Within the framework of the EscoRisk working group of the SmaP (French association of Project management, IPMA representative), Project Risk Managers and Project Directors involved in the energy, rail transport, construction/civil engineering sectors, in positions of project owner, engineer or contractor and an academic, offer their main recommendations, applicable to all types of projects and companies, in order to strengthen the management of project’s risks and opportunities.
These recommendations are not ranked, as the priority of each of them depends on the situation of the project and the company considered.
Participants : Pierre Bontoux (leader – Orano Mining retiree), Christian Altier (SNCF retiree), Cécile Besnard (EDF), Thibaut Branellec (TotalEnergies), Laurent Dehouck (ENS Rennes, GREGOR IAE Paris, CRIIF ENSAM), Tristan Misseri-Antoine (Systra), Olivier Miret (Bouygues TP), Colombe Morisseau (Bouygues TP), Didier Roger (Orano Projets), Julien Ventroux (Systra).
Main recommandations :
- Respect the risks and opportunities management process. Ensure the regular management of the risks and opportunities portfolio, as a support for decision-making, plan actions, ensure their implementation and their effectiveness,
- The consideration and support of all internal (management, technical services, etc.) and external (customer, partners, suppliers, etc.) stakeholders is essential to the sustainability of the approach,
- The workload associated with the management of projectrs risks & opportunities must be proportionate to the cost of the project and its stake in relation to the strategy of the company (evaluate the load and the feasibility upstream),
- Integrate risks and opportunities management into project management : link with other areas of project control and other disciplines (technical, supply chain, finance, etc.),
- The feedback and capitalization on the risks that have appeared and the methods used are effective in strengthening the risks and opportunities management system and sustaining the good practices identified within the projects – continuous improvement,
- Take into account that the competence of the Risk manager is based on Knowledge (methods and tools of risk management, technical knowledge, business), Know-how (adapt this knowledge to the project, ability to overcome the usual biases during an analysis risks) and soft skills (ability to conduct the process, lead meetings and manage human relations between actors),
- It is necessary to be aware of cognitive, motivational and cultural biases when identifying, evaluating and managing (implemention and control) risks, without always being able to cancel them,
- The quality of the data provided by the project team (impacts, probability, distribution curves if the statistical approach is used, etc.) conditions the quality of the estimate of the risk contingency,
- The management of project risks & opportunities must be part of the company’s risk management (risk appetite and policy): Top-Down (decisions, use of management reserve, etc.) & Bottom- Up (alerts / risks, validation requests …),
- Ensure the consistency and continuity of project risks and opportunities management, which includes methods, organization, tools, skills in an integrated approach.
- The term “risk” is taken globally with the meaning of the ISO 31000 standard, other normative frameworks, recommendations or benchmarks may be taken into account in the next steps of our work,
- Enterprise risk management was addressed only through its interfaces with project risk management.