Global Risk Report 2016–Qualitative Analysis (2)


 

1.  INTRODUCTION

In my previous posts on the World Economic Forum’s Global Risk Report 2016, I have concentrated on

  • the methodology of the report (corresponding to the Plan Risk Management process of Project Management),
  • the identification of risks (corresponding to the Identify Risks process of Project Management)

and now in this third series of posts, I am concentrating on the next topic,

  • the qualitative analysis of risks (corresponding to the Perform Qualitative Analysis process of Project Management)

This qualitative analysis is called “qualitative” because it does not fix a specific dollar amount to each risk (that would be “quantitative analysis”), but instead analyzes each risk according to some qualitative variable, usually something like likelihood, or impact

The respondents to the Global Risk Perception Survey 2015 were asked the following questions regarding the 29 risks that were identified.

  1. Which ten of the global risks have the highest probability of occurring in the next decade?
  2. Which ten of the global risks would have the greatest potential impact if they were to occur in the next decade?

In yesterday’s post, I discussed the result of asking the respondents to the survey the first question about the highest probability global risks.    In this post, I discuss the result of asking them the second question about the global risks with greatest potential impact.

2.   RISKS OF GREATEST IMPACT

The respondents were asked to assess each of the 29 risks (these risks are listed on the post dated 03/29/2016), based on the potential impact if they were to occur, on a scale from 1 to 7, with a “1” meaning that the risk will have little impact, and”7″ meaning that the risk is have a catastrophic impact.

Those 10 risks that rated as having the highest potential impact were as follows:

 Ranking Global Risk Category
1. Failure of climate change mitigation and adaptation Environmental
2. Weapons of mass destruction Geopolitical
3. Water crises Societal
4. Large-scale involuntary migration Societal
5. Energy price shock Economic
6 Biodiversity loss and ecosystem collapse Environmental
7. Fiscal crises Economic
8. Spread of infectious diseases Societal
9. Asset bubble Economic
10. Profound social instability Societal

Here are some things to notice about these risks.

a.  Most of the highest probability risks are environmental

Four out of the ten risks are societal:

  • Risk #3 Water crises
  • Risk #4 Large-scale involuntary migration
  • Risk #8 Spread of infectious diseases
  • Risk #10 Profound social instability

Of the remaining six risks, three are economic:

  • Risk #5 Energy-price shock
  • Risk #7 Fiscal crises
  • Risk #9 Asset bubble

Two are geopolitical:

  • Risk #7 Interstate conflict
  • Risk #6 Failure of national governance

Two are environmental:

  • Risk #1 Failure of climate change mitigation and adaptation
  • Risk #6 Biodiversity loss and ecosystem collapse

and the last one is geopolitical:

  • Risk #8  Weapons of mass destruction

There were no risks in the technological category that made it into the top 10 global risks of greatest potential impact.

b.   Highest-impact trends

The number one highest-impact risk was Failure of climate change mitigation and adaptation.    This has appeared on previous global risk reports in the list of top highest-impact risks, and has risen steadily in those lists until it is now the highest impact risk.

3.  COMBINED MEASURE:  PROBABILITY & IMPACT

If you take a look at the risks that have highest probability, and those that have the highest impact, if you multiply these risk factors you get the risks with the highest risk rating overall.   Here are the global risks with the

# Global Risk Risk Category
1 Large-scale involuntary migration Societal
2 Failure of climate change mitigation and adaptation Environmental
3 Water crises Societal
4 Interstate conflicts Geopolitical
5 Cyberattacks Technological
6 Unemployment or underemployment Economic

There is at least one crisis from each category on this list of risks of highest concern.   What is significant is that risks #1, #3 and #4 are all linked, which will be the subject of a future post.

 

Global Risk Report 2016–Qualitative Analysis (1)


1.  INTRODUCTION

In my previous posts on the World Economic Forum’s Global Risk Report 2016, I have concentrated on

  • the methodology of the report (corresponding to the Plan Risk Management process of Project Management),
  • the identification of risks (corresponding to the Identify Risks process of Project Management)

and now in this third series of posts, I am concentrating on the next topic,

  • the qualitative analysis of risks (corresponding to the Perform Qualitative Risk Analysis process of Project Management)j

This qualitative analysis is called “qualitative” because it does not fix a specific dollar amount to each risk (that would be “quantitative analysis”), but instead analyzes each risk according to some qualitative variable, such as likelihood and impact.

