
perform additional responses to control the risk.

Monitoring also determines whether:

• The PRMT is performing periodic risk review and updating.

• Risk management policies and procedures are being followed.
• The remaining contingency reserves for cost and schedule are adequate and it
may involve recommending:
• Alternative risk responses
• Implementing a contingency plan
• Taking corrective actions
• Changing the project objectives

Risk and Review Updating

Periodically, the PRMT will convene to review the project’s risk register and risk
response actions, and to update project risk information.

Before updating the register and recording changes, the project risk manager
should make a copy of the risk register for the project files, noting its data date. The set
of risk registers will document how risks have changed over the life of the project and
provide an audit trail should it be required.

The review tasks of the PRMT include the following:

• Identify, analyze, and plan response actions for newly arising risks, and add them
to the risk register.
• Review the execution of risk response actions and evaluate their effectiveness.
• Re‐assess existing risks, verify that the assumptions are still valid, and modify
the previous assessments as necessary.
• Assign additional risk response actions to the Risk Owner.
• Retire risks whose opportunity to impact the project has elapsed, or whose
residual impact on the project is deemed to have reached an acceptable level.

The PRMT should discuss any risks for which response actions are not being
carried out effectively or whose risk impact is increasing. If these cannot be resolved
within the PRMT, they should be escalated to the project manager with recommendations
for action.

Update the Risk Register

Make any changes and additions to the risks and enter the revision date into the
“Updated” column.

Lessons Learned

When a risk is retired, the PRMT will review the history of the risk to record any
lessons learned regarding the risk management processes used. The team is
essentially asking itself: “What, if anything, would we have done differently and why?
”The project risk manager will conduct a periodic review of all lessons learned with
the PRMT.
References:

A Guide to the Project Management Body of Knowledge. 6 th Edition

Aized, Tauseef. Total Quality Management and Six Sigma

Baker, Denyse Baker, Broadfoot, Jeff, Mendevil, Steve, Caruso, Adam, and Lueken,
Sandra. How to Measure Quality Management Maturity

Bernstein, Peter, Against the Gods: The Remarkable Story of Risk. New York: John Wiley
& Sons.

Coleman, Thomas S. A Practical Guide to Risk Management.

Crouhy, Michel, Galai, Dan, and Mark, Robert. The Essentials of Risk Management

Dutta, Amit Bijon. Risk Management in Construction Project.

Eldash, Karim. Project Risk Management

Elton, Edwin J., Martin J. Gruber, [Link]., Modern Portfolio Theory and Investment Analysis.
Hoboken, NJ: John Wiley & Sons, Inc.

Evans, James R. The Management and Control of Quality.

Evans, James R. and Lidsay, William M. Total Quality management.

Flanagan, Roger and Norman, Goerge. Risk Management and Construction

Friedli, Basu, Calnan, et. al., FDA Quality Metrics Research 3rd Year Report, St. Gallen:
University of St. Gallen, December 2019.

Friedli, Buess, Kohler, et al. “The Impact of Quality Culture on Operation Performance –
An Empirical Study from the Pharmaceutical Industry,” PDA J Pharm Sci Tech

Jorion, Philippe, Value at Risk, 3rd Edition. New York: McGraw-Hill.

Jutte, Bart, Risk Management Handbook

Kummar, Uttam. Foundations of Quality Management.

Montgomery, Douglas C. Introduction to Statistical Quality Control.

Pandey, O. N. and Aneia, Bhupesh. Quality Management: (Total Quality Management).

Panneerselvam, R., Sivasankaran, P. Quality Management.

Patel, Baker, Burdick, et. al, “Quality Culture Survey Report,” PDA J Pharm Sci Tech
PMBOOK

Pyzdek, Thomas and Keller, Paule. The Handbook for Quality Management.

Rejda, George E., Principles of Risk Management and Insurance (11th Ed.), Addison
Wesley publishers, Boston, Mass

SERC Project Report. Risk Management in Engineering.

Sower, Victor E. An Introduction to Quality Management and Engineering: Based on the

American Society for Quality's Certified Quality Engineer Body of Knowledge.

Tapierom, Charles S. The Management of Quality and its Control

The Standard for Risk Management in Portfolios, Programs, and Projects by Project
Management Institute. June 1, 2019

Vinayagam, Mohanavel. Textbook on Total Quality Management. Publisher: International

Research Publication House.

Wanner, Roland. Project Risk Management.