Published 3 Aug 2022
Qualitative risk analysis is the process of rating or scoring risk based on a person’s perception of the severity and likelihood of its consequences. The goal of qualitative risk analysis is to come up with a short list of risks which need to be prioritized above others.
Qualitative risk analysis is best described as a project manager’s first line of defense against risks. It helps weed out potential detractors to the project’s success, including risks that are unlikely to cause any severe harm to the project. By targeting the most dangerous risks first, project managers are able to allocate their time and resources more effectively.
Quantitative risk analysis is the process of calculating risk based on data gathered. The goal of quantitative risk analysis is to further specify how much will the impact of the risk cost the business. This is achieved by using what’s already known to predict or estimate an outcome.
For data to be suitable for quantitative risk analysis, it has to have been studied for a long period of time or to have been observed in multiple situations. For example, in the past five projects, equipment type A has broken down after 7 hours of use. With this information, it can be assumed that if a project requires workers to use equipment type A for 8 hours, then it has a 100% chance of breaking down.
The key difference between qualitative and quantitative risk analysis is the basis for evaluating risks. As mentioned earlier, qualitative risk analysis is based on a person’s perception or judgment while quantitative risk analysis is based on verified and specific data.
Another difference is the values associated with risks. In qualitative risk analysis, this value is the risk rating or scoring. A risk may be rated “Low” or given a score of 1 to indicate that the risk does not require immediate attention. In quantitative risk analysis, the value associated with the risk is often in percentages and indicates the probability of the risk occurring or of it causing a specific negative effect on project objectives.
Qualitative risk analysis should be performed when there is a change in the perception of a risk and when a new risk has been identified. As a general rule, project managers should always perform qualitative risk analysis at the beginning of every project. Additionally, since performing qualitative risk analysis is relatively easy, quick, and low-cost, it can be done at any time during the project or whenever the project manager deems it necessary.
Quantitative risk analysis should be performed when there is a large amount of data on the risk and its impact and when qualitative risk analysis needs to be validated. Since performing quantitative risk analysis can be difficult and time-consuming, it is not recommended by most project managers unless the safety of the project relies on precise estimations of risk. In these environments, performing quantitative risk analysis may be required by law or by project stakeholders.
To help guide project managers in selecting which risk analysis to perform, here are examples of instances where a qualitative or quantitative risk analysis may be applied.
Change in perception of a risk – Example: The lack of machine guards was initially given a risk rating of low, but after several near misses involving the hazard occurred, the project manager believes its risk rating should be at least medium.
New risk has been identified – Example: When the project began, equipment was in good condition. The only risk the project manager could identify at the time was the lack of proper training, as most of the workers did not know how to use equipment safely. The project manager quickly arranged for the workers to be trained in equipment safety. Yet, as the workers started to use equipment more frequently, the project manager noticed that it was no longer in good condition and could malfunction soon.
Large amount of data on the risk and its impact – Example: In 2020, a construction company planned on starting a major project in 2021. In preparation for the project, the construction company began collecting data on the risks they may face, their impact on the project’s completion, and how much mitigating these risks could cost the company. By early 2021, the construction company had enough data to perform a quantitative risk analysis.
Qualitative risk analysis needs to be validated – Example: During qualitative risk analysis, a project manager scored each risk a 10 on a scale of 1-10, with 10 being extremely high risk. But the project manager wants to ensure that each risk has an impact great enough to justify spending time and resources on them.
After choosing which risk analysis best fits their given situation, project managers can proceed with performing the risk analysis. For those looking for a guide on how to perform qualitative and quantitative risk analyses, follow the steps below:
The goal of this step is to create a masterlist of risks by noting down any risk that comes to mind and asking other members of the team for their input. Additionally, project managers can make the risk identification process faster by holding brainstorming sessions with their teams and even some workers to get a clearer idea of what’s happening in the field.
There are several techniques for classifying risks. One popular technique is the risk matrix, which combines the consequences and likelihood of a risk occurring.
Lesser known techniques include assessing the possible causes and effects of each risk and preparing for different scenarios involving the risk.
