CC BY
1Oriental Renaissance: Innovative, educational, natural and social sciences
SJIF 2024 = 7.404 / ASI Factor = 1.7
ANALYSIS OF INSTITUTIONAL FRAMEWORKS OF RISK ASSESSMENT AND MITIGATION IN PROJECT MANAGEMENT
Karimov Komron Rahmanaliyevich
Cabinet of ministers of the republic of Uzbekistan Graduate school of business and entrepreneurship k.karimov@uzbesteel .uz komron.manager@gmail.com
ABSTRACT
The study emphasizes the importance of the institutional framework in project management, providing a structured approach to address uncertainties and promote project success. The article highlights various perspectives on risk management, focusing on continuous management activities and stages of the risk management process. The analysis discusses the institutional and legal framework of risk assessment and mitigation, emphasizing compliance with laws and regulations. Results illustrate the regulatory role of the state and the significance of ISO 31000 in managing risks. Discussions focus on the involvement of legal and regulatory bodies in risk management during project implementation. The conclusion reinforces the importance of the institutional framework in navigating uncertainties effectively, fostering transparency, and enhancing project outcomes.
Keywords: legal framework, institutional framework, risk assessment, risk mitigation, project management, uncertainties, organizational structures, policies.
ANNOTATSIYA
Tadqiqot noaniqliklarni bartaraf etish va loyiha muvaffaqiyatini rag'batlantirish uchun tizimli yondashuvni ta'minlovchi loyihalarni boshqarishda institutsional asosning muhimligini ta'kidlaydi. Maqolada tavakkalchilikni boshqarishning turli istiqbollari yoritilgan, doimiy boshqaruv faoliyati va risklarni boshqarish jarayonining bosqichlariga e'tibor qaratilgan. Tahlil xavflarni baholash va kamaytirishning institutsional va huquqiy asoslarini muhokama qiladi, qonunlar va qoidalarga rioya qilishni ta'kidlaydi. Natijalar davlatning tartibga soluvchi rolini va xavflarni boshqarishda ISO 31000 ahamiyatini ko'rsatadi. Muhokamalarda loyihani amalga oshirish jarayonida tavakkalchiliklarni boshqarishda yuridik va nazorat qiluvchi organlarning ishtiroki haqida so'z boradi. Xulosa esa noaniqliklarni samarali hal qilish, shaffoflikni ta'minlash va loyiha natijalarini yaxshilashda institutsional asosning ahamiyatini kuchaytiradi.
Kalit so'zlar: huquqiy baza, institutsional asos, xavfni baholash, xavfni kamaytirish, loyihani boshqarish, noaniqliklar, tashkiliy tuzilmalar, siyosat.
SJIF 2024 = 7.404 / ASI Factor = 1.7
АННОТАЦИЯ
В исследовании подчеркивается важность институциональной структуры в управлении проектами, обеспечивающей структурированный подход для устранения неопределенностей и содействия успеху проекта. В статье освещаются различные взгляды на управление рисками, уделяя особое внимание непрерывной управленческой деятельности и этапам процесса управления рисками. В анализе обсуждаются институциональные и правовые рамки оценки и смягчения рисков, при этом особое внимание уделяется соблюдению законов и правил. Результаты иллюстрируют регулирующую роль государства и значение ISO 31000 в управлении рисками. Обсуждения сосредоточены на вовлечении юридических и регулирующих органов в управление рисками в ходе реализации проекта. Этот вывод подчеркивает важность институциональной структуры для эффективного преодоления неопределенностей, повышения прозрачности и улучшения результатов проектов.
Ключевые слова: правовая база, институциональная основа, оценка рисков, смягчение рисков, управление проектами, неопределенности, организационные структуры, политика.
