Risk Management: Robertson Design and Construction Management - Report Example

Task 2 is in the next file. Thanks! RISK MANAGEMENT PLAN FOR ORGANISATION Table of Contents Contents RISK MANAGEMENT PLAN FOR ORGANISATION 1 Table of Contents 1 RISK MANAGEMENT PLAN FOR THE ORGANISATION 3 1. Outline of the Organisation 3 2. Products and Services 4 3. Management Structure and Individual Roles and Responsibilities 5 4. Identification of Organisational Risks 7 4.1 Probabilistic Risk Assessment (PRA) Procedure 7 4.1.1 Risk Identification with Cause and Effect Diagram (CE) 7 5. Risk Analysis Procedure 9 5.1 Objectives and Methodology Definition 10 5.2 Familiarisation & information assembly 10 5.3 Identification of Initiating Events (Functional Block Diagram Technique) 12 5.4 Sequence or Scenario Development 14 5.5 Logic Modelling (Fault Tree Analysis) 15 6. Risk Evaluation Procedure (Probability and Severity Ranking) 16 6.1 Risk by Probability Rating/Ranking 16 6.2 Risk by Severity Rating or Ranking of the Risks 16 6.3 Calculating Average Probability and Severity 17 7. Treatment and Control of Risks 18 8. Risks Communication Procedure 19 8.1 Goals and Objectives 19 8.2 Communication Procedure 20 8.2.1 Stage 1: Identification of the Audience 20 8.2.2 Stage 2: The Message 21 8.2.3 Stage 3: Communication Source 22 8.2.4 Stage 4: Communication Channel 23 9. Risk Rating Matrix 23 10. REFERENCE 27 RISK MANAGEMENT PLAN FOR THE ORGANISATION 1. Outline of the Organisation RDCM or Robertson Design and Construction Management firm have been deeply involved in development construction projects for over 15 years. These include design and development of 10 residential and commercial buildings in different parts of the country. Its mission and objectives is to assist clients efficiently in realising their construction design and construction needs. The organisation’s efforts are guided by its vision (to become the most preferred design and construction management firm) and core values that are mostly focused on creating positive experiences and lasting relationships with clients, ethical business practices, financial stability, and commitment to life safety. 2. Products and Services RDCM offers its customers various services and expertise for new construction, renovations, pre-construction, conceptual estimation, construction management, design-build, design & construction turnkey services, monitoring & inspections, and surveying services. The pre-construction services include cost estimation, design, and surveying services while construction management, renovations, design-build, monitoring and inspection, and new construction services are being offered to new or on-going projects or existing building that needs refurbishing. RDCM’s design expertise covers both traditional and functional building design such as architectonic (organised and unified structure design) that involves consideration of different beneficial design elements. These include designs in harmony with project location, target market, time and cost requirements, project purpose, and existing regulatory and urban restrictions. The construction division on the other hand focuses on time and cost saving building methodologies such project optimisation technique, constructive systems and purchasing, value engineering, and others 3. Management Structure and Individual Roles and Responsibilities The organisation has 26 administrative and technical employees who are directly supervised by the company’s proprietor- Engineer R. Robertson. A well-experienced Civil Engineer, the owner also acts as the company’s Chief Engineer and Head Designer. The organisation has three main sections – administrative, consulting and design, and construction. The Assistant Manager heads the administrative section consisting of four secretaries, one controller, two accounting staff, an HR supervisor, and two IT Officers. The Owner/Chief Engineer heads the consulting and design section consisting of architectural and engineering personnel. These include the design architect, an environmental and chemical engineer, mechanical and electrical engineers, and AutoCAD drafters. A Civil Engineer heads the construction section consisting of five construction supervisors responsible for electrical, masonry, plumbing, material control, and others. Their roles and responsibilities are shown in Table 1: Table 3‑1 Role and Responsibilities of RDCM Managers and Staff ID Designation Roles and Responsibilities 1 General Manager The general manager role is to coordinate work between sections of the firm. As part of his managerial responsibilities, he is often engage in planning, organising, leading, and controlling. 