The three questions that the respondents were asked about the 29 global risks were:

  1. Which ten of the global risks have the highest probability of occurring in the next decade?
  2. Which ten of the global risks would have the greatest potential impact if they were to occur in the next decade?

In yesterday’s post, I discussed the result of asking the respondents to the survey the first question.   In this post, I discuss the result of asking them the second question, on those risks which have the highest probability of occurring.

2.   HIGHEST PROBABILITY RISKS

The respondents were asked to assess each of the 29 risks (these risks are listed on the post dated 3/29/2016) based on the probability of occurrence on a scale from 1 to 7, with a “1” meaning that the risk is not likely to happen, and a “7” meaning that the risk is very like to occur.

Those 10 risks that rated as having the highest probability of occurrence were as follows:

1. Large-scale involuntary migration Societal
2. Extreme weather events Environmental
3. Failure of climate-change mitigation and adaptation Environmental
4. Interstate conflict Geopolitical
5. Natural catastrophes Environmental
6. Failure of national governance Geopolitical
7. Unemployment or Underemployment Economic
8. Data fraud or theft Technological
9. Water crises Societal
10. Illicit trade Economic

Here are some things to notice about these risks.

a.  Most of the highest probability risks are environmental

Three out of the ten risks are environmental:

  • Risk #2 Extreme weather events
  • Risk #3 Failure of climate-change mitigation and adaptation
  • Risk #5 Natural Catastrophes

Of the remaining seven risks, two are societal:

  • Risk #1 Large-scale involuntary migration
  • Risk #9 Water crises

Two are geopolitical:

  • Risk #4 Interstate conflict
  • Risk #6 Failure of national governance

Two are economic:

  • Risk #7 Unemployment or Underemployment
  • Risk #10 Illicit trade

and the last one is technological:

  • Risk #8  Data fraud or theft

b.   Highest-probability trends

For 2015, the number one highest-probability risk was Interstate Conflicts.    This has fallen down to #4 in 2016, having been superseded by the environmental risks #2 Extreme weather events and #3 Failure of climate-change mitigation and adaptation, and being followed by #5 Natural Catastrophes.

Clearly environmental crises are perceived as increasingly likely to occur.

3.  CONCLUSION

On the societal front, large-scale involuntary migration is the highest probability risk, followed by a series of environmental risks.

Okay, it’s one thing to say that a risk is likely to happen.   What about when it does happen?   What will be its impact?   The respondents were asked about that question as well, and that will be the subject of my next post.

 

 

Global Risk Report 2016–Identifying Global Risks


`.  INTRODUCTION

The World Economic Forum puts out a Global Risk Report every year in January.   The first process in risk management is identifying risks.   The WEF identified 29 global risks through the Global Risk Perception survey, which were divided into 5 categories:  economic, environmental, geopolitical, social, and technological.

The definition of a global risk used is an occurrence that causes significant negative impact for several countries and industries, and that occurrence is something which expected to appear within the next 10 years.

2.  IDENTIFIED GLOBAL RISKS

Here is a chart of the  risks divided into the 5 categories mentioned above.   This is taken from Appendix A of the Global Risk Report 2016.

