Managing Construction Procurement Risks (2004)
Managing Construction Procurement Risks (2004)
Managing Construction Procurement Risks (2004)
Managing construction
Construction Industry Development Board procurement risks
Pretoria - Head Office
Tel: 012 482 7200
Fraudline: 0800 11 24 32 March 2004
Call Centre: 0860 103 353 First Edition of CIDB document 1005
E-mail: cidb@cidb.org.za
1. Introduction
Risk cannot be eradicated, but can be managed; it is better to be proactive rather than reactive. Risks,
however, need to be identified, quantified and understood if they are to be managed.
Risk management is an iterative process consisting of well-defined steps which, taken in sequence,
support better decision-making by contributing a greater insight into risks and their impacts. The risk
management process can be applied to any situation where an undesired or unexpected outcome could
be significant or where opportunities are identified. Decision makers need to know about possible
outcomes and take steps to control their impact.
Risk management is recognized as an integral part of good management practice. To be most effective,
risk management should become part of an organization's culture. It should be integrated into the
organization's philosophy, practices and business plans rather than be viewed or practiced as a separate
program. When this is achieved, risk management becomes the business of everyone in the organization.
The Australian / New Zealand standard AS/NZ 4360 (1999): Risk Management provides a generic
framework for establishing the context, identification, analysis, evaluation, treatment, monitoring and
communication of risk. An understanding of this standard is essential if risk is to be managed.
monitor: to check, supervise, observe critically, or record the progress of an activity, action or
system on a regular basis in order to identify change.
risk: the chance of something happening that will have an impact upon objectives.
risk acceptance: an informed decision to accept the consequences and the likelihood of a
particular risk.
risk management: the logical method of establishing the context, identifying, analyzing,
evaluating, treating, monitoring and communicating risk associated with any activity, function or
process in a way that will enable losses to be minimised and opportunities to be maximised.
risk transfer: shifting the responsibility or burden of loss to another party through legislation,
contract, insurance or other means or shifting a physical risk or part thereof elsewhere.
The main elements of the risk management process are as shown in Figure 1 and tabulated in Table 1.
Element Consideration
1 Establish the context Establish the strategic, organizational and risk management context in
which the rest of the process will take place. Criteria against which risk will
be evaluated should be established and the structure of the analysis
defined.
2 Identify risks Identify what, why and how things can arise as the basis for further
analysis.
3 Analyse risks Determine the existing controls and analyse risks in terms of consequence
and likelihood in the context of those controls. The analysis should consider
the range of potential consequences and how likely those consequences
are to occur. Consequence and likelihood may be combined to produce an
estimated level of risk.
4 Evaluate risks Compare estimated levels of risk against the pre-established criteria. This
enables risks to be ranked so as to identify management priorities. If the
levels of risk established are low, then risks may fall into an acceptable
category and treatment may not be required.
5 Treat risks Accept and monitor low-priority risks. For other risks, develop and
implement a specific management plan which includes consideration of
funding.
6 Monitor and review Monitor and review the performance of the risk management system and
changes which might affect it.
7 Communicate and consult Communicate and consult with internal and external stakeholders as
appropriate at each stage of the risk management process and concerning
the process as a whole.
3.1 Introduction
All engineering and construction projects are subject to risks which can affect their successful completion.
Risks can influence the delivery of a project with respect to time, cost and quality. The generic sources of
risk on such projects include commercial and legal relationships, economic circumstances, human
behaviour, natural events, political circumstances, technology and technical issues, management activities
and controls and individual activity.
On engineering and construction projects carried out with internal resources, i.e where no work is
outsourced, only the organisation requiring the project, for practical purposes, is at risk. However, where
construction projects are implemented by contract, a number of parties can be at risk, the principal ones
being:
Identify risks
• What can happen?
• How can it happen?
Evaluate risk
• Compare against criteria
• Set risk profiles
Treat risks No
• Identify treatment options
Accept risk?
• Evaluate treatment options
• Select treatment options Yes
• Prepare treatment plans
• Implement plans
Figure 1: The process associated with establishing and implementing a risk management plan
• the employer
• the contractor (and subcontractors)
• professional service providers
The allocation to the various parties of responsibility for dealing with specific risks is an important aspect
of risk management.
Ideally, responsibility for indemnifying the consequences of a risk should rest with the party which has
control over that risk. In practice, however, it may be preferable that responsibility for a risk is borne by
the party best able to manage it.
The sharing of risks and requirements for indemnities, supporting insurance, sureties, retention money
etc. should be set out in the contract data. Standard conditions of contract, supplemented by contract
specific data, normally perform this function.
Min
Lump sum
Pricing strategy
Bill of Quantities
Employer’s flexibility
Cost +
% fee
Max Max
Min Employer’s risk
Max Contractor’s incentive / risk Min
Contracting strategy
Design and Develop and Design by Management Construction
build construct employer contract Management
Construction Similar to a management contract, the main difference being that the trade contracts are between the
Management Employer and the various trade contractors.