2 Assistant General Manager The role of the Asst. GM is to carry out some operational duties delegated by the general manager. The Asst. Manager is responsible for coordinating with the department supervisors and other staff. It also includes communicating top management plans, supervising daily front office operation, housekeeping, and processing of reports for the general manager. 3 Chief Engineer/Designer The role of the Chief Engineer/Designer is to lead the technical staff in day-to-day building design and construction management activities. His primary responsibility is to ensure that resources are available for the design team to meet the client’s building design requirements on time. These include monitoring and evaluating progress, resolving work-related issues, providing additional technical information, and coordinating with different clients. 4 Design Architect The role of the design architect is to deal with required architectural design requirements. He leads the design team and coordinates between the design and construction department. His primary responsibilities are to ensure that architectural design specifications are correct and done according to client’s preferences, mechanical and electrical specifications are understood and incorporated in the design, work complies with local codes and standards and completed as scheduled. 5 Environmental and Chemical Engineer The Environmental & Chemical Engineer’s role is to deal with environmental aspects of design and construction. His primary responsibility is to carry out design and prepare code compliant specifications of environmental and chemical related building elements and equipment. 6 Mechanical Engineer The role of the Mechanical Engineer is to deal with mechanical design requirements and coordinate with other members of the design team. His primary responsibility is to ensure that all mechanical design specifications are correct, compliant with codes and standards, and done according to client’s requirements. 7 Electrical Engineer The role of the Electrical Engineer is to carry out the electrical design requirements. He is expected to coordinate his work with other members of the design team. His responsibilities include ensuring electrical design aspects are covered, within specifications, correct and compliant with both standards and client’s requirements 8 Civil Engineer The Civil Engineer’s main role is to manage construction-related activities of the company. He is responsible for directing the construction group daily activities, coordinate with the head of design team, work scheduling and progress monitoring, building material processing and weekly reporting. 9 AutoCAD drafters The AutoCAD drafters’ role is mainly associated with assisting the design team with drafting works. Their main responsibility is to accurate transform design specifications and instructions into compliant computer generated plans and drawings. Their other responsibilities include completing their task accurately in a timely manner, preserve integrity of their computer workstations and files, report data security issues, and keep confidentiality of information. 10 Construction Supervisors The construction supervisors work under the supervision of the Civil Engineer and their role is to manage project field activities. They are responsible for task execution and completion, labour, material, and equipment control, daily monitoring and progress reporting, and maintaining life safety practices in the construction site. 11 Controller/Accounting staff The Accounting Staff role is to manage the financial activities of the firm. Their main responsibilities include ensuring that all finance-related transactions (taxes, fees, payments, salaries, and so on) are accounted, recorded, and updated accordingly. They are also expected to perform regular financial status reporting, maintain good accounting practices, and support the needs and requirements of design and construction departments. 12 HR Supervisor The primary role of the HR Supervisor is to deal with the company’s human resources requirements. His responsibilities include hiring qualified personnel, maintain good relationship between management and labour, manage the needs of employees, facilitate skills improvement training, and resolve internal labour-management disputes. 