AN IMPROVED FUZZY MODEL FOR PROJECT RISK ASSESSMENT
A brief Summary of the proposed Approach
The purpose of this study is to design and develop a Fuzzy decision making support model to assist project managers in identifying potential risk factors and evaluating the corresponding development risks.
Different approaches have been created to assess the various types of risk. Researchers have used stochastic methods for dealing with duration risk or cost risk, while risk has been perceived as a synonym for variability of expected duration or estimated cost. Objective probability has been adopted as it suited such a perception. However, appropriate data for such approaches are rarely available. Gradually, researchers have concluded that human factors, personal experience, intuition and judgment need to be considered. To show this, fuzzy logic systems was introduced as a solution for handling subjective assessments. Fuzzy risk assessment did not become popular as an approach for assessing risk until the late 1990’s, but, by the beginning of the millennium it had become one of the most used approaches. Analytic hierarchy process has been used for structuring potential risks in hierarchies, assessing their impacts and generating scores.
The system development process consists of six stages, namely, establishment of a risk assessment group, preliminary step, risk level measurement, fuzzy inference step, results and explanations step, and advices step. An overview of these six stages of system development is shown in Figure 4.1. After the creation of an experienced group of workers, a fuzzy risk analysis model will be constructed as the main point of the system. Then the results will be used to take a proper decision about the final risk factor. Detailed descriptions of each phase are presented in the following sections.
Figure 4.1: The proposed Approach
Step 1: Establish a risk assessment group
For a quick establishment of the overall criteria for the identification of critical data assets and their appropriate priority level and to obtain senior management’s perspective on issues is a strategic importance.
As a key first step towards establishing the type of organization that builds the project managers it needs, firm owners and senior managers should define and outline a commitment to project managers. This commitment includes ensuring the PM has the resources needed to be successful on the project. Resources include a sufficient level of qualified personnel, equipment and critical data and information. Specific operational practices and procedures should be clearly defined on how authority, information, and project data is managed and shared among principals, functional managers, and the project manager.
The members in a risk assessment group must be carefully selected. The selected experts will have a high degree of knowledge and previous experience in similar projects. The risk assessment team must include the following experts: project managers, project team members, customers, subject matter experts from outside the project team, end users, stakeholders and risk management group.
The risk assessment group will undertake the risk identification, even though all project personnel should be encouraged to identify risks and undertake the measure of risk function parameters.
Step 2: Preliminary Step
As risk data and information related to a particular project are massive, risk assessment starts with the establishment of a risk assessment group in which involves a range of experts with different background/discipline and essential experience regarding the activity under consideration, e.g. project manager, site engineers etc. The risk assessment group undertakes the review of risk data and information, and determination of risk criteria.
Problem Analysis
In this phase the problem is defined. At the first two meetings between the Analysis Team and the Decision Maker, the decision problem will be formulated and the main goal of the analysis process was identified as mentioned previously. This can be accomplished more effectively if a few questions are posed and addressed amongst stakeholders, such as:
Who must manage which task (risk owner)?
Who are the stakeholders?
Also, what relationships exist between problems and can stakeholders further help with problem identification and characterization?
By answering these questions, the Decision Maker will select some alternatives. Following is a description of the different stages of the process.
Task allocation
Based on the earlier problem domain, the allocation of each task in the project can be created using an algorithm. In the project management, the approach is basically to match the appropriate available staff to each task. The complication occurs when there is more than one staff available for such a task and when there are many tasks that require the staff with the particular skill. Other issues may be the case when one task requires many staff of the same skill.
In this prototype, we consider this example proposed by C. Chantrapornchai, D. Sawangkokrouk and T. Leadprathom (2013)
Check the duration of the task and find the staff that is available during the time.
Check the require skills of the task and the available staff.
Assume that one skill of a task requires one staff. For each skill of the task, find the staff that has the skill. If there is many staff that holds such a skill and each staff has more than one skill, we pick the staff with the least number of skills. This assumes that the staff with the least number of skills has a limited choice to do other tasks.
From the previous step, if there is many staff, we pick the staff with the least pay rate.
