$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Risk Management In Engineering

tag 0 Download15 Pages / 3,707 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT


Discuss about the Risk Management in Engineering.



The proposed project ‘Implementation of new in patient data storing system’ aims at automating the process of storing patients’ data , who are admitted in the hospital and monitor it electronically. The proposed system aims at eliminating the hassle of manually storing the patients’ records and monitoring it. Both the hospital and the patients will access this health record system. The records are uploaded and transferred to and from the system electronically and the patients’ data is stored over a common database of the hospital with the application of cloud storage. This proposed system will make the process of data keeping simpler, easier and less time consuming. This will be beneficial for the patients as well since they would not have to carry the manual records of their previous medication in case they see a new professional. However, there are certain risks associated with the implementation of the project. These risks are needed to be eliminated or acknowledged in order to implement the system successfully. The risk management strategy financial and security risks of the project is elaborated in the following paragraphs.

Project Overview and boundaries of the Project

The in patient data storing system for hospitals, named as ‘My Health record System’ is to be implemented to automate the system of manual recordings. This system is designed with an objective of storing and accessing patients’ record electronically. The records and patients details are stored are at first uploaded into the system. The patients and the doctors have to register into the system in order to access the data thus ensuring the privacy of data (Woods et al. 2013). The data is stored in the cloud thus offering unlimited data entries and storage.

However, there are certain limitations in this system. The data is to be stored in cloud, thus certain security issues arises with the data security (Kulkarni et al. 2012). Moreover, there is a risk of data loss in case of system failure and that would result in a huge problem. The uploading of the data is needed to be done very carefully as that would be the only copy of the patients’ record in the hospital.

Establishing the Context

For implementing the risk management strategy using AS/NZS ISO 31000:2009, the context of the risk are necessary to be defined (Ernawati and Nugroho 2012). The contexts are to be identified carefully in order to ensure an effective risk management plan. This includes establishment of internal, external, stakeholders and risk management context of the plan. These contexts are established in the following paragraphs (McNeil, Frey and Embrechts 2015).

Internal Context

With the emergence of digital world, people are keener on using internet to make their work easier. This idea has been implemented by the project “My Health Record System” for automating the storage and transfer of the patients’ data admit7ted in the hospital. This record will include every detail such as the name, address, medical details and prescribed medication of the patients. Both the professionals and the patients can access this record.

The financial context of the business covers the responsibilities of designing the system, Initial investment for the up gradation process, uploading and archiving the previous records into the new system, and re investment strategy. Fluctuation in the finances of the hospital will resonate into every part of the business, which is needed to be tracked by the project manager and the project sponsors (Hopkin 2017).


Designing a secure system is another internal context of this project. Maintaining the confidentiality of the information is necessary for the hospital in order to earn the patients’ trust, which is essential for business perspective.

The various department of the hospital that are involved with the designing and development of this project are as follows-  

1) Operations Department

2) Clinical department

3) Billing Department

4) Patients’ discharge department

Information from all these departments is necessary for manual input of the previous patients’ data into the new system.

The project teams involved in developing this system are listed below-

1) Designing team

2) Coding team (for database designing and coding)

3) Testing team

4) Project management team (which includes the project manager and the business nalyst of the project)

Lastly the patients whose information is to be stored within the health record system are also part of the internal context of the project under consideration.

External Context

The external context of this project has a direct influence on the internal environment of the hospital. By implementing this project successfully and developing the “My Health Record System”, the hospital will have a positive impact on the other hospitals for implementing this idea and adopting the change. This will provide fresh business to the hospital by gaining more patients as everyone would love to have an electronic version of data storage instead of the traditional and manual way of data storing (Sadgrove 2016). However, with the implementation of this project, the other hospitals might be negatively affected by the competition resulting from the implementation of “My Health Record System”

Risk management Context

For this particular project, the risk management context focuses on managing only the financial and security risks associated with the implementation of the project. The primary goal of this study is to access and analyze relevant risks associated with the project and treat them accordingly (Lam 2014). The goals of the risk management plan are listed below-

1) Reduce the risk of project failure in its first year of implementation.

2) Establishing and building a system that fits the purpose of providing a better service to the patients of the hospital.

3) Ensuring that the business perspective of the project and its performance is aligned with the primary objective of the system.

4) Evaluate the risk involved in storing of patients’ information in cloud.

Risk Criteria

As this report mainly focuses on the financial and security risk of developing a new system in hospitals, the risk criteria will also be addressed only on basis of financial and security issues in the system (Christoffersen 2012).

The following points are needed to be considered in establishing the risk criteria.