13 IT Officer The role of the IT Officer is to deal with computer and networking requirements of different departments. His main responsibilities include keeping the computer network reliable and safe against data corruption, intrusion, and other malicious network activities. He is also responsible for software and hardware evaluation and upgrading, user inquiry processing, data backup, devices inventory, and regular status reporting. 4. Identification of Organisational Risks 4.1 Probabilistic Risk Assessment (PRA) Procedure 4.1.1 Risk Identification with Cause and Effect Diagram (CE) The cause and effect diagram or CE is a risk identification tool that illustrates how different factors or cause are lined to potential problems or effects . Also know as fish-bone diagram, CE diagram may consists of several starting points that all ends to their ultimate effect. The categories of root causes in CE depend on the industry where the firm belongs . For instance, the common categories for the construction industry are people, process, materials, equipment, environment, and management. However, since the firm in this study is a design and construction company, categories that are more specific were selected. The above cause and effect diagrams show the potential risks that are likely to affect the design and construction firm. For instance, lack of training and inadequate knowledge and skills of design personnel can lead to design errors that would later result to work repetition, delays, cost overruns, fines, damaged reputation, lost customers, and business closure. Similarly, products and services that were not planned sufficiently can led to inferior quality deliverables resulting to customer dissatisfaction and subsequent fines and cost overruns. As shown in Table 2, the CE diagram is a useful technique for providing information to the firm’s Risk Register that contains the risk’s description, category, risk topic, risk number, potential responses, and root causes . Table 4.1.1‑2 - Risk Register for RDCM Code Category Potential Risks / Initiating Events Consequences Trigger Likely Solution C1 Computer / iT Outdated software & hardware RW; LD; CO; PF; DR; LPR LPR ; CC ;L D Upgrade C2 Poor IT practices RW; HOC; DC; BC LPR; FDC ; SSB Training ; Close Supervision MP1 Methods or Process of Work Lack of coordination between teams RW; LD; CO; PF; DR; LPR LD; LPR; CC Orientation / Teamwork , Close supervision / Training MP2 Inaccurate time estimate RW; LDL CO; Pf; DP; LP LD; LPR; CC Hire qualified personnel / training / performance monitoring P1 People / Personnel Inadequate knowledge & skills CO; PF; DP; LD; LC CC; PQPS; HOP Hire qualified personnel / provide training/ P2 Lack of training CO, PF; DP; LD; LC CC; PQPS; HOP Provide training CL1 Contracts / Lease Inconsistent cost, time, scope & quality objectives CO; PF; LD; LC LD; DP Detailed planning CL2 Client late change request LD; HOP LD; DPC Clear contract provisions, constant communication & coordination w/ client PS1 Product / Services Insufficient planning CS; LC CC; PQPS; LC Detailed product planning / scheduling PS2 Poorly defined deliverables CC; LC CC; LC Detailed planning M1 Management Poor management-staff communication CO; PF; DP; LC; LD HT; PQPS; RW Open communication / close supervision / regular meeting M2 Political and economic concern HOP; LPR; PP HO; DHP Plan ahead / anticipate future cost M3 Lack of control over priorities DP; PF, LC. LD; LPR; PF Detailed planning FS1 Pire Safety Poor fire safety practices PLF ; LC; DR PFSP Fire Safety Management Table 4.1.1‑3 - Code Description for Risk Registers’ Risk Consequence & Trigger Code Description LPR = Low production rate LC = Lost customer or decreasing patronage or projects CO = Cost overrun LD – Legal dispute DP= Damaged reputation CC = Customer complaints or customer dissatisfaction RW= Re-work or repetition of work SSB = Serious security breach PF = Penalty/ Fines PQPS = Poor quality products & services HOP = Higher operational cost DPC = Delayed payment from customer DC = Data corruption including lost files HT – Higher or increasing employee turn-over FD= Frequent Data Corruption DHC – Demand for higher compensation BC = Breach of data confidentiality PP = Political and regulatory pressures PLF = Property & business losses due to fire PFSP = Poor fire safety practices 5. Risk Analysis Procedure Probabilistic risk analysis or PRA is a systematic procedure for assessing the most significant contributors to the risks of the system . It involves estimation of probabilities or frequencies of events that can lead to conditions hazardous to health, safety, and severe environmental and economic consequences. PRA is often conducted with a road map of procedures as shown below. 