Tesfamichael Gebretsadik

ADDIS ABABA UNIVERSITY SCHOOL OF COMMERCE
ASSESSMENT OF THE PRACTICE OF PROJECT RISK MANAGEMENT

SYSTEM IN ETHIO-TELECOM
BY
TESFAMICHAEL GEBRETSADIK
PROJECT WORK SUBMITTED TO ADDISABABA UNIVERSITY SCHOOL OF COMMERCE

IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE AWARD OF MASTER OF
ARTS DEGREE IN PROJECT MANAGEMENT
ADVISOR: MENGSTU BOGALE (PHD)
JUNE 2018
ADDISS ABEBA, ETHIOPIA

ADDIS ABABA UNIVERSITY SCHOOL OF COMMERCE
ASSESSMENT OF THE PRACTICE OF PROJECT RISK MANAGEMENT

SYSTEM IN ETHIO-TELECOM
BY
TESFAMICHAEL GEBRETSADIK
Approved by Board of Examiners:
______________________ ______________ _______________
Advisor’s name Signature Date
______________________ _____________________ _______________
Internal Examiner’s name Signature Date
________________________ _____________________ _______________
External Examiner’s name Signature Date
ii
Statement of declaration
I, Tesfamichael G/tsadik, declare that this research entitled “assessing the Practice of
project risk management: the case of Ethio-Telecom “is the outcome of my own effort and
study. All sources of materials used for the study have been duly acknowledged. This
study has not been presented for a degree in any university.
Tesfamichael G/tsaddik
Signature: __________________
Date: ___________________
Advisor:
Mengstu Bogale (Phd)
Signature: ____________________
Date: _______________________
iii
Acknowledgement
Next to the almighty God, I found it very important to express my gratitude to my advisor
his Excellency Dr. Mengstu Bogale for his frequent follow up and invaluable comments
throughout this work. Moreover, I don’t want to miss expressing my pleasure and
gratefulness to the project managers and team members of Ethio-Telecom project for
dedicating their time in answering the questions presented regarding the topic of the study
which enabled me to carry out the study.
Last but not the least, I don’t exactly know which word can explain my respect and feeling
to my beloved friend (T……G……A……. N……); anta Bariya, endiE entay kibil
kemzideleku gemit.
iv
Table of Contents
Statement of declaration ............................................................................................................ iii
Acknowledgement...................................................................................................................... iv
List of Tables ............................................................................................................................. vi
List of Figures ........................................................................................................................... vii
Acronyms and Abbreviations.................................................................................................... viii
Abstract...................................................................................................................................... ix
CHAPTER ONE: INTRODUCTION ............................................................................................ 1
1.1 Background of the study .............................................................................................. 1
1.2 Statement of the problem ............................................................................................. 2
1.3 Basic research question ............................................................................................... 3
1.4 Objective of the study .................................................................................................. 3
1.5 Significance of the study .............................................................................................. 3
1.6 Scope of the study ....................................................................................................... 4
1.7 Limitation of the study .................................................................................................. 4
1.8 Organization of the Research Report ........................................................................... 4
CHAPTER TWO: LITERATURE REVIEW .................................................................................. 5
2.1 Introduction .................................................................................................................. 5
2.2 Project ......................................................................................................................... 5
2.3 Project Management .................................................................................................... 6
2.4 Project Management Knowledge Areas ....................................................................... 6
2.5 Risk ............................................................................................................................. 9
2.6 Source of project risks ................................................................................................10
2.7 Project Risk Management ...........................................................................................11
2.8 Decision Making and Risk ...........................................................................................12
2.9 Project Risk Management Process .............................................................................13
2.9.1 Plan Risk Management ........................................................................................14
2.9.2 Risk Identification .................................................................................................15
2.9.3 Risk analysis ........................................................................................................17
2.9.4 Risk Response.....................................................................................................18
2.9.5 Risk Monitor and Control .....................................................................................20
2.10 Risk management and Project success ......................................................................21
2.11 Empirical Literature Review ........................................................................................22
CHAPTER THREE: RESEARCH METHODOLOGY .................................................................25
3.1 Introduction .................................................................................................................25
v
3.2 Overview of Ethio-Telecom .........................................................................................25
3.3 Research Design ........................................................................................................26
3.4 Target population, Sampling design and Sample Size ................................................26
3.4.1 Target population .................................................................................................26
3.4.2 Sampling design ..................................................................................................27
3.4.3 Sample size .........................................................................................................27
3.4.4 Research instrument ............................................................................................28
3.5 Data Analysis ..............................................................................................................29
3.6 Validity and Reliability .................................................................................................29
3.6.1 Ethical Issues.......................................................................................................29
CHAPTER FOUR: DATA ANALYSIS AND PRESENTATION ...................................................30
4.1 Introduction .................................................................................................................30
4.2 Response Rate ...........................................................................................................30
4.3 Respondents’ general information...............................................................................30
4.4 Response about general project risk management .....................................................32
4.5 Risk planning related responses .................................................................................35
4.6 Response for risk identification ...................................................................................37
4.7 Risk analysis related responses ..................................................................................39
4.8 Response for risk response ........................................................................................41
4.9 Response to risk monitor and control ..........................................................................43
CHAPTER FIVE: SUMMARY, CONCLUSIONS AND RECOMMENDATIONS ..........................45
5.1 Introduction .................................................................................................................45
5.2 Summary of the findings .............................................................................................45
5.3 Conclusions ................................................................................................................46
5.4 Recommendations ......................................................................................................47
Reference and Bibliography ......................................................................................................49
APPENDIX A: QUESTIONNAIRE .............................................................................................53
vi
List of Tables
Table 3-1: TEP members head count............................................................................ 27
Table 3-2: Yount’s “Rule of Thumb” for sample size ..................................................... 28
Table 3-3: stratified sample size distribution ................................................................. 28
Table 3-4: Cronbach’s-Alpha test coefficient values ..................................................... 29
Table 4-1: Gender of respondents ................................................................................ 30
Table 4-2: Age of the respondents ................................................................................ 31
Table 4-3: Education level ............................................................................................. 31
Table 4-4: Work Experience .......................................................................................... 32
Table 4-5: Project experience of the respondents ......................................................... 32
Table 4-6: General project management practices ....................................................... 33
Table 4-8: project stage in which risk management was applied. ................................. 34
Table 4-9: Response to risk management plan ............................................................. 35
Table 4-10: Response to team participation in risk identification................................... 37
Table 4-11: Methods primarily used to identify risks ..................................................... 38
Table 4-12: Source of project risks that frequently encountered ................................... 39
Table 4-13: risk analysis related responses .................................................................. 39
Table 4-14: Risk response ............................................................................................ 41
Table 4-15: Risk response strategies ............................................................................ 42
Table 4-16: risk monitor and control responses ............................................................ 43
List of Figures
Figure 1: Project risk management overview ................................................................ 14
vii
Acronyms and Abbreviations
IS: information system
KA: Knowledge Area
KM: knowledge management
NGN: Next Generation Network
PLC: Project Life Cycle
PM: Project Management
PMBOK: Project Management Book of Knowledge
PMLC: Project Management Life Cycle
PMI: Project Management Institute
RMP: Risk Management Plan
SPSS: SPSS: Statistical Package for Social Science

TEP: Telecom Expansion Project
ZTE: Zhongxing Telecom Enterprise
viii
Abstract
The purpose of the study was to assess the practice of project risk management in Ethio-
Telecom in order to address the gap between theory and actual implementation practices.
Probabilistic sampling method was used to determine the sample size from the targeted
population and then questionnaire was deployed to collect primary data needed for
analysis. The analysis was done using project risk management practices of risk planning,
identification analysis, response strategy and monitoring and controlling from project
management body of knowledge as bench mark which was descriptive research method.
The findings of the practice indicated that risk management plan tools like expert
judgment, meetings or others and relevant stakeholders were involved for risk planning.
The risk identification process revealed that methods like expert judgment, checklist,
document review, and information gathering, and assumption analysis were used to
identify project risks. The most common risk sources in the project include technical,
financial, human and environmental cases. Results in risk analysis process imply that risk
characteristics were considered, and project documents were updated after risk
assessment. All the risk response strategies (control, avoidance, transfer and
acceptance) were exercised but there was not well-developed strategy that considered
factors such as budget, schedule and resources and quality while responding to risk. The
practice of risk monitoring and controlling was not effective because project performance
was not evaluated against risk. There was not transparent communication, periodic
review and response audit of the project risk. The overall outcome of the study indicates
that risk management was practiced but there is a gap between the theory of project risk
management and the actual practice that is performed in the projects
Key words: Risk management, project management
ix
CHAPTER ONE
INTRODUCTION
1.1 Background of the study
Robert (2014) defines project as a sequence of unique, complex, and connected activities
that have one goal or purpose and that must be completed by a specific time, within
budget, and according to specification. Projects are subjected to different kinds of risks
(Robert and Wallace, 2004). Project Management Institute (2013) defines project risk as,
an uncertain event or condition that if it occurs has a positive or negative effect on one or
more project objectives such as scope, schedule, cost and quality.
PMI (2013) describes that managing a project includes balancing the competing project
constraints which are scope, quality, schedule, budget, resource and risk. According to
Benta, Podean, Mircean, & Siemens (2011), risk management is a valuable component
for any project management step and it can make an important contribution to effective
project management (Ward and Chapman, 2003). Risk management process involves
the systematic application of management policies, processes and procedures to the
tasks of establishing the context, identifying, analyzing, assessing, treating, monitoring
and communicating risks (Cooper, Grey, Raymond & Walker, 2005). Risk management
should not be seen only to reduce the threats, but also to identify opportunities that enable
an organization to improve its performance (Ferreira, 2008).
Different researchers made study on different projects to assess the practice of risk
management on different projects. Rabechini and Monteiro (2013) conducted a study on
411 different projects in several states of Brazil with a goal to know the impact of risk
management on project performance and found that risk management techniques and
tools were poorly used in the projects. Kuhn and Visser (2014) conducted a research on
20 mining projects in South Africa; the results revealed that project teams used only a few
of the tools and techniques that were available for risk identification, qualitative risk
analysis, and quantitative analysis. Similarly, papers on this specific area were made on
different projects in Ethiopian contexts (Berhe, 2016; Nigussie, 2016; Fikadeselassie,
2015; Frezewd, 2016; Hintsay, 2016 and Negash 2017) and found that risk management
1
was not practiced effectively. Lyons (2002) described that although numerous papers
have been written about risk management, little current information exists on the actual
use of risk management in practice.
This paper was made to assess the practice of risk management in Ethio-Telecom’s
project. It used questionnaire to collect information from the target group and then made
analysis to get at certain conclusion regarding the risk management practice within the
corporation.
1.2 Statement of the problem

Ethio-Telecom had carried different projects to improve its service and capacity in
Ethiopia. The practice of project risk management practice is weak in Ethiopian projects.
Even though there were not papers specific to Ethio-Telecom, some researchers like
Berhe (2016), Nigussie (2016) and Fikadeselassie (2015) studied risk management
practices in the case of Commercial Bank of Ethiopian and found that an appropriate
environment has been established for managing risk, possible risks are identified,
prioritized and planned in advance; there are tools, techniques, guidelines and
procedures to manage risks and that there is awareness about risk management among
the Banks' staffs.
However, other researchers like Frezewd (2016) and Hintsay (2016) found that formal
risk management is barely implemented and practiced in projects, specifically in
construction projects. In his study specific to project risk, Negash (2017) mentioned that
formal risk management in Ethiopia projects is not institutionalized but rarely practiced
which is at preliminary and undeveloped maturity level risk development. Failure to
manage risk properly threatens the successful completion of the project due to
consequence of cost increase, a schedule slippage, or some other catastrophic change
(Wysocki, 2014).
This study was undertaken primarily to assess risk management practices in the case of
Ethio-Telecom project. Moreover, it addresses the gap between theory and actual
practice of project risk management within the specified organization’s project. In his
study regarding to generic risk factors and their severity level in Ethio-Telecom
information system projects Asmare (2017) found that risks were not identified properly
2
and there was no completely developed risk management process for that specific
project.
1.3 Basic research question

The paper addressed the following main question and sub questions
Main question:
❖ How risk management was practiced in the projects?
Sub questions:
❖ What was the practice of risk planning?

