2.4 Risk and uncertainty
Risk and uncertainty are pervasive. The term risk originates from the Italian verb riscare, which means ‘to run into danger’. Consequently, our general understanding is that risk represents the chance of adverse consequences or loss occurring; an interpretation that the insurance industry thrives upon. Generally, risks can be identified and once identified the probability of the risk occurring needs to be assessed. However, there may also be doubt about the validity of qualitative or quantitative data: this is called uncertainty. We can also use the term uncertainty to mean a state where too little is known about something, and the very lack of knowledge represents a danger that can only be addressed by gathering more information (see, for example, Chapman and Ward, 2003). Example 8 illustrates the distinction between risk and uncertainty.
Your company is asked to store some substance you know nothing about. What risks are associated with this request? They are difficult to determine until you find out whether, for example, the substance is explosive, flammable, corrosive, poisonous and so on. If you find that the substance is explosive, you now know that there is a risk of explosion in storing the substance. Further investigations of the uncertainty surrounding the substance might reveal to you that it is only explosive if heated above a certain temperature. You now not only know the risk, but can make a probabilistic assessment of whether temperatures in your storage area are likely to be within the safe limits during the time you need to store the substance. (The knowledge also allows you to plan actions that might reduce the risk of explosion further, for example by installing air conditioning or refrigeration.
While there are many interpretations of risk, some authors take a phenomenological view when they write about dealing with risk. In order to manage risk in a project context, Edwards and Bowen (2005) identify four aspects of risk phenomena:
- the probability that an event will occur
- the nature of the event
- the consequences of that event
- the period of exposure to the event (as well as its consequences).
Any person preparing a proposal must take risks and uncertainties into account. To do either requires first that areas of uncertainty and risk are identified. At the stage of making proposals, perceived risks must be brought clearly to the attention of those in authority to make decisions in the matter – the problem is ‘escalated’ to more senior managers. The problem may then be delegated to someone with the express purpose of investigating further. Crockford (1980) listed the following categories of risks:
- fire and natural disaster
- political and social risk (war, civil disturbance, theft and vandalism)
- technical risk
- marketing risk
- labour risk (stoppages and strikes, turnover of personnel)
- liability risks (product liability, safety).
Some people would expand this list to include environmental problems (problems short of natural disaster but nevertheless serious), and would include under social risks demonstrations against a project and adverse social effects (for example, having to relocate large numbers of people to make way for the project). Edwards and Bowen (2005) have classified risk within two separate branches: natural and human. The sub-categories of natural risk comprise biological, climate (or weather), geological and extra-terrestrial. The sub-categories of human risk are: cultural, economic, financial, health, legal, managerial, political, social and technical. However, Edwards and Bowen acknowledge that human risks are harder to classify than natural risks because of the overlaps and relationships within humanly devised systems (2005, p. 27).
It is likely that the potential for variation of costs should be considered a risk if novel elements predominate in a project. Proposals involving research, development or immature technologies tend to be of higher risk than projects in more mature areas such as civil engineering. However, Chicken (1994, p. 6) notes that major civil engineering projects which are novel, such as the Sydney Opera House, the Thames Flood Barrier and the Channel Tunnel, suffer from variation in costs, often by factors of from 10 to 200 times original estimates. More recently, the new parliament building in Edinburgh and the replacement Wembley Stadium suffered from variation in costs. Information systems developments are also prone to this problem. In many cases, the sources of such variation can be found in a failure to implement ‘best practice’ with respect to the management of projects (see, for example, RAE, 2004).
Three dimensions of risk exist:
- technological maturity (the incorporation of novel methods, techniques, materials, etc.)
- structural complexity.
The larger a proposed project is, the greater the risk. Increase in size usually means an increase in complexity, including the complexity of administration, management and communication among the participants. Technological risks lie in the extent to which the technology and the methods proposed to be used are new and untried, innovative or unfamiliar. Structural complexity refers both to the arrangement of the component parts of the proposed project and to the structure of teams, management and relationships between groups.