5.1 Objectives and Methodology Definition The objectives are to facilitate improvement by reducing risk to acceptable level and gather information for effective decision-making. The method for identifying risks includes failure data collection, analysis, and performance assessment (Table 2.1.2.1-1 & 2.1.2.2-1). 5.2 Familiarisation & information assembly -Identification of major critical barriers, structures, safety systems, and human interventions, physical interactions on all parts of the system, past major failures and abnormal events, tabulation of risks and other findings. Table 5.2‑5 - Familiarization results and information assembly ID Critical Barriers Structures/ Systems/ Human Factors Identified past failures & abnormal events Company Division /Activity Brainstorming generated Information Trigger Likely Consequences 1 Outdated software & hardware Low production rate Computer and Information Technology Delayed completion date Cost overruns Penalty or Fines Damaged reputation Lost customers Lost opportunities 2 Poor computing practices Complaints about design submission Low production output Several report on missing files and corrupted data Missing files and data 3 Lack of coordination between teams Several reported late delivery Methods and Process of Work Design flaws or specifications mistakes Cost overruns Penalty or Fines Damaged reputation Lost customers 4 Inaccurate time estimate Several complaints filed from customers regarding delays Complaints and decreasing number of projects 5 Inadequate knowledge & skills Complaints filed for poor quality services Human Resources Employees Late completion of designs and other paper works Cost overruns Penalty or Fines Damaged reputation Lost customers Complaints about poor services 6 Lack of training Experiencing higher cost of operation Design error Low production output Complaints on services quality 7 Inconsistent cost, time, scope & quality objectives No recorded complaints but slightly higher operation cost Contracts Administration and Planning Delayed work Unfulfilled contract obligations Dispute Unnecessary cost due to re-work Delayed collection Cost overruns Penalty or Fines Damaged reputation Lost customers 8 Client late change request Dispute/ delayed payment 9 Insufficient planning Dispute/ delayed payment Production and services Complaints on quality of services offered Cost overruns Penalty or Fines Damaged reputation Lost customers 10 Poorly defined deliverables Complaints filed to late and poor quality products Table 5.2-1 (Continued) ID Critical Barriers Structures / Systems / Human Factors Identified past failures & abnormal events Company Division /Activity Brainstorming generated ideas Trigger Likely Consequences 11 Poor management-employees communication No significant effect recorded Management Complaints from customer; late delivery; etc. Cost overruns Penalty or Fines Damaged reputation Lost customers 12 Regulatory changes and restrictions No reported decrease in operational cost or processing difficulty Lower production output Complaints on quality of services Additional cost due to re-work Frequent employee turnover Possible changes in contract price Higher labour cost, taxes, fees/ and additional regulatory restrictions Delays in other non-prioritised projects Cost overruns Penalty or Fines Damaged reputation Lost customers 13 Political & economic concern No significant failures in record 14 Wrong management priorities No complaints filed and no noticeable changes in production or income 15 Poor fire safety practices No previous fire incident There is no fire safety training in record. No documented fire safety management plan Smoke alarm present Fire extinguisher in every room Combustible materials near heat source Absence of fire or smoke alarm No fire safety training No Fire Safety Management Plan Partial or total property damage / business closure 5.3 Identification of Initiating Events (Functional Block Diagram Technique) Identify events that could result in hazard exposure if not corrected in a timely manner, sources of hazards and associated barriers, events that directly threaten the integrity of the barriers . Functional Block Diagram of Initiating and Supporting Events Figure 5.3‑1 FBD of Initiating Events Table 5.3‑6- Initiating Events Codes and Descriptions ID Initiating Events ID Initiating Events ID Initiating Events IE1 Outdated software & hardware IE6 Lack of training IE11 Poor communication between managers and subordinates IE2 Poor computing practices IE7 Inconsistent