1) A method of determining the degree of threat in storage of patients’ personal information in cloud and prioritizing those threats

2) The amount of available resources in treating the risk if faced

3) Setting up a tolerability benchmark

3) The probable impact of immediate and delayed risks in the system

These points aim at:

1) Helping the project manager in effective decision making

2) Considering various scenarios and their impact on achieving the objective of the project

3) Allocating resources at the initial stage of development in order to bypass high-level risks

4) Providing a clear and simple tool for clear and essential communication

The internal goals of the hospital in developing the in patient data storing system are as follows-

1) The project must comply with the government regulations and laws

2) Profit must not be less than 6%

3) The system implementation should not lead to the over budget of the project

4) The system should be developed in such a way that it will be opened for further advancements if required

5) Zero turnover rates in order to avoid unnecessary costs rising from training the staffs in using the new system.



The detailed analysis of the stakeholders involved in this project are elaborated in the following paragraph (Harrison and Wicks 2013)-

Stakeholder Identification

The following are the identified stakeholders of the project under consideration (Pacheco and Garcia 2012) -

The Hospital Owner

The Project manger ( the project deals with designing the health record system)

Project Team


The Billing department of the Hospital

The patients

Table 1: The list of stakeholders involved in the project

Stakeholder Analysis

Detailed analysis of the identified stakeholders are elaborated in the following table (Lienert,  Schnetzer and Ingold, 2013)-



The Hospital Owner

Responsible for setting up the objectives of the project

The Project manger ( the project deals with designing the health record system)

Responsible for planning and executing the project according to the specified objectives

Project Team

Responsible for the implementation of the project within the specified time


Responsible for managing the economical aspects of the project and is the source of funding for the project

The Billing department of the Hospital

Responsible for providing necessary details of the patients to be uploaded into the new system

The patients

Responsible for supporting the project by agreeing to store their personal information and health records into a common database of the hospital.

Table 2: Representing the Stakeholders’ Analysis


Engaging the stakeholders through an appropriate communication and consultation plan is necessary to address the stakeholders’ interest and concerns. This project is a medium sized project and hence it is essential to recognize the potential risks associated with the opening up of a new system and build awareness in regard to the significance of the ‘My health Record System’ (Lundgren and McMakin 2013).

An effective Communication plan eliminates the conflict of interest and decision among the project stakeholders and therefore it is very essential for a smooth implementation of the project (Lando 2014).

In order to develop an effective communication and consultation plan, a proper analysis of the power and the interest of the stakeholders in necessary to consider (Fassin 2012). The group of stakeholders who have less power or interest on this project would be least pronounced in the communication and the consultation plan. While the group of stakeholders who have high power and interest over this project should be specifically and formally addressed and included in the communication and consultation plan through proper email. Mass communication should be made with this group as this group of stakeholder has higher interest in the project. They should be informed about the project progress in daily basis. The stakeholders included into this group are the hospital authority and the owner. Stakeholders that have low interest over the project can be notified about the project progress less often.


Four Risk assessment Methods

The four relevant risk assessment methods are elaborated in the following paragraphs-

Risk Identification

For the purpose of risk identification in developing this system, two methods were primarily undertaken, brainstorming and checklist (Kerzner 2013).

The Brainstorming session was proposed for evaluating the risk that might creep in while the project is implemented (Keeney 2012). The brainstorming session was performed with the investing partners and general manager of the hospital along with the project manager in a number of face-to-face meetings. The results of these meetings and discussions are to be analyzed in order to indentify the risk associated with the project (refer to appendix 12.1. for risk identification checklist).

The different areas of risks associated with the project are elaborated in the following table-

Risk Type

Risk Description

Risk Class


The project might not be completed within the assigned budget



Complaints from patients about data privacy and security may stop the project leading to huge financial loss



Malfunctioning of the system, security and equipments



Failure of securing the confidentiality of the patients information


Future Competition

Competition from other leading hospital may affect the business


Table 3: Representing the risk areas involved in the project

Risk Analysis

Risk analysis is a process of reviewing the risks associated with a particular project. Risks are analyzed on both qualitative and quantitative basis (McNeil, Frey and Embrechts 2015). Risk analysis is an important component of risk management. A proper risk analysis is essential to estimate the damage that might be a cause of the risk. The analysis demonstrates the relationship between the probability of the risk in occurring and the amount of damage it might cause. The risk level is determined by the combination of probability and consequence of the risk. The hospital authority adopts a proper risk analysis tool and the project manager to evaluate the risk related to the project (Cox 2012).

The risk Associated with the Project

The risk associated with the project are elaborated in the following table-

SL No.

Description of the Risk





The Project is not completed within the estimated schedule


The whole procedure of upgrading the system might be delayed.



