Chapter 7: Risk. Incorporating risk management. What is risk and risk management?

Transcription

1 Chapter 7: Risk Incorporating risk management A key element that agencies must consider and seamlessly integrate into the TAM framework is risk management. Risk is defined as the positive or negative effects of uncertainty or variability upon agency objectives. Transportation agencies have for decades applied risk management at the project level. Increasingly, DOTs are integrating risk management more formally into their asset management processes, including the development of their asset management plans. This includes addressing the following questions: 1. What are the risks to my assets? a. What are the asset risks to the enterprise or the agency as a whole? b. What are the asset risks at the program or asset class level? c. What are the risks at the project level or to specific assets? 2. What is my asset risk tolerance and mitigation strategy? a. Which critical assets are at high risk? b. What is the risk tolerance at the enterprise, program, and project level? c. What is the cost to keep my assets within the acceptable risk tolerance levels? d. What is my financial asset risk gap? e. What is my risk mitigation strategy? f. What are my critical assets? The use of risk management among transportation agencies largely is limited to managing risk at the project level, generally during construction. Risk management at the project level helps to identify threats and opportunities to a project s cost, scope, and schedule. However, transportation agencies need to recognize the growing need for a better understanding of risk management at program and organizational levels. Today, the leading international transportation, banking, and insurance organizations have explored the benefits of risk management at the program and enterprise level and use it as a tool to protect their investments. It is important for transportation agency officials to consider incorporating risk management into the decision making process for several reasons. First, officials have seen the benefits of risk management at the project level. Second, they have heard from their international colleagues that risk management can pay dividends when used at the broader program and enterprise levels, particularly when agencies do not have enough funding to address their priorities. Third, managing risk is an integral step in following a comprehensive asset management framework, as described in the International Infrastructure Management Manual, AASHTO Transportation Asset Management Guide A Focus on Implementation, the UK Roads Liaison Group s Highway Infrastructure Asset Management Guidance Document, etc. What is risk and risk management? Different industries use many different definitions of risk and risk management. Some industries define risks narrowly and equate them to hazards or threats. This usage reflects the common, 50

2 everyday definition of risks as threats or dangers. Others, however, increasingly use a much broader definition of risk. Many consider risks to include both possible threats and possible opportunities. The International Organization for Standardization (ISO) defines risk as the effect of uncertainty on objectives, (1) and it notes that uncertainty could be positive or negative. Other definitions equate risk to variability or to the chance that desired outcomes won t be achieved. The New Zealand Transport Agency, an international leader in risk and asset management, defines risk as the chance of something happening that will have an impact on objectives. It is measured in terms of a combination of the likelihood of an event and its consequence. This expansive application of risk is evident in the definition of risk management used by the New South Wales (Australia) Government Asset Management Committee. It defines risk management as a systematic process to identify risks that may impact the organization s objectives, analyze their consequences, and develop ongoing measures to treat them. These broader definitions of risk expand risk management to an enterprise-wide framework for setting priorities, assigning resources, and ensuring organizational success. The broader definitions of risk emphasize that risks are not always negative. If risks are equated with uncertainty or variability, these definitions hold promise that risk could be positive as well as negative. PIARC has indicated that risk management could be called opportunity management. The field of financial management has long understood this implication. No risk, no reward is a basic investment premise. A financial advisor who only offers clients no-risk investments is unlikely to earn them a substantial return. Therefore, risk management is more than barricading an organization against all threats. Modern risk management involves protecting against excessive risk while capitalizing on opportunities that have acceptable risk levels. The Highways England agency notes that its risk management obligation is twofold. It must protect the public from hazards and threats to desired transportation outcomes, but it must also ensure that it identifies, evaluates, and capitalizes upon all reasonable opportunities. Establishing the Context this involves understanding and documenting the social, cultural, legal, regulatory, economic, and natural environment to which the agency is sensitive. The context allows risk management to be tailored to the agency s needs and circumstances. Included in this step is the development of the agency s risk policy designed around the agency s unique objectives. These objectives can include issues such as improving network reliability by reducing the need for frequent maintenance and repair or providing the lowest reasonable whole-life costs for assets. Also included in this step is the creation of the agency s internal and external risk management communication process. This process allows information to flow up and down through the agency and externally with key stakeholders. Identifying critical assets Critical assets are those that are essential for supporting the social and business needs of both the local and national economy. These assets will have a high consequence of failure, but not necessarily a high likelihood of failure. These assets should be identified separately and assessed in greater detail as part of the asset management planning process. 51