cost, time, scope & quality objectives IE12 Regulatory changes and restrictions IE3 Lack of coordination between teams IE8 Client late change request IE13 Politcal & economic concern IE4 Inaccurate time estimate IE9 Insufficient planning IE14 Wrong management priorities IE5 Inadequate knowledge & skills IE10 Poorly defined deliverables IE15 Poor fire safety practices 5.4 Sequence or Scenario Development Identify the mitigating functions for each initiating event., the corresponding human actions, systems, or hardware operations associated with each function including necessary success conditions. Develop functional event tree for each initiating event, develop a systemic event tree for each initiating event, delineating the success conditions, initiating event progression phenomena, and end effect of each scenario . A sample scenario developed using event tree is shown below. Similar technique is applicable to other 14 initiating events. Figure 5.4‑2 Event Tree of Scenario Developed for IE1 5.5 Logic Modelling (Fault Tree Analysis) Event trees are limited to branch points showing if a given sub-system or event did work or not thus no probability or frequency of failure can be observed . For this reason, other logic-based analysis methods such as Fault Tree Analysis is applied . Fault Tree Analysis can calculate the probability of subsystem failure thus steps were taken following the recommendation of : - Fault tree of initiating events that include quantifiable causes of failure (hardware, software, maintenance, skills, and human errors, and so. Figure 5.5‑3 - Fault Tree Failure Probability for IE1 to IE4 6. Risk Evaluation Procedure (Probability and Severity Ranking) Severity Rating is the rank associated with the possible consequences of a hazard and this rating is typically based on either 1 to 5 or 1 to 10 scales. Although using the similar scales, the probability rating on the other hand is the rank associated with the likely occurrence of a particular cause and initiates a potential hazard during a certain life cycle . 6.1 Risk by Probability Rating/Ranking Table 6.1‑7 Risk Probability Ranking Criteria & Values Risk Probability Ranking Rank Rating Probability Criteria 1 Very Low Remote (10%) Has never occurred and will never occur in the next 10 years 2 Low Unlikely (30%) Will not likely occur during a 10 year period 3 Medium Likely (50%) Probably will occur during a 10 year period 4 High Near Certainly (90%) Almost certain to occur anytime 6.2 Risk by Severity Rating or Ranking of the Risks Severity of risks is rank from 1 to 4 using criteria below. Table 6.2‑8 - Severity Criteria and Ranking Rank Severity Criteria 4 Very High Would prevent goals and objectives from being achieved 3 High Would cause significant problems or delays in objectives being achieved 2 Medium Would cause relatively minor problems or delays in objectives being 1 Low Would probably not affect project implementation 6.3 Calculating Average Probability and Severity The average probability and average severity ranking are calculated for each category and the results are added together. The results are then compared given threshold in Table 6.3.2 and their respective severity is entered in the table below. Table 6.3‑9 Average Probability and Severity Calculation of IE No. CATEGORY INITIATING EVENT ID Probability Severity Average Value of P & S Severity Threshold 1 Computer /IT Outdated software & hardware C1 3 3 6 High Risk Poor IT and computer use practices C2 3 3 2 Methods / Process of Work Lack of coordination between teams MP1 3 4 7 High Risk Inaccurate time estimate MP2 3 4 3 People/ Personnel Inadequate knowledge & skills P1 3 3 6 High Risk Lack of training P2 3 3 4 Contracts Inconsistent cost, time, scope & quality objectives C1 2 2 4 Medium Risk Client late change request C2 2 2 5 Product /Services Insufficient planning PS1 2 3 4 Medium Risk Poorly defined deliverables PS2 2 2 6 777 Management Poor management-staff communication M1 2 3 5 Medium Risk Political and economic concern M2 2 3 Lack of control over priorities M3 2 3 Poor fire safety practices FS1 2 4 6 High Risk Table 6.3‑10 Severity Threshold THRESHOLD SEVERITY SUGGESTED ACTION 6-8 High Risk Detailed mitigation action/ modification of goals and objectives 4-5 Medium Risk Clearly defined mitigation action 1-3 Low Risk Minimal or No mitigation action required 7. Treatment and Control of Risks Table 6.4‑11- Risk Treatment & Control Criteria Risk Treatment & Control Criteria Criteria Code Treatment Code Control The risk is acceptable to the organisation if there is a contingency plan in case it occurs. 