DEFINITION AND ANALYSIS OF THE CONTEXT
It allows the configuration of the internal context, the external one and the specific one relating to the management of projects and orders. With reference to the internal context, it is possible to configure elements of corporate governance (Legal Entity, Processes, Roles, procedural system, stakeholders), business elements (mission, values, objectives, sector of activity, business model, types of products offered and markets served) and organizational elements (organization chart, number of employees, type of contract for macro classes).
With reference to the external context, it is possible to configure corporate partners and companies belonging to the value chain, as well as any other company directly connected to business operations. Specifically, for each of them it is possible to define, among other information, the type of relationship (e.g. suppliers, joint ventures), the type of activities performed (e.g. manufacturing, packaging), the geographical areas in which the activities are carried out.
With reference to the specific project risk management context, it is possible to define and manage the project risk model (see specific paragraph for details), and any other element useful for managing the entire risk management process. For what concerns the management of the indicators and the risk assessment criteria, please refer to the specific paragraphs.
DEFINITION OF THE RISK MODEL
The Risk Model can be defined flexibly and according to a tree structure (family, macro-area, area and risk). The risk, already in the definition phase, can be associated with various attributes (e.g. ESG, insurable, etc.). If the ERM-ESG module is also used, it is possible to create connections with the ERM-ESG risk model in order to benefit from integration effects.
METHODOLOGIES AND CRITERIA
It allows you to select, from a library of methodologies and criteria, the parameters that allow the determination of the levels and related classes of risk, the types of Qualitative and/or Quantitative evaluation and the levels of risk acceptability (Risk Tolerance). As regards risks classified as ESG, the platform proposes an ad hoc methodology.
IDENTIFICATION, ANALYSIS AND ASSESSMENT OF PROJECT RISKS
The platform allows you to create project/contract sheets within which it is possible to associate the risks that are believed to impact the achievement of the predefined objectives.
For each risk selected in the project file, it is possible to carry out qualitative and quantitative analyses:
- the former are characterized by the assessment of the various impacts (actual/potential and positive/negative) on components falling within the following areas: economic, operational, reputational, social, environmental. The probability can be differentiated according to the project year (in the case of multi-year projects/orders).
- the latter allow quantitative «scenario analysis» to be carried out (Monte Carlo method) obtaining as output values derived from probability distributions on predefined target variables (e.g. Cash Flow, Ebitda, Expected Damage). KRC® uses the R library (statistical programming language) for the analyzes and this allows ample possibilities in terms of choice of distributions (normal, lognormal, exponential) and statistical models.
Quantitative analyzes on KRC® can be carried out on a single project also by taking a set of risks as a reference, possibly studying and considering (after a preliminary analysis) correlation effects.
The Treatment phase allows you to activate the Treatment Strategy (also for insurance purposes) and the related Plans with allocation of responsibilities.
The Project Risk Manager will be able to follow all the progress of the planned actions through specific dashboards on his home page.
In KRC® it is possible to configure and manage indicators to be used in the phase of monitoring the progress of projects/orders.
These indicators can be:
- defined with maximum possibility of customization (type, unit of measure, target, tolerance, frequency, ownership)
- associated with the projects/orders
- consulted online through special dashboards or made available in specific reports
COMMUNICATION AND REPORTING
In KRC® it is possible to generate and manage reports containing the most significant information (which can be defined in advance) following the project risk assessment. The various reports generated over time can be consulted by accessing a special control panel
The platform provides dashboards and interactive heat maps that respond dynamically to special filters that query the entire database.
For example, it is possible to have specific heat maps for project risks or heat maps that compare the results of the assessments between two different dates