Note that the two last steps may be interchanged depending on the criteria or project Rules.
Use of experience data
The members in risk assessment group are required to review all information related to the risks under consideration. A further investigation is also needed to clarify some ideas and eliminate some doubts. Risk criteria have to be discussed and agreed by group members, which define the standards of risk parameters. For example, the context of high of RL, the circumstances in which RL is intolerable. These criteria provide a basis of measurement of the input risk parameters and the output RL.
For most risks dealt with using fuzzy logic models, there may not be sufficient data. The reasonableness of the model is primarily in the hands of the experts or business managers. The comments on the inference rules or on the membership functions may have a material impact on the result of risk assessment. However, back testing based on experience data, if available, may be used to validate or improve the models. Comparing the actual experience with the model is an option that may be used after implementing the fuzzy logic system. Based on the experience data, the membership functions may be adjusted or calibrated to better predict the output variable. Tracking the inputs from each expert may also tell us how well they fit the experience data; the weight on each expert’s opinions may be adjusted accordingly. In addition, when enough data have been collected, it may also have an impact on the experts’ understanding of the subject and may change their inputs as well, including the inference rules and membership functions. In the end, with sufficient data, fuzzy logic models may be migrated to models based on probability theory, but not necessarily.
Unlike some data-driven models, the weight put on experience data when specifying a fuzzy logic model is not heavy in most cases.
Experience data collected may not be statistically credible for revising the existing model parameters and inference rules. It is likely that only after the fuzzy logic model is implemented will relevant data be collected in a meaningful way.
For risk management, the most useful piece of information is about tail events. It will be even harder to collect data for tail events.
The explicit cause-and-effect relationships built in the fuzzy logic model prevent the model from changing solely based on experience data, contrary to some data-mining models. Unless the experience is analyzed and fully understood, it may not cause a change in the model.
Analyzing experience data provides opportunities to enhance our knowledge of the risks and improve the accuracy of the fuzzy logic model. The data may have information contrary to the assumed inference rules. By analyzing the data, people may be able to correct misunderstanding, discover new underlying factors and revise the inference rules.
Risk identification
Risk identification is studying a situation to realize what could go wrong in the project development at any given point of time during the project. The process must involve an investigation into all the potential sources of project risks and their consequences. It is of considerable importance because the process of risk analysis and response strategies may only be performed on the identified potential risks.
The risks identification is an iterative process because the risks may evolve or new risks become known as the project progresses through its life cycle. The iteration frequency and who participate in each cycle will depend on the characteristics of the project.
The experts in a risk assessment group have intuitive methods of recognizing a risk situation. Anyway, there are some risks identification tools as: Checklist, Influence Diagrams, Cause and Effect Diagrams, Failure Mode and Effect Analysis, Hazard and Operability Study, Fault Trees and Event Tree (Ahmed et al., 2007).
After Identifying the possible hazard that could overcome, the project team needs to identify the basics risk subcategories that we will use for their assessments, for that we performed a survey to find the major points that will be classified during the risk management.
Survey objectives
The objective of the research is to identify probable basic risk categories that can influence a PV project. Little empirical research has focused on identifying the potential risk factors that can be sorted out of a solar energy project
Data Collection
Data was collected through primary and secondary sources via questionnaire and previous research, government reports, and technical documents respectively. Secondary data is used when getting the primary data was impossible.
Respondents from almost all over the world were sent an e-mail requesting their help in the survey questionnaire, along with a simple, two-page format listing the questions for which input was sought and an explanatory note. An online questionnaire has also been established to gather all the data needed from targeted respondents (companies, researchers, experts).Telephone interviews and in-person interviews were then conducted, with some respondents also filling out and returning the survey formats.
The Questionnaire Structure
In this research, the questions are made to find the major barriers to undertake solar energy projects in different part of the world. The questionnaire items were developed as a result of an analysis of previous researches and reports used to identified solar energy projects in different countries.
