Project risk management

Project Risk Management at Urban Development Corporation of Trinidad and Tobago (UDECOTT) Case Study

'Trinidad and Tobago is a twin island separated by water. Tobago is one of the countries in the Caribbean which get most of their revenue from tourism. The government in charge of Tobago is 'The Tobago House of Assembly' and they have decided to improve tourism and in addition assist self-employed citizens in Tobago. This project was to renovate the Scarborough Esplanade by putting up a stage for cultural events and huts were vendors can sell their goods, for example, craft. The main stakeholder in this project was Urban Development Corporation of Trinidad and Tobago Limited (UDECOTT). According to the UDECOTT - Scarborough Esplanade, this project began in October 2002 and ended in July 2005.

The Tobago newspaper mentioned when the renovation was completed the booths were leaking due to design faults. The vendors of the booths have been having problems anytime the rains fall in that the water leaks into the booths. To assist the vendors the Tobago House of Assembly made the decision to adjust the rent of the leaking booths. Furthermore according to the Trinidad and Tobago express there was uproar for UDECOTT to improve their managerial skills because of negative feedback from audit checks.'


The aim of this essay is to assess the risk management tools use by Urban Development Corporation of Trinidad and Tobago (UDECOTT). The organisation is owned by the government and is involved with a lot of construction projects in Trinidad and Tobago to accomplish vision 2020. At present there are many complaints about the organisation managerial assessments towards projects. The organisation manages risk management based on International Financial Reporting Standards but the results of projects are unsatisfactory.

This occurs as a result of a vast number of reasons, for example, the organisation is focuses risk management on the financial aspects of the organisation's projects, but risk management involves all parts of the project until completion. This essay aims to discuss the organisation's use of risk management and comparing these methods to risk management tools, techniques, and models used in organisations worldwide. Furthermore, the essay highlights the organisation's strengths and weaknesses using the SHAMPU framework.

Risk Management

A risk is a degree of uncertainty which occurs during the life cycle of a project, this risk can be an opportunity or threat. Risk management is an endless process conducted within any project. Once this process is done properly from the beginning to the end of the project the organisation will be able to identify risk as soon as they arise, therefore, reducing or avoiding the high risk factors. Kerzner mentioned that every risk management process is different because it depends on the complexity or size of the project.

Performance of UDECOTT risk management

Young 2007 mentioned, the risk management cycle or process is a repeated process or cycle involved in any project. According to UDECOTT annual report 2006 (25 financial risk management) the organisation risk management is focused on uncertainty of their financial markets. UDECOTT financial risk management is done in accordance with International Financial Reporting Standards (IFRS). In addition, they seek to diminish negative effects on their financial achievement, where they take into consideration credit rate risk, interest rate risk, currency risk and liquidity risk. The organisation concentrates on the financial area because they use foreign currency and sometimes there is fluctuation in the interest rate which can lead to losses.

The annual report 2006 also mentions the sensitivity analysis to market risk. According to Smith and others 2006 sensitivity analysis is able to highlight the most important areas within a project, but the disadvantage of this method is that it cannot give the overall cost of the project. Furthermore in relation to the annual report 2006 (auditor's responsibility) the organisation's external auditors PricewaterhouseCoopers also performs a risk assessment on materials in the financial statement to avoid fraud and error. The organisation is right to take into consideration the financial aspect of their projects but they are leaving out other important aspects for example, environment, technical, human, societal, commercial, financial and operation. As a result, the project had the leakage problems.

Comparison to risk management tools

Sensitivity Analysis

According to UDECOTT annual report 2006 the risk management tool in which they have considered is the quantitative risk analysis in which they use the sensitivity analysis in their risk market. Seeing risk from inside states that sensitivity analysis is done by having one variable while the other remains constant. Smith and other mentioned that this tool is used to distinguish variables which are delicate in the project. Once the tool is used properly management can put corrective measure in place to address the risk identified. After comparing this tool and the use of it by the organisation they could have used it more extensively, meaning they can also use this tool for other areas of the project not just financial management. See appendix A for sensitivity analysis diagram with variables which can occur within the project.

Top Ten Risk Item Tracking

This tool assists in the identification of risks and control risks within the project. According to UDECOTT annual report 2006 IFRS 7 they identify the risk but they did not state they maintain the risk for the project. Based on the project if the risk items were identified and problems faced during the construction of the buildings would have been avoided.