An error has occurred in manual uploading of the previous records


The whole procedure of record uploading might have to be repeated leading to a considerable loss of time.



The confidentiality in patients’ information is not maintained (Chen and Zhao 2012).


The project may fail completely as it is essential to protect the data stored in the system, as it is a matter of maintaining the privacy of the patients’ details.



The price of developing the system is found to be more than the advantages it offers


This would lead to considerable economic loss of the hospital.


Table 4: Representing the risks Involved with the project

Existing Controls and Their Effectiveness

Controls are necessarily established to eliminate the probability of risks occurring. The controls are implemented after discussing its effectiveness with the management and the project manager.

In any project, human error is a large possibility and hence it is significantly considered in any risk management process. Therefore, controls are to be carefully written and reviewed before finalizing. These guidelines are to be handed to the every members of project team at the beginning of project initiation. The effectiveness of these controls cannot be quantitatively measured.

Risk Evaluation

After analyzing the risks in terms of their probability and consequence, every risk is segregated into a unique risk rating according to their severity. Every risk is classified into three categories-> High, Medium and Low. The risks that fall in the ‘High’ region needs immediate attention and cannot be tolerated, the risks that fall into ‘medium’ category can be tolerated only if the cost benefit analysis is extremely high, the risk that fall under ‘low’ category can be ignored (Covello, Menkes and Mumpower 2012). The FMEA Analysis (refer to appendix 12.2.) is done to identify the possible risk and the damage they would create in the project.


Figure 1: Representing the Risk evaluation Criteria

(Source: Covello, Menkes and Mumpower 2012)

Risk Treatment

AS/NZS ISO 31000:2009 includes several options of risk managing and treating. These options are as follows-

1) Eliminate the risk

2) Change the likelihood of occurrence of the risk

3) Change the Consequences of the risk

4) Transfer the risk

5) Retain the risk

Identification of the appropriate risk treatment

There are several methods present for treating the identified risk. For this particular project the risk treatment methods were chosen on basis of (Bojanc and Jerman-Blaži? 2013)-

1) Suitability and usefulness of the treatment

2) Cost of the treatment

3) Choosing the best alternatives among the existing alternatives

5) Acceptability of the residual risks

Appropriate risk treatment were identified keeping in mind the criteria stated above. The best risk treatment was so design the project plan in such a way that would eliminate all the possible financial and security risks (Feng, Wang and Li 2014).

Risk Recovery

Implementation of the project ‘My Health Record System’ is very important and therefore it is important to have a risk recovery strategy to handle the unexpected and extreme impacts. A flawless project plan is essential to eliminate the major risks associate with the project. The most prominent risk associated with this project is storing of the patients’ data in a secure manner. Elimination of this risk is possible by ensuring that the project plan includes the development of the system with proper cryptographic methods (Fernandes et al 2014). The storing of the patients’ information is carried over internet and hence additional security of the data should be ascertained. However, if any discrepancy occurs in the course of project implementation, risk recovery techniques and strategies helps in overcoming the adverse effect. The risk recovery technique applied in this project is crisis management planning that establishes a backup plan for a financial and security threat. This includes changing the whole projects plan unless necessary (Carr and Yu 2012).  

Risk tolerability

Tolerability of risk identifies the tolerability of risks associated with the system. It is generally measured in a scale of 1 to 25 with 1 being the lowest risk level and 25 being the extreme level of risk.

The risk tolerability table matrix is elaborated below-

Almost Certain






























































Figure 2: Representing the Risk level of rist tolerability table

(Source: Feng, Wang and Li 2014)

Monitoring and Review

After evaluating and properly managing the risk, it is essential for monitoring and controlling the risks further to ensure the effectiveness of the controls that are identified or employed to manage the risks. The risk monitoring and review strategies recommended for this project are listed below-

1) Periodic repetition of the risk management process and update of risk management process is essential to monitor and capture new risks.

2) The risk management plan should be examined and reviewed even after completion of the project.

3) Observed risk should be properly recorded in the risk register.

Societal benefits of risk exposure

The societal benefits of risk exposure are listed below-

1) The patients will have a clear idea about the security policies of the new system

2) The system will be beneficial not only for the inpatient but for the casualties as well

3) The system will give financial benefit to the hospital

4) It prevents further creeping up of the risk into the system

5) Exposes the vulnerability of the project under development

Risk Closure

The responsibility of the risk assemenet manger is to close a risk once it has been treted. The conmdition of risk closing are as follows-

1) Ensuring that the treatment actions are properly implemented

2) Positive feedback has been received after the risk treatment

3) No additional risk has been encountered while treating an existing risk.  