We made checklist about the entire hazards that we Identified through our data and asked interviewers to rate them according to the risk model we developed (i.e. high risk, medium risk, low risk, no risk, and don’t know), and in a second part, the questionnaire asked to add any other risk that there is not in the questionnaire. The survey questionnaire format translated in four different languages is provided in annex.
The questionnaire was given out to the solar companies, experts, researchers during May and June 2015 and it almost took six weeks to collect all data.
The data has been updated and recorded gradually in the Microsoft Excel spreadsheet with the code sheet that created in the questionnaire (i.e. high risk, medium risk, low risk, no risk, and don’t know). This code sheet measures the tendency from the research results. The answer of each question has been allocated with numerical values for the data analysis.
Data Analysis and results
At the beginning of the August when all the questionnaires were received, data analysis finished. To analyze the data, we’ve chosen a simple empirical analysis. Usually in the descriptive statistics, frequency distribution tables are used to sort the data as the first analysis and they are a valuable method for describing data. Then, the data was sorted in the frequency distribution, the percentage frequency distribution, cross tabulation table, and bar graphs by Microsoft Excel 2007.An empirical study was conducted with 48 interviews with expertise used for the analysis. The demographic characteristics of expertise are shown in table 4.1.
| variable | Mean(central tendency) | St Deviation |
| Age | 40 | 5.2 |
| Experience | 8.7 | 3.4 |
Table 4.1: Respondents age and experience
| variable | frequency | Percentage |
| Africa | 12 | 25% |
| Asia | 19 | 39.58% |
| Europe | 17 | 35.42% |
Table 4.2: Respondents geographical repartition
| variable | frequency | Percentage |
| Researcher(MS, PhD) | 6 | 12.5% |
| MBAs | 16 | 33.3% |
| Expert(CEOs) | 26 | 54.2% |
Table 4.3: Respondents study level
The analysis of the data started immediately after collecting the first answer. A summary of the detailed responses for respondents is provided in Table 4.4. The next section summarizes the responses to the major questions listed in the survey. We can clearly see that our respondents were selected from different companies, with an acceptable age and experience rate, and most of them (54.2%) where Experts in the electricity field or the PM Field.
From our respondents and from the secondary data we’ve elaborated, we identified 31 major hazards related with solar energy projects, and these hazards were analyzed in term or risk percentage given by respondents. The range sequence is: high risk, medium risk, low risk, no risk, and don’t know/not applicable. This question can help to identify which stage is really risky. All respondents answered the questions and only one new risk was received.
| PV risk factors(hazards) | |||||
| High | Medium | low | Not risky | Don’t know | |
| 1 | 2 | 6 | 25 | 11 | 4 |
| 2 | 5 | 17 | 15 | 5 | 6 |
| 3 | 5 | 8 | 30 | 3 | 2 |
| 4 | 0 | 19 | 23 | 1 | 5 |
| 5 | 1 | 7 | 32 | 2 | 6 |
| 6 | 8 | 25 | 5 | 6 | 4 |
| 7 | 10 | 23 | 11 | 2 | 2 |
| 8 | 20 | 13 | 7 | 6 | 2 |
| 9 | 19 | 13 | 10 | 3 | 3 |
| 10 | 21 | 15 | 8 | 1 | 3 |
| 11 | 20 | 14 | 12 | 2 | 0 |
| 12 | 18 | 16 | 10 | 3 | 1 |
| 13 | 23 | 12 | 8 | 3 | 2 |
| 14 | 21 | 11 | 10 | 6 | 0 |
| 15 | 22 | 6 | 16 | 3 | 1 |
| 16 | 19 | 8 | 12 | 5 | 4 |
| 17 | 24 | 12 | 6 | 4 | 2 |
| 18 | 25 | 13 | 5 | 3 | 2 |
| 19 | 26 | 10 | 3 | 6 | 3 |
| 20 | 2 | 11 | 28 | 7 | 0 |
| 21 | 3 | 15 | 22 | 6 | 2 |
| 22 | 3 | 11 | 28 | 5 | 2 |
| 23 | 25 | 10 | 5 | 7 | 1 |
| 24 | 23 | 13 | 6 | 5 | 1 |
| 25 | 24 | 15 | 7 | 2 | 0 |
| 26 | 24 | 11 | 5 | 5 | 3 |
| 27 | 20 | 17 | 7 | 3 | 1 |
| 28 | 19 | 20 | 8 | 0 | 1 |
| 29 | 22 | 15 | 9 | 1 | 1 |
| 30 | 25 | 16 | 6 | 1 | 0 |
| 31 | 23 | 14 | 6 | 4 | 1 |
Table 4.4: Risk factors appreciation level
An exploratory factor analysis (EFA) of the survey data revealed ten major dimensions of risks subcategories associated with solar energy projects, the risk classification conducted in the following section will give a proper explanation, based on previous researches about how we put every factor in a given category, section or subsection. The classification table of all the risks subcategories by risk level frequency mean and variance is given in the table below.