Appropriateness of risk management tools used by UDECOTT

The research collected shows the organisation's main focus is on financial and the tool used is sensitivity analysis. According to UECOTT the organisation use the IFRS 7 to analyse their financial risk management. The auditors' states in an article called seeing risk from inside that sensitivity analysis is used for interest rate risk, equity risk and currency risk. During a project many risk arise not only in financial but also operational, political. The tool used is not sufficient within the life cycle of the project.

Organisations strength and weaknesses towards risk management using SHAMPU

In relation to Chapman he mentioned the processes SHAMPU (shape, harness and manage project uncertainty process). When comparing this process with UDECOTT the organisation is lacking many important parts which involve the risk management process. For example, using the middle level of the SHAMPU process and comparing it to the organisation these are the results.

After reviewing the SHAMPU framework the organisation is lacking proper format of the risk management process.


The organisation can form a risk management team to deal with all risks within the organisation. To assist the team with efficiency a risk register should be kept and updated regularly, see appendix B for risk register. Young mentioned a risk assessment can be done where the organisation can use a self risk assessment checklist and ask themselves a few questions to identify the risk within the project, see appendix C for risk assessment questions.

The organisation needs to follow the 7 risk management process. Firstly they need to establish the content of the project by stating the business and the risk associated. Then they have to identify all possible risk at each stage of the project as with UDECOTT they emphasis financial risk management which is not sufficient. As soon as the risk is identified each risk has to be assigned to the individual responsible for the particular risk to take the appropriate action. After the risk has been identified they are analyzed which can be done using qualitative and quantitative tools and techniques. The qualitative tools which the organisation should adapt are the failure mode and effect analysis, probability impact matrix, and expert judgement.

According to Lock the FMEA begins by outlining the failures and follow up by showing the effects. See appendix D for FMEA analysis diagram. If the organisation had used the FMEA analysis the risk of the leakages would have been detected earlier.

The probability/impact matrix outlines the probability and impact of risk whether they are negligible, low, high, medium and high and is rated using 1 - 10 scale. See appendix F for some of the possible risk which could be associate with the project. Based on the evidence we can see that the risk which is high is the faulty design of the buildings, see appendix G for a risk diagram. Expert judgement can be used to assist in identifying risk as soon as possible. This can be done by having a risk management team where they can have a lessons learnt log book or register.

In relation to quantitative risk analysis the organisation is using sensitivity analysis but they should also use decision tree and failure, mode, effect and criticality analysis (FMECA) due to the fact that sometimes they have complex projects to deliver. An example of a decision tree which the organisation could use is shown in appendix H. Lock mentioned FMECA is based on FMEA but now contains an assessment, see appendix I for diagram. Within the diagram is the consequences of failure using severity, likelihood and detection are measured at a scale of 1-10. See appendix E for the cores for severity, likelihood and detection. Then the RPN is calculated by multiplying S x L x D. The higher the RPN the risk is higher and based on the table in appendix I the RPN is higher for operation and financial.

According to Chapman which suggests the use of both qualitative and quantitative analysis in a project life cycle is best if the organisation will like to see good results. When both are used the efficiency and effectiveness and quality produces good results within the project. After the risk is analyzed then it has to be evaluated stating the level for the risks, which is shown in appendix F and G. Then the risk is treated, if the risk is a threat the organisation would avoid, transfer, reduce, fallback, accept, share and if the risk is an opportunity the organisation will enhance, reject, exploit or share (PRINCE2 2009). See FMEA table for risk treatments. According to BS ISO 10006:2003 quality management systems once a resolution is establish to the risk there have to be checks to ensure there is no effects or new risk to address by its performance. In addition, during the project there should always be risk control, monitoring and consultation. Val Jonas mentioned enterprise attitude towards risk is poor and they only take actions when the risks become difficult. This statement relate to this project risk management case.


The most important issue within the organisation is the lack of many parts of the risk management process. This is highlighted due to the fact that the organisation only focuses on financial risk management and therefore, the other risk of the project is not been addressed. The evidence discovered in relation to the tools in which the organisation uses comparing it to the qualitative and quantitative tools shows it's insignificant. For effective and efficient running of projects the organisation need to amend their risk management process. This can be done by implementing the various qualitative and quantitative tools and a detail risk management process. Furthermore, the SHAMPU framework can be adopted within the organisation, this framework also highlights the strengths and weaknesses within the organisation.