3 By identifying critical assets, authorities can target and refine investigative activities, maintenance plans, and financial plans at the most crucial areas. Such assets may include special and major structures, such as estuarial crossings. Critical asset considerations may also include access to assets owned by third parties, such as substations, where access is via a single track road but accessibility is critical. Criticality can be assessed by applying broad assumptions about the implications of failure, for example, whether the non-availability of a major structure or tunnel would have a significant impact on the local or possibly the national economy or whether higher trafficked roads are assumed to have a larger consequence of failure than lower trafficked roads. Using this approach, simple criteria can be defined to assess the loss of service. For example, the loss of use of a road may Affect or disconnect specific parts of a community, Affect businesses of different sizes and significance, and Affect specific numbers of road users/hour. Depending on the criticality of the asset, the risk management approach may be at a network level, by ensuring that diversions are available and have minimal impact; at an individual asset level; or at a detailed component level, with extensive consideration of failure modes. Risk Identification in this step, the agency formally identifies the risks that could affect its objectives. These can be external, such as price changes, legislative actions, economic changes, extreme weather and climatic events, seismic events, or malevolent acts. Risks also can be internal, such as operational failures, data failures, conflicting internal program objectives, or a lack of trained personnel for key tasks. All risks are generally recorded in a formal risk register. The most commonly understood risks affecting the highway service relate to safety. However, there are a wide range of other risks, and their identification and evaluation is a crucial part of the asset management process. Risks may include the following: Safety Reputation Asset loss or damage Service reduction or failure Operational Environmental Financial Contractual Risk Analysis this step evaluates the probability of risk with its consequence. The calculation can be qualitative and based upon expert judgment, it can be quantified simply in a 1 to 10 scale, or it can be subject to complex mathematical modeling. Most such analysis is relatively simple. Regardless of the method used, the intent of this step is to understand the risks and their magnitude. 52

4 Risk assessment involves a determination of the likelihood and consequence of an event. Risk assessment allows the identified risks to be analyzed in a systematic manner to highlight which risks are the most severe and which are unacceptably high. An authority can then determine its level of exposure to the risk and the actions necessary to minimize that risk. An example of an assessment of the likelihood and consequence of a risk through a qualitative matrix approach is illustrated below. Overall, risk is normally described as follows: Risk = Likelihood Consequence Likelihood is the chance of an event happening, for example, a failure (asset as well as organizational) or service reduction. It can be measured objectively, subjectively, qualitatively, or quantitatively. It can be described using general or mathematical terms, such as frequency or probability. Issues to be considered include the following: Changes in policy and funding Current and historic performance (severity and extent) of the asset Severity of the environment, rate of deterioration, and/or current age of the asset Asset type, material type, mode of failure, extent of failure, etc. Exposure to incidents of all types Human behavior and workmanship Vulnerability to climate change Quality of the asset management approach and system The likelihood of physical failure of an asset is related to the current condition of the asset, hence the importance of a realistic and accurate condition assessment. The likelihood of natural and external events is determined less easily, but scientific studies are usually available. The likelihood of other events, such as poor work practices or planning issues, can be difficult to ascertain. Risk Treatment this decision making step applies what one guide calls the five Ts. These are to treat, tolerate, terminate, transfer, or take advantage of the risk. Although the steps are described as being distinct and separate, most guides note that they tend to overlap and blend into each other. The steps of risk management occur within the context of continuous communication and consultation and continuous monitoring and review. The communication flows up and down the organization and into and out of it with stakeholders. Similarly, the monitoring occurs within the agency as well as outside it from oversight bodies, legislators, the media, and the public. Risk Management highway authorities are required to manage a variety of risks at strategic, tactical, and operational levels. The likelihood and consequences of these risks can be used to inform and support their approach to asset management and inform key decisions regarding the performance of, investment in, and implementation of works programs. Successful implementation of the asset management framework requires a comprehensive understanding and assessment of the risks and consequences involved. Understanding risk enables the asset management process to address the issues identified. 53

5 A basic example of the consideration of risk is related to extreme weather events. All else being equal, programmatic decisions regarding projects should include risk and vulnerability analysis as one of the factors to consider as part of the asset management framework. Another illustration could be the case of an agency that has a well-crafted pavement program. The program relies on sound inventory data, good forecasting, methodical preventive maintenance, timely reactive treatments, and a well-balanced mix of pavement preservation, rehabilitation, and replacement. The agency has forecasted its program for the next five years and is confident it has developed a sound short-term and long-term pavement program that will achieve its short- and long-term performance targets. However, the risk of volatile construction prices creates a major program risk. If prices rise, the agency s purchasing power will decrease and it will not be able to afford all the treatments it needs. If prices fall, it faces new opportunities to increase investments or achieve a higher level of service. A balanced risk management program would hedge against rising prices by methodically trying lower cost treatment innovations while closely monitoring construction prices. The degree of risk or uncertainty caused by price volatility would be documented, reported to stakeholders, and tracked as a risk to the department s pavement objectives. Understanding and management of risk is fundamental to effective asset management and should figure strongly in training and development programs for asset managers. 54