INTRODUCTION
The institutional framework of risk assessment and mitigation stands as a cornerstone in the domain of project management, providing a structured and systematic approach to identify, analyze, and address potential uncertainties that can impact project outcomes. This framework encompasses a comprehensive set of organizational struct9ures, policies, and procedures specifically designed to integrate risk management seamlessly into the project management process. Recognizing the inherent challenges and uncertainties that projects often encounter, this institutional framework establishes a proactive and strategic mechanism to navigate risks effectively. It delineates roles, responsibilities, and methodologies for risk identification, assessment, and mitigation, ensuring a cohesive and standardized approach across projects. By institutionalizing risk management practices, organizations not only enhance their ability to protect project objectives but also foster a culture of continuous learning and improvement. This introduction explores the vital role of the institutional framework in shaping the risk management landscape within the context of project management, underscoring its significance in promoting project success and resilience.
SJIF 2024 = 7.404 / ASI Factor = 1.7
LITERATURE REVIEW
Popov A.V., Plotnikov A.N., and Plotnikov D.A. emphasizes in managing business risks the importance of organizing a constant process of management activities based on correct, effective decisions, collecting information about an innovative project, predicting the results of project development and subsequent monitoring of management decisions1. Gordashnikova O.Y. believes that the target points of risk management when organizing project management is to achieve the optimal combination of possible losses and income from the implementation of an innovative project, when the expected success and efficiency depend on the size, nature and degree of risk. The formation of this goal is explained by the competencies, activity and attitude of the enterprise management towards risk2.
In the studies of Titarenko B.P., the following stages of the risk management process are distinguished: 1. Risk management concept. 2. Planning responses to risk events. 3. Organization and control of response measures to risk events. 4. Analysis of the status and regulation of risk reduction measures. 5. Completion of risk management in the project3.
Rusinov V.M., Sitnikov V.V. believe that the problematic nature of risk management is associated with the selection and use of quantitative (break-even point, sensitivity and critical points, Monte Carlo method and tree of objectives) and qualitative methods (identification and systematization of risks, probability of occurrence and possibility of damage, admissibility and controllability of risks) management4.
ANALYSIS
The institutional and legal framework of risk assessment and mitigation in project management establishes the organizational and legal structures necessary to systematically identify, evaluate, and address risks throughout the project lifecycle. This framework is designed to ensure compliance with relevant laws and regulations while providing a structured approach to managing uncertainties. Key components of this framework include:
The framework ensures that risk management practices align with applicable laws, regulations, and industry standards. It establishes mechanisms for legal
1 Popov A.V., Plotnikov A. N., Plotnikov D. A. Modern aspects of risk management of an innovative project / / Financial Analytics: problems and solutions. 2015. no. 28. Pp. 47-59.
2 Gurova E. V., Eremin, Y. A., M. G. Harunjen risk Management of innovation project // International journal of Humanities and natural Sciences. 2019. no. 11-1. P. 90-93.
3 Titarenko B. P. a Systematic approach of risk management in projects // MGSU Bulletin. 2011. No. 5. P. 340-343.
4 Rusinov V. M., Sitnikov V. V. risk Management of innovative projects: problems and solutions // international journal of Humanities and natural Sciences. 2018. No. 6-2. S. 97-99
SJIF 2024 = 7.404 / ASI Factor = 1.7
compliance in risk assessment and mitigation activities, protecting the organization from legal liabilities.
Legal and institutional frameworks include the development and implementation of organizational policies that govern risk management. These policies outline the principles, objectives, and procedures for identifying, assessing, and mitigating risks in projects.
Clearly defined roles and responsibilities related to risk management are articulated within the institutional framework. This includes the assignment of legal responsibilities to individuals or teams overseeing risk assessment and mitigation activities.
The framework addresses risk management within contractual agreements. It defines the allocation of risks among project stakeholders, establishes contractual obligations related to risk mitigation, and outlines dispute resolution mechanisms in case of unforeseen events.
Legal and institutional frameworks consider the use of insurance and risk transfer mechanisms. They define the types of insurance coverage required, the responsibilities of parties involved, and the legal implications of risk transfer arrangements.
Comprehensive documentation and record-keeping practices are embedded in the framework to ensure transparency and accountability. This includes maintaining records of risk assessments, mitigation strategies, and legal compliance efforts.
The framework includes provisions for regulatory reporting related to risk management. Organizations are required to communicate risk-related information to regulatory bodies, shareholders, and other relevant stakeholders as part of their legal obligations.