Therefore, from the above discussion it can be concluded that risk management is very essential for successful implementation of the project. Certain steps are undertaken for proper risk management. These include, establishing the context of the risk, evaluating the risk criteria, analyzing the relevant stakeholders, establishing a proper communication and consultation plan, identification of the risk, risk analysis and risk evaluation followed by the proper treatment of the risk and monitoring the risk. A risk manager is to be appointed for properly managing all the aspects of a risk management process. After analyzing evaluating and eliminating the risk from a project, it is essential to monitor the risk even after its elimination. This is essential to prevent the any type of further risk creeping into the system or project. Since this project deals with the storing of patients’ data over electronic means, maintaining the security of the data is very essential. This is ensured by involving proper cryptographic methods and encryption as various means of data security. After proper risk treatment and getting a satisfied result, the risk can be subsequently closed after evaluating certain criteria and ensuring that the risk would not creep into the system once again.



Bojanc, R. and Jerman-Blaži?, B., 2013. A quantitative model for information-security risk management. Engineering Management Journal, 25(2), pp.25-37.

Carr, P. and Yu, J., 2012. Risk, return, and Ross recovery. The Journal of Derivatives, 20(1), pp.38-59.

Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.

Christoffersen, P.F., 2012. Elements of financial risk management. Academic Press.

Covello, V.T., Menkes, J. and Mumpower, J.L. eds., 2012. Risk evaluation and management (Vol. 1). Springer Science & Business Media.

Cox, L.A.T., 2012. Confronting deep uncertainties in risk analysis. Risk Analysis, 32(10), pp.1607-1629.

Ernawati, T. and Nugroho, D.R., 2012, September. IT risk management framework based on ISO 31000: 2009. In System Engineering and Technology (ICSET), 2012 International Conference on (pp. 1-8). IEEE.

Fassin, Y., 2012. Stakeholder management, reciprocity and stakeholder responsibility. Journal of Business Ethics, 109(1), pp.83-96.

Feng, N., Wang, H.J. and Li, M., 2014. A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis. Information sciences, 256, pp.57-73.

Fernandes, D.A., Soares, L.F., Gomes, J.V., Freire, M.M. and Inácio, P.R., 2014. Security issues in cloud environments: a survey. International Journal of Information Security, 13(2), pp.113-170.

Harrison, J.S. and Wicks, A.C., 2013. Stakeholder theory, value, and firm performance. Business ethics quarterly, 23(1), pp.97-124.

Hopkin, P., 2017. Fundamentals of risk management: understanding, evaluating and implementing effective risk management. Kogan Page Publishers.

Keeney, R.L., 2012. Value-focused brainstorming. Decision Analysis, 9(4), pp.303-313.

Kerzner, H., 2013. Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons.

Kulkarni, G., Chavan, N., Chandorkar, R., Waghmare, R. and Palwe, R., 2012, October. Cloud security challenges. In Telecommunication Systems, Services, and Applications (TSSA), 2012 7th International Conference on (pp. 88-91). IEEE.

Lam, J., 2014. Enterprise risk management: from incentives to controls. John Wiley & Sons.

Lando, A.L., 2014. The critical role of crisis communication plan in corporations' crises preparedness and management. Global Media Journal, 7(1), p.5.

Lienert, J., Schnetzer, F. and Ingold, K., 2013. Stakeholder analysis combined with social network analysis provides fine-grained insights into water infrastructure planning processes. Journal of environmental management, 125, pp.134-148.

Lundgren, R.E. and McMakin, A.H., 2013. Risk communication: A handbook for communicating environmental, safety, and health risks. John Wiley & Sons.

McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts, techniques and tools. Princeton university press.

McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts, techniques and tools. Princeton university press.

Pacheco, C. and Garcia, I., 2012. A systematic literature review of stakeholder identification methods in requirements elicitation. Journal of Systems and Software, 85(9), pp.2171-2181.

Sadgrove, K., 2016. The complete guide to business risk management. Routledge.

Woods, S.S., Schwartz, E., Tuepker, A., Press, N.A., Nazi, K.M., Turvey, C.L. and Nichol, W.P., 2013. Patient experiences with full electronic access to health records and clinical notes through the My HealtheVet Personal Health Record Pilot: qualitative study. Journal of medical Internet research, 15(3).


Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2019). Risk Management In Engineering. Retrieved from

"Risk Management In Engineering." My Assignment Help, 2019,

My Assignment Help (2019) Risk Management In Engineering [Online]. Available from:
[Accessed 29 May 2020].