  • UDECOTT Developing the vision making it real [online at] assessed on 22 March, 2010
  • Holiday Tobago - the undiscovered Jewel of the Caribbean [online at] assessed on 22 March, 2010
  • Tobago News leaking booths at Milford Road Esplanade Friday, January 19th 2007 [online at] assessed on 7 April, 2010
  • Smith, J. N., Merna, T, J. P. (2006) Managing risk in construction projects 2nd edition Blackwell publishing pg 109, 40, 47, 48, 196-197
  • Young, L. T. (2007) The handbook of project management 2nd edition a practical guide to effective policies, techniques and processes pg 109, 110, 114
  • UDECOTT Urban Development Corporation of Trinidad and Tobago Limited Annual Report 2006 [online at] assessed on 21 March, 2010 pg 27, 57, 60
  • Mantel, J. S., Meredith, R. J., Shafer, M. S., Sutton, M. M. (2008) Project management in practice 3rd edition Pg 128, 129
  • Buttrick, R (2009) The project workout the ultimate handbook of project and programme management 4th edition pg 408, 414
  • Trinidad express Newspaper send UDECOTT board packing dated Tuesday, April 6th 2010 [online at] assessed on 7th April, 2010
  • Risk Assessment Table (After Waring A; 1996) [online at] assessed on 9 April, 2010
  • Chapman, C. B., Ward S., (2003) Project risk and management processes techniques, and insights 2nd edition pgs 35, 55, 56, 58
  • Burke, R., (2007) Project management techniques college edition project management series pgs 280
  • Office of government commerce (2009) Managing successful projects with prince2 pgs 84, 86, 87, 312
  • Wikipedia the free encylopedia Decision tree [online at] assessed on 13 April, 2010
  • British Standard BS 6079-3:2000 Project management - Part 3 Guide to the management of business related project risk pgs 21
  • British Standard BS IEC 62198:2001 Project risk management - application guidelines pg14
  • British Standard BS ISO 10006:2003 Quality management systems - Guidelines for quality management in projects pg 23
  • Jonas, V., CEO risk decisions group Enterprise risk Management - Successful organisation take (measured) risks pg 2 3rd paragraph
  • Kerzner, H., Advanced project management best practices on implementation 2nd edition pg 338 last paragraph
  • Lock, D., (2007) The essentials of project management 3rd edition Gower pg 44-46
  • International Accounting standards press release IASB publishes exposure draft on financial instrument disclosures 22 July, 2004 [online at] assessed on 3 May, 2010
  • Seeing risk from the inside: The impact of IFRS 7 and revised IFRS 4 on insurers financial reporting [online at] assessed on 3 May, 2010


Based on the diagram above sensitivity analysis not only focus on financial management but also on all the areas which is included in the success of a project.

*Action plan/response is a response which is done by the person in charge of the risk to contain or bring the risk to a stage where it is accepted. These responses are divided into opportunities and threats. Based on the FMEA table environmental financial and technical are share responses which fall under opportunities and threats, whereas human operational commercial and social are threat in the project.

Accept (threat) - Hold on to the risk and check it on a regular basis.

Share (opportunity/threat) - The risk is shared between parties and they are responsible for the gain or loss of that particular risk.

Mitigate/Reduce (threat) - This reducing the likelihood of the risk occurring.

Avoid (threat) - The risk will no longer have an impact on the project.

Reject (opportunity) - The cost of the risk out ways the opportunity.

Enhance (opportunity) - Enhance the likelihood of the risk if it occurs.


  1. Human - the risk of poor drainage.
  2. Operational - poor quality of the structures may have leakage in the roof may have leakage in the roof, or cracks due to poor design.
  3. Commercial - the equipment can be defective.
  4. Environmental - If a storm occurred it would destroy and cause severe problems on the site, due to the fact that the work is done close to the sea.
  5. Societal - Postpone of planning consent by the Tobago House of Assembly.
  6. Financial - Increase in the budget for the project.
  7. Technical - Completion date is extended due to weather conditions.

The blue line is the risk tolerance line. The risk outline above the line has to be dealt with by the higher authorities, whether executive or project board. (Prince2 manual pg 312)

The risk diagram is a further explanation of the probability impact matrix which highlights the probability of failure and consequences of failure. The diagram also shows the high risk, medium and low risk within the project.

The decision tree above illustrates the gain and the loss for Tobago if they decide to renovate the Scarborough esplanade or not.

Risk & Quality Management 23

Please be aware that the free essay that you were just reading was not written by us. This essay, and all of the others available to view on the website, were provided to us by students in exchange for services that we offer. This relationship helps our students to get an even better deal while also contributing to the biggest free essay resource in the UK!