3.16 An enhancement to the area of risk identification in this year's PDSS is the inclusion of emergent risks for projects. These are risks that had not been previously identified but emerged as major risks during 2009-10. This enhancement is intended to address the JCPAA's interest in improved clarity of the emergence of risks over the course of a project's duration.
3.17 To some degree, major risks will emerge as part of a project's normal acquisition life cycle. For example, as the DMO prepares to enter into a contract with industry, risk management processes should be able to clearly identify the nature and severity of contract risks, and which may then take on a focus as one of the areas of major risk management for the project at that time. However, as a project progresses, risks associated with achieving the expected capability can arise, with it not uncommon for previously unanticipated major risks to quickly emerge despite the risk management processes in place to identify and manage risks.
3.18 This first year of information on emergent risks is necessarily limited in providing an insight into emergent risks. The definition of what is an emergent risk for the purposes of the PDSS also requires further development. Emergent risks listed in the 2009-10 PDSSs cover new major risk entries as at 30 June 2010 that were not listed by the project as at 30 June 2009. A more difficult issue raised by the JCPAA is the identification of risks that have arisen which were not able to be anticipated by the DMO's risk management system. The feasibility of the DMO generating such data is an issue that the ANAO and the DMO will examine during the 2010-11 review.
3.19 The ANAO expects that further development and tracking of emergent risk data over the next few years could support analysis around the type of major risks that emerge each year and how well risk management mechanisms are anticipating major risks.