❖ What was the practice of risk identification?
❖ What was the practice of risk analyzing?
❖ What was the practice of risk response?
❖ What was the practice of risk monitoring and controlling?
1.4 Objective of the study

The research explained the practice of project risk management for projects in the case
of Ethio-Telecom project.
Main objective:
❖ To find out how risk management practice was practiced in the project
Specific objective:
❖ To assess the risk planning practice in the projects.

❖ To assess the risk identification practices in the project.
❖ To assess how identified risks were analyzed.
❖ To identify the practice of risk response strategy.
❖ To assess the practice of risk monitoring and controlling.
1.5 Significance of the study

The visible significance of the study is to be used as sources of information to the
organization (client) so that necessary actions can be taken to enhance the strength and
to minimize and manage weaknesses and limitations of risk management practices.
Moreover, the study contributes knowledge to literature by building on past research in
3
the area and addressing the practical challenges and issues concerning management of
uncertainty and risk in project and hence, it can be used by academicians and researchers
as an input for future reference.
1.6 Scope of the study

The scope of the research was delimited to Ethio-Telecom project called Telecom
Expansion Project (TEP) that was deployed throughout the country. This specific project
was undertaken in the time duration between 2013 and 2016 G.C. This paper assessed
or explained the practice of project risk management processes within the project using
descriptive research method.
1.7 Limitation of the study

There weren’t previous papers that assessed project risk practices in the company and
this one was almost the first paper; previous papers could strength the findings of this
research. Another limitation of this study was the target population and the sample size
used. The company is very huge and there are various divisions and departments across
it. The information gathered from the different teams was heterogenous and was hard to
reach at the conclusion.
1.8 Organization of the Research Report

The whole paper consists of five chapters:
❖ Chapter one is an introductory part containing discussions on background of the

study, research problems, objective of the study, significance of the research,
limitation of the research and organization of the research report.
❖ Chapter two briefly discussed literature relevant to the study which includes theory
and empirical evidence related to the research topic.
❖ Chapter three discussed about the research design and methodology which was
applied in the study.
❖ Chapter four presents results/findings of the study and interprets the findings.
❖ Chapter five is all about the summary of the findings, conclusions and
recommendations.
4
CHAPTER TWO
LITERATURE REVIEW
2.1 Introduction
This chapter is more of conceptual information and will provide valuable insights in to the
concept of risk management by reviewing the existing theoretical and empirical
literatures. This will help to adopt the best approach and method to undertake the study
of risk management practices. Moreover, overview of the company in which the study
was conducted is provided.
2.2 Project
Different scholars define projects and project management in different ways. Some of the
definitions of the term project are mentioned as follow:
A project is a temporary endeavor undertaken to produce a unique product, service or

result. It is also a problem scheduled for solution. (Lewis, 2007). Projects are proposed
for undertaking in the future either to solve some existing problem or to introduce
something new. It is an endeavor in which human, material and financial resources are
organized in a novel way, to undertake a unique scope of work of given specification,
within constraints of cost and time to achieve unitary, beneficial change, through the
delivery of quantified and qualitative objectives (Turner, 1992).
A project is a sequence of unique, complex, and connected activities that have one goal
or purpose and that must be completed by a specific time, within budget, and according
to specification (Wysocki, 2014). Project Management Institute (2013), defines project as
a temporary endeavor undertaken to create a unique product, service, or result. The
temporary nature of projects indicates that a project has a definite beginning and end.
Tayntor (2010) and Levine (2002) also describe it as a unique, finites set of activities in a
definable period intended to accomplish a specific goal. Levine (2002), also states that
project is likely to require the use of multiple resources to meet a specific set of objectives.
Whereas Roberts and Wallace (2004) define a project by its characteristics as a single,
definable purpose, product or result, it usually has defined constraints or targets it uses
skills and talents from multiple professions and organizations, it is unique, it is somewhat
5
unfamiliar, it is a temporary activity, it is part of the process involved in working to achieve
a goal, it is part of an interlinked process and is relatively complex.
2.3 Project Management

PMI (2013) defines project management as the application of knowledge, skills, tools and
techniques to meet project requirements. It is the planning, organizing, directing and
controlling of company resources for a relatively short-term objective that has established
to complete specific goals and objectives and is about converting vision into reality
(Turner, 2009). According to Roberts and Wallace (2004), project management is the
process of planning and executing a piece of work from inception to completion to achieve
safe achievement of objectives on time, within cost limits and to the specified standards
of quality. It is an approach to manage projects and is an international, interdisciplinary
concerned with the whole life cycle of a project, from inception to completion.
Project management, on the other hand, involves five process groups as identified in the
PMBOK® Guide (2008) and other resources namely: Project initiation, Project planning,
Project execution, project monitoring and control and project closure. According to
Wysocki (2014), whatever project life cycle model that is used must contain all the process
groups and PMI (2013), states these processes ensure the effective flow of the project
throughout its life cycle and these process groups are the building blocks of every project
management life cycle.
2.4 Project Management Knowledge Areas

There are five project management processes. Wysocki (2014) describes these
processes as scoping, planning, launching, monitoring and controlling and closing,
whereas PMBOK (2008) lists them as initiating process group, planning process group,
executing process group, monitoring and control process group and closing process
group. Lewis (2007) defines process as a way of doing something and the project
management processes are classified as initiating, planning, executing, monitoring
&controlling and closing.
The project management process groups need certain knowledge to effectively and
efficiently undertake them. Within the five major groups outlined in the project
management are 10 knowledge management (KM) areas. According to PMI (2013),
6
Knowledge Area represents a complete set of concepts, terms, and activities that make
up a professional field, project management field, or area of specialization. These ten
knowledge Areas are used on most projects most of the time. Project teams should utilize
these ten knowledge areas and other knowledge areas for their specific project
appropriately. The knowledge areas are: Project Integration Management, Project Scope
Management, Project Time Management, Project Quality Management, Project Human
Resource Management, Project Communications Management, Project Risk
Management, Project Procurement Management and Project Stakeholder Management.
Richardson (2015) and PMI (2013), briefly describes each of the 10 Knowledge
Management areas (KAs) below in a summarized way:
1. Project Integration Management: Project Integration Management includes the

activities to identify, define, combine, unify, and coordinate the various processes
and project management activities within the Project Management Process
Groups. It also describes the activities needed to integrate all the other KAs into a
cohesive and unified plan that is supported by the project stakeholders.
2. Project Scope Management: is a description of the work required to be
accomplished by the project team and focuses on the identification and
documentation of client requirements? It includes the processes required to ensure
that the project includes all the work required, to complete the project successfully.
Managing the project scope is primarily concerned with defining and controlling
what is and is not included in the project.
3. Project Time Management: describes the processes related to executing a timely
completion of the project. Project Time Management includes both a planning
component and a control component. The planning component provides time
estimates for both the duration of a project task and the actual effort or labor time
required to complete the task. The control component is part of the Monitoring and
Controlling Process Group and involves comparing estimated times to actual times
as well as managing the schedule and cost variances.
4. Project Cost Management: describes the processes related to estimating costs,
budgeting, and project cost control. It includes the processes involved in planning,
7
estimating, budgeting, financing, funding, managing, and controlling costs so that
the project can be completed within the approved budget.
5. Project Quality Management: describes the processes required to assure that
the project will satisfy the operational objectives for which it was formed. It includes
the processes and activities of the performing organization that determine quality
policies, objectives, and responsibilities so that the project will satisfy the needs
for which it was undertaken. Project Quality Management works to ensure that the
project requirements, including product requirements, are met and validated.
6. Project Human Resource Management: describes the processes involved in
acquiring, developing, and managing the project team. The project team is
comprised of the people with assigned roles and responsibilities for completing the
project.
7. Project Communications Management: includes the processes that are
required to ensure timely and appropriate planning, collection, creation,
distribution, storage, retrieval, management, control, monitoring, and the ultimate
disposition of project information. As effective communication creates a bridge
between diverse stakeholders who may have different cultural and organizational
backgrounds, different levels of expertise, and different perspectives and interests,
which impact or have an influence upon the project execution or outcome.
8. Project Risk Management: describes the processes related to managing various
risk aspects of the project. The objectives of project risk management are to
increase the likelihood and impact of positive events; and decrease the likelihood
and impact of negative events in the project. Project Risk Management includes
the processes of conducting risk management planning, identification, analysis,
response planning, and controlling risk on a project. This part will be discussed in
detail in the below sections.
9. Project Procurement Management: Project Procurement Management includes
the processes necessary to purchase or acquire products, services, or results
related to the project. It includes the contract management and change control
processes required to develop and administer contracts or purchase orders issued
by authorized project team members. It also includes controlling any contract
8
issued by an outside organization (the buyer) that is acquiring deliverables from
the project from the performing organization (the seller), and administering
contractual obligations placed on the project team by the contract.
10. Project Stakeholders Management: describes the processes required to identify
and manage the individuals, groups, or organizations that can impact and be
impacted by the project, to analyze stakeholder expectations and their impact on
the project, and to develop appropriate management strategies for effectively
engaging stakeholders in project decisions and execution. Stakeholder
management also focuses on continuous communication with stakeholders to
understand their needs and expectations, addressing issues as they occur,
managing conflicting interests and fostering appropriate stakeholder engagement
in project decisions and activities.
2.5 Risk
A stage where there is a lack of information, but by looking at experience, it is easier to
predict the future. Event where the outcome is known and expected (Winch, 2002). Risk
is the statement of what may arise from that lack of knowledge. Risk is an uncertain event
or condition that, if it occurs, has a positive or negative effect on a project objective (PMI
2000). Risks are gaps in knowledge which we think constitute a threat to the project
(Cleden, 2009). Risk exposure can be valued either positively or negatively (Webb, 2003).
Risk is a possibility of loss or injury (Darnall and Preston, 2010). PMBOK (2008) describes
that risk may have many causes and if occurs can have one or more impacts too. The
causes can be a requirement, assumption, constraint or condition that can cause the
possibility of negative or positive outcome.
Although project risk management has been known and developed to a certain degree of
maturity, there is yet to be a common definition for the term ‘risk ‘‘. In dictionary definition
risk means: ‘the possibility that something unpleasant or dangerous might happen
‘‘(Macmillan English Dictionary). The dictionary definition for risk has negative meaning
but when risk is seen in projects, it has positive and negative aspects; PMI (2013), defines
project risk as an uncertain event or condition that, if it occurs, has a positive or negative
effect on one or more project objectives such as scope, schedule, cost, and quality. Risk
is therefore both a good thing and a bad thing. It is the driving force behind innovation
9
and enterprise, but it is also a threat if not properly evaluated and managed (Wysocki,
2014). That is why Straw (2015), considers risk as a key component of any project.
When project risk is raised, it is about the project’s uncertainty issue in the future. Kerzner
(2009) addresses that risk constitutes a lack of knowledge of future event. Typically,
future events (or outcomes) that are favorable are called opportunities, whereas
unfavorable events are called risks. Risk has two primary components for a given event
a probability of occurrence of that event and impact of the event occurring.
It is difficult to predict the future surely that is why the future is said to be full of
uncertainties. In projects, a risk can be almost any uncertain event associated with the
work. According to Richardson (2015), one view of risk is that it involves the full spectrum
of uncertainties in the project. These uncertainties can be related to schedule, cost, and
quality variability of the end deliverable. In a project environment, because of the
essential uniqueness of projects, some uncertainty must always remain, and the
emphasis of management becomes to manage the risk. Therefore, the essence of project
management is risk management (Turner, 2009).
2.6 Source of project risks

