The Recovery Plan Project Case
For this assignment, you will capture information that could form the appendices for your final paper.
- Capture the following information:
- Identify risks and categorize each risk. Note: The categorization is up to you, but you might include such considerations as external risks (e.g., regulatory or currency changes) and technical risks (e.g. complexity or design).
- Prioritize the risks and discuss their severity.
- Identify management response strategies for the risks.
- Develop a Risk Breakdown Structure (RBS).
- Include one current scholarly source
1-2 Pages
Case Study and Instructions for Final Portfolio Project Attached
1st Portfolio Project attached as well as a reference – Feel free to tailor this anyway you like
APA Formatting is very important
Available online at www.sciencedirect.com
www.elsevier.com/locate/ijproman
International Journal of Project Management 26 (2008) 149–163
Project risk management practice: The case of a South African
utility company
Riaan van Wyk a, Paul Bowen b,*, Akintola Akintoye c
a
Electricity Supply Commission of South Africa (ESKOM), South Africa
b
Department of Construction Economics and Management, University of Cape Town, Private Bag, Rondebosch 7700, South Africa
c
School of the Built and Natural Environment, Glasgow Caledonian University, Cowcaddens Road, Glasgow, Scotland, UK
Received 26 October 2006; received in revised form 26 February 2007; accepted 20 March 2007
Abstract
This paper documents the risk management practice of a utility company for its Recovery Plan project to address the risks of power
interruptions due to a shortfall of supply and increasing electricity demand. The company’s corporate risk management process and its
practice at divisional and project levels are discussed. The key role of stakeholders in risk identification, analysis, mitigation, monitoring
and reporting is emphasised by the company and this drives its risk management practice. Despite the level of resources available within
the company to use more sophisticated risk management tools, the company adopts simple risk management methods suggesting that a
large size company does not necessarily use ‘state of the art’ risk management techniques. Recommendations for improved practice are
made.
� 2007 Elsevier Ltd and IPMA. All rights reserved.
Keywords: Risk management; Utility; Case study; Stakeholder; Electricity; South Africa
1. Introduction
Risk management continues to be a major feature of the
project management of large construction, engineering and
technological projects in an attempt to reduce uncertainties
and to achieve project success. Miller and Lessard [1] have
argued why large engineering projects should be carefully
managed given that they are ‘‘high stakes games’’ charac-
terised by substantial irreversible commitments, skewed
reward structures in case of success, and high probabilities
of failure. In addition, they categorised the risk associated
with different types of projects ranging from oil platform
projects, nuclear-power projects, hydro-electric-power pro-
jects, urban transport projects, road and tunnel systems,
and research and development projects. They are of the
opinion that power projects possess moderate risks in so
far as engineering is concerned, but are very difficult in
0263-7863/$30.00 � 2007 Elsevier Ltd and IPMA. All rights reserved.
doi:10.1016/j.ijproman.2007.03.011
* Corresponding author. Tel.: +27 21 650 3445; fax: +27 21 689 7564.
E-mail address: bowenpa@eng.uct.ac.za (P. Bowen).
terms of social acceptability. Elkingston and Smallman
[2] examined project risk management practices of British
utility companies given that the utilities sector (comprising
water, power, telecommunications) is associated with less
predictable projects which are perceived to be riskier than
day-to-day business activities. They argued that risk man-
agement is an integral part of project management in this
sector; hence, most large companies put substantial
resources into the management of their business risk.
The current paper presents the risk management of a
Recovery Plan project of the Eskom Holdings Ltd. power
company in South Africa. Eskom Holdings Ltd. is wholly
owned by the South African government. The company
is a vertically-integrated operation that generates, trans-
mits, and distributes electricity to industrial, mining, com-
mercial, agricultural, re-distributors and residential users.
It is also involved in the purchase and sale of electricity
to and from South African Development Community
(SADC) countries, comprising Botswana, Mozambique,
Namibia, Zimbabwe, Lesotho, Swaziland and Zambia.
mailto:bowenpa@eng.uct.ac.za
Shantelle Hildred
150 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
The company’s business is divided into a number of divi-
sions: Generation, Transmission and Distribution;
Resource and Strategy; Finance, Key Sales and Customers
Services; Enterprises; Human Resources; and Corporate
and External Relations. The group has many main subsidi-
aries, with the core businesses including non-regulated elec-
tricity supply industry activities, the provision of electricity
supply and related services outside South Africa, the grant-
ing of home loans to employees, the management and
insurance of perceived risks to Eskom, and social invest-
ment initiatives. The company’s revenue in the 12 months
of the 2005/2006 financial year was R36,607m
(US$4947m or £2662m)1 and employed some 29,697 per-
sons (excluding contract and temporary workers). This
paper does not add to the theory of risk management.
Rather, the purpose is to document rich case study material
indicating the practice of risk management and the extent
to which practice and theory converge/diverge. One of
the authors is currently employed by Eskom in a project
management capacity, thus facilitating access to the case
material presented here.
The case study has been structured into four parts: Part
1 describes the corporate risk management process of the
holding company. Part 2 presents the risk management
process of a division of the company; the distributive divi-
sion being used for this purpose. Part 3 presents the case
study of a Recovery Plan project of the division to address
the risks of power interruptions due to a shortfall of supply
and increasing electricity demand. Part 4 documents the
conclusions emanating from the study. The lesson from
the case study is that a (very) large company with an appro-
priate level of resources may not necessarily use sophisti-
cated risk management tools; rather, simple methods that
enable the company to mitigate the risks faced by the busi-
ness are adopted.
2. Corporate risk management within Eskom Holdings Ltd.
Risk management within Eskom is an important and
integral element of the business. Given the importance of
risk management, the company has a dedicated Risk Man-
agement Committee (RMC) as