| PV risk subcategories | Risk rates (%) | |||||
| High | Medium | low | Not risky | Don’t know | Total | |
| 1)Site risks | 5.2 | 27.08 | 52.08 | 13.54 | 2.08 | 100 |
| 2) subcontractors | 6.25 | 22.91 | 56.33 | 10.41 | 4.16 | 100 |
| 3) Technical | 42.01 | 28.88 | 19.09 | 6.25 | 3.81 | 100 |
| 4) Financial | 50.89 | 25 | 11.01 | 9.52 | 3.57 | 100 |
| 5) Client | 48.61 | 31.25 | 14.58 | 4.16 | 1.38 | 100 |
| 6) Time delay | 45.83 | 29.16 | 12.5 | 8.33 | 4.17 | 100 |
| 7) Economic | 1.04 | 27.08 | 57.29 | 3.12 | 11.45 | |
| 8) Political | 8.33 | 21.52 | 48.61 | 13.19 | 8.33 | 100 |
| 9) Social | 18.75 | 50 | 16.66 | 8.33 | 6.25 | 100 |
| 10) PM risks | 43.05 | 17.36 | 26.38 | 9.72 | 3.47 | 100 |
| Grand total | 22.13 | 28.02 | 32.87 | 12.12 | 4.86 | 100 |
Table 4.5: Risk categories rates
From the table, we have a clear concept of the risk assessment that we will design all by the help of our responses. It clearly shows that we should much pay attention about the financial, and project management risks, which from the advices have more criticism than others.
Figure 4.2: Risk rating factors
From the graph sorted, we can clearly see that all the risk factors that we have chosen through secondary data have been approved by our participants. The most important risk factors to take care of should be the financial and technical risks. This complexity and possible inadequacies in the structuring of risk package may be a very good reason for the generation of risks. Therefore, a risk classification is needed to make all the risk categories easy to handle and to compute.
Risk classification
There are many suggestions for classifying risks of projects, which, however, reflect different underlying concepts and conclusions and, therefore, cannot be universally accepted. Apart from the nature and timing of occurrence criteria that are already mentioned, there are many other criteria sets used for risk classification such as the mitigation measures for a risk (Bing and Tiong 1999, Hastak and Shaked 2000) or systemic criteria such as internal, project-specific, and external risks for a construction project (Bing et al. 1999, Aleshin 2001).
A critical observation is that all these approaches focus on a specific aspect of risk, which is used as the criterion for the classification; this criterion would be the nature of the risk or the timing of occurrence or the mitigation measures used, etc. This leaves outside of consideration other aspects that may be of significant importance.
The classification approach, adopted for the risks identified here, merges two different criteria for classifying risks: (a) according to the source of origin in the project’s context and (b) according to their nature.
The risk factors are mutually related. Since this step is essential in the decision-making process, risk classification according to the research findings, will be done in an iterative way.
In the first iteration the decision maker will elaborate a list of risks, grouped by concepts associated with the different steps of the project. The risks, in turn, will be grouped into nine specific categories: policy risks (P), economic risks (E), social risks (S), Finance risks (F), technical risks (I), time delay risks (T), client risks (C), sub-contractors risks (SC) and project site risks (PS).