Legal and institutional frameworks establish mechanisms for dispute resolution arising from risks. This may involve the inclusion of alternative dispute resolution clauses within contracts, specifying procedures for resolving disagreements.
Ethical considerations are integrated into the institutional framework to ensure that risk management practices adhere to ethical standards. This includes considerations related to transparency, fairness, and the protection of stakeholders' interests.
The framework emphasizes continuous monitoring of legal and regulatory changes that may impact risk management. It allows for the adaptation of risk management practices to evolving legal requirements and industry standards.
By incorporating both institutional and legal dimensions, this framework seeks to create a robust environment for risk assessment and mitigation in project
SJIF 2024 = 7.404 / ASI Factor = 1.7
management. It not only safeguards organizations from legal implications but also ensures that risk management practices are aligned with ethical standards and industry best practices. This integrated approach contributes to the overall success and compliance of projects within a legal and regulatory context.
RESULTS
The state has a regulatory role, which includes creating a framework for regulating situations in enterprises or individuals that may create risks for others. The state also has an oversight role to protect people, businesses, and the environment from external risks, such as floods and other sources, risks to public health and safety, external risks to national security, or economic stability.
The state also has the role of managing its own affairs, including organizing public services and performing regulatory and supervisory functions.
The most common approach to managing risks is using the International Organization for Standardization (ISO) 31000 approach (ISO 2018). The ISO 31000 considers that all organizations face numerous internal and external factors and influences which add uncertainty to achieving objectives (ISO 2018). The process for the ISO 31000 (ISO 2018) is outlined below.
Communication and consultation. This step assists the project team and stakeholders to understand the risk (ISO 2018). This process seeks to promote awareness and understanding of risks, using consultation to obtain feedback to inform decision-making. Collaboration between stakeholders will assist in obtaining factual, timely, relevant, accurate and understandable information. Both internal and external stakeholders need to be part of the steps within the risk management process.
Context within the risk management process needs to be established by developing an understanding of the internal and external environment in which the organization operates (ISO 2018).
This is the process of identifying, analyzing and evaluating risk. Risk assessment needs to be systematic, iterative and collaborative, using the stakeholders' knowledge. It should be based on the most recent information and supported by further research as required.
This is the process of finding, recognizing and describing potential risks which can support or threaten a project achieving its objectives (ISO 2018). The project team should use a wide range of techniques to identify risks which affect one or more objectives.
This is a comprehensive analysis of risk, based on its characteristics (ISO 2018). This involves considering risks generally, their sources, consequences, likelihood, triggers, contingencies, controls and control effectiveness. A key consideration is the
SJIF 2024 = 7.404 / ASI Factor = 1.7
risk exposure, which is the risk likelihood and consequence levels. A risk can have numerous causes and consequences and affect multiple objectives or goals.
This process is used to support decision-making. It involves comparing the results of the risk analysis process to the pre-defined risk criteria which outlines when further action is required (ISO 2018). This can lead to a decision to transfer, avoid, treat/mitigate, approve, or reject.
This requires selecting and implementing options to address different risks. It includes determining risk treatment options, implementing the treatment, reviewing effectiveness, determining if the remaining levels of risk are acceptable and, where necessary, taking further action (ISO 2018).
This is the assurance process which determines the improvement of quality and effectiveness in the design, implementation and outcomes (ISO 2018). Iterative reviews of risk management processes help determine if the treatments that are used in response to risk are effective or not.
The ISO 31000 is an iterative process which helps the project team establish strategies and informed decision-making for risk (ISO 2018). Each activity associated with risk management requires interactions with stakeholders, considering internal and external contexts, the effectiveness of treatments and the overarching completeness of the identification process.
ISO 31000 is a valuable tool for organizations seeking a systematic and internationally recognized approach to managing risk. It provides a common language and framework that can be applied across diverse industries and sectors, contributing to the overall resilience and success of organizations in the face of uncertainty.