While this may look different depending on the technique chosen in the previous step, risk control is generally divided into two categories. The first category of risk control is focused on targeting the root causes of risks such as hazards or inefficient management processes. The second category of risk control is geared towards lessening the negative impact of the risk through corrective actions such as providing workers with PPE.
As project managers go through the qualitative risk analysis process, they should remember to keep all of their notes regarding risks, risk ratings, and control measures to mitigate consequences. These notes will be useful in completing the final step: risk monitoring. This step mainly involves observing risks and asking the following questions:
Project managers first need to think about what they want out of the quantitative risk analysis. What kind of insight are they looking for? After identifying the purpose of quantitative risk analysis, project managers can now define the scope and limitations. What data will or will not be included in the quantitative risk analysis? Once this question has been answered, project managers can now select one of the following methods for quantitative risk analysis:
Before applying the selected method, project managers should ensure that data is organized and compatible with the method and tools they plan to use. Tools can include digital templates, specialized software, and other materials that can help in performing quantitative risk analysis. As for the preparation of the people needed, this highly depends on whether or not project managers decide to hire outside experts or involve people from other departments or branches.
Once the data, tools, and people needed are ready, project managers can proceed with performing the quantitative risk analysis. If project managers selected the FMEA or BIA methods, they can use the following digital templates:
For the EMV method, project managers can use the following formula:
Probability in % of Risk Occurring x Cost of Impact in Preferred Currency = EMV
After applying the FMEA, BIA, or EMV method, ensure that all results are recorded and stored securely, even if they aren’t the focus of this risk analysis. The reason for keeping these records is that they may be useful later on in the next risk analysis. As quantitative risk analysis takes up a lot of time, effort, and resources, it’s important to not waste information gained from it.
iAuditor templates are easy to use and customize according to the needs of the project. Project managers can simply download one of iAuditor’s pre-made templates to get started. Here are some iAuditor templates that could help project managers in performing qualitative and quantitative risk analysis:
Use this digital template to perform qualitative risk analysis in 4 steps:
Eliminate manual tasks and streamline your operations.
Use this digital template as a guide in performing quantitative risk analysis. It includes the following steps:
iAuditor by SafetyCulture is a digital operations platform project managers use to ensure that their projects stay on track. It has the following features:
iAuditor makes it simple and easy for project managers to perform risk analysis on-the-go or in the field. With the iAuditor mobile app, project managers can capture and record risks as soon as they appear, set risk ratings, and collaborate with other members of their team in identifying potential risks.
iAuditor Qualitative Risk Analysis Template
Project managers can assign corrective actions to anyone in the organization or even to themselves. They can add due dates, priority levels, and images to any corrective action created in iAuditor.
iAuditor Actions for Qualitative and Quantitative Risk Analysis
View risk analysis results in the analytics dashboard and apply filters to get the insights you need. Store critical data effortlessly with automated recordkeeping.
iAuditor Quantitative Risk Analysis Template
iAuditor helps you manage risks so that they don’t get in the way of your work. Without a good project risk management system, projects are vulnerable to unexpected threats and may be delayed as a result. Prepare for anything and everything by identifying and analyzing risks. By performing regular risk analysis, you become more equipped to handle possible obstacles to the project completion.
Available on Android, iOS, and the web, iAuditor is a customizable mobile inspection app mainly used to improve and maintain safety and quality in numerous industries.
iAuditor offers a number of ready-to-use risk analysis templates that can be used in different industries to manage and control risks on-the-go.
Zarina is a content writer and researcher for SafetyCulture. She enjoys discovering new ways for businesses to improve their safety, quality, and operations. She is working towards helping companies become more efficient and better equipped to thrive through change.
Importance of Lone Worker Solutions Working alone exposes employees to a variety of hazards—and ...
Every lone worker policy should outline general guidance for working safely, potential lone worker ...
Though it is an employer’s responsibility to keep their lone workers safe, employees should also ...
Something went wrong with your submission.
Trying to log in? Click here to log in
Contact us if you require any assistance with this form.