Marr (2012) describes project risk as an uncertain event or condition that potentially
impacts the project objectives for cost, schedule, and quality. Impacts may be both
positive and negative. A risk has a cause and, if it occurs, a consequence. Risk is the
combination of the likelihood of the uncertain event times its consequence.
Different scholars categorize risks based on their functionalities. According to Mith, Merna
& Jobbling, 2006; Potts, 2008; Lester, 2007; Webb, 2003; Darnall and Preston, 2010;
Edwards, 1995; Jeynes, 2002; Richardson, 2015; Frame, 2002 and Kerzner, 2009,
possible risks include monetary risks, political risks, environmental risks, technical risks,
human risks, safety risks, material risks and project risks. Classifying risks enables us to
consider them within a more coherent framework and also provides the opportunity to
explore whether a particular class or type of risk is amenable to a particular type of
treatment (Negash, 2017).
10
2.7 Project Risk Management
Risks are associated with every project and should be identified to avoid negative impacts
on the overall performance. Many problems which are faced in later phases of the PLC
result from unmanaged risks from the earlier stage (Chapman and Ward, 2003) which
indicates that risks need to be identified earlier in the project.
Forsberg, Mooz & Cotterman (2005) describe that project risk management as the art
and science of identifying, analyzing and responding to risk events throughout the life of
a project. Richardson (2015) explains the objective of risk management is to increase the
probability and impact of positive events and decrease the probability and impact of
events averse to the project and is driven by the desire not to fail or fall short of the
objectives. Risk management is an aspect of project management that entails identifying
risks and developing ways to eliminate or mitigate those risks (Gudda 2011).
The international paper for risk called ISO 31000 in its 2009 publication states that all
activities of an organization involve risk and organizations manage risk by identifying it,
analyzing it and then evaluating whether the risk should be modified by risk treatment to
satisfy their risk criteria. Moreover, the management of risk enables an organization to
increase the likelihood of achieving objectives, encourage proactive management, be
aware of the need to identify and treat risk throughout the organization, improve the
identification of opportunities and threats, improve governance, improve controls,
minimize losses, improve organizational learning and resilience, improve stakeholder
confidence and trust, improve mandatory and voluntary reporting and establish a reliable
basis for decision making and planning.
Kerzner (2009) describes that proper risk management is proactive rather than reactive.
It is not a separate project office activity assigned to a risk management department, but
rather is one aspect of sound project management. Risk management should be closely
coupled with key project processes that should occur throughout the project cycle Risk
management is ongoing and evolves as the project evolves (Forsberg et.al, 2005).
Moving forward on a project without a proactive focus on risk management is likely to lead
to more problems arising from unmanaged threats. To be successful, an organization
should be committed to address risk management proactively and consistently throughout
the project (PMI, 2013). The purpose of risk management is to identify potential problems
11
before they occur so that risk handling activities may be planned and invoked as needed
across the life of the product or project to mitigate adverse impacts on achieving
objectives (Ana, 2012)
Crouhy, Galai & Mark (2006) describe that in a dynamic and competitive world,
companies cannot manage either strategic or tactical risks by adopting a passive stance.
They need to develop the mindset and tools to explore the many dimensions of risk
associated with each activity and opportunity so that they can balance these against the
more obvious signs of reward. Crouhy et al. (2006) emphasis that risks must be not only
measured, but efficiently communicated and managed right across the firm. To measure
risk, the risk analyst first seeks to identify the key factors that seem likely to cause volatility
in the returns from the position or portfolio under consideration.
2.8 Decision Making and Risk

People have always made decisions but analyzing decision-making processes and
developing better decision-making methods are more recent activities (Alemu, 2016). Our
ability to analyze decisions has increased as mathematics, especially the theory of
probability, has developed (Herrmann, J.2015). The process of decision-making
transforms inputs into outputs. In the book of Engineering decision making and risk
management, Herrmann (2015) describes the input information includes knowledge
about physical phenomena, manufacturing processes, costs, customer requirements,
regulations, and existing designs. The output is new information: a description of a design
or a plan.
According to Kerzner (2009) and PMI (2013) risk is intrinsically linked to decision making.
A decision maker instinctively thinks over the risks associated with a decision that he or
she is evaluating. Managers must make decisions all the time and in doing so they
evaluate risk. Some of these decisions are made under different circumstances or
conditions than others. The condition under which a decision is made is crucial to the
success of the outcome (Roberts and Wallace, 2004).
Marr (2012) describes that each of the phases of the PLC has certain purpose and scope
of work assigned. At the completion of each phase there is a decision point where risk
assessment takes place and then based on the risk assessment, an appropriate decision
12
is made regarding further actions or proceeding to the next phase. Ward and Chapman
(1995) use 'go', 'maybe' and 'no go' options in a decision-making process. A 'go' status
will constitute a green light for proceeding on to the next phase while 'no go' will stop the
project. Evaluation resulting in a 'maybe' decision will lead to return to a previous phase
or even phases for further improvements and minimizing risk (Ward and Chapman, 1995).
Decisions which are made at the end of each stage should be made after a careful study
of the possible risks and hindrances which might be encountered (Chapman and Ward,
2003).
According to Kerzner (2009) and Roberts and Wallace (2004), there are generally three
main categories under which decisions can be made: Certainty, risk and uncertainty. In
the decision-making under certainty, the decision maker knows what the states of nature
will be and what the expected payoffs will be for each state of nature; decision-making
under risk outcomes are described within established confidence limits and Decision
making under conditions of uncertainty is concerned with wholly “unknown” events.
2.9 Project Risk Management Process

According to Marr (2012) and PMI (2008) risk management is a systematic process of
planning, identifying, analyzing, monitoring and responding to project risk. It involves
processes, tools, and techniques that help the project team minimize the probability and
consequences of adverse events and maximize the probability and consequences of
positive events.
It is important that a risk management strategy be established early in a project and that
risk be continually addressed throughout the project life cycle (Kerzner, 2009). The risk
management process involves the systematic application of management policies,
processes and procedures to the tasks of establishing the context, identifying, analyzing,
assessing, treating, monitoring and communicating risks (Cooper et al., 2005) and project
risk management is most effective when started early in the life of the project and
continued throughout the project.
Risk management process (RMP) is the basic principle of understanding and managing
risks in a project (Smith, Merna & Jobbling, 2006). Marr (2012) describes risk management
process as a continuous loop of process that works throughout the project life cycle. PMBOK
13
(2008) mentions the RMP using five phases of planning, identifying, assessing, responding,
monitoring and controlling. Richardson (2015), divides the process in to four basic steps as
plan risk management, identify risk, plan risk response and monitor and control risk
phases.
Putting all the different literatures in to summary, the risk management processes are
classified in to five components namely risk management plan, risk identification, risk
assessment, risk response and risk monitor and control. Each of the components are
explained in in the below sections and each of the phase was assessed using a
questionnaire.
Figure 1: Project Risk Management Overview
Plan risk Identify

manageme risks
nt
Monitor and Perform risk

control risks analysis
Plan
risk
respons
e
(Source: PMBOK,2008)
2.9.1 Plan Risk Management

Hamann and Bijl (2002) states risk planning as the detailed formulation of a program of
actions for the management of risk; it is the process to develop and document an
organized, comprehensive, and interactive risk management strategy; determine the
methods to be used to execute the risk management strategy and plan for adequate
resources.
14
Plan Risk Management is the process of defining how to conduct risk management
activities for a project PMI (2013). Plan Risk Management is a process to develop and
document an organized, comprehensive, and interactive risk management strategy and
a process to plan for adequate resources (Kerzner, 2009). Risk planning is iterative and
includes describing and scheduling the activities and process to assess, handle, monitor
and document the risk associated with a program (Hamann and Bijl, 2002). Making a risk
plan includes developing a risk-management policy and procedures.
According PMI (2008), the risk management plan describes how risk management plan
will be structured and performed during project life cycle. It also includes methodology,
roles and responsibilities, budgeting, timing, risk categories, definition of risk probability
and impact, reporting format and tracking of risks.
In their book of risk management literature survey, Hamann and Bijl (2002) describe that
to construct the risk management plan, data must be gathered from the work breakdown
structure, the system requirements and performance standards, configuration data,
schedule, program, and project management plans. The reason for this is twofold: first,
to understand the project in enough detail to perform the technical risk and most-likely
cost and schedule estimate. Secondly, to evaluate the projects maturity, to assess
management risk.
2.9.2 Risk Identification

Risk identification is the process of determining which risk may affect the project and
documenting their characteristics (PMI, 2008). Identification of risk events is the act of
determining and describing events that could impact the program (Hamann and Bijl,
2002). Risk identification is the process of examining the program areas and each critical
technical process to identify and document the associated risk (Kerzner, 2009).
Risks and other threats can be hard to eliminate, but when they have been identified, it is
easier to take actions and have control over them. If the causes of the risks have been
identified and allocated before any problems occur, the risk management will be more
effective (PMI, 2008). RM is not only solving problems in advance, but also being
prepared for potential problems that can occur unexpectedly. Handling potential threats
is not only a way to minimize losses within the project, but also a way to transfer risks into
15
opportunities, which can lead to economical profitability, environmental and other
advantages (Winch, 2002).
According to Kerzner (2009), risk identification must continue through all project phases
and is important that the identification process is concerned with the source of the risk
rather than the event itself or the effect. This is because the risk taker can do something
about the sources of the risk, but not really do very much about the event or the effects
(Roberts and Wallace, 2004). It should be an ongoing, iterative process because new
risks may become known as the project progresses through its life cycle (Richardson.
2015).
The purpose of identifying risks is to obtain a list with potential risks to be managed in a
project (PMI, 2008). To find all potential risks which might impact a specific project,
different techniques can be applied. It is important to use a method that the project team
is most familiar with and the project will benefit from. The aim is to highlight the potential
problems for the project team to be aware of them.
As compiled from different authors like Smith et al. 2006; Lester, 2007; PMI, 2009;
Hamann and Bijl, 2002; Kerzner, 2009, Gajewska and Ropel, 2011; and PMBOK, 2008,
Some of the common risk identification methods include like information gathering
methods that consists of workshops, brainstorming, interviews, questionnaires, root
cause analysis, consulting experts, experience, SWOT analysis, Delphi techniques, risk
breakdown structure and visit location. Another method is documentation which
comprises of databases, historical data from similar projects, templates, checklists, study
project documentation (plan, files etc.) and study specialist literature. The rests are
research, models and decision drivers.
The risk identification techniques are used to identify the predictable risks and the
identified risks can be categorized in any of the risks types. And the important thing that
was noticed while preparing this paper was that there are different techniques to classify
and to identify project risks. Hence, when more existing books or new books related to
project risk management are found, it is evitable to get with new methods and techniques
of risk classification and identification.
16
2.9.3 Risk analysis
Ones risks are identified by any of the techniques mentioned above, the next phase is to
analyze them. Risk analysis is based on the identification of all feasible options and data
relating to the various risks and to the analysis of the various outcomes of any decision
(Roberts and Wallace, 2004). Kerzner (2009) defines risk analysis as a systematic
process to estimate the level of risk for identified and approved risks. It involves the
determination of qualitative and quantitative rating values for the identified threat or
opportunity that is to provide a measure of quantification to the identified risk events
(Richardson, 2015). The risk analysis methodologies consist of six steps according to
Roberts and Wallace (2004).
The first step is evaluating all the options because there might be different factors that
affect the risk and all the possible factors must be assessed accordingly. In this phase
expertise skill or some tools of risk identification methods might be required to consider
the possible risks that can occur in the project.
The second step is considering risk attitude of decision-makers. Different people will
respond to risk differently and hence different people will evaluate risks differently and
then will make different decisions using the same data. The third step is considering
characteristics of the risk in which the identified risks will different characteristics and
impacts within the project. Some risks can be controlled while others can’t (example
internal vs external risk).
The fourth step is establishment of measurement system to evaluate the magnitude of

the risk either quantitatively or qualitatively to determine its likelihood and impact in the
project. The fifth step is interpreting the result in which the consequence or effect of the
risk must be predicted or interpreted. The last one is making the decision based on the
measured metrics and interpreted results of the risks.
2.10.3.1 Qualitative Risk Analysis
The risk analysis can be done qualitatively or quantitatively. PMI (2013) defines qualitative
risk analysis as the process of prioritizing risks for further analysis or action by assessing
and combining their probability of occurrence and impact so that risks can be placed
17
somewhere on a descriptive scale from high to low level (Gajewska and Ropel, 2011).
this process enables project managers to reduce the level of uncertainty and to focus on
high-priority risks and on the most likely and troublesome ones (Richardson, 2015). It is
usually a rapid and cost-effective means of establishing priorities of risks that is performed
regularly throughout the project life cycle.
Some of the tools and techniques that can be used to analyze risk qualitatively are risk
probability and impact assessment, probability and impact matrix, risk data quality
assessment, risk categorization, risk urgency assessment and expert judgment. A well-
done qualitative risk analysis will provide risk analysts with a good sense of what they
may encounter on their projects (Frame 2002).
2.10.3.2 Quantitative Risk Analysis
Like qualitative, the quantitative risk analysis process is used to prioritize risks but the
former one orders risks descriptively while the later one lists them based on numerical
estimation (Winch, 2002). It gives numerical information to decision makers (PMI, 2013)
Companies tend to use a qualitative approach since it is more convenient to describe the
risks than to quantify them (Lichtenstein, 1996). It is also used in small and medium
projects (Heldman, 2005) whereas the quantitative method is conducted on larger, more
complex projects, because considerable time and effort is required to do it (Turner 2009).
It might be problematic to choose an appropriate risk assessment model for a specific
project. The methods should be chosen depending on the type of risk, project scope as
well as on the specific methods requirements and criteria (Gajewska and Ropel, 2011);
however regardless of the method chosen, the desired outcome of such assessment
should be reliable (Lichtenstein, 1996). Perry (1986) mentions that the selection of the
right technique often depends on experience and expertise.
2.9.4 Risk Response

