MANAGING RISKS AND OPPORTUNITIES
Planning is one of the most important functions a manager performs. Implementation of all acquisition decisions begins with a plan, which is key to getting the project off to a successful start. By setting the objectives of the acquisition, the plan establishes the course for the integrated acquisition team to follow. Without solid planning the buyer is forced to play catch-up, and the integrated acquisition team becomes reactive rather than proactive. Objectives developed during the planning process also provide the integrated acquisition team a road map and reference points that can be used to measure variances from the desired route. Effective management control relies on measurement of the variance from the desired point and enables the project leadership to evaluate performance and institute corrective actions where and when required. Acquisition reform efforts seek to change the program management environment from a risk-averse philosophy to one of risk management.
A proactive technique to ensure that objectives are met or exceeded is called the “Management of Risk and Opportunities” (MR&O). The MR&O is a structured technique that concentrates management attention where it will benefit most. It should be thought of as an additional step in the planning process. The goal of the MR&O is to be in position to respond quickly to potential problems or opportunities if they occur. Chapter 1 defines risk as a potential problem and opportunity as a chance to improve on the state of the acquisition.
The last step in acquisition planning is to answer the following four questions:
• What potential problems (risks) might occur, and what opportunities are possible?
• What are the likely causes of problems or opportunities?
• What is the probability of these problems or opportunities occurring?
• What is the potential impact of the problems or opportunities?
By looking into the future at the probable risks and opportunities, the acquisition manager can develop contingency courses of action that will alleviate the problem or position the project to capitalize on the opportunity. Art Gemmer of Rockwell International views it as performing in a “working smarter” mode rather than the “working harder” mode. He contends that acquisition programs that operate in the “work harder” mode spend most of their time dealing with the consequences of their past decisions, while programs that operate in a “work smarter” mode have anticipated change and can easily adapt to their environment because they have spent most of their time considering future options.
Sources of Risk
Identifying the risks associated with an acquisition is a function of logic, reason, experience, and intuition. Because one is looking for future potential problems, experience and intuition are especially useful guides. Historically, risk falls into five categories: political, financial, technical, human, and risks due to uncertainty. Figure 2-8, Sources of Risk, illustrates these categories.
Political factors include the internal influence of the functions and the other parties. In addition, each project is subject to labor and environmental regulations. Government contracts not only are subject to the potential ups and downs of annual appropriations, but priority changes by the executive and legislative branches can result in revised funding profiles and the lengthening of delivery schedules. New or updated products by competitors also have an effect on the acquisition.
Financial factors include the financial health of the prime contractors and subcontractors as well as interest rates and inflation. Cost growth related to contractor performance is a factor that is extremely important because it could lead to the termination of the procurement.
Technical factors include such elements as design, product performance, quality of the item produced, and the impact of all these subfactors on the schedule. For example, a study of 8,000 software projects in the U.S. by the Standish Group concluded that 84 percent did not finish on time, on budget, and with all the features installed.
Human factors contributing to risk include the shortcomings of language and differing interpretations of the contract language and the contract itself. Rules of contract interpretation, which will be covered in Chapter 7, are important considerations to keep in mind when developing the contract. Government contracts not only allocate risk via the contract type, but they also contain risk allocation clauses that address deadline extensions or price adjustments should various contingencies occur or conditions not be as expected or represented. There are also risk allocation techniques, which have their roots in common law, that may serve as a basis for interpreting the scope of contract clauses.
Uncertainty includes two dimensions. There is uncertainty as to when events will occur and the ability of the acquisition team to react to them. Uncertainty as to the adequacy and accuracy of the information used to make decisions is another important subfactor.
Managing Risk
Acquisition doctrine emphasizes the “management of risk” rather than “risk avoidance.” The FAR points out that attempting to avoid risk totally is cost prohibitive. Dr. Saul W. Gellerman, former Dean of the Graduate School of Management at the University of Dallas, expressed it well by saying, “Managers are not paid to take risks, but to know what risks to take.”
Acquisition doctrine considers management an important part of each procurement. DoD Directive 5000.1 defines risk management as “an approach...that...encompasses risk identification, mitigation and continuous tracking, and control procedures that feedback through the program assessment process to decision authorities.” This philosophy represents a departure from past practices in which risk was avoided by instituting what proved to be costly specifications and processes that were unique to government contracts.
For example, risk management in DoD is a systematic process that includes four steps: risk planning, risk assessment, risk handling, and risk monitoring. Figure 2-9, Risk Management in the Acquisition Process, shows the flow of these risk management activities during the acquisition process, i.e., before the request for proposal, during the proposal phase, and after contract award.
Risk planning: Risk planning is a process that includes developing, documenting, and organizing a comprehensive interactive strategy that includes methods for identifying and tracking risk areas as well as developing risk handling plans and performing risk assessments to determine how risks change during the course of the acquisition. The plan also includes determining resource requirements. The risk management plan should serve the following functions:
1. It identifies possible acts that could prevent meeting a specific goal, e.g., late delivery of parts needed for assembly, inoperative government-furnished equipment, situations in which several people or organizations share responsibility, tight deadlines, or a complex technical problem.