DISCUSSION
By providing a structured approach, ISO 31000 enhances the quality of decision-making by considering potential risks and opportunities. The standard contributes to improved governance by integrating risk management into organizational structures and processes. ISO 31000 promotes transparent communication about risk, fostering stakeholder confidence in the organization's ability to manage uncertainties. The flexible nature of ISO 31000 allows organizations to adapt their risk management processes to changing internal and external circumstances. Effective risk management helps organizations allocate resources more efficiently by identifying and prioritizing areas of potential impact.
The regulatory bodies involved in risk management during project implementation vary depending on the industry, nature of the project, and geographical location.
SJIF 2024 = 7.404 / ASI Factor = 1.7
State Committee of the Republic of Uzbekistan for Industrial Safety may be involved in overseeing industrial safety regulations, particularly for projects in sectors with potential safety risks.
For projects with environmental considerations, State Committee of the Republic of Uzbekistan for Ecology and Environmental Protection may set regulations and standards related to environmental protection.
Construction projects may be subject to regulations from the State Committee for Construction, and compliance with these regulations is crucial for risk management.
UzStandard is responsible for standardization and certification in Uzbekistan. Compliance with standards is important in managing risks related to product quality and safety.
For projects in the financial sector, the Central Bank may have regulations and guidelines that impact risk management practices, especially in areas related to financial stability.
Projects in the healthcare sector may need to comply with regulations from the Ministry of Health, particularly concerning safety standards and healthcare practices.
State Committee on Land Resources, Geodesy, Cartography, and State Cadastre may be relevant for projects involving land use and development, and compliance with land-related regulations is essential for risk management.
Projects in the information and communication technology sector may need to consider regulations from Uzbek Agency for Communication and Information (UzACI), especially those related to data protection and cybersecurity.
Legal and regulatory bodies play a pivotal role in risk management during project implementation in Uzbekistan. These entities, including the State Committee for Industrial Safety, the Committee for Ecology and Environmental Protection, and the Committee for Construction, establish and enforce standards that guide project activities. Compliance with these regulations is essential for mitigating risks associated with industrial processes, environmental impacts, and construction activities. Additionally, bodies such as the Uzbek Agency for Standardization, Metrology, and Certification (UzStandard) set quality and safety standards, ensuring that projects adhere to recognized benchmarks. The involvement of legal and regulatory bodies extends to financial aspects, with the Ministry of Finance and the State Tax Committee overseeing fiscal regulations crucial for effective risk management in project budgeting and financial control. Furthermore, these bodies contribute to the overall governance framework, fostering transparency,
Oriental Renaissance: Innovative, educational, natural and social sciences
SJIF 2024 = 7.404 / ASI Factor = 1.7
accountability, and adherence to legal standards, thereby enhancing the resilience and success of projects in Uzbekistan.
CONCLUSION
In conclusion, the institutional framework of risk assessment and mitigation serves as the backbone of project management, offering a systematic approach to navigate uncertainties effectively. By integrating risk management seamlessly into project processes, organizations can proactively identify, analyze, and address potential risks, thereby safeguarding project objectives. The literature review underscores the importance of organizing continuous risk management activities to ensure optimal decision-making and project success. The analysis highlights the regulatory role of the state and the significance of international standards, such as ISO 31000, in enhancing risk management practices. Furthermore, discussions on legal and regulatory bodies emphasize the crucial role of compliance in mitigating risks and ensuring project resilience. Overall, by establishing robust institutional and legal frameworks for risk management, organizations can foster a culture of transparency, accountability, and continuous improvement, ultimately enhancing project outcomes and stakeholder confidence.
REFERENCES
1. Gurova E. V., Eremin, Y. A., M. G. Harunjen risk Management of innovation project // International journal of Humanities and natural Sciences. 2019. no. 11-1. P. 90-93.
2. Popov A.V., Plotnikov A. N., Plotnikov D. A. Modern aspects of risk management of an innovative project / / Financial Analytics: problems and solutions. 2015. no. 28. Pp. 47-59.
3. Rusinov V. M., Sitnikov V. V. risk Management of innovative projects: problems and solutions // international journal of Humanities and natural Sciences. 2018. No. 6-2. S. 97-99
4. Titarenko B. P. a Systematic approach of risk management in projects // MGSU Bulletin. 2011. No. 5. P. 340-343.
