Month: November 2015

Mining Students at U of Witwatersrand Get Practical Financial Analysis Experience with @RISK

WitwatersrandThe University of Witwatersrand in South Africa is offering its mining engineering students some valuable practical guidance and financial analysis experience, to equip them with proficiencies and knowledge that will be required in their professional lives.

Using Palisade’s risk analysis tool @RISK, the school is giving students training in and knowledge of Monte Carlo Simulation. Professor RCA Minnitt from the University explains why this is so imperative: “It’s very important to give students a real-world feel of how mining operations are managed financially – before they head out into the professional world. An understanding of Monte Carlo simulation is absolutely essential. Without this discipline’s knowledge and use, robust and credible financial analysis is not possible. @RISK is an essential tool for both our undergraduate and post graduate programmes.”

The University feels @RISK is well suited for Monte Carlo Simulation in academia, and values its ability as a modeling training tool, which gives the students a head start in their professional careers.

For more information please view the full case study here.

GAO Recommends FAA Improve Cost and Schedule Risk Analysis

Next Generation, or NextGen, is the Federal Aviation Administration’s new air traffic control system. Approved by Congress in 2003, the overhaul has proven to be one of the government’s most ambitious and technologically complex projects. NextGen is meant to accommodate increased air traffic, reduce fuel consumption, improve safety, and be interoperable with other international air traffic systems in Europe and elsewhere.

However, the Government Accountability Office has recently criticized the FAA for failing to adequately address the risks associated with the interoperability function of NextGen. In an August 28 report, the GAO said that the FAA took steps to achieve global interoperability, but that “FAA lacks a mechanism for comprehensively identifying and assessing risks and for prioritizing resources to manage NextGen’s interoperability risks.”

The GAO went on to say: “We recommended that FAA should, among other things, require cost and schedule risk analysis, independent cost estimates, and integrated master schedules to better estimate the cost and completion dates for major acquisitions.”

FAA officials have noted that they do identify and assess potential risks to NextGen’s interoperability through working groups, but GAO said the agency hasn’t conducted a comprehensive risk analysis of threats and vulnerabilities to that end. Without such an approach, the agency may not be in a good position to address risks effectively or prioritize resources.

This kind of megaproject risk management is something we see all the time at Palisade. Huge infrastructure and technology projects costing billions of dollars over decades can be incredible complex and difficult to manage. The most successful implementations establish a strategic framework that is strictly adhere to throughout the process – even if that means over the course of many years with multiple stakeholders.

Within that framework, leading project managers and program directors bring in Monte Carlo simulation, such as found in @RISK, to properly quantify the “big unknowns.” Costs can balloon, schedules can be delayed, and you can’t always rely on what happened the last time. For these reasons it is critical that managers account for what they don’t know using @RISK. @RISK enables them to define realistic parameters around uncertainty, examine thousands of outcomes, intelligently rank risk factors, set up contingencies, and allocate resources efficiently.

In one similar case, Lockheed Martin has been using @RISK to plan the next mission to Mars, while in another, @RISK helped the Canadian government estimate costs and budget for the maintenance of its naval fleet facilities.

Further reading:

$750K HIPAA Settlement Underscores Need for Risk Analysis in Healthcare

In September, Cancer Care Group, an Indiana radiation oncology practice, settled with the US Department of Health and Human Services for $750,000 over alleged violations of the Health Insurance Portability and Accountability Act (HIPAA).

The problem began when a laptop was stolen from a Cancer Care employee’s car. The laptop contained unencrypted information on the names, addresses, dates of birth, Social Security numbers, insurance information and clinical information for about 55,000 patients. After investigating the breach, DHHS concluded that Cancer Care’s failure to adopt an enterprise-wide risk analysis of what could happen to this information led directly to the problem.

At Palisade, we see companies in many sectors adopting enterprise risk management (ERM) for different reasons. For construction and engineering firms, ERM is necessary for keeping a comprehensive view on risks that affect schedules, costs, and resources. For manufacturing firms, ERM keeps tabs on material costs, exchange rates, and demand fluctuations. In healthcare, HIPAA compliance is one prime example of where ERM can help.

A key component of ERM, which DHSS expounded upon, is the establishment of processes and procedures to mitigate risks. Another key element is the notation and ‘storage’ of risks of all kinds in a register of some kind. Many software platforms exist to serve these more qualitative ERM needs.

However, it’s important to take ERM one step further to fully ensure you’re doing all that is necessary to protect yourself. Quantitative, probabilistic analytics are just as important as naming possible risks. What is the probability a risk will occur? How frequently has it occurred in the past? What’s the likely impact if it does happen? What is the range of damage it could inflict? These kinds of questions are crucial for developing a truly effective ERM plan that prioritizes mitigation efforts according to actual threat.

At Palisade we’ve seen @RISK and the DecisionTools Suite used to address these quantitative aspect. Based in Excel, these tools are easy to connect to other ERM software platforms, as many clients have done using Palisade’s Custom Solutions services. For example, Calgary-based Revay and Associates consultancy helps clients build out robust, probabilistic ERM solutions. Furthermore, global energy consultants DNV use @RISK at the core of their EMR practice. Even toy giant LEGO relies on @RISK for their corporate-level risk strategy.