This phase indicates what action should be taken towards the identified risks and threats.
The response strategy and approach chosen depends on the kind of risks concerned
(Winch, 2002). Risk identification and analysis provide us with an understanding of what
can happen on the project, risk response planning furnishes us with actions we can take
18
either to avoid a risk event or to dampen its impacts (Frame, 2002) and addresses the
responses that will be made to individual risks (Callahan and Brooks, 2004).
Winch (2002) describes that sometimes it is difficult to take a decision based on too little
information. This may be avoided by waiting until the appropriate information is available
to deal with the risk. This way of acting is called “Delay the decision‟ but this approach is
not appropriate in all situations, especially when handling critical risks which need to be
managed earlier in the process. Winch (2002) claims that the lower impact the risk has,
the better it can be managed.
The key benefit of risk response is that it addresses the risks by their priority, inserting
resources and activities into the budget, schedule and project management plan as
needed (PMI, 2013). Several risk response strategies are available but the most suitable
strategy that is best effective to the specified risk should be chosen. The response
strategy and approach chosen depends on the kind of risks concerned (Winch, 2002).
The response strategies, which typically deal with threats or risks that may have negative
impacts on project objectives if they occur, are: accept, avoid, transfer, and mitigate; while
the responses that are suggested to deal with risks of potentially positive impacts on
project objectives are to exploit, share, enhance, and accept (Kerzner, 2009 and PMI,
2013).
But on this paper the response strategies, which typically deal with threats or risks that
may have negative impacts on project objectives if they occur are considered.
• Avoidance/prevention: this involves reducing the risk’s impact or probability,

shifting the risk’s timeframe, or changing the risk’s consequence (Hamann and Bijl,
2002).it also includes avoiding doing things that that can get projects in trouble
(Frame, 2002). This is a process of avoiding risk by negotiations or deals to get rid
of it completely (Roberts and Wallace, 2004). The project plan can be modified to
avoid the situation that creates the risk and to eliminate the threat entirely
(Wysocki, 2014).
• Risk Transfer: this is a process of passing the risk to another actor who has a
greater capability or capacity to manage it. Potts (2008) states that the risk should
19
be transferred to those who know how to manage it. It must be recognized that the
risk is not eliminated; it is only transferred to the party that is best able to manage
it (PMI, 2008).
• Reduction/mitigation: This is a way of minimizing the potential risks by mitigating
their likelihood (Thomas, 2009). Risks are managed deeply to decrease their
consequence on the project’s objective. The project team will have a dogwatch
control over the identified risks. Some projects invest in guarantees or hire experts
to manage high-risk activities. Those experts may find solutions that the project
team has not considered (Darnall and Preston, 2010). Example of mitigation
strategies includes Contingency planning, Quality assurance and Crisis
management and disaster recovery plans (Cooper et al., 2005). Taking early action
to reduce the probability and/or impact of a risk occurring on the project is often
more effective than trying to repair the damage after the risk has occurred (PMI,
2013).
• Retention/Acceptance: this strategy is a passive process in which nothing is done
with the anticipation that the risk may have to be managed in the future (Hamann
and Bijl, 2002). Retention can also be an option when other solutions are
uneconomical (Thomas, 2009). This response strategy as a strategy whereby the
project team decides to acknowledge the risk and not take any action unless the
risk occurs (PMI, 2013). Richardson (2015), states that some risks are so small
and easily dealt with that it is not economical to spend time developing a response
mitigation plan.
2.9.5 Risk Monitor and Control
Risk monitoring and controlling is a continuous supervision of the risk management
process to discover new risks, keep track of identified risks and eliminate past risks from
the risk assessment and project (PMI, 2013). Monitoring and controlling is to supervise
the status of the risks and take corrective actions if needed.
Callahan and Brooks (2004) states that Control Risk is the process of implementing risk
response plans, tracking identified risks, monitoring residual risks, identifying new risks,
and evaluating risk process effectiveness throughout the project. The feature of risk
control includes:
20
❖ Monitoring project results for signs that risks may occur or may have
occurred
❖ Reviewing risk responses that have been taken to see if they were effective
❖ Reviewing project goals and objectives to ensure that they are still valid,
and
❖ Reviewing the project context to see if any changes in external factors may
affect the project.
Risk control does not attempt to eliminate the source of the risk but seeks a manner that
reduces the probability and/or consequence of its occurrence on the program (Kerzner,
2009) and is the process of using the information that has been learned on a project to
assist in the later development of the project (Roberts and Wallace, 2004).
2.10 Risk management and Project success

Traditionally projects are perceived as successful when they meet time, budget and
performance goals (Shenhar, Dvir, Levy, & Maltz, 2001). The Project Management Book
of Knowledge, 2004, refers to project success being measured in terms of time, cost,
scope, quality and customer satisfaction (PMI, 2004). The book adds that risk
management is one of the ten project management knowledge areas that has key role in
project success. It contributes to a better view of possible consequences resulting from
unmanaged risks and how to avoid them (Hamann and Bijl, 2002) during a project life
cycle.
Another benefit of working with risk management is increased level of control over the
whole project and more efficient problem-solving processes which can be supported on
a more genuine basis (Thomas, 2009). The risk management also provides a procedure
which can reduce possible and sudden surprises (Cooper et al. 2005).
As risks include threats and opportunities that can affect project success, an organization
should be committed to address risk management proactively and consistently throughout
the project (PMI, 2013). Project teams must be aware of possible risks in the project and
then make necessary arrangement to respond them accordingly. Risk management
system aims to identify the primary risks that an organization is exposed to, so that an
informed assessment can be made, and proper decisions can be made to safeguard the
21
organization (Roberts and Wallace, 2004). Organization should implement only those
project processes, tools, and techniques that are necessary to achieve success in its
projects and environment (Callhan and Brooks, 2004).
If risks are unmanaged systematically, they can cause fatal failure on projects. Therefore,
according to Kerzner (2009), risk management should be closely coupled with key project
processes, including but not limited to: overall project management, systems engineering,
configuration management, cost, design/engineering, earned value, manufacturing,
quality, schedule, scope, and test. It is not a separate project office activity assigned to a
risk management department but rather is one aspect of sound project management.
Projects with effective risk management system have far better success rate than the
unmanaged ones that is why Kerzner (2009) describes project risk management as
proactive rather than reactive, positive rather than negative management process that
seeks to increase the probability of project success.
2.11 Empirical Literature Review

Different researchers made assessment on the practice of risk management process on
different projects locally in the Ethiopian context and internationally. Most of the Ethiopian
projects’ risk management practices lack efficiency and effectiveness that is why many
projects are seen performing below their intended objectives.
Negash (2017) examined the actual risk management practice of Butajira Asphalt road
construction project and found that the practice of developing an effective risk
management plan in the project was a poor practice even though it was prepared with the
involvement of stake holders considering different factors. Although the risk was primarily
identified by expert judgment and the identified risks were analyzed considering
characteristics, there was no well-developed strategy to respond to risk. The project has
poor practices of risk monitoring and control, poor record in using a guide line that
recommends how to manage unexpected uncertainties.
Manyazewal (2017) assessed the risk management practices of real estate projects to
examine if theoretical risk management process is being practiced appropriately and
effectively, to study if project risk planning was integrated with corporate strategic plan
and to investigate the level of awareness and perception to risk and its management
22
within the projects. The researcher found that although the project was very risky, risk
management was being practiced very poorly and a huge gap was noticed between what
should be theoretically applied and what was being practiced in the projects.
Alemu (2016) made study to identify the actual risk management practice at Batu and
Dukem town water supply projects in Ethiopia. The study showed that there was no
defined standard risk management process that was followed or implemented inside the
projects. The practice of risk planning was not conducted carefully; there was no well-
developed strategy with in the projects on how to act in response to uncertainties that the
projects encountered; risks were not monitored and controlled properly and in general the
practice of project risk management was implemented to some extent at Batu and Dukem
town water supply projects but lacked basic process and standards while being practiced.
Rabechini and Monteiro (2013) conducted a study on 411 different projects in several
states of Brazil with a goal to know the impact of risk management on project
performance. The study also further aimed to investigate the degree of flow of risk
management practice in Brazilian companies. From the data that was collected by
applying a questionnaire to a sample of 411 projects, the researchers were able to
observe that the risk management techniques and tools were poorly used in the projects.
But the results of the research demonstrated that adopting risk management practice and
the presence of a risk manager has a significant positive impact on project success.
Kuhn and Visser (2014) conducted a research on 20 mining projects in South Africa. The
results indicated that project teams used only a few of the tools and techniques that were
available for risk identification, qualitative risk analysis, and quantitative analysis. The
authors stated that uncertainties relating to the project were not well understood or
managed and they recommended projects to use project risk management as an
integrated process of project management to deal with uncertainties in the project
environment.
Estu (2017) made Assessment on the Risk Management Practice Of construction
Projects in the Case Study of Addis Ababa Saving Houses Development Enterprise. The
researcher found that enterprise was showing progress in managing quality risks by
giving detail attention to quality assurance and performing quality checks in given
intervals. Cost and schedule impacts that came because of risk were also to some degree
23
minimized by hiring qualified project managers and consultants as per the requirement of
the client. But still on structural level, the lack of risk department and the little attention
given to proper risk management created high and negative cost; schedule and quality
impacts also reduced employee morale.
All the papers emphasis that risk management is crucial for effectiveness of projects in
attaining their goals. However, there is a gap between theoretical frameworks and
practical application of the management system so that projects face considerable loses
due to unmanaged uncertainties in the life cycle of the project. Therefore, necessary
actions should be deployed so that risk management must be taken as integral
component of project management throughout the project life time.
24
CHAPTER THREE
RESEARCH METHODOLOGY
3.1 Introduction
The methodology part of the study contains overview of the organization, research
design, data collection methods, the design of the questionnaire, sampling design, data
analysis like descriptive statistics and ethical issues.
3.2 Overview of Ethio-Telecom

According to the information obtained from the company’s website (https://Ethio-
Telecom.et) Ethio telecom, previously known as the Ethiopian Telecommunications
Corporation (ETC), is an integrated telecommunications services provider in Ethiopia,
providing internet and telephone services. Ethio telecom is owned by the Ethiopian
government and maintains a monopoly over all telecommunication services in Ethiopia.
The company has its own stated vision, mission and strategies and then achieves its
missions through the implementation of different telecom projects. It continues to invest
in expanding and upgrading the country’s telecommunication system and striving to
deliver these projects effectively and successfully.
It has registered several accomplishments required to transform the company to a

modern telecom service provider by implementing and managing two consistent huge
projects. The first one is a Next generation network (NGN) project contract agreement
worth of US1.5 Billion Dollar of vendor financing in 2006 with Chinese Zhongxing Telecom
Enterprise (ZTE) to come up with dynamic technological revolution in the telecom industry
and with great vision to see the entire country connected with state of the art of
Information Communication Technology (ITC) infrastructure that provide highly
qualitative, reliable and secure communication service at affordable price which support
data, voice and multimedia. And the second huge project that was managed and
deployed recently is called Telecom Expansion Program (TEP) kicked off in January 2013
with a total project cost of 1.6 Billion USD with China's ZTE and Huawei Corporation and
the Swedish firm Ericsson. This project is a continuation of the NGN project.
25
Ethio-Telecom has established one department called risk and business continuity. The
risk section is responsible about risk management practices both in project and
operational duties while the business continuity section is working to ensure the
sustainable running of business by
3.3 Research Design