ECONOMIC RISKS

E1.  Asset bubble in a major economy Unsustainably overpriced assets such as commodities, housing, shares, etc. in a major economy or region.
E2.  Deflation in a major economy Prolonged ultra-low inflation or deflation in a major economy or region.
E3.  Failure of a major financial mechanism or institution Collapse of a financial institution and/or malfunctioning of financial system impacts the global economy.
E4.  Failure/shortfall of critical infrastructure Failure to adequately invest in, upgrade and secure infrastructure networks (e.g. energy, transportation and communications) leads to pressure or a breakdown with system-wide implications.
E5.  Fiscal crises in key economies Excessive debt burdens generate sovereign debt crises and/or liquidity crises.
E6.  High structural unemployment or underemployment A sustained high level of unemployment or underutilization of the productive capacity of the employed population prevents the economy from attaining high levels of employment.
E7.  Illicit trade (e.g. illicit financial flow, tax evasion, human trafficking, organized crime, etc. Large-scale activities outside the legal framework such as illicit financial flow, tax evasion, human trafficking, counterfeiting and organized crime undermine social interactions, regional or international collaboration and global growth.
E8. Severe energy price shock (increase or decrease) Energy price increases or decreases significantly and places further economic pressures on highly energy-dependent industries and consumers.
E9. Unmanageable inflation Unmanageable increase in the general price level of goods and services in key economies.
ENVIRONMENTAL RISKS
EV1.  Extreme weather events (e.g. floods, storms, etc.) Major property, infrastructure and environmental damage as well as human loss caused by extreme weather events.
EV2.  Failure of climate-change mitigation and adaptation Governments and businesses fail to enforce or enact effective measures to mitigate climate change, protect populations and help businesses impacted by climate change to adapt.
EV3.  Major biodiversity loss and ecosystem collapse (land or ocean) Irreversible consequences for the environment, resulting in severely depleted resources for humankind as well as for industries.
EV4.  Major natural catastrophes (e.g. earthquake, tsunami, volcanic eruption, geomagnetic storms) Major property, infrastructure and environmental damage as well as human loss caused by geophysical disasters such as earthquakes, volcanic activity, landslides, tsunamis or geomagnetic storms.
EV5.  Man-made environmental catastrophes (e.g. oil spill, radioactive contamination, etc.) Failure to prevent major man-made catastrophes, causing harm to lives, human health, infrastructure, property, economic activity and the environment.
GEOPOLITICAL RISKS
G1.  Failure of national governance (e.g. failure of rule of law, corruption, political deadlock, etc.) Inability to govern a nation of geopolitical importance due to weak rule of law, corruption or political deadlock.
G2.  Interstate conflict with regional consequences A bilateral or multilateral dispute between states escalates into economic (e.g. trade/currency wars, resource nationalization), military, cyber, societal or other conflict.
G3.  Large-scale terrorist attacks Individuals or non-state groups with political or religious goals successfully inflict large-scale human or material damage.
G4.  State collapse or crisis (e.g. civil conflict, military coup, failed states, etc.) State collapse of geopolitical importance due to internal violence, regional or global instability, military coup, civil conflict, failed states, etc.
G5. Weapons of mass destruction  Nuclear, chemical, biological and radiological technologies and materials are deployed creating international crises and potential for significant destruction.
SOCIETAL RISKS
S1.  Failure of urban planning Poorly planned cities, urban sprawl and associated infrastructure create social, environmental and health challenges.
S2. Food crises Access to appropriate quantities and quality of food and nutrition becomes inadequate, unaffordable or unreliable on a major scale.
S3.  Large-scale involuntary migration Large-scale involuntary migration induced by conflict, disasters, environmental or economic reasons.
S4.  Profound social instability Major social movements or protests (e.g. street riots, social unrest, etc.) disrupt political or social stability, negatively impacting populations and economic activity.
S5.  Rapid and massive spread of infectious diseases Bacteria, viruses, parasites or fungi cause uncontrolled spread of infectious diseases (for instance due to resistance to antibiotics, antivirals and other treatments) leading to widespread fatalities and economic disruption.
TECHNOLOGICAL   RISKS
T1.  Adverse consequences of technological advances Intended or unintended adverse consequences of technological advances such as artificial intelligence, geo-engineering and synthetic biology causing human, environmental and economic damage.
T2.  Breakdown of critical information infrastructure and networks Cyber dependency increases vulnerability to outage of critical information infrastructure (e.g. internet, satellites, etc.) and networks causing widespread disruption.
T3. Large-scale cyberattacks Large-scale cyberattacks or malware causing large economic damages, geopolitical tensions or widespread loss of trust in the Internet.
T4. Massive incident of data fraud/theft Wrongful exploitation of private or official data that takes place on an unprecedented scale.

3.  CONCLUSION

The majority of the 29 risks  divided between the five categories of economic (9), environmental (5), geopolitical (5), social (5), and technological (4) risks.   There are almost twice as many risks in the economic category than the other four categories, which have almost the same amount of risks.

The next step in risk management is performing qualitative analysis, which assigns to each risk a probability, and potential impact, to yield an overall risk factor.   That is the subject of the next post.

