Risk management has become an integral part of the world of entrepreneurship. Generally, risks are events that have negative effects on a business. Some of the risks can jeopardize businesses, while others can cause serious and costly damages, which may need time to rectify. Not all risks are bad. According to Heldman (2011) risks can present future opportunities as well as future threats.
All projects involve risk and the ones that succeed generally do so because their leaders do two things well. (Kendrick, 2009). They realize much of the work is not new and they plan project work accordingly. Effective project risk management involves these concepts – looking backwards to avoid past mistakes and looking forward many problems can be eliminated.
Project risk management involves the process of conducting risk management planning, identification, analysis, response planning, and monitoring and control on a project. (PMBOK, 2008). According to PMBOK (2008) known risks are those that have been identified and analyzed making it possible to plan responses to those risks. Planning responses and knowing what to do if those risks become a reality in the project can be the difference between a successful or unsuccessful process.
Kendrick (2009) points out that technical projects often come with a higher risk. This is because the projects are typically wide ranging and with new technology, there sometimes isn’t the previous work background often necessary in evaluating risks. And typically technical projects are understaffed and often outcomes are over promised. Since technology changes are so rapid it is often necessary to rush a project and this sometimes leads to project failure.
Risk is the product of two factors: the expected consequences of the event and the probability that the event might occur (Kendrick, 2009). When working on a project you would not know the exact outcome in advance but when you evaluate information from earlier work and go through the initial project planning steps a good project manager can forecast potential outcomes and plan for those outcomes. Kendrick (2009) states that “the goals of risk management for a single project is to establish a credible plan consistent with business objectives and then to minimize the range of possible outcomes.”
Internal risks that arise within the organization are controllable and easily eliminated. For instance, businesses or organizations should do away with the risks from the breakdown in routine operational processes (Sadgrove, 2005). According to PMBOK (2008) organizations and stakeholders are willing to accept various degrees of risk. This is referred to as an organizations risk tolerance . An example of this is that one company may try to adopt a very aggressive completion schedule for a project expecting the reward of getting it done earlier and often saving additional resources, but another company may not be willing to accept this much risk.