My Assignment Help. 'Risk Management In Engineering' (My Assignment Help, 2019) <> accessed 29 May 2020.

My Assignment Help. Risk Management In Engineering [Internet]. My Assignment Help. 2019 [cited 29 May 2020]. Available from: has become one of the leading assignment help provider in New York City and Boston. We provide top class auditing assignment help. Not only auditing, but we also cover more than 100 subjects and our writers deal with all types of assignments with utmost expertise. To make writing process faster and accurate, we have segmented our assignment experts' teams as per their expertise on writing different types of assignments. We guaranteed that students who buy our assignment online get solutions worth their investment.

Latest Management Samples

MRKT20052 Marketing Management And Digital Communications 3

Download : 0 | Pages : 4

Answer: Background Information The beverage industry specializes in the production of drinks, in particular those beverages that are ready to drink (Chen, 2012). The making of beverages varies depending on beverages being produced. Nexba is an Australian-based company specializing in beverages (Beverages, n.d) The launch of the company took place in 2010 by Troy Douglas and Drew Bilbe The story of Nexba can be traced bac...

Read More arrow

MGT3203 Managing Across Borders

Download : 0 | Pages : 8
  • Course Code: MGT3203
  • University: Murdoch University
  • Country: Australia

Answers: 1: Critically evaluate two different journal articles  Globalization has rendered immense challenging situations among the business organizations in running their entire process of business successfully in various multinational countries. While expanding the business in different geographical boundaries the business organizations cannot be restricted within specific cultural border. Business experts have to implement cross ...

Read More arrow

ME5306 Racing Team Management For Communication Plan And Project Budget

Download : 0 | Pages : 16
  • Course Code: ME5306
  • University: Brunel University London
  • Country: United Kingdom

Answer: Project purpose  The purpose of the project is designing and manufacturing of a racecar for the organization named Renault. The project will describe the execution plan for constructing the racing car in the present racing sports market. The project will include the project scope, objective, constraints and assumptions. The report will identify the project milestones and deliverables based on which the project schedule will be deve...

Read More arrow

SH4003 Culture, Society And Ethics For Sociological Conceptual Framework

Download : 0 | Pages : 11
  • Course Code: SH4003
  • University: Southern New Hampshire University
  • Country: United States

Answer: Introduction  The term “Society”, in the sociological conceptual framework, in general refers to a group of people who interact with each other under a common cultural framework, with the cultural bond being on the basis of gender, race, religious beliefs or the personal and professional activities. However, over time, with the global scenario getting more inclusive and with phenomena like that of Globalization and te...

Read More arrow

K23041 Building Surveying

Download : 0 | Pages : 16
  • Course Code: K23041
  • University: De Montfort University
  • Country: United Kingdom

Answer: Introduction Building Assessment A building assessment has been defined as being a quantitative performance that can be put in usage as one attempts to evaluate prevailing constructions or fresh structure designs. The assessment usually cover features of a building such as site in terms of drainage, paving, Topography, retaining walls, curbing, and lighting, Windows and Walls generally termed as building envelope, Structural, Interio...

Read More arrow

Save Time & improve Grade

Just share Requriment and get customize Solution.

We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits




Overall Rating



Our Amazing Features


On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.


Plagiarism Free Work

Using reliable plagiarism detection software, only provide customized 100 percent original papers.


24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.


Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.


Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

265 Order Completed

97% Response Time

Ken Campbell

MSc in Electrical Engineering

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

755 Order Completed

95% Response Time

Douglas Cowley

Masters in Finance with Specialization in Audit

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

647 Order Completed

98% Response Time

Adlina Han

Masters in Marketing with Specialization in Branding

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

184 Order Completed

96% Response Time

Arapera Billing

Masters in Management, MMgt

Wellington, New Zealand

Hire Me

FREE Tools


Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.


Essay Typer

Get different kinds of essays typed in minutes with clicks.


GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.


Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.


Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability




Your Approx Earning

Live Review

Our Mission Client Satisfaction

It was a good assignment, everything was according to details. it was of high quality. I got HD in this assignment


User Id: 306529 - 29 May 2020


student rating student rating student rating student rating student rating

superb work done within the given time limit. really amazing expert who has done my assignment.


User Id: 430182 - 29 May 2020


student rating student rating student rating student rating student rating

good i am happy for your work , i hope i will submit all my assigmnets to you people


User Id: 412937 - 29 May 2020


student rating student rating student rating student rating student rating

Great work. I really do appreciate the professionalism and competence of the expert who completed my work. They did a very good job. English was prefect and content well presented. Thank you.


User Id: 427917 - 29 May 2020


student rating student rating student rating student rating student rating
callback request mobile
Have any Query?