Step 3: Risk level measurement
Projects with high-impact/low- probability risks need to be continually monitored to make sure the risk probabilities don’t change, Taylor says. If the probability of a high-impact event increases, there should be no debate as to what that means for the project. This is why this step is somehow undefeatable for the project.
Measure the risk factors function level
Members in the risk assessment group are required to provide their judgments on the basis of their knowledge and expertise for each risk factor at the bottom level in the risk breakdown hierarchy. The experts can provide a precise numerical value, a range of numerical values, a linguistic term or a fuzzy number. In many circumstances, if adequate information is obtained and the risk factor is quantitative measurable, an expert is likely to provide a precise numerical value or a possible range of numerical values. However, experts sometimes find that it is hard to give numerical values due to uncertainties involved or the risk factor is quantitative immeasurable, then a linguistic term or a fuzzy number can be used in the proposed model.
The risk factor (RF) can usually be assessed by considering two fundamental risk parameters: risk severity (RS) and risk likelihood (RL). The risk severity parameter investigates the potential effect of the risk on a project objective such as schedule, cost, quality or performance. The risk likelihood parameter investigates the likelihood that each specific risk will occur. These parameters do not take into consideration the impact of the risk to the overall framework of the project. In order to assess the risks efficiently and effectively, a parameter, named risk discrimination, is proposed by Cervone (2006). The risk discrimination parameter provides an additional perspective because it gauges the impact of the risk to the overall framework of the project, rather than looking at each risk as an independent variable within the project. With each risk evaluated in the context of the three dimensions, a value can be assigned to each risk using:
Likelihood of risk factor
Consequence of risk factor
INFERENCE
Risk factor
Likelihood of risk factor
Consequence of risk factor
INFERENCE
Risk factor
Figure 4.5: Risk factor evaluation
Probability and severity are fuzzified because of their uncertain or linguistic representation. Furthermore the risk management and risk level calculation statements are represented in the form of if premises then conclusion rule forms, and the risk factor calculation or output decision.
Risk ranking
Members in the risk assessment group are then required to compare every factor pair-wise in their corresponding section structured in the risk breakdown hierarchy and calibrate them on either a crisp or a fuzzy scale. A 1–9 scale can be employed to classify the pair-wise comparison.
In the method, experts are encouraged to give fuzzy scales while they are not sure about the exact numerical values or leave some comparisons absent as they cannot compare two factors at all. For example, experts can use the following classifications:
A linguistic term, e.g. ‘‘about 7’’.
A range, e.g. (3, 7), the scale is likely between 3 and 7.
A fuzzy number, e.g. (3, 6, 8), the scale is between 3 and
8, most likely 6 or (3, 5, 7, 8), the scale is between 3 and
8, most likely between 5 and 7.
– 0, e.g. the expert cannot compare the two factors at all.
At last, the decision maker will have a list of quantified, ranked, and grouped risk factors that can be simply used for the following steps.
Evaluate low effect risks
Now that we have a single risk quotient for the various risks, it’s possible to prioritize the risks for the project. It can give us a clear vision of what the risks are and which ones we will ultimately need to be concerned about. This is also a part of the process that typically helps validate the estimates made above.
Several studies have examined the demand for insurance against low-probability, high-impact events, such as natural disasters (e.g. McClelland et al., 1993 and Kriesel and Landry, 2004). A common finding about decision making under risk is that many individuals either neglect or overweight low-probability risks and that individuals are more sensitive to outcomes that are framed as losses than as gains due to loss aversion. This behavior is consistent with prospect theory (Kahneman and Tversky, 1979 and Tversky and Kahneman, 1992), which is currently the most influential theory of decision making under uncertainty (Starmer, 2000 and Bleichrodt et al., 2009).
As we will just need ten basic risk factors for each subsection, the decision maker, by experience and according the ranking result, will select and prioritize the risks that will participate to the assessment.
Step4: Fuzzy Inference Step
In the fuzzy inference phase, risk analysts convert the aggregated values of risks levels and into matching fuzzy sets. These aggregated values are then input to the fuzzy inference system to decide which rules are relevant to the current situation, and then calculate the fuzzy output of the risk. A framework for the interrelationships between the components that constitute a fuzzy decision making system is described as below.
Experts Opinion
Opinions of subject matter experts or business managers are the main information source of a fuzzy logic system. It is not a one-time effort but an iterative process. Expert’s opinion is mostly needed for when the decision maker will aim to find out the membership functions and the inference rules. A sample process is given below.
The request for opinions about the issue or risk is sent out. It may include questions about the key factors that may cause any risk event, the value of each factor for existing business, any known cause-and-effect relationship, any risk measures that could be used and any relationship with other risk types. It can be done electronically, via interview with each expert or by means of a group discussion. If the issue is new and complicated, an introduction and discussion in a conference is more effective.
. Collected opinions are aggregated and analyzed. If there are conflicting opinions, further explanation from the experts may be needed to understand the thinking behind their opinions. After that, a proposed fuzzy logic model with specified variables, membership functions and inference rules will be communicated back to experts to get their comments and agreement.
Feedback about the proposed model is digested and reflected in the final model specification. This may require several rounds of communication.
After the model is finalized, relevant data collection and a risk-monitoring process need to be set up. Regular reports about the current risk exposure are prepared based on the fuzzy logic model. They are distributed to the experts for comments and information. Based on the model results, past experience, changing environment or improved understanding, experts may revise their opinions. This requires a regular review and update of the model.
Determine the membership functions
If a variable can take words in natural languages as its value, it is called a linguistic variable, where the words are characterized by fuzzy sets defined in the universe of discourse in which the variable is defined. Several geometric mapping functions have been widely adopted, such as triangular, trapezoidal and S-shaped membership functions. However, triangular and trapezoidal membership functions are the most frequently used in project risk analysis practice.