 

The World Economic Forum’s Global Risk Report–Methodology


Every year the World Economic Forum meets in Davos, Switzerland, and puts out a Global Risk Report.   This year on January 14th the World Economic Forum they put out their 11th edition of the Global Risk Report, which describes those risks which have the highest likelihood of occurring and which would have the highest impact on the world if they do occur.   During the next week, I would like to delve into the details of the report, which can be read and/or downloaded at the following site:

https://www.zurichna.com/en/knowledge/articles/2016/01/global-risks-report-2016

1.  INTRODUCTION

I have followed these reports since 2012.  Like the reports for previous years, they give tremendous insights into the pressing problems around the globe, how they interact, and also how they evolve.    Understanding these global risks can give insights into the background behind the major events that will transpire during the year, including the upcoming US Presidential Election, and so studying this report has become an essential tool in being prepared for what lies ahead.

Posts during this week and next week will go into the following topics:

  • Methodology of the Global Risk Report 2016 (this post)
  • The 29 global risks identified by the survey and the 5 risk categories they belong to
  • Ten Global Risks of Highest Concern in 2016
  • Global Risks Landscape 2016–maps risks according to their likelihood and potential impact
  • Global Risks Interconnections Map 2016–showing interdependencies of the 31 global risks
  • Risks and Trends to Watch–recent trends in global risks, and risks may become more important in the future
  • The Security Outlook 2030
  • Risks in Focus–The (Dis)empowered Citizen, Climate Change and Risks to Food Security, Global Disease Outbreaks
  • Risks for Business

2.  METHODOLOGY

Because I write posts on what the report tells us , I wanted to start today with a different question on how it was done.   For those with access to the Global Risk Report 2016, this is located on Appendix B:  Global Risks Perception Survey and Methodology, page 88.

a)  Identify global risks, which are risks that are global in geographic scope, cross-industry relevance, uncertainty as to how and when they will occur, and high levels of economic and/or social impact.    29 global risks were identified. 

b)  Categorize these 29 global risks into five Risk Categories: economic, environmental, geopolitical, societal and technological.

This became the basis for the Global Risks Perception Survey, which was sent in mid-September through October 2015 to almost a thousand decision-makers and leaders, and questions were asked about the 29 selected global risks.   There were a total of 742 usable responses.   (This survey method is known as the Delphi technique.)

c)  The respondents were asked to rate the likelihood of the risk occurring globally within the next 10 years and the impact of the risk if it were to occur, impact in this context having a broader meaning than simply economic impact.    The rating was done on a 1 to 7 scale (previous years have used a 1 to 5 scale).  This then became the basis for the Global Risks Landscape 2016 part of the report.

d) The respondents were asked to state which out of the 29 selected global risks were the top five that were of the most concern between the timeframe of 18 months and 10 years.

e)  The respondents were asked to identify three to six pairs of risks they believed were most strongly connected.   The strength of the interconnection of each pair of risks was determined by the number of respondents that had cited them.    This then became the basis for the Global Risks Interconnections Map 2016 portion of the report.

f)   The respondents were asked to identify up to three risks which were most likely to occur in the region they were located.

This takes the global risk report to the next level of detail by showing regional risks.  

The first question, as mentioned above, was the first time that respondents were asked to nominate their own risks as ones facing the world at present.   The second question forms a “watch list”, that is, risks which are both low in terms of probability and/or impact at the present, but which could migrate due to future trends of increased probability and/or impact to a position where they might become prominent global risks at some point.

For more technical detail into the composition of the respondents in terms of gender, age, geographical area, and stakeholder group (i.e., business, academia, NGOs, national governments, or international organizations), as well as details on how these responses were handled from a statistical basis, you can go to Appendix B of the report which is at the website mentioned at the top of the post.

3.  CONCLUSION

A study of this global risks report is an excellent exercise in understanding how to identify and analyze risks, but it also is an inspirational example of how risk management, rather than being just an academic exercise, can actually be of help to global leaders who are trying to cope with the world’s most intractable problems.     The more people that are informed about the nature of these problems, the less they will be tempted to react to them with a sense of passivity based on fear, and more with a sense of purposeful action.

To put it bluntly, if as a leader you don’t manage global risks, then global risks will end up managing you!