2. It enables management to focus attention on future issues that may cause a variance from plan, e.g., the risk of a potential problem.
Figure 2-9 Risk Management in the Acquisition Process
3. It serves as the basis for determining where corrective action should be concentrated and establishes priorities among the actions needed.
4. It provides management with a tool for evaluating the status and improving the situation.
Risk assessment: The genesis of risk is usually found in the following three sources: organizational politics, finances, and technical and product support. Potential problems often arise when the outcome of a project depends on actions taken by others who are assigned to different internal or external organizations. A prime example is the relationship between the prime contractor and its suppliers. Another illustration can be found in the design and manufacture of a technically complex and multi-functional product that depends on the effective interface of numerous components to fulfill. In business, competitors that can change their pricing strategy or introduce an improved product are a potential source of risk. The same can be said about a hostile power that can introduce a new aircraft with increased capability. Potential financial problems are also present in every project. Government projects that are dependent on annual funding by Congress run the risk of budget cutbacks. Another example of financial risk is the possible bankruptcy of a key supplier. Technical uncertainty is a well-known source of risk. The design, manufacture, and testing of almost every product have varying degrees of technical risk. A highly risky technical project results from uncertainty associated with the various unknowns related to the requirement.
Uncertainty about whether the job can be accomplished in the time allowed is a major cause of risk, as is uncertainty regarding the ability to react and accomplish a repair in the time allotted. The lack of direct supervision, i.e., total control, over the resources required to do the job is often perceived as a source of risk because of inadequate authority to establish priorities. The possibility of inadequate or inaccurate information on which to base a decision is also present in almost every management situation.
To assess risk accurately, the analyst should follow a structured approach that includes: (1) identifying the risk and its characteristics, (2) estimating the probability of occurrence, (3) identifying the timeframe and probability distribution of the risk, and (4) determining the impact on acquisition goals and expectations. The latter includes determining the impact on cost, schedule, performance, and logistics support. To describe the potential problem accurately, one needs to include additional characteristics, such as an estimate of the probability of occurrence if the situation is allowed to continue. Knowledge of the timeframe during which corrective action must be taken to relieve the situation is an important factor. However, the uncertainty regarding the probability of occurrence of a risk may also vary over time. Linking of one risk to other possible risks is an additional attribute. If the risk becomes a problem, it often triggers additional risks.
Risk handling: In developing the risk-handling strategy the integrated acquisition team must consider the probability of occurrence, possible time frame of occurrence, and possible impact. All risk-handling actions involve a tradeoff between cost and benefits. As noted earlier, the benefits derived from improving the reliability of the product from 97 percent to 100 percent by increasing the amount of product testing may not be worth the cost.
The risk-handling strategies implemented during the request for proposal (RFP) and proposal evaluation phases include:
• Risk mitigation, which is the reduction of the probability that a problem will occur or of its impact.
• Risk avoidance, which is the complete elimination of the possibility of occurrence. This may be costly or require creating other risks that might make an acceptable impact on the acquisition.
• Risk transfer, which includes getting another party to assume the risk or share the consequences. Examples include selection of contract type, warranties, and insurance policies. Contract terms and conditions are other vehicles whereby risk can be shifted or shared.
• Risk acceptance is the determination that, based on its impact, an acceptable strategy would be to track the risk and take action only when it becomes a problem.
Changes to government acquisition policies are also being used to implement risk management. The following recent examples show how DoD policies are attempting to reduce risk:
• Including the customer and contractor as members of the integrated acquisition team to reduce the technical risk resulting from a lack of understanding requirements.
• Emphasizing the selection of commercial, off-the-shelf items to minimize the technical risk associated with development of government-unique products.
• Instituting a single-process policy in contractor manufacturing facilities to reduce exposure to the high cost of having different processes for the same products.
• Balancing cost objectives with mission needs under the policy of cost as an independent variable (CAIV), thereby diminishing the danger of acquiring non-affordable systems. The CAIV-based parameters will become part of the Acquisition Program Baseline (APB).
• Making past performance an evaluation factor in every source selection for negotiated procurements to reduce the cost, schedule, and technical risks related to contract award to contractors with a poor track record.
Management of risk must be an integral part of the acquisition process and is especially pertinent during acquisition planning, development of the solicitation, contract award, and contract formation.
Managing Opportunities
In some areas there are opportunities to exceed the project’s expectations, which could result in a compensatory change to the contract. A cost-benefit tradeoff must be made to determine whether the extra or added performance is worth the added cost. This must be completed and approved contractually before any effort begins.
Figure 2-10, Cost Benefit vs. Performance Tradeoff, illustrates a relationship between cost, performance, and time. In this example time is fixed by the period of performance stipulated in the contract. Curve O A represents the contract level of performance. Curve O B represents a 10 percent improvement in performance by adding additional resources (cost) to the effort.
The greater the potential performance, the greater the cost. As you move from left to right on the cost/performance curve, the cost per increment of increased performance slowly increases until cost becomes exponential. It is the task of acquisition management to determine where the expected benefit from added performance equals the added cost. Above that point it is less than cost-effective, and the need must justify the cost.