The membership function is a critically important input for the fuzzy logic system. It may be easy to come up with the inference rules; it is not so easy to devise the membership function because it requires translating the qualitative description into a quantitative measure. There are several approaches that may be used.
Ask the subject-matter experts to provide inputs. Fuzzy logic models rely heavily on human reasoning.
If experience data are available, sometimes the membership function can be partially calibrated. This is usually done after using the fuzzy logic system for a certain time period.
In this model, as presented in Table 4.6 and Figure 4.6 not more than seven membership functions (from VERY LOW to VERY HIGH levels) will be used because there is no improvement about the final result.
| Linguistic variable | Triangular fuzzy numbers |
| Very low (VL) | (0.0.01) |
| Low (L) | (0.0.1.3) |
| Medium low (ML) | (0.10.3.0.5) |
| Medium HIGH(MH) | (0.5.0.7.09) |
| Medium high (ML) | (0.5.0.7.09) |
| High (H) | (0.7.0.9.1) |
| Very High(VH) | (0.9.1.1) |
Table 4.6: The relation between linguistic variables and triangular fuzzy numbers
Figure 4.6: Fuzzy membership triangular functions (source Ebrahimnejad, Mousavi, and Seyrafianpour 2010)
Determine the Inference rules
To determine the Inference rules, the role of experts is really huge. Based on knowledge, experience and data, they will try to find a cause effect relationship between the risks and their factors. It is mostly about capturing the knowledge of experts about relationships between risks and influencing factors using “aggregation rules” where the risk knowledge is explained in the form of IF-THEN rules. It reveals the value of an output variable if the input variables are expressed by different linguistic terms. The use of decision making risk matrix will be a great importance. Each of the fuzzy logic system cannot have more than 12 rules to define the knowledge base. For example, to compute the risk factor presented in section 1.5.2, we can use the following matrix to determine the rules.
Table 4.7: fuzzy control rules
Input the calculated value
The first step is to take the inputs and determine the degree to which they belong to each of the appropriate fuzzy sets via membership functions. In this phase, an access to a risk data base will be the most important point, because the fuzzy interface model will need the risk values and their upper and lower bounders. The decision maker is mostly asked to take the top 10 of the aggregate risks, and input in the fuzzy controller for the Fuzzification.
Fuzzification Interface
The Fuzzification part measures the values of the input variables on their membership functions to determine the degree of truth for each rule premise. The decision maker should identify few measurable indicators in each criterion. In order to evaluate the criterions, expert knowledge is applied through linguistic indicators. The inputs are precise, generally coming from measurements or observations. The process of Fuzzification is also responsible for the activation of the relevant rules for a determined situation (TANSCHEIT, 2008).This phase will be automatically realized by the software tool, and prepares the result for going through the inference rules.
Fuzzy inference
It is similar to simulating human decision making in inferring fuzzy control actions based on the rules of inference in fuzzy logic. The evaluation of a rule is based on computing the truth value of its premise part and applying it to its conclusion part. This results in assigning one fuzzy subset to each output variable of the rule. In Min Inference the entire strength of the rule is considered as the minimum membership value of the input variables’ membership values .A rule is said to be fire, if the degree of truth of the premise part of the rule is not zero.
The Algebraic Product was selected to combine the result of the above aggregation with the Potentiating factors. The rationale behind this selection is that there is an identical contribution of both terms to the risk level.
=
The fuzzy approach allows the use of fuzzy operators to numerically aggregate the different fuzzy attributes that characterize the criteria of the rule and assess the degree of truth of the conclusion. Considering the variety of fuzzy operators the ANDs expressed in the rule can be formulated using different intersection operators, according to desired aggregation behavior. Therefore, a rule that can be translated into a mathematical formula such as:
Where,
μr is the Fuzzy membership degree that reflects the risk level;
μiis all the fuzzy values of the risk factors
μf is the Fuzzy membership degree that reflects the level of the potentiating factors for a specific risk; It represents a Fuzzy Intersection aggregation operator that produces a normalized fuzzy value, i.e., in the interval [0, 1].
* represents a Fuzzy Intersection aggregation operator that produces a normalized fuzzy value, i.e., in the interval [0, 1]
Each criteria of the rule (the left side terms of the IF-THEN) can be the result of previous rules of an inference chain.
Defuzzification Interface
The risk assessment results are presented as crisp risk levels which are obtained through a defuzzification process. By defuzzifying the possibility distribution of risk events at top level, the probability of occurrence of those events can be obtained because it is assumed that the expected value of possibility distribution will give the probability of the fuzzy event.
Note that the definition of the defuzzification fuzzy sets has to consider the relationship between the results distribution in the [0, 1] domain and the linguistic evaluation categories. Defuzzification or decoding the fuzzy outputs produces a non-fuzzy control action, a single crisp value Zc*, that adequately represent the membership function μr (z) of an aggregated fuzzy control action. For a membership function of a fuzzy output set Z with interval [Zo, Zq], the membership function μr (z), with Z belongs to [Zo, Zq] can be calculated by subdividing the interval [Zo, Zq], in to q equal sub intervals by points Z1, Z2 …Zq-1. The Crisp value Zc* based on centroid is given by:
Zc*
There are several methods proposed for defuzzification process. In this risk assessment framework, standard MATLAB functions ‘defuzz’ based on the cencroids method (Yager, 1980) is proposed according to the requirements for reflecting the real situation and the viewpoint of the assessment group.
The output of the fuzzy risk assessment procedure is final risk rating.
