Need for a Sound Risk Management Plan
As risks can be associated with all aspects or activities of a programme, it is essential to develop an interactive strategy to evolve a comprehensive methodology for their management. A Risk Management Plan (RMP) includes all activities related to the identification of risks, analysis to track the causal issues and the treatment to curtail adverse impact of their consequences. Further, remedial steps to reduce chances of their occurrence and measures for their mitigation have to be well thought through and planned. Resources have to be assigned accordingly.
Diligent identification of risks is the key to the formulation of a sound RMP. Nothing should be taken for granted. As over-confidence can breed complacency, it is prudent to be extra cautious. Risk identification should begin concurrently with the commencement of a project and should continue throughout its currency with regular reviews. Each ingredient of the programme must be examined assiduously to catalogue associated probable root causes.
Illustration 3: Matrix of Risk Analysis
Once all the risks are identified and listed, a systematic analysis is carried out of each item to ascertain likelihood of its occurrence and likely severity of its impact on the progress of the project. Risk analysis defines each risk in detail and helps determine its relative criticality to enable prioritising of risk mitigation measures. A risk with potential to disrupt the progress of a programme has to be dealt with in a definite manner, even if the chances of its occurrence are less. On the other hand, risks having high-probability but low-impact deserve different treatment. See Illustration 3.
In order to prevent exposure to high-impact risks that can imperil the successful implementation of a project, efforts are made to explore ways of averting them to the maximum extent possible through affecting changes in plans, processes, procedures, concepts and specifications. At times, users are approached to reconsider the performance parameters in case they are considered to be impractically ambitious.
Since it is well nigh impossible to eliminate all risks, measures have to be planned to reduce chances of their occurrence and to mitigate their adverse impact. A risk mitigation plan is an action plan that contains details of specific steps to be taken in various contingencies by duly nominated functionaries with necessary resources earmarked for the purpose. As the maxim goes – ‘a stitch in time saves nine’, a risk mitigation plan seeks to discern an impending risk at the earliest and strives to take prompt steps to minimise the damage.
Illustration 4: Steps in the Formulation of a Risk Management Plan
Tracking and evaluation of risk mitigation measures is a continuous process. Needless to say, close monitoring is essential for timely initiation of mitigation plans. Once mitigation plans get triggered, their systematic appraisal has to be carried out to measure their effectiveness and determine further corrective steps, if considered necessary. See Illustration 4.
Minimising Risks
All future plans are evolved using current knowledge and necessarily include the indeterminate aspects that are based on premises, conjectures, estimations and visualisations. These imprecise facets expose all plans to risks. In the case of defence acquisitions, the causative factors can be grouped under three broad categories – operational uncertainties, technological setbacks and human limitations. Although it is impossible to eradicate all risks, efforts can certainly be made to minimise chances of their occurrence. See Illustration 5.
Illustration 5: Management of Causative Factors
Many risks get generated when impracticable mission objectives are set, based more on speculative thinking than objective appraisal of operational needs. Operational plans must be based on realistic threat assessment. A threat has to be enemy-specific and based on his expected capabilities, probable objectives and likely terrain of operations. Unfortunately, all militaries tend to overplay security concerns. Resultantly, they demand equipment with unachievable and unneeded capabilities. Moreover, as operational scenario undergoes change, they seek changes in performance parameters of equipment under acquisition thereby exposing projects to avoidable slippages. Therefore, it is essential that operational uncertainties be minimised by preparing focused and enduring perspective plans.
Secondly, appraisal of technology (both available and under development) should be based on realistic expectations rather than over-ambitious and wishful projections. Dependence on a single foreign source for critical technologies must be avoided. In the past, many critical projects of strategic importance have suffered because the foreign source failed to deliver the promised technology to India. Drawing lessons from past experience, alternative plans must be kept ready in case of projects that are dependent on imported technology.
Being a continuous process, the performance of risk-mitigation plans should be monitored regularly so that timely corrective measures can be taken, if required.
Even the best of plans need competent and diligent personnel for their successful implementation. Therefore, selection of personnel is of utmost importance. Further, slippages due to human inadequacies can be minimised only if the functionaries are delegated adequate powers and held accountable for their performance. An impartial ‘award and punishment’ regime helps in reducing risks due to human acts of commission and omission.
As the success of a defence acquisition programme is dependent on the fulfilment of the key imperatives, all threats to KAI must be considered as serious risks and given due attention. Finally, adequate margins of errors in delivery schedules and funding support must be inbuilt in all programmes to cater for unexpected challenges.
The Way Forward
A risk is a chance of a problematic occurrence. Risk management planning is based on the premise that precautions are infinitely better than panic-reaction. Risk planning is an interactive process. It entails identification of risks, their analysis and preparation of plans for their mitigation. It amounts to carrying out of a cause and effect analysis in anticipation.
As seen above, two essential ingredients of an effective risk management strategy are early identification of risks and continuous monitoring. It is ideal to initiate recognition of risks concurrently with the formulation of the acquisition proposal. It helps to incorporate adequate safeguards in the Request for Proposals itself. Being a continuous process, the performance of risk-mitigation plans should be monitored regularly so that timely corrective measures can be taken, if required.
Finally, constant oversight, regular interaction with all participants, earmarking of responsibilities, assignment of required resources and quick decision making apparatus are essential for the successful implementation of a risk management plan. It is only then that the likelihood of the occurrence of risks can be minimised and the severity of their consequences kept within acceptable limits. Risk management is unquestionably better than crisis management.
Please wait...