Figure 2-10 Cost Benefit vs. Performance Tradeoff
On the contractor’s side, the primary objective of a business is to maximize the wealth of the shareholders (owners). The contractor is motivated to achieve long-term profits by producing quality products and establishing a long-term relationship and repeat business. Contractors realize that the best way to achieve this goal is to meet the performance and schedule goals of the agreement within cost. The importance placed on past performance in source selection acknowledges this objective. Internally it is the return on assets (ROA) and return on investment (ROI) that measure the profitability of a business organization, i.e., the effectiveness with which capital is being utilized. Delivery schedules, payment frequency, financing provisions, and other provisions of a contract can significantly affect a contractor’s cash flow and ROA. An overall excellent performance by the contractor provides an opportunity for repeat business.
The FAR includes a procedure, i.e., the Value Engineering clause, that can result in the sharing of any cost reduction. Under this procedure the contractor submits a Value Engineering Change Proposal (VECP), which can result in a reduction to the contract price without impairing the functions or characteristics of the product. In theory the VECP is intended to provide the contract or an incentive to develop ways to be more efficient by including a provision on how the cost avoided will be shared. Use of the VECP clause also avoids any question of defective pricing if the contractor changes the method of performance after its disclosure during negotiations and the certifying cost or pricing data.
The Value Engineering (VE) concept originated during World War II, when many essential materials used in production were scarce and creative engineers at General Electric (GE) used alternatives. Not only did the substitutes perform satisfactorily, but some turned out to be more reliable or cheaper. After WWII a purchasing agent at GE was given the job to develop “a systematic approach to the investigation of the function-cost aspect of existing materials specifications.” The approach, referred to as value analysis by GE, is defined as “an organized creative approach which has for its purpose the efficient identification of unnecessary cost.”
As noted, to be more competitive many organizations in private sector procurement, or material management, have been given increased responsibility for the cost of purchased material. Therefore, it is their responsibility to provide incentives for suppliers to offer cost-saving suggestions during the product design process.
Potential functions that are subject to function-cost tradeoff include:
• Material composition and manufacturing operations and processes used in production parts and assemblies
• Acceptance and reliability testing
• Packaging specifications
• Design of operating systems
• Administration
• Transportation
• Production inventory.
Figure 2-11, Management of Risk and Opportunities, summarizes the MR&O technique and illustrates how it unfolds over the acquisition process. The x-axis represents the life of the contract. The y-axis depicts leadership by the entire integrated acquisition team to manage the risks and opportunities associated with controlling the variances from the planned acquisition. During the pre-award phase the risks and opportunities are incorporated into pre-award planning, solicitation, and contract award phases. Risks and opportunities on the diagram are separated by the center horizontal line, which represents the objectives of the acquisition.
During pre-award planning, risks and opportunities are identified and commitments made as to the expected outcome, along with the risk associated with attaining the stated acquisition goals. Risk-handling strategies designed to avoid, mitigate, or transfer risks will be incorporated into the solicitation for those risks whose potential impact is judged to be unacceptable. This process includes an implied management commitment to how risks and opportunities will be overseen. This becomes the foundation on which the source selection is made, the contract is awarded, and the contract document itself is formulated.
Figure 2-11 Management of Risk and Opportunities
After the contract is awarded and the conforming contract is issued, the performance phase begins. Here both the government and the contractor must be involved in tracking the risks and opportunities as the performance phase evolves. Possible variations from contract objectives are shown on Figure 2-11; they diverge from the center line of balance as performance progresses. Opportunities for improvements, i.e., overall performance, deliveries, ROA, ROI, reputation, and future programs (contractor sales), are shown above the objective line. Below the line are the possible political, technical, financial, and supportability risks.
Figure 2-12, Handling Risks and Opportunities, illustrates how the management of risks and opportunities begins with defining the objectives of the acquisition during the requirements determination process. This method is a recurring process designed to improve acquisition planning and then monitor the plans process so the integrated acquisition team can mitigate risks that could potentially prevent attaining the acquisition objectives. The amount of time the integrated acquisition team spends on this process depends on the complexity of the procurement. For highly technical and complex projects or programs, a formal handling program is appropriate. Techniques used in the process include answering the following questions early in the requirements determination process:
• What are the risks and potential opportunities, i.e., what could happen that would prevent attaining objectives or provide an opportunity to exceed expectations?
• What are their likely causes, the probability of their occurrence, and their probable impact?
• What actions can be taken to handle the risks?
• What opportunities might be discovered during performance, and how should they be handled?
Answers to these questions are used in building a “How to Handle Plan.” This plan has two parts. The first includes actions that can be taken to reduce risk or likely causes of problems. The second part of the plan should list what can be done to maximize the rewards associated with the opportunities. For each risk the plan should document: (1) a description of the possible cause, (2) the probability of occurrence, (3) a quantification of the impact or possible variance from the objective if the risk becomes a problem or an opportunity presents itself, and (4) a list of alternative actions, including contract provisions that would minimize or avoid any negative variance from the plan or steps that can be taken to improve the situation.
