Data-Driven Analysis of "Corporate Risk" Using Historical Cost-Control Data

The process of risk management includes three phases of risk identification, risk quantification, and risk control. Of the three phases, many managers agree that the major benefits of risk management are derived from the insights through the way project risk is identified. The approach for managing project risks may be broken down into two ways. One way is to analyze risks by those unique characteristics associated with individual projects, and implement project strategies by a single project. Another approach may be to classify risks into similar groups, those that exist simultaneously and routinely in a portfolio of company's projects, and adopt corporate strategies across projects. This paper is concerned with the second approach. This research postulates that there exist some covariable risks, or corporate risk, among a company's project portfolio, and maintains the hypothesis that such risks could be diminished efficiently using strategies made at the higher levels of corporate management rather than strategies at the project level. While most managers may acknowledge this assertion, they often lack a useful tool by which to analyze risk at issue. As a result, the major goal of this paper is to provide managers with a theoretical framework of risk analysis methodology that will support analyzing a project's risks from their company's point of view.