Agile PM Process Grid–7.7 Process Tailoring (3)


In John Stenbeck’s book “PMI-ACP and Certified Scrum Professional Exam Prep and Desk Reference”, he creates an “agile project management process grid” which describes 87 processes used in agile project management.   These processes are divided into five process groups (Initiate, Plan, Iterate, Control, and Close), which are analogous to the five process groups in traditional project management, and seven knowledge areas which can be mapped, more or less, onto the ten knowledge areas in traditional project management.

The previous posts have covered the “Initiate”, “Plan”, “Iterate”, and “Control” process group of an agile project.   Now I am focusing on the “Close” process group.   I first want to define what I mean by that term of “process group”.   Why do I use this instead of the word “phase”?    Phase implies a sequence that goes more or less from one set of processes to another.   In reality, after the initiate and plan process groups, an agile project actually shuttles back and forth between the “iterate” and “control” process groups.   However, although a traditional or waterfall project always ends with the “Close” process group,  the “close” control group in agile also refers to those activities which are done at the close of an iteration and not just of the product itself–such as the process 7.7 Process tailoring.

This process is the last of the 87 processes that John Stenbeck describes in his book.    Having learned all of the agile processes, it is now time to go beyond them–meaning to incorporate processes from waterfall or traditional project management if it is warranted.

The first post out of three discussed hybrid projects in general, i.e., those that incorporate elements of both agile and other  methodologies.    The second post covered process tailoring in order to meet the needs of the organization.   Today’s post, the third and final one in the series, will cover process tailoring in order for the organization to meet external standards.

There are two types of external standards to consider:    regulatory and industry standards.    The biggest difference is that the first type of standard is obligatory, and the second type is more of a recommended best-practice type of standard.

1. Regulatory standards

Let’s take a typical example of the first type;  the health-care industry, which is covered by HIPPA regulations (among others).    Although the Agile Manifesto’s second principle is:

Working software over comprehensive documentation

the reality of the situation is that if you don’t do the documentation that shows your new system is HIPPA compliant, then it not be able to be used by a health-care provider.   Period.   So agile processes have to produce documentation that allows the product to be sold.    I know this well from my days working for Mitsubishi Motors, when I worked in the regulatory compliance division.    All those tests we did to make sure we passed NHTSA and EPA regulations may not have seemed, at first glance, to add value for the customer.   But if didn’t do those tests, either agency would have been able to make sure that the customer never even saw the vehicles in a showroom, let alone buy one.

Regulatory compliance is so important that, when tightening a company’s budget, a project which works on regulatory compliance issues that has, on the surface, little ROI, will be carried out even over a project which has a relatively high ROI but does nothing to advance the product’s regulatory compliance.

Agile is like a reed that bends to the winds of reality.    So if process tailoring meets the external need of regulatory compliance, it will accommodate that reality.

2. Industry standards

A set of quality standards like ISO standards is self-imposed to a certain extent, but it is done as a symbol that the product has value to the customer because it meets certain quality standards.

Here are some guidelines given by John Stenbeck:

  • Analyze those organizational standards which are in most need of improvement, i.e., that will deliver a high value if changed
  • Have  a strong executive champion to sponsor the change (important)
  • Find evidence (case studies or white papers) which validate similar organizational improvements done by other organizations within the industry (the sponsor will need these to convince others in upper management)
  • Identify which roles must be tailored to the external standard–it is roles, even more than resources, which people tend to protect more fiercely, and you will need to show how the changes will benefit them, NOT make them obsolete
  • Create a framework and detailed procedures that incorporate the new standards

This is the final post on this book, and I must say it was very helpful in studying for the Certified ScrumMaster exam, which I recently passed.

Tomorrow I will start a series of posts on the Global Risk Report 2016 from the World Economic Forum, analyzing its contents and comparing them to previous reports in order to identify significant trends.

 

Agile PM Process Grid–7.7 Process Tailoring (2)


In John Stenbeck’s book “PMI-ACP and Certified Scrum Professional Exam Prep and Desk Reference”, he creates an “agile project management process grid” which describes 87 processes used in agile project management.   These processes are divided into five process groups (Initiate, Plan, Iterate, Control, and Close), which are analogous to the five process groups in traditional project management, and seven knowledge areas which can be mapped, more or less, onto the ten knowledge areas in traditional project management.