The most common used research designs are exploratory, descriptive and explanatory
which are classified based on the purpose of the research (Saunders et.al, 2009).
Descriptive studies are aimed at finding out "what is,”. It involves gathering data that
describe events (Glass and Hopkins, 1984). The major purpose of descriptive research
is description of the state of affairs as it exists at present (Kothari, 2004). Descriptive
statistics was used to analyze the collected data in which the SPSS was also applied to
find percentages or frequencies of respondents that replied specific points in the
questionnaires. This design was chosen because this study aimed to identify and
describe the risk management practice in the case of Ethio-Telecom project.
3.4 Target population, Sampling design and Sample Size

3.4.1 Target population
The purpose of this study is to describe the practice of project risk management in Ethio-
Telecom’s Telecom Expansion Project (TEP) and then to provide recommendations on
gaps between theories and actual practices. Then the target population of the study is
Ethio-Telecom employees that are stakeholder of the project. The target population
consists of program director, program managers, project managers, project
specialist/coordinators and project professionals. The distribution of the individuals with
respect to their organizational position and responsibility is shown in the table below; this
data was obtained from the organization document that shows head count as of June
2016.
26
Table 0-1: TEP members head count
Role Head count

Program director 1
Program Manager 14
Project Manager 67
Project Specialist/Coordinator 483
Project Professional 486
Total 1051
(Source: Ethio-Telecom)
3.4.2 Sampling design

The main purpose of this study is to get the reliable information to assess the practice
within the company. Hence, a probabilistic and stratified random form of sampling is used
to gather the information. The individuals are grouped based on organizational positions
and responsibilities and then proportionate stratified sampling technique was deployed to
get information from across each stratum. Within each stratum, individuals were selected
based on their accessibility or convenience to the researcher.
3.4.3 Sample size
(Cooper and Schindler, 2006) defines sample as a part of a larger body called population,
specially selected with the primary objective being to make inferences about the larger population
or to represent the whole. Samples that are too large may waste time, resources and money,
while samples that are too small may lead to inaccurate results (Ary, Jacobs & Razavieh,,
1972). Hence, it should be optimum; an optimum sample is one which fulfills the requirements of
efficiency, representativeness, reliability and flexibility (Mohammed, Denu & Ensermu, 2014).
The researcher used Yount (2006) rule of thumb as a guide to determine Sample Size of
the study which is shown in the table below.
27
Table 0-2: Yount’s “Rule of Thumb” for sample size
Rule of Thumb Range of Population Size(N) Sample Size as a Percentage of Population(S)
RT-1 The larger the population size, the smaller the percentage of the population
required to get a representative sample
RT-2 0-100 100%
RT-3 101 – 1000 10%
RT-4 1001 – 5000 5%
RT-5 5001 – 10000 3%
RT-6 Above 10000 1%
(Source: Yount, 2006)
As depicted in the table of TEP members head count population size above, the total
number of individuals (N) is 1051. Then sample size of the specified population was 53
according to Curry’s (1984) rule of thumb (53=0.05*1051).
The distribution of the sample size across each stratum according to proportionate
stratified sampling is shown in the table below too.
Table 0-3: stratified sample size distribution
Sample size, ni= (Ni/N)*sample

Role Head Count (Ni) size(53)
Program director 1 1
Program Manager 14 1
Project Manager 67 3
Project
Specialist/Coordinator 483 24
Project Professional 486 24
Universe Total 1051 53
(Source: own result, 2018)
3.4.4 Research instrument

The information required to assess the practice within the project was planned to be
primary. And the instrument applied to collect data was questionnaire and semi structured
interview. The questioner containing 27 risk practice assessment items that contains
open-ended and closed-ended questions was distributed to the sample.
28
3.5 Data Analysis
The data was collected with structured questionnaire. The data collected was measured
by nominal scale, and ordinal scale and analyzed quantitatively by descriptive statistics
in which the SPSS software version 20 was used to find percentages and frequencies for
tabular illustrations.
3.6 Validity and Reliability

Validity refers to the extent to which a test measures what the researcher actually wishes
to measure (Kothari, 2004) whereas reliability refers accuracy and precision of
measurement. To obtain acceptable and accurate response from each question in the
questionnaire, the questionnaire was reviewed, commented, and rechecked. In addition
to this, the respondents were given clues on the specific items; the reliability of the
questionnaire was checked by the Cronbach’s-Alpha test coefficient using SPSS version
20.0 software and the result obtained was 0.788.
Table 0-4: Cronbach’s-Alpha test coefficient values
RMP Risk Risk Risk Risk Risk overall

planning identification analysis response monitor
and
control
Cronbach 0.829 0.501 0.708 0.873 0.846 0.788
value
Source: own survey, 2018.
3.6.1 Ethical Issues

The study was conducted by adhering to the research ethics. To ensure the ethics of the
study, prior clarification about the purpose of the study was given to the respondents.
Then the response has been used only for the purpose of the study without making any
adjustment and kept confidential.
29
CHAPTER FOUR
DATA ANALYSIS AND PRESENTATION

4.1 Introduction
This chapter deals with the presentation, analysis and interpretation of sample data that
is collected from the respondents. The data was analyzed using quantitative descriptive
statistics with the help of SPSS Statistics version 20 statistical computer software.
Questionnaire and semi structured interview were used to collect data from project
managers and specialists for assessing the practice of risk management in the case of
Ethio-Telecom. The interview was used to triangulate the questionnaire responses.
4.2 Response Rate

The primary data that was collected through questionnaire consisted of 27 close-ended
and open-ended items and was distributed to 53 individuals who are project managers
and specialists participating in the projects. In the closed-ended questions, the
respondents were required to choose their choices from the provided alternatives: the
practice questions used Likert scale with Strongly Disagree (SD) = 1, Disagree (D) = 2,
Uncertain (U) = 3, Agree (A) = 4 and Strongly Agree (SA) = 5. Among the sample size
of 53 sample size, 48 questionnaires that has 96% response rate were properly
completed and returned. The collected data was analyzed, interpreted and presented in
the below tables. The measurement was reliable with the average alpha of 0.788.
4.3 Respondents’ general information

For the general questions regarding gender, age, level of education, work experience and
years they have participated in the projects, the responses of the respondents and the
implication are presented here under.
Table 0-1: Gender of respondents
Frequency Percent Valid Percent Cumulative Percent

Male 40 83.3 83.3 83.3
Valid Female 8 16.7 16.7 100.0
Total 48 100.0 100.0
Source: Own Survey, 2018
30
As presented in the above table, male of 83.3% (40) and female of 16.7% (8) totally 48
respondents participated in the research. Majority of the respondents were males.
Table 0-2: Age of the respondents
Frequency Percent Valid Percent Cumulative

Percent
20-29 2 4.2 4.2 4.2
30-39 25 52.1 52.1 56.3
Valid 40-49 20 41.7 41.7 97.9
50-59 1 2.1 2.1 100.0
Total 48 100.0 100.0
Age of the respondents fell in between 20 and 59 years among them 4.2% (2) of them
were between 20-29 years; 52.1% (25) of them were between 30- 39 years of age; 41.7%
(20) of them were between 40- 50 years of age and 2.1% (1) of the respondents was
above 50 years of age.
Table 0-3: Education level

Degree 29 60.4 60.4 60.4
Master 18 37.5 37.5 97.9
Valid
Higher 1 2.1 2.1 100.0
Total 48 100.0 100.0
The above table indicates educational level of respondents in which 60.4 % (29) were
degree holders, 37.5% (18) of the respondents were second degree holders, 2.1% (1) of
the respondents hold higher (above second degree) qualification.
31
Table 0-4: Work Experience
Frequency Percent Valid Percent Cumulative

Percent
2-5 years 4 8.3 8.3 8.3
6-10 years 17 35.4 35.4 43.8
11-15 years 15 31.3 31.3 75.0
Valid
Above 15
12 25.0 25.0 100.0
years
Total 48 100.0 100.0
The above table depicts the experience of respondents in the organization in which 8.3%
(4) of them have 2-5 years, 35.4(15) of them have 6-10 years, 31.3% (15) of them have
11-15 years and 25% (12) of them have above 15 years of experience in the organization.
Table 0-5: Project experience of the respondents

1-3 years 19 39.6 39.6 39.6
Valid Above 3 years 29 60.4 60.4 100.0
Total 48 100.0 100.0
The above table shows respondents’ years of experience in the project and it shows that
39.6 % (19) of them have 1-3 years and the rest 60.4% (29) of them have above three
years of project experiences. The data shows that most of the respondents have more
years of experience and have worked in the project until its completion. As reviewed in
the project document of the organization, the project took more than three years to
complete.
4.4 Response about general project risk management

The table below shows summarized responses of the 48 respondents for each question
in which the respondents’ number is depicted in percentages. Please the table below:
32
Table 0-6: General project management practices
S. General project management questions Responses in percent (%)(n)

N
SD (%)(n) D (%)(n) U (%)(n) A (%)(n) SA(%)(n)
1 There is a policy or guideline that 2.1%(1) 18.8%(9) 29.2%(14 45.8%(22 4.2%(2)

recommends how to manage unexpected ) )
uncertainties.
2 The project has a standard risk 0%(0) 20.8%(10 22.9%(11 50%(24) 6.3%(3)
management process. ) )
3 There is responsible person or department 4.2%(2) 12.5%(6) 12.5%(6) 47.9%(23 22.9%(11

handle risk ) )
4 Risk management is a continuous process 29.2%(14 41.7%(20 10.4%(5)

4.2%(2) 14.6%(7)
in the project. ) )
Source: own survey, 2018

About the existence of policy or guideline that recommends how to manage uncertainties,
2.1% (1) respondents strongly disagreed, 18.8% (9) disagreed, 29.2% (14) were uncertain
if it exists while the remaining 45.8% (22) and 4.2% (2) agreed and strongly agreed
respectively. The result shows considerable number of the respondents is uncertain
although major of them believed that there is policy or guideline that recommends how to
manage uncertainties.
Regarding the question if there is a standard risk management process with in the projects
20.8% (10) of the respondents disagreed for the existence of defined process to manage
risk; however, 50% (24) and6.3% (3) respondents provided agree and strongly agree
response to this point whereas the remaining 22.9% (11) were uncertain if there is a
standard process or not. The overall result for this specific point shows that majority of
the respondents agreed that there was defined standard risk management process within
the projects.
Respondents were asked to find out if there is a specific assigned person or department
to handle risk and corresponding response for the specific question shows that 4.2% (2)
of the respondents strongly disagreed and 12.5 % (6) of them disagreed. Although 12.5%
33
(6) of the respondents were uncertain, majority of the respondents noticed the existence
of the risk management department in which 47.9% (23) agreed while 22.9 % (11) of the
respondents strongly agreed on this point. This result implies that majority of the
respondents agreed that there was assigned person or department to handle risk.
Moreover, the researcher was able to find out that there is specific department that is
responsible for risk management that manages project and operational risks.
Regarding to a specific question that whether risk management is a continuous process

in the project or not, 4.2% (2) of the respondents strongly disagreed and 14.6% (7)
disagreed but 29.2% (14) of them were uncertain to the question. The remaining 41.7%
(20) of the respondents agreed and 10.4% (5) of them strongly agreed that risk
management is a continuous process in the project. This result shows that majority of the
respondents believed existence of the specific practice although considerable number of
the respondents was uncertain of the practice.
Table 0-7: project stage in which risk management was applied.

