Integration of Project, Infrastructure, and Enterprise Risk Management

This book provides a comprehensive introduction to the principles of integrated risk management across three main domains: enterprise, infrastructure/institutional, and program/project risk management. It sets out to define the types of risk that are applicable to each domain, including strategic risk, operations risk, compliance risk, cybersecurity risk, and safety risk, among many others. Using demonstrative examples, the book identifies vulnerabilities in different risk management models, suggests in detail the means for correcting them, and introduces the concept of unknown and underappreciated (U/U) risks that need to be considered in addition to known risks. Then, it goes on to draw on perspectives from a range of disciplines, including systems engineering (SE), expert judgment elicitation, Monte Carlo simulation techniques, and applied statistics, to illustrate how such risks can be evaluated, aggregated, and mitigated. Drawing from experience gained during the NASA space shuttle program, as well as other high-tech programs involving space exploration, commercial nuclear reactors, and strategic weapon systems, Allan Benjamin demonstrates these concepts qualitatively and quantitatively in a set of detailed examples from governmental and industrial settings.