1 Retain/accept A Contingency Planning Organisation see the need to apply control measures 2 Reduce the Likelihood of the risk B Apply control measures, train staff, upgrading equipment, detailed planning, improve management & supervision, open communication, etc. Organisation decided to undertake contingency planning, disaster recovery & business planning, 3 Reduce the consequences of the risk C Plan and prepare, allocate funds, train staff in emergency procedures Organisation decided to share some part of the risk to another party 4 Transfer the risk D Contract provisions, outsourcing, insurance coverage, and so on Organisation decided to cancel activities that are likely to generate the risk whenever possible 5 Avoid the risk E Cancel risk generating activities Table 6.4‑12 - Risk Treatment and Control for RDCM No. CATEGORY DESCRIPTION ID SEVERITY TREATMENT CONTROL 1 Computer /IT Outdated software & hardware C1 High 2 B Poor IT and computer use practices C2 2 Methods / Process of Work Lack of coordination between teams MP1 High 2 B Inaccurate time estimate MP2 3 People/ Personnel Inadequate knowledge & skills P1 High 2 & 4 B & D Lack of training P2 4 Contracts Inconsistent cost, time, scope & quality objectives C1 Medium 2 & 4 B & D Client late change request C2 5 Product /Services Insufficient planning PS1 Medium 2 B Poorly defined deliverables PS2 6 Management Poor management-staff communication M1 Medium 2 B Political and economic concern M2 Lack of control over priorities M3 Poor fire safety practices FS1 Medium 2 B 8. Risks Communication Procedure 8.1 Goals and Objectives Goals of risk communication procedure for RDCM: a. Promote awareness of specific issues under consideration because of risk analysis b. Promote consistency and transparency in implementing risk management decisions. c. Promote better understanding of risk management process and associated impact. d. Improve the effectiveness of risk analysis process. e. Improve development and dissemination of information and educational programmes. f. Encourage involvement of all parties concern and sharing of practices, perceptions, and values concerning risks. 8.2 Communication Procedure 8.2.1 Stage 1: Identification of the Audience The purpose of identifying relevant stakeholders is to establish the basis for communication such as individual audience characteristics (Managers, Engineers, IT Professional, and others). In terms of risk communication, RDCM may be divided in 3 important groups of stakeholders: a. Decision-maker Those who will make the decision for risk reduction and communication (i.e. owner, general manager) b. Risk Reduction Beneficiaries Stakeholders that will benefit from risk reduction program (i.e. Head of departments). c. Risk Recipients Stakeholders that are directly affected by the risks (i.e Designers suffering low production rate, errors in design, late delivery, and so on) Table 8.2.1‑13- RDCM Stakeholder Group Type & Percentage STAKEHOLDERS GROUP IN RDCM GROUP ID GROUP TYPE DESIGNATION No. % G1 BENEFICIARIES Chief Engineer/Designer 1 3.8 G1 Design Architect 1 3.8 G1 Civil Engineer 1 3.8 G1 Construction Supervisors 4 15.4 G1 Controller 1 3.8 G1 HR Supervisor 1 3.8 G2 DECISION MAKER General Manager 1 3.8 G2 Assistant General Manager 1 3.8 G3 RISK RECIPIENTS Accounting staff 4 15.4 G3 Environmental and Chemical Engineer 1 3.8 G3 Mechanical Engineer 1 3.8 G3 Electrical Engineer 1 3.8 G3 AutoCAD drafters 4 15.4 G3 IT Officers 4 15.4 Total 26 100 8.2.2 Stage 2: The Message For effective communication, the message should be specific to the target audience thus three type of reports are required. a. Type 1 - (RT1) Full and detailed report of this Risk Assessment results b. Type 2 – (RT2) Executive Summary of Risk Assessment results c. Type 3 – (RT3) A report for specific audience containing risk assessment result relevant to their work or activities. Note: The type of report to for each audience is determined by their interest factor or conditions that arouse their greater concern . Table 8.2.2‑14- Risk Communication Messages Distribution by Audience Interest Factor REPORT TYPE DISTRIBUTION BY AUDIENCE INTEREST FACTOR ID GROUP TYPE REPORT TYPE STAKEHOLDERS FACTORS G1 BENEFICIARIES RT3 Chief Engineer Design Architect Civil Engineer Construction Supervisors Controller HR Supervisor - Risks are affecting the quality of their work.