Event-based Risk and Non-Event Risks

Mudassir IqbalMarch 30, 2019PMP Concepts1 comment

The risk is future uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives. [PMBOK6]

The risk is the effect of uncertainty on objectives, and an effect is a positive or negative deviation from what is expected. [ISO31000]

What are Event-based Risk and Non-Event Risks

Event-Based Risk:
refer to unforeseen incidents or developments that could impact a project. These are unpredictable occurrences that may require careful consideration and mitigation strategies. An example could be a sudden regulatory change affecting project requirements.

Non-Event-Based Risk:
on the other hand, are inherent aspects of a project’s environment. These risks are ongoing and do not rely on specific incidents. Operational risks, financial uncertainties, strategic misalignments, and compliance issues are examples of non-event-based risks. Identifying and managing these risks is crucial for sustained project success.

Event-Based Risk

Event-Based Risks are future possible events known as stochastic uncertainty or event risk. An event risk refers to something that has not happened yet and it might not happen at all. Remember ” may or may not happen”

In case the situation does happen, it will influence one or more objectives. Many risks are identified in the representative project risk register as event risks. Below are some examples of event-based risks including both threats and opportunities.

An important supplier may go out of business while the project is on-going
The client may change the requirements after completion of design
New regulatory limitations might be enforced
You may lose a prominent resource during the critical phase of the project
The client may permit incremental deliveries

Event based Risk has two broad categories

Project Risk: This term encompasses a comprehensive evaluation of all potential risks associated with the project, considering various factors such as timelines, budgets, and external influences.

Individual Risk: This pertains to the specific risks associated with individual team members, acknowledging personal or professional challenges that might affect their contribution to the project.

In essence, event-based risk serves as the umbrella term, while project and individual risks represent more focused dimensions within the broader risk management context.

What is RIsj — When is a Risk not a Risk? by Dr David Hillson

Event-Based Risk Management (EBRM) is an approach to help the project manager in overcoming this issue. Typically, traditional risk management processes use the bottom-up methodology to identify individual project risks. Investing a lot of time in evaluating and managing the wrong risks can divert means that could be used more efficiently. Event-Based Risk Management facilitates a top-down approach for analyzing project risks and complements the typically bottom-up technique. The outcomes help in understanding the relevant details along with the key risks. This is an imperative element of any project. It is correspondingly applicable during the project planning and the implementation phases. EBRM comes with the following discriminators:

It follows a top-down approach to offer a bigger view in contrast to the bottom-up approach.
Event-centric interpretation focuses on key events or deliverables.
Intrinsic schedule evaluation to improve the probability of project success.
Key artifacts that significantly facilitate comprehending important risks to the project. These artifacts are quite effective for communicating essential project information to both the project team and to other stakeholders.
Review inputs from others who have somewhat similar experiences.

Risk Elements — When is a Risk not a Risk? by Dr David Hillson

Non-Event Risks

Some risks arise from uncertainty when some aspects of a planned task or situation are not known. They are more subtle in nature. So they kind of hang around, and you need to be aware of them.

Non Event based Risk which are vague in nature and can be classified as;

Variability Risk : Uncertainty in planned event, activity or decision. A good example could be a game of chance with dice where there are a set number of possible outcomes but we don’t know which one will actually occur.

Uncertainty about a planned event/decision/activity can be addressed using Monte Carlo simulation

Ambiguity Risk : What might happen in future like areas of the project where imperfect knowledge might affect the project’s ability to achieve its objectives.

A good strategy to tackle ambiguity risk could be using incremental development, prototyping or simulation techniques to take small steps into the future

For instance, suppose a situation from the project arena where you might be planning to run a 15-day trial, while the actual duration is somewhere between 10-25 days. The likelihood of running the trial is 100% through the duration is uncertain. Other unknown parameters include budget, resource requirement, output, deficiency rate, performance, etc. Below, I have listed some examples of non-event risks:

Efficiency may be above or below the target
The number of miscalculations found during testing may be high or low than expected
Unseasonal weather circumstances may arise during the building phase
Exchange rates can vary beyond the range used to finalize quote

So, non-event-based risks are like the constants in your project – they don’t need a specific event to show up; they’re there, and you’ve got to keep an eye on them

Example for Event-based Risk and Non-Event Risks

*A simplified hypothetical example of driving from Paris to Frankfurt and tries to figure out how long it should take. He collects data points: 5 hours is the ideal time, 6 hours is more likely, and it could be upward of 25 hours if the car breaks down. That provides an estimated range of 5 to 25 hours wide.

The range 8 hours to 25 hours comprises ‘event’ risk as understood traditionally by the PMBOK. In order to refine this estimate, we must take a conventional risk approach: identify risks, analyse, prioritise, and develop responses to the high priority risks.

Further Readings

Mudassir Iqbal

Mudassir, the COO of AnaConEx Solutions, oversees operations across Pakistan, UAE, KSA, and the USA. With over 50 successful Odoo implementations since 2020, he ensures tailored solutions for businesses across industries. With more than 20 years of experience in leadership, project management, and business consulting, Mudassir is passionate about empowering others. He offers PMP Certification courses with a 100% success rate, along with leadership coaching to help professionals unlock their potential. As a mentor, Mudassir supports aspiring leaders in building essential skills, including team building, communication, and soft skills. His mentorship prepares professionals to tackle career challenges confidently. Beyond consulting, Mudassir is a dynamic speaker and host. He conducts webinars, conferences, and podcasts, including *TechTalk with Mudassir* and *Elevate to Leadership*, sharing insights on technology, leadership, and career growth. Through his writing platform, *My Corner!*, he reflects on two decades of professional experience, offering practical advice and thought leadership on topics like ERP, digital transformation, and project management. Mudassir is also the founder of Know Your Project (KYP), an IT consulting and training firm. He has led global digital transformation projects in industries like finance, manufacturing, telecom, and logistics, with deep expertise in BPR, IT governance, and ERP strategy using platforms like Oracle, SAP, Microsoft Dynamics, and Odoo. Join Mudassir’s journey as he continues to shape leaders, drive operational excellence, and inspire meaningful change across industries.

One thought to “Event-based Risk and Non-Event Risks”

Pingback: Issues and Risk - Mudassir Iqbal