Risk management is implemented at which stage of the project?
Project stage Frequency Percent Valid Percent Cumulative Percent

Conceptual 2 4.2 4.2 4.2
Planning 13 27.1 27.1 31.3
Implementation 25 52.1 52.1 83.3
Monitor and Control 3 6.3 6.3 89.6
Closure 2 4.2 4.2 93.8
Planning and Implementation 3 6.3 6.3 100.0
Total 48 100.0 100.0
The above table shows that 4.2% (2) of the respondents responded at the conceptual
stage, 27.1% (13) responded at the planning stage, 52.1% (25) of the respondents
responded that it is done at the implementation stage, 4.2% (2) responded at the closure
stage while the remaining responded that it is implemented at planning and
implementation stage. It can be observed from the responses that risk management is
implemented throughout the project stage although majority of the respondents perceive
that it is implemented at the implementation stage.
34
4.5 Risk planning related responses
The response for risk planning questions is shown in the table below.
Table 0-7: Response to risk management plan
S. Risk planning questions Responses in percent (%) (n)

N. SD%(n) D%(n) U%(n) A%(n) SA%(n)
1 There is systematic approach or careful planning 0 (0) 25(12) 29.2(14 41.7(20 4.2(2)
) )
2 Relevant stakeholders are involved in the 4.2(2) 20.8(10 22.9(11 43.8(21 8.3(4)
) ) )
planning
3 Tools like expert judgment, meetings or others are 2.1(1) 12.5(6) 31.3(15 47.9(23 6.3(3)
) )
considered for risk planning
4 Environmental factors are included as an input to 2.1(1) 14.6 (7) 39.6(19 39.6(19 4.2(2)
) )
plan for uncertainties.
5 Project team members receive training or have 6.3(3) 39.6 35.4(17 14.6(7) 4.2(2)
(19) )
enough knowledge about how to handle
uncertainties.
6 Risk management plan is incorporated with the 2.1(1) 14.6 (7) 45.8(22 35.4(17 2.1(1)
) )
project plan.
The table above indicates responses for each risk management planning questions.
Respondents’ size on each value of the perception measurement scale is expressed by
percent and head count. For a question regarding to the existence of systematic approach
or careful planning, 25% (12) of the respondents disagreed, 29.2% (14) were uncertain.
The rest 41.7% (20) of the respondents agreed whereas the rest 4.2% (2) of them replied
with strongly agree response. This result indicates that majority of the respondents were
either uncertain or disagree with the systematic risk planning approach. And for relevant
stakeholders’ involvement in the planning question it is found that 4.2% (2) strongly
disagreed and 20.8% (10) disagreed for the involvement of relevant stakeholder for
planning. 22.9% (11) respondents were uncertain if stakeholders were involved or not
whereas, 43.8% (21) agreed and 8.3% (4) strongly agreed that there was an involvement
of stakeholders who were relevant to the project in the planning stage. This implies based
35
on the response of the majority of the respondents that stakeholders that were related to
the projects were part of the planning process.
The same table shows that the respondents’ response to the question if tools like expert
judgment, meetings or others were considered for risk planning for uncertainties and
found that 2.1% (1) strongly disagreed, 12.5% (6) disagreed and considerable number of
respondent i.e. 31.3% (15) were uncertain if tools were used or not in the planning
process. In contrast, 47.9% (23) and 6.3% (3) of the respondents agreed and strongly
agreed to the existence of the tools. This result indicates that majority of the respondents
believed that there were tools used for risk management planning.
Similarly, the table indicates the response for if environmental factors were included as
an input to plan for uncertainties or not and the respondents’ result reveals 2.1% (1) of
the respondents strongly disagreed and 14.6% (7) of the respondents disagreed for the
usage environmental factors as an input and 39.6% (19) were uncertain if this was used
as an input or not. The remaining respondents that are 39.6% (19) agreed and 4.2% (2)
strongly agreed that factors in the environment were used as an input while planning for
uncertainties. The responses indicate that majority of the respondents believed that
environmental factors weren’t considered as an input for planning.
As can be reviewed from above relevant stakeholders were involved in the planning
phase of risk management process. Another question related to training delivery to project
team members or if they had enough knowledge about how to handle uncertainties; 6.3%
(3) of the respondents strongly disagreed and 39.6% (19) of the respondents disagreed
that training was provided for the team members within the project and that team
members had knowledge about handling uncertainties whereas 14.6% (7) of the
respondents agreed and 4.2 (2) strongly agreed that team members had knowledge or
received training regarding uncertainty management. The remaining 35.4% (17) were
uncertain about this question. From this result it can be seen that although considerable
amount of the respondents was uncertain majority of the remaining respondents didn’t
believe that training was provided to the team members participating in the projects and
that team members with the projects had enough knowledge regarding how to manage
uncertainties.
36
The last but not the least part on the planning part that was requested to the respondent
was to assess if risk management plan was incorporated with the project plan or not and
the corresponding response for this is shown in the table as 2.1% (1) strongly disagreed,
14.6% (7) disagreed for incorporation. Although 35.4% (17) and 2.1% (1) of the
respondents agreed and strongly agreed that the risk management plan was incorporated
with the project plan considerable respondents that is 45.8% (22) were uncertain if risk
management plan was incorporated with the project plan or not. This result implies that
although many respondents were uncertain the remaining major respondents believed
that risk management plan was incorporated with the project plan.
4.6 Response for risk identification

Table 0-8: Response to team participation in risk identification
Project team members play roles to identify risk.

Frequency Percent Valid Cumulative Percent
Percent
Strongly
1 2.1 2.1 2.1
Disagree
Disagree 8 16.7 16.7 18.8
Valid Uncertain 16 33.3 33.3 52.1
Agree 20 41.7 41.7 93.8
Strongly Agree 3 6.3 6.3 100.0
Total 48 100.0 100.0
The table shows the response of the respondents for project teams play roles to identify
risk. The table depict that 2.1% (1) and 16.7% (8) of the respondents strongly disagreed
and disagreed respectively that project team members play role in risk identification but
33.3% (16) of the respondents were uncertain if they played or not. The remaining 41.7%
(20) agreed and 6.3% (3) strongly agreed that team members played roles in identifying
risk. The response result implies that project teams played role in risk identification, but it
is difficult to say all project team members play roles in risk identification because majority
of the respondents were either uncertain or didn’t disagree to the question.
37
Table 0-9: Methods primarily used to identify risks
Primarily used risk identification methods Frequency Perce

nt
Expert Judgement 2 4.2
Checklist 3 6.3
Document Review 6 12.5
Information gathering 9 18.8
Assumption analysis 1 2.1
Expert Judgment and Document Review 1 2.1
Expert Judgment, Checklist and Document Review 2 4.2
Expert Judgment, Document review and Assumption analysis 2 4.2
Expert Judgment, Checklist, Document review and Information gathering 5 10.4
Expert Judgment, Checklist, Document review, Information gathering and
1 2.1
assumption analysis
Checklist and document review 3 6.3
Checklist and Information gathering 1 2.1
Checklist and Assumption analysis 2 4.2
Checklist, Document review and Information Gathering 4 8.3
Checklist, Information gathering and Assumption analysis 1 2.1
Checklist, Document review, Information gathering and Assumption
1 2.1
analysis
Document review and Information gathering 3 6.3
Document review and Assumption analysis 1 2.1
Total 48 100.0
Source: own survey 2018
The table indicates responses by different respondents with regard to predominantly used
risk identification methods. As can be seen the most common types used methods are
expert judgment, checklist, document review, information gathering, assumption analysis
and their combinations. The distribution of responses doesn’t show visible differences so
that this can imply that all the mentioned methods were used to identify project risks.
38
Table 0-10: Source of project risks that frequently encountered
Risk sources types Frequency Percent

Technical 17 35.4
Financial 3 6.3
Human 3 6.3
Environmental 1 2.1
Technical and Human 2 4.2
Technical and Environmental 2 4.2
Technical, Financial and Human 3 6.3
Technical, Financial and Environmental 4 8.3
Technical, Financial, Human and Environmental 7 14.6
Financial and Human 1 2.1
Financial and Environmental 1 2.1
Human and Environmental 1 2.1
Technical and Financial 3 6.3
Total 48 100.0
As can be seen from the table above, the most common risk resources were technical,
financial, human, environmental risks and their combinations. The table implies that
technical was the visible type of risk resource although the other ones also took
considerable proportions.
4.7 Risk analysis related responses

Table 0-11: risk analysis related responses
S.N Risk analysis questions Responses in percent (%)(n)

SD (%)(n) D (%)(n) U (%)(n) A (%)(n) SA(%)(n)
1 Characteristics of the risk are considered 2.1%(1) 12.5% (6) 25% (12) 56.3%(27) 4.2%(2)
2 There is a measurement system to 2.1% (1) 22.9% 43.8% (21) 31.3%(15) 0% (0)
(11)
analyze the risk.
3 Project documents are updated after risk 4.2% (2) 14.6% (7) 29.2%(14) 47.9%(23) 4.2% (2)
assessment
39
The table above shows responses for risk analysis related questions. For the first
question that is if characteristics of the risk were considered the response of the
respondents 2.1% (1) strongly disagreed and 12.5% (6) disagreed that the different
characters of risk were considered for analyzing. 25% (12) of the respondents were
uncertain whether the characteristics of the risk were considered or not while the
remaining respondents that are 56.3% (27) agreed and 4.2% (2) strongly agreed that the
characters of the risk were put into consideration. Based on this result it can be argued
that majority of the respondents believed that characteristics were considered in the
analysis of the risks in the projects. Regarding to existence of measurement system to
analyze the risk, 2.1% (1) of the respondents strongly disagree and 22.9% (11) disagreed
that there was a measurement system within the project to analyze risk but 43.8% (21)
were uncertain about this issue while the remaining 31.3% (15)) of the respondents
agreed that there is a measurement system. This result indicates majority of the
respondents were either uncertain or disagreed that there was a way to measure risk in
order to analyze risks that might occur within the projects. For the third case used to
assess if Project documents were updated after risk assessment and the result indicated
that 4.2% (2) strongly disagreed and 14.6% (7) of the respondents disagreed that
documents were updated after assessment; 29.2% (14) were uncertain if this was done
or not 47.9% (23) respondents agreed and 4.2% (2) strongly agreed that the projects
documents were updated after assessment of the risk. According to respondents’ majority
result, project documents were updated after risk assessment within the projects.
40
4.8 Response for risk response
Table 0-12: Risk response
S. Risk response questions Responses in percent (%)(n)

N SD (%)(n) D (%)(n) U (%)(n) A (%)(n) SA(%)(n)
.
1 There is a well-developed strategy to respond 2.1% (1) 41.7% (20) 18.8% (9) 37.5%(18 0% (0)
)
risk.
2 Factors such as budget, schedule and 0% (0) 60.4% (29) 25.0% 14.6%(7) 0% (0)
(12)
resources and quality are considered while
responding to risk.
The above table indicates response for risk response questions from 48 respondents. As
depicted in the table the response for the first question used to assess if there was a well-
developed strategy to respond risk indicates that 2.1% (1) of the respondents strongly
disagreed and 41.7% (20) of the respondents disagreed that there was a well-developed
strategy on how to respond to risk. But 18.8% (9) respondents were uncertain whether
there existed a strategy that was well developed to respond to risk or not whereas the
remaining 37.5 % (18) respondents agreed for this item. This result implies that majority
of the respondents replies were either uncertain or disagreed with the idea that there was
a well-developed strategy to respond risk for the project. The other question mentioned
on the table to assess if factors such as budget, schedule and resources and quality were
considered while responding to risk shows 60.4% (29) of the respondents disagreed and
25% (12) were uncertain whether the factors were considered or not while responding.
The remaining 14.6% (7) respondents agreed to the idea of factors consideration. The
result implies that majority of the respondents disagreed for factors consideration while
risk responding.
41
Table 0-13: Risk response strategies
Risk response strategies Frequency Percent

Control/Reduction 20 41.7
Avoidance 2 4.2
Transfer 4 8.3
Acceptance 5 10.4
control and avoidance 3 6.3
Control and Acceptance 3 6.3
Control, Transfer and Acceptance 1 2.1
Control, Avoidance, Transfer and
6 12.5
Acceptance
Avoidance and Transfer 2 4.2
Avoidance and Acceptance 1 2.1
Control, Avoidance and Transfer 1 2.1
Total 48 100.0
As can be seen from the above table the risk response types applied in the project
includes control/reduction, avoidance, acceptance, transfer and their combination of
them. According the response, control /reduction was primarily implemented to respond
risk although there was circumstance in which each of the risk response type was
applicable.
42
4.9 Response to risk monitor and control
Table 0-14: risk monitor and control responses
S.N. Risk monitor and control questions Responses in percent (%)(n)