Design and The Contractor undertakes most of the design and all construction in accordance with the Employer’s
Build brief and a his detailed tender submission, usually for a lump sum price.
Develop and Similar to design and build, except that the Employer issues a concept design on which tenders are
Construct based.
Design by The Contractor undertakes only construction on the basis of full designs issued by the Employer.
Employer
Management A management contractor is appointed to engage and manage a number of trade contractors to carry
Contract out construction on the basis of designs issued by the Employer, as and when they are completed. The
trade contracts are between the management contractor and the various trade contractors.
It can be seen in Figure 2 that the contractor’s incentive is related to his risk exposure. On the other hand,
the employer’s flexibility is related to his risk exposure. The greater the risk borne by the employer, the
less certain is the cost of a project. However, the greater the risk borne by the contractor the greater is
the probability of higher tender prices being received. Thus, the choice of contracting and pricing strategy
permits the employer to pass risk onto the contractor in exchange for a cost premium, but with greater
certainty of out-turns cost. Conversely, the less risk passed onto a contractor, the greater the likelihood of
an economical out-turn cost.
Many unforeseen conditions, or unexpected events, may cause cost increases and the employer may,
also, have unrealistic expectations regarding time and cost of construction, which may force contractors
into unrealistic gambles, improvident corner-cutting, or commitments that may be unrealistic.
3.3 Insurance
Most physical risks can be insured against. For example, on engineering and construction works
contracts a contractor can have many risks covered by effecting insurances such as Contract Works
Insurance, Public Liability Insurances, SASRIA Special Risks Insurance, Removal of Support Insurance,
general insurance cover for plant owned or hired by them, and Professional Indemnity Insurance.
Insurance is not a substitute for effective risk management. Insurance is only intended to deal with
measurable or known risks and serves to spread the impact of loss. It cannot deal with uncertainty itself
and cannot prevent loss.
Most standard forms of engineering and construction contracts require the contractor to effect a range of
insurances and to extend such cover to subcontractors. Some require that, in addition, contractors effect
specific insurances. Historically, many organs of state, particularly at national and provincial level, have
required contractors themselves to effect the relevant insurances. In contrast, many public utilities and
local authorities have their own Contractor’s All Risk policies and work put out to contract is automatically
insured through Principal Controlled Insurance, which may include an element of self insurance. In such
cases, contractors are, normally, required to effect only supplementary insurance cover, such as
insurance of construction plant and equipment, tools, offices and other temporary structures and contents,
insurance in terms of the provisions of the Compensation for Occupational Injuries and Diseases Act of
1993, motor vehicle liability insurance and insurance for the manufacture / fabrication of portions of the
works at premises other than the contract site.
There could be benefits to both the employer and emerging contractors / small and micro enterprises
should the employer take out Contractors All Risks insurance under which work put out to contract would
be automatically insured. In contractor development programmes, insurance excesses can, in some
instances, be higher than the profits generated on labour only contracts and could result in insolvency of
contractors, unless mechanisms are put in place to assist them in meeting the excesses, where claims
have arisen due to unavoidable circumstances.
Forward cover can be taken out to insure against currency fluctuations on imported components.
Risks which are retained by the employer and are not covered by insurance should instead, be covered by
reasonable budgetary provisions made in advance.
4.1 General
Since risk cannot be eliminated, but should be managed, it is better to be proactive than reactive.
Procurement risk should be identified and assessed on a case by case basis. As a general rule, the aim
should be to allocate risks to those best able to manage them provided that the cost of transferring them
to that party does not exceed the cost of retaining them. In many cases, this will be the contractor.
Transferring a risk to another party might well act as an incentive to that party to improve its performance.
In engineering and construction works contracts, risk management may necessitate the:
Procurement documents are important tools for managing risks. Their purpose is to determine the
consequences of particular risks which have been identified. Contracts should, accordingly, clearly define
the respective responsibilities of the parties and be flexible enough to deal with probable changes. The
importance of the clear allocation of risk and the management of change cannot be underestimated,
particularly in contracts of developmental nature, where third party management support is involved.
Some forms of contract contain procedures which are designed to manage the risk of time and cost
overruns. Accordingly, the selection of the appropriate form of contract can form an integral part of the risk
management strategy. (See Best Practice Guideline #C2, Choosing an appropriate form of contract for
engineering and construction works)
Contract documents should clearly set out all available data, particularly geotechnical data, to permit the
cost and time implications of the project to be assessed as accurately as possible.
The main risks to the employer where the design by employer contracting strategy is utilised in
engineering and construction works contracts are set out in the Table 2 in respect of:
• contracts where contractors are assisted by means of third party management support (see SANS
1921-4, Third party management support in works contracts, aimed at the use of newly emergent
contractors, or fledgling / aspirant contractors; and
• prime, contracts intended for established /conventional contractors.
Table 2: Main risks to the employer in engineering and construction contracts where the
design by employer contracting strategy is utilised.