- -Production rate is low - Increasing customer dissatisfaction - Uncontrolled risk can result to business closure and unemployment G2 DECISION MAKER RT2 General Manager Assistant General Manager - Risks are affecting business stability - Operational cost is increasing - Increasing number of dissatisfied customers - Decreasing competitive advantage - Large-scale losses if uncontrolled G3 RISK RECIPIENTS RT1 Accounting staff Env./Chem. Engineer Mechanical Engineer Electrical Engineer AutoCAD drafters IT Officers - Risks are attributed to their inactions and failings - Risks are controllable and can be reduced by appropriate work practices - Risks affecting job security 8.2.3 Stage 3: Communication Source In view of the risk analysis regarding RDCM, the main entity responsible for establishing the communication strategy is the Human Resources Department. This is because effective communication requires an established relationship between the information source and recipients. Moreover, the most important factor in effective communication is credibility and confidence that HRD clearly possess. 8.2.4 Stage 4: Communication Channel A message that did not reach its intended audience is useless thus this communication strategy identify the most reliable communication channel – Direct Delivery. Since HRD is the source of information and recipients are within the same building, messages should be delivered directly from HRD office to each individual stakeholder or recipient. The message should not go through department heads and this could lead delay or misplacement of messages. Therefore, messages should be delivered to and received by no other than the person concern. 9. Risk Rating Matrix Figure 9‑4 – Risk Rating Matrix showing levels of probability and severity for each identified risks 9‑15 Treatment and Control Codes for Table 8.2 Treatment & Control Codes (see Table 3.4-1 for criteria) Code Treatment Code Control 1 Retain/accept A Contingency Planning 2 Reduce the Likelihood of the risk B Apply control measures, train staff, upgrading equipment, detailed planning, improve management & supervision, open communication, etc. 3 Reduce the consequences of the risk C Plan and prepare, allocate funds & train staff in emergency procedures 4 Transfer the risk D Contract provisions, outsourcing, insurance coverage, and so on 5 Avoid the risk E Cancel risk generating activities Table 9‑16 Treatment & Control / Severity & Probability Data for Rating Matrix ID Trigger Effect Treatment Control Severity Probability IE1 Delayed completion date Cost overruns Penalty or Fines 2 B 6 3 IE2 Low production output Damaged reputation   Missing files and data Lost customers IE3 Design flaws or specifications mistakes Lost opportunities 2 B 7 3     Cost overruns Penalty or Fines IE4 Complaints and decreasing number of projects Damaged reputation     Lost customers IE5 Late completion of designs and other paper works Cost overruns Penalty or Fines 2 & 4 B & D 6 4 IE6   Damaged reputation   Complaints about poor services Lost customers   Design error   IE7 Low production output Cost overruns Penalty or Fines 2 & 4 B & D 4 2   Complaints on poor services quality Damaged reputation IE8 Delayed work Lost customers   Unfulfilled contract obligations Dispute     Unnecessary cost due to re-work     Delayed collection   IE9 Complaints on quality of services offered Cost overruns Penalty or Fines 2 B 4 2 IE10 Lower production output Damaged reputation   Complaints on quality of services Lost customers IE11 Additional cost due to re-work Cost overruns Penalty or Fines 2 B 5 2 IE12 Frequent employee turnover Damaged reputation IE13 Possible changes in contract price Lost customers IE14 Higher labour cost, taxes, fees / and additional regulatory restrictions     Delays in other non-prioritised projects   IE15 Combustible materials near heat source Partial or total property damage / business closure 2 B 6 2   Absence of fire or smoke alarm   No fire safety training     No Fire Safety Management Plan   10. REFERENCE Brown, C. L. T. (2010). Principles of Software Development Leadership: Applying Project Management Principles to Agile Software Development, Course Technology El-Haik, B. S. & Shaout, A. (2011). Software Design for Six Sigma: A Roadmap for Excellence, Wiley Modarres, M. (2006). Risk Analysis in Engineering: Techniques, Tools, and Trends, Taylor & Francis Oleske, D. M. (2009). Epidemiology and the Delivery of Health Care Services: Methods and Applications, Springer Sanghera, P. (2008). Fundamentals of Effective Program Management: A Process Approach Based on the Global Standard, J. Ross Pub. Zepeda, C. Risk Communication. Animal Disease Surveillance Systems, 2005 Spain. CEAH Collaboration Centre, 187-192.  Read More