SD (%)(n) D (%)(n) U (%)(n) A (%)(n) SA(%)(n)
1 Risks are registered and communicated 4.2% (2) 22.9% 29.2% (14) 41.7%(20) 4.2% (2)
(11)
properly
2 Risks are reviewed periodically, 4.2% (2) 22.9% 31.3% (15) 37.5%(18) 4.2% (2)
(11)
3 Risk responses are audited 2.1% (1) 16.8% (8) 45.8% (22) 33.3%(16) 2.1% (1)
4 project performance is evaluated against risk 4.2% (2) 20.8% 39.6% (19) 31.3%(15) 4.2% (2)
(10)
5 Risks are monitored and controlled 4.2% (2) 39.6% 22.9% (11) 31.3%(15) 2.1% (1)
(19)
appropriately.
The table represents respondents’ responses for risk monitor and control questions. The
response of the respondents for proper risk registration and communication indicates that
4.2% (2) of the respondents strongly disagreed and 22.9% (11) of the respondents
disagreed that risks that occur within the projects were registered and communicated well.
Whereas29.2% (14) were uncertain for this issue but the remaining respondents that is
41.7 % (20) and 4.2% (2) agreed and strongly agreed respectively that risks were
registered and monitored properly. The result implies that there is mixed perception on
this issue because almost half of the respondents didn’t either believe or were uncertain
while the rest half believed that risks were registered and communicated properly.
The same table displays responses for periodical review of risks and it shows that 4.2%
(2) of the respondents strongly disagreed and 22.9% (11) of the respondents disagreed
that risks that occur within the projects were reviewed periodically. But 31.3% (15) were
uncertain for this issue whereas the remaining respondents that are 37.5 % (18) and 4.2%
(2) agreed and strongly agreed respectively for periodical review of risks. The result
implies most of the respondents believed risk was not reviewed periodically or they didn’t
know anything about this issue. The other issue that is included in the table concerning
to risk audit shows that 2.1% (1) strongly disagreed and 16.8% (8) of the respondents
disagreed for risk audit process. In contrast 33.3% (16) and 2.1% (1) respondents agreed
43
and strongly agreed respectively whereas the remaining 45.8% (22) respondents were
uncertain of whether risks were audited or not while undertaking the project. This also
implies majority of the respondents were either uncertain or didn’t believe there was risk
audit process in the project life time.
The same table above indicates response for project performance is evaluated against
risk in which 4.2% (2) of the respondents strongly disagreed and 20.8% (10) of the
respondents disagreed that project performance was evaluated against risk. But 39.6%
(19) were uncertain for this issue whereas the remaining respondents that are 31.3% (15)
and 4.2% (2) agreed and strongly agreed respectively that project performance was
evaluated against risk. This result implies similar case as of the above-mentioned risk
monitor and control processes in which majority of the respondents were either uncertain
or didn’t believe there was risk audit process in the project life time.
The last but not the least case in this process is that respondents were requested to reflect
their perception regarding if risks were monitored and controlled appropriately and the
response show that 4.2% (2) of the respondents strongly disagreed and 39.6% (19) of
the respondents disagreed that project risks were monitored and controlled
properly.22.9% (11) were uncertain for this issues whereas the remaining respondents
that is 31.3% (15) and 2.1% (1) agreed and strongly agreed respectively that project risks
were monitored and controlled properly. This result implies the majorities of the
respondents were uncertain and disagreed with the proper monitoring and controlling of
project risks.
44
CHAPTER FIVE
SUMMARY, CONCLUSIONS AND RECOMMENDATIONS

5.1 Introduction
This chapter presents the summaries of the findings, conclusions derived from the
analysis and the recommendations that are suggested Ethio-Telecom to enhance risk
management practices to fill the gap and increase business benefits by reducing threats
and increasing opportunities.
5.2 Summary of the findings

This study attempted to examine the risk management practices of Telecom Expansion
Project (TEP) in Ethio-Telecom. As mentioned in chapter four, respondents’ responses
on risk management processes were analyzed by using percentage frequency of SPSS
descriptive statistics analyzer. The findings from chapter four analyses are established
and outlined as below:
❖ According to the response of the respondents on the general questions of project

risk management practice, the analysis revealed that there was a guideline and
defined standard risk management process to manage uncertainties in the project.
The analysis also shows that risk management was a continuous process and
there is a department to handle risks.
❖ With regard to risk management plan, analysis of respondents’ responses implies
that although there were tools like expert judgment, meetings or others and
relevant stakeholders were involved for risk planning, the risk planning approach
was not systematic. Despite the fact that risk management plan was incorporated
with the project plan, project team members didn’t get required training to handle
risks and environmental factors were not considered as an input to plan risk.
❖ The findings of the analysis for the risk identification process revealed that
methods like expert judgment, checklist, document review, information gathering,
and assumption analysis were prominent while the project teams’ role was low in
to identify project risks. Additionally, the most common risk sources in the project
include technical, financial, human and environmental cases.
45
❖ According to respondents’ responses on risk analysis process, the result implies
that risk characteristics were considered and project documents were updated
after risk assessment; however, it was found difficult to conclude about a
measurement system to analyze the risk since the respondents were uncertain of
this case.
❖ Analysis of response in chapter four indicates that all the risk response strategies
(control, avoidance, transfer and acceptance) were exercised but there was not
well developed strategy that considered factors such as budget, schedule and
resources and quality while responding to risk.
❖ According to the findings on risk monitoring and controlling practice of the projects,
the analysis revealed that the monitoring and controlling process was not strong
because majority of the respondents were either uncertain or disagreed for proper
communication, periodic review, project performance evaluation against risk and
response audit of the project risk.
5.3 Conclusions
The purpose of the study is to identify the actual risk management practice at Telecom
Expansion Project (TEP) in Ethio-Telecom. Based on the findings mentioned in chapter
four analysis part of this study, the following conclusions are drawn about the practice
deployed in the project.
First, there was a risk department section and defined standard or guideline to handle
uncertainties and risk management was perceived as a continuous process throughout
the project life cycle.
Second, it is found that tools like expert judgment and meetings with relevant stakeholder
were used to plan risk management. The decisive factor is that risk management plan
was incorporated with the project plan; however, project team members didn’t get
required training to handle risks and environmental factors were not considered as an
input to plan risk which implies non-systematic risk planning approach.
Third, methods like expert judgment, checklist, document review, information gathering,
and assumption analysis were used to identify risks and it was found that technical,
46
financial, human and environmental causes are the most common risk sources in the
project.
Fourth, findings on risk analysis process imply that characteristics were considered for
analysis and project documents were updated after risk assessment.
Fifth, the analysis result enables the researcher to conclude practice of basic risk
response strategies like control/mitigation, avoidance, transfer and acceptance. However,
there is no well-developed strategy that considers factors such as budget, schedule and
resources and quality while responding to risk.
Sixth, findings of risk monitoring and controlling practice implies that there was not
effective risk monitoring and controlling process within the project and project
performance was not evaluated against risk. There was not transparent communication,
periodic review and response audit of the project risk.
5.4 Recommendations
This recommendation was done by the researcher in order to minimize the gap between
the theory of project risk management and actual risk practice of Ethio-Telecom project
and then to improve and enhance the practice of risk management by increasing
opportunities and reducing threats.
Policy and a standard process that guides on how to deal with project risk is prerequisite
to project risk management. The standard needs to be communicated thoroughly and
regularly to every project team. The risk management section should put this task on its
list of duties.
Necessary preparations have to be done for systematic risk planning; usually poor
planning is the cause for failures and then appropriate attention should be given to
consider environmental factors, train project teams to increase and update their skills.
Moreover, the risk management plan should be integrated with the project plan in order
to reduce the consequence of project uncertainties within the project.
The role of project teams to identify risk should be given valuable credit because they are
the decisive components to implement risk within the project. If they are given the role to
identify risk, they can have better motivation to encounter them. Moreover, human risk
47
has considerable consequence in the project so that training the project team reduces
human risk and other risk sources.
There should be well-developed strategy for risk responses. Risks should be recorded
and their characteristics has to be considered to in order to apply appropriate risk
response strategies that considers factors such as budget, schedule and resources and
quality are considered while responding to risk.
The risk monitor and control part of risk management process must be given serious
attention as it is the major component to measure the overall implementation of risk
management process. Project performance should be evaluated against risk. Moreover,
risk should be reviewed, audited and communicated properly. The last but not the least
thing the researcher recommend is that further study has to be conducted on the same
title. Because there are issues for which the respondents were uncertain to express their
agreement or disagreement. Moreover, additional study should be carried on the other
project management knowledge areas since the integration of these knowledge areas
affects the success of a project.
This paper is mainly of quantitative research and this method is usually used to get rough
information from the target population.in order to get detail information and concrete data,
qualitative research can be used so that the research result can be used as a good input
to the company to enhance organizational risk management practices.
48
Reference and Bibliography
Addis Ababa university . (n.d.). Contemporary issues in project management-distance learning.
Addis Ababa, Ethiopia: Addis Ababa university school of commerce.
Alemu, F. (2016). Practice of project risk management in batu and dukem town water supply
project. MA Thesis paper. Addis Ababa University. Ethiopia.
Ana, D. (2012). Modern Methods of Risk Identification in Risk Management. Junior PhD.
University of Targoviste, Romania.
Asmare, M. (2017). Generic Risk Factors and Their Implication for Information System (IS)
Projects of Ethio-telecom. Msc thesis papre, Addis Ababa University. Addis Ababa,
EthiopiA.
Association for Project Management . (2004). Project Risk Analysis and management . High
Wycombe: APM Publisher.
Benta, D., Podean, M., Mircean, C., & Siemens , A. (2011). Best practices for risk managment
in complex projects: InformaticEconomica Vol 15, no 2. Munich, Germany.
Berhe, H. (2016). Operational Risk Management Practices: The Case of Commercial Bank of
Ethiopia. MSc thesis ,Paper Addis Ababa University. Addis Ababa, Ethiopia.
Bing, L., Akintoye, A., & Edwards, P. (2005). The allocation of risks in PPP/PFI construction
projects in UK. International Journal of Project Management, Vol. 23. pp. 25-35.
Chapman, C., & Ward, S. (2003). Project risk management: Process, techniques and insights.
2nd Edition. Chichester: John Wiley and Sons.
Chapman, R. (2014). The roles of project risk management. Gower Publishing Limited.
Cleden, D. (2009 ). Managing project uncertainty. Abingdon: Ashgate Publishing Group.
Coleman, T. (2011). A Practical Guide to Risk Management. The Research Foundation of CFA
Institute.
Creswell, W. (2009). Research design: Qualitative, Quantitative and mixed methods approaches
(3rd ed.). SAGE Publications,Inc.
Crouhy, M., Galai, D., & Mark, D. (2006). The essentials of risk management. The McGraw-Hill
Companies,Inc.
Darnall , R., & Preston, M. (2010). Project Management from Simple to Complex. Flat World
Knowledge, Inc.
Edwards, L. (1995). Practical risk management in the construction industry. London: Thomas
Telford Publications.
Erstu, L. (2017). An Assessment on the Risk Management Practice Of construction Projects;
Case Study of Addis Ababa Saving Houses Development Enterprise. Msc thesis paper,
Addis Ababa University. Addis Ababa , Ethiopia.
49
Fekadeselassie, T. (2015). Risk Management Practice of Ethiopian Commercial Banks. Thesis
paper:Addis Ababa University. Addis Ababa, Ethiopia.
Forsberg , K., Mooz , H., & Cotterman , H. (2005). Visualizing Project Management; (, Models
and Frameworks for Mastering Complex Systems (3rd ed.). John Wiley & Sons, In.
Frame, J. (2002). The New Project Management (2nd ed.). John Wiley & Sons, Inc.
Frezewd, A. (2016). Practice of project risk management in Batu and Dukemtown water supply
projects. MSc thesis: Addis Ababa University. Addis Ababa, Ethiopia.
Geweke, J. (1992). Decision making under risk and uncertainty. Springer Science+Business
Media Dordrecht.
Gudda, P. (2011). A guide to project monitoring and evaluation. Bloomington: Author house.
Hamann,, R., & Bijl, M. (2002). Risk Management Literature Survey: An overview of the
process, tools used and their outcomes. Dutch Space.
Herrmann, J. (2015). Engineering decision making and risk management. John Wiley & Sons,
Inc.
Hillson, D. (2009). managing risks in projects. Gower Publishing Limited.
Hintsay, H. (2016). Integrated Risk Management Practice in the Construction Industry General
Contractors’ Perspective. MSc thesis paper: Addis Ababa University. Addis Ababa,
Ethiopia.
ISO. (2009). Risk management — Principles and guidelines. ISO 31000:2009(E).
Jeynes, J. (2002). Risk management: 10 principles. Oxford: Butterworth-Heinemann.
Kerzner, H. (2009). Project Management, A Systems Approach to Planning, Scheduling and
Controlling ( 10th ed.). John Wiley & Sons, Inc.
Kothari, R. (2004). Research Methodology,Methods and techniques (2nd ed.). New Age
International,Ltd: Publishers.
LEOBPUFFLATEC. (2016). Brazilian Journal of Operations & Production Management, Volume
13, Número 3,, pp. 372-385.
Lester, A. (2007). Project management, planning and control (5th ed.). Oxford: Elsevier Ltd.
Levine, A. (2002). Practical Project Management: Tips, Tactics and Tools. John Wiley & Sons,
INC.
Lyons, T. (2002). Project risk management in the Queensland engineering construction industry.
Masters of Project Management Dissertation. Queensland University of Technology .
Manyazewal, K. (2017). Assessment of Project Risk Management Practices in Real Estate
Projects in Addis Ababa. MA Thesis paper. Addis Ababa University. Ethiopia.
Marr, W. (2012). Risk and its sources. Risk and its sources. Retrieved April 12, 2018, from
https://www.geocomp.com/files/technical_papers/Risk&ItsSources_WEB.pdf
50
Marr, W. 2012.Online] available] from:< https://www.geocomp.com/files/technical_papers/>
[accessed on ,. (2018, April 12). Risk and its sources.
Mohammed, A., Denu , B., & Ensermu, M. (2014). Research methods (MAMGT-501):Addis
Ababa university supported distance learning program. Addis Ababa, Ethiopia: Addis
Ababa University.
Monteiro, R., & Rabechini , M. (2013). Understanding the Impact of Project Risk Management
on Project Performance: an Empirical Study, Journal of Technology Management and
Innovation, vol. 8, Special issue ALTEC.
Negash, B. (2016). Practice of risk management in Butajira asphalt and road constraction
project. MA Thesis Paper. Addis Abeba, Ethiopia.
Nigussie, W. (2016). Assessing determining factors of Best Risk Management Practice of
Ethiopian Commercial Banks. MA Thesis paper: Addis Ababa University. Addis Ababa,
Ethiopia.
Perry, J. (1986.). Risk management – an approach for project managers. Butterworth & Co. ,
Vol. 4, pp. 211-216.
Potts, K. ( 2008). Construction cost management, learning from case studies. Abingdon: Taylor
Francis.
Potts, K. (2008). Construction cost management, learning from case studies. Abingdon: Taylor
Francis.
Project Management Institute, Inc. (2013). Guide to the project management body of knowledge
(PMBOK® guide).5th ed.
Richardson, G. (2015). Project Management Theory and Practice (2nd ed.). Taylor and Francis
Group, LLC.
Roberts, A., & Wallace, W. (2004). Project Management. Pearson Education Limited.
Roberts, A., & Wallace, W. (2004). Project Management. Pearson Education Limited.
ROPEL, M., & EWELINA , G. (2011). Risk Management Practices in a Construction Project – a
case study:MA thesis paper. Göteborg, Sweden.
Royer, P. (2002). Risk Management: The Undiscovered Dimension of Project Management. PM
Network. .
Saunders, M., Lewis, P., & Thornhill, A. (2009). Research methods for business students (5th
ed). Pearson Education Limited.
Shenhar, A., Dvir, D., Levy, O., & Maltz, A. (2011). Project Success: A multidimensional
Strateg.Long Range Planning.
Singh, Y. (2006). Fundamentals of Research methodology and statistics. New Age International
(P) Ltd.
Smith., N., Merna, T., & Jobbling , P. (2006). Managing Risk in Construction Projects (2nd ed.).
Oxford: Blackwell Publishing.
51
Tayntor, C. (2010). Project Management Tools and Techniques for Success. Taylor & Francis
group, LLC.
Thomas, P. (2009). Strategic Management. Course at Chalmers University of Technology.
Turner, J. (2009). The Hand Book of Project-Based Management, Leading Strategic Change in
Organizations (3th ed.). The McGraw-Hill Companies, Inc.
Visser, K., & Kuhn, C. (2014). Managing Uncertainity in Typical Mining Project Studies. South
African Journal of Industrial Engineering, Vol. 25(2), page 105-120.
Ward, S., & Chapman, C. (1995). Risk-management perspective on the project life cycle.
International Journal of Project Management, Vol. 13, No. 3, pp. 145-149.
Webb, A. (2003 ). The project manager's guide to handling risk. Aldershot: Gower Publishing
Limited.
Winch, G. (2002). Managing construction projects, an information processing approach . Oxford:
Blackwell Publishing.
Wysocki, K. (2014). Effective Project Management, Traditional, Agile, Extreme (7th ed). John
Wiley & Sons, Inc.A.
Yount, R. (2006). Research Design and Statistical Analysis for Christian Ministry: Research
Fundamentals (4th ed.).
52
APPENDIX A: QUESTIONNAIRE
ADDIS ABABA UNIVERSITY COLLEGE OF BUSINESS AND

