Risk Management and Project Context



By Pascal Bohulu Mabelo

Johannesburg, South Africa


Implementing Project Risk Management (PRM) entails the allocation of valuable resources, such as personnel, finances, and time. However, Large Infrastructure Projects (LIPs) often neglect PRM or even adopt inadequate frameworks, leading to poor risk management. This detrimental situation is further exacerbated by haphazard Risk Identification practices. Many risk workshops devolve into hurried attempts to populate the Risk Register by conjuring up risk-items without a proper understanding of the “contextual factors surrounding the project at hand”—the context. Therefore, when incorrect or baseless risks are documented, the entire PRM process turns futile. This paper stresses the significance of understanding the project context for the successful PRM.

Risk Identification is Important

While most project risk practitioners would indulge in “analysing” risk-items, revelling in fancy spreadsheets and convoluted Monte-Carlo simulations, the main aim of Risk Management shall not be forgotten. It must be about “effecting and monitoring risk treatments” to prevent (or counteract) any conditions or events (or turns of events) that could impair the achievement of project objectives. Such risk-items ought to have been duly identified in the first place; analysing and treating wrong or false risks can only prove futile, if not descend into a “chasing of the wind”—a waste of resources!

“The purpose […] is to identify risks to the maximum extent that is practicable. The fact that some risks are unknowable or emergent requires the […] process to be iterative.” (PMI, 2017)

Moreover, the common but misguided practice of convening workshops and urging the attendees to “come up with risk-items” would often result in enumerating the same risks as were mentioned in previous projects—and, in some cases, in impelling the participants to verbalise their hidden fears. ISO 31000 (2018) defines risk as “the effect of uncertainty on objectives”; as a result, risks ought to be identified in terms of project objectives—and contextual factors that may affect such objectives. Therefore, the brainstorming of threats and/or opportunities pertinent to the project at hand should flow from objectives and factors that may have a bearing thereto, not simply “what could go wrong”.

The below Figure 1 depicts the essential elements of ISO 31000 as a Risk Management framework; a key “improvement” was accommodated between the 2009 and 2018 versions of the same standard. The 2009 version suggested that Risk Identification should flow from “Base Risk Register” and/or “Specific Contingency”. This was encouraging risk practitioners to source risk-items from previous identification exercises as if the project at hand has necessarily the same or similar objectives and had arisen from parallel circumstances—a rather exceptional case was being made a general rule.

Thus, it shall be appreciated that this misstep has been addressed in the 2018 version, by including “Scope, Context, Criteria” considerations before embarking on the Risk Identification exercise. This approach ensures risk-items are brainstormed in line with those specific concerns, as opposed to “gleaning around” in a haphazard manner and, therefore, proceeding with irrelevant risk-items.

Figure 1 – ISO 31000: Risk Management Standard, 2009 Version versus 2018 Version

Should risk-items be identified out-of-context, the subsequent processes of Risk Analysis, Risk Evaluation, and Risk Treatment (as convoluted or intricate as they might get) would turn futile and misleading. They would not provide the right “intelligence” (as the intended “immune system”) or yield the right effects to protect the project from complications and failure. The project would suffer.


To read entire paper, click here

How to cite this paper: Mabelo, P. B. (2023). Risk Management and Project Context; featured paper, PM World Journal, Vol. XII, Issue X, October. Available online at https://pmworldlibrary.net/wp-content/uploads/2023/10/pmwj134-Oct2023-Mabelo-Risk-Management-and-Project-Context.pdf

About the Author

Pascal Bohulu Mabelo

Johannesburg, South Africa


 Pascal Bohulu Mabelo, MBA, MSc (Industrial), BSc (Civil), Pr. Eng, Pr. CPM, Pr. PMSA, PMP, has more than 25 years of professional experience and possesses a wide range of technical and managerial skills pertaining to large and complex infrastructure projects. He has worked in large infrastructure projects as a design engineer, project/programme manager, project consultant and project management executive. Pascal was honoured to serve as the national chairman of Project Management South Africa (PMSA), the leading Project Management professional association in Southern Africa.

Pascal has published the book: “Managing Engineering Processes in Large Infrastructure Projects” (Cambridge, 2021); he has also published, “How to Manage Project Stakeholders—Effective Strategies for Large Infrastructure Projects” (Routledge, 2020) and “Operational Readiness—How to Achieve Successful System Deployment” (Routledge, 2020). Through various other publications and journal-articles, he assiduously promotes the application of Systems Thinking and/or Systems Engineering principles, concepts, and practices to unravel complexity in Large Infrastructure Projects (LIPs) in order to address their persistent risks of failure and their massive, even pernicious, cost and schedule overruns.

Pascal is currently a Director and Principal Consultant at E 6 Project Consulting or E6PC; for comments, further information, and clarifications he may be contacted at Consult@e6pc.com