In the second iteration, the risks will be put into two categories internal (I, F, C, T, SC, PS) and external risks (E, S, P).
In the next iteration the internal risks will be divided into Global (I, F, C, T) and Local (SC, PS) risks.
Some risks which could fall into two categories will be re-defined so as to obtain a final well-defined risk classification.
Finally, bottom-level risks will be identified and grouped into second-level sub-groups or categories, according to the research findings in the risk Identification part. Below is a description of the risks analyzed:
Economic risks (E): These factors are mostly about the microeconomics and macroeconomics factors that can affect the project.
Policy risks (P): A political risk is related to a project’s failure due to deficiencies in the legal and institutional framework. The institutional framework comprises: (a) organizational issues of both the country where the project is established and the concessionaire and (b) political issues. Organizational and political issues are introduced as different categories in other risk classification approaches. However, in terms of context, there is a significant overlap between legal, organizational, and political issues. This is due to the fact that any policy or organizational structure is realized through legal tools (e.g. laws, contracts, regulations, etc.).
Social risks (S) Social risk is mostly about social impact of the project on population and nature. The Project manager needs to sort it out for the success and the image of the project.
Finance risks (F): A financial risk is related to a project’s failure due to a financial or economic cause. A cause of this nature is related to the funding of the project and the commercial, competition, loan, and demand issues. The interest rate risk emanates from the dependence on long-term debt for meeting capital costs.
Technical risks (I): A technical risk is related to a project’s failure due to a technical cause. Failure is considered as a shortfall in succeeding to meet the project’s requirements. Technical cause is anything associated with the process of the project’s development and operation.
Time delay risks (T): This term refers to the time that the project will be delayed due to the inherent risks in the project contributing to a project failure. This term has a very close relationship to the project failure.
Client risks (C): There’s always a chance that users will reject your product. You can build a product that matches requirements (on time and to budget). However, if users reject the product the project will be considered a failure. Client risk is mostly about Product Acceptance, Value Perception, Competitor Activity, and After Sales Service.
Sub-contractors risks (SC): The contract package of a project is a complex and large framework of agreements and other legal documents that govern the development and operation of a project.
Project site risks (PS): These factors are about layout and space on the project site, the restrictions on place, and housekeeping.
Construction of a risk brake down structure
Many factors have impacts and affect the risk management. The members in the risk assessment group are required to provide and review relevant project information and undertake an investigation on the project environment. The purpose of the hierarchy model is to decompose these risk into adequate details in which risk factors can be efficiently assessed. Several techniques can be used to generate a breakdown structure of influential factors regarding a risk, such as Brainstorming, Checklist, ‘What if?’’, and Failure Mode and Effect Analysis.
The risks are sorted into n groups on the basis of the types of risks, as shown in Figure 4.3. More levels of decomposition can be incorporated into the hierarchical structure whenever the elements of a given level are mutually independent, but comparable to the elements of the same level.
The first level at the top shows the result of the final project risk analysis that can be divided into n categories, and the categories in turn can be divided into n sections or subsections on the basis of the types of risks, e.g. section A, section B, . . ., section N at level 2.
Each section can be further broken into basic subsections in order to identify all possible hazardous events. Finally each of the subsections will be divided in ten basic risk factors at most.
The hierarchical risk analysis can be carried out from levels 3 and 4, and then progressed up to level 2 and finally the hierarchical structure can be sorted out.
In this model the main goal of the problem is placed at the top vertex: to evaluate the project risk and give the most convenient advices to the control crew. At the bottom of the hierarchy, lie the basic risk factors (10 factors at most). The intermediate levels show the risks grouped by risk category or sections. In the process of risk identification and grouping three sub-hierarchy levels can be identified with no more than seven sub criteria per level. The model does not analyze the influences among groups of criteria. According to the risk Identification and classification models that we conducted, we can present in Figure 4.4.
Figure 4.4: Basic Hierarchical architecture for risk groups
Once the hierarchy is established the overall project risk breakdown will be clear for the decision maker, the next step will be the quantification of the basics risks, which will be used in the proper assessment.