ECONOMICS SCHOOL OF COMMERCE MASTERS OF ART IN
PROJECT MANAGEMENT
QUESTIONNAIRE
Dear Participants,
My name is Tesfamichael G/tsadik, I am a graduate student at Addis Ababa University
School of Commerce and currently I am conducting a research for the completion of my
masters in project management. This research work is a study to the practice of project
risk management in the case of Ethio-Telecom.
I kindly request you to participate in this research study by completing the attached
questionnaire. In order to ensure that all information will remain confidential please do not
include your name anywhere in the questionnaire. I also sincerely request you to respond
to the questions as honestly as possible and return the completed questionnaires.
Knowing that your time is valuable please, take few minutes of your time to complete the
questionnaire.
In case of any question please contact me via “[email protected]‘‘or

“0911510298”
Thank you in advance for your committed cooperation!
Tesfamichael G/tsaddik
(The student researcher)
53
General Instruction and information:
 Section I includes demographic of general information.
 Section II includes close-ended questions
 Section III includes open ended question where it allows you to elaborate the
practice in your own words.
 Please attempt to answer all the questions.
Section I: General Information
1. Gender: male female
2. Age (in year) :20-29 30-39 40-49 50-59 Above 60
3. Level of education: Diploma Degree Postgraduate
Others, please specify: _______________
4. Years of work experience: Below 2 2-5 6-10 11-15 Above
15
5. For how many years have you worked on the project?

Below 1 1-3 above 3
Section II: close-ended questions
Please encircle the number for the five point scale question that best describes
how you perceive project risk management is applied;
Where: Strongly Disagree (SD) = 1, Disagree (D) = 2, Uncertain (U) = 3, Agree
(A) = 4 and Strongly Agree (SA) = 5.
54
GENERAL QUSTIONS ABOUT PROJECT RISK MANAGEMENT
S. Questions Strongly Disagree Uncertain Agree Strongly
Disagree Agree
N
1 There is a policy or guideline that recommends 1 2 3 4 5
how to manage unexpected uncertainties.
2 The project has a standard risk management 1 2 3 4 5
process.
3 There is responsible person or department handle 1 2 3 4 5
risk
4 Risk management is a continuous process in the 1 2 3 4 5
project.
6. Uncertainties that occur within the project are mostly handled by:
a. The project manager
b. The consultant
c. The client
d. A risk management section
e. All teams participating in the project
7. Risk management is implemented at which stage of the project?
a. Conceptual
b. Planning
c. Implementation
d. Monitor and control
e. Closure
RISK PLANNING
55
S.N. Questions Strongly Disagree Uncertain Agree Strongly
Disagree Agree
8 There is systematic approach or careful 1 2 3 4 5
planning
9 Relevant stakeholders are involved in the 1 2 3 4 5
planning
10 Tools like expert judgment, meetings or 1 2 3 4 5
others are considered for risk planning
11 Environmental factors are included as an 1 2 3 4 5
input to plan for uncertainties.
12 Project team members receive training or 1 2 3 4 5
have enough knowledge about how to
handle uncertainties.
13 Risk management plan is incorporated 1 2 3 4 5
with the project plan.
RISK IDENTIFICATION
Disagree Agree
14 Project team members 1 2 3 4 5
play roles to identify risk.
15. The following method is primarily used to identify risks within the project:
a. Expert Judgment
b. Checklists
c. Document Review
d. Information gathering
e. Assumption analysis
f. Document Review
g. Other, specify:_______________
56
16. Sources of risk that the project usually encounters:
a. Technical
b. Monetary/Financial
c. Human
d. Environmental
e. Others, specify:____________
RISK ANALYSIS
S.N Questions Strongly Disagree Uncertain Agree Strongly
Disagree Agree
17 Characteristics of the risk are considered 1 2 3 4 5
18 There is a measurement system to 1 2 3 4 5
analyze the risk.
19 Project documents are updated after risk 1 2 3 4 5
assessment
RISK RESPONSE
Disagree Agree
20 There is a well-developed strategy to 1 2 3 4 5
respond risk.
21 Factors such as budget, schedule and 1 2 3 4 5
resources and quality are considered
while responding to risk.
22. The risk response strategy used in the project:
a. Control/reduction
b. Avoidance
c. Transfer
d. Acceptance
57
RISK MONITOR AND CONTROL
Disagree Agree
23 Risks are registered and communicated 1 2 3 4 5
properly
24 Risks are reviewed periodically, 1 2 3 4 5
25 Risk responses are audited 1 2 3 4 5
26 project performance is evaluated against 1 2 3 4 5
risk
27 Risks are monitored and controlled 1 2 3 4 5
appropriately.
The END!
58

Tesfamichael Gebretsadik

Uploaded by

Copyright:

Available Formats

Tesfamichael Gebretsadik

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tesfamichael Gebretsadik

Uploaded by

Copyright:

Available Formats

ADDIS ABABA UNIVERSITY SCHOOL OF COMMERCE

ASSESSMENT OF THE PRACTICE OF PROJECT RISK MANAGEMENT

PROJECT WORK SUBMITTED TO ADDISABABA UNIVERSITY SCHOOL OF COMMERCE

ADVISOR: MENGSTU BOGALE (PHD)

ADDISS ABEBA, ETHIOPIA

ASSESSMENT OF THE PRACTICE OF PROJECT RISK MANAGEMENT

Approved by Board of Examiners:

______________________ ______________ _______________

Advisor’s name Signature Date

______________________ _____________________ _______________

Internal Examiner’s name Signature Date

________________________ _____________________ _______________

External Examiner’s name Signature Date

Mengstu Bogale (Phd)

KA: Knowledge Area

KM: knowledge management

NGN: Next Generation Network

PLC: Project Life Cycle

PM: Project Management

PMBOK: Project Management Book of Knowledge

PMLC: Project Management Life Cycle

PMI: Project Management Institute

RMP: Risk Management Plan

SPSS: SPSS: Statistical Package for Social Science

ZTE: Zhongxing Telecom Enterprise

Key words: Risk management, project management

1.2 Statement of the problem

1.3 Basic research question

❖ How risk management was practiced in the projects?

❖ What was the practice of risk planning?

1.4 Objective of the study

❖ To assess the risk planning practice in the projects.

1.5 Significance of the study

1.6 Scope of the study

1.7 Limitation of the study

1.8 Organization of the Research Report

❖ Chapter one is an introductory part containing discussions on background of the

A project is a temporary endeavor undertaken to produce a unique product, service or

2.3 Project Management

2.4 Project Management Knowledge Areas

1. Project Integration Management: Project Integration Management includes the

2.6 Source of project risks

2.8 Decision Making and Risk

2.9 Project Risk Management Process

Figure 1: Project Risk Management Overview

Plan risk Identify

Monitor and Perform risk

2.9.1 Plan Risk Management

2.9.2 Risk Identification

The fourth step is establishment of measurement system to evaluate the magnitude of

2.10.3.1 Qualitative Risk Analysis

2.10.3.2 Quantitative Risk Analysis

2.9.4 Risk Response

• Avoidance/prevention: this involves reducing the risk’s impact or probability,

2.10 Risk management and Project success

2.11 Empirical Literature Review

3.2 Overview of Ethio-Telecom

It has registered several accomplishments required to transform the company to a

3.3 Research Design

______ _

____________ _ _____

______________ _ _____