The previous posts have covered the “Initiate”, “Plan”, “Iterate”, and “Control” process group of an agile project.   Now I am focusing on the “Close” process group.   I first want to define what I mean by that term of “process group”.   Why do I use this instead of the word “phase”?    Phase implies a sequence that goes more or less from one set of processes to another.   In reality, after the initiate and plan process groups, an agile project actually shuttles back and forth between the “iterate” and “control” process groups.   However, although a traditional or waterfall project always ends with the “Close” process group,  the “close” control group in agile also refers to those activities which are done at the close of an iteration and not just of the product itself–such as the process 7.7 Process tailoring.

This process is the last of the 87 processes that John Stenbeck describes in his book.    Having learned all of the agile processes, it is now time to go beyond them–meaning to incorporate processes from waterfall or traditional project management if it is warranted.

The last post will discuss hybrid projects in general, i.e., those that incorporate elements of both agile and other  methodologies.    This second post will cover process tailoring in order to meet the needs of the organization, and the third post will cover process tailoring in order for the organization to meet external standards.

Process tailoring, the process of tailoring an agile framework like Scrum and tailoring it to the organization’s environment, should be done, like an agile process, in iterations.

  1. Research existing frameworks that look like they might be a good match for the organization, based on what industry your organization is and what type of projects your organization does on a regular basis.
  2. Choose a framework by verifying that it has already been successfully applied in similar project environments.
  3. Identify which roles in the process will need to be tailored, and who will most likely take on those roles.   Document these in a RACI table or other type of responsibility matrix.
  4. Decide how process results will be document:  automated tools, traditional documents, or online documents (a wiki approach).
  5. Meet with stakeholders to show how the documented approach will meet their needs for communication.
  6. Create training program for those potential team members who will be adopting the agile framework.

This is the way to smooth the pathway for an organization with a traditional PM background to adopt agile methods.

The next post will cover how process tailoring deals with EXTERNAL, and not internal organizational standards.

 

 

Agile PM Process Grid–7.7 Process Tailoring (1)


In John Stenbeck’s book “PMI-ACP and Certified Scrum Professional Exam Prep and Desk Reference”, he creates an “agile project management process grid” which describes 87 processes used in agile project management.   These processes are divided into five process groups (Initiate, Plan, Iterate, Control, and Close), which are analogous to the five process groups in traditional project management, and seven knowledge areas which can be mapped, more or less, onto the ten knowledge areas in traditional project management.

The previous posts have covered the “Initiate”, “Plan”, “Iterate”, and “Control” process group of an agile project.   Now I am focusing on the “Close” process group.   I first want to define what I mean by that term of “process group”.   Why do I use this instead of the word “phase”?    Phase implies a sequence that goes more or less from one set of processes to another.   In reality, after the initiate and plan process groups, an agile project actually shuttles back and forth between the “iterate” and “control” process groups.   However, although a traditional or waterfall project always ends with the “Close” process group,  the “close” control group in agile also refers to those activities which are done at the close of an iteration and not just of the product itself–such as the process 7.7 Process tailoring.

This process is the last of the 87 processes that John Stenbeck describes in his book.    Having learned all of the agile processes, it is now time to go beyond them–meaning to incorporate processes from waterfall or traditional project management if it is warranted.

The first post will discuss hybrid projects in general, i.e., those that incorporate elements of both agile and other  methodologies.    The second post will cover process tailoring in order to meet the needs of the organization, and the third post will cover process tailoring in order for the organization to meet external standards.

John Stenbeck goes through some statistics in his book to show that the future of project management is running hybrid projects.   According to the person I took the Certified ScrumMaster course from, one of the latest trends within agile is combining iteration-flow approaches like Scrum with continuous flow approaches like Kanban.

An even larger trend is to combine Agile and waterfall project management methodologies.    This is important for many reasons which will be explored in depth in the next two posts.    Suffice it to say that the reason for this trend comes down to one key fact:   even if your team speaks agile, much of the world still speaks waterfall and you as the ScrumMaster will need to learn to speak both “languages” in order to translate between your team and the world!

The next post starts to get into exactly WHY such “process-tailoring” is needed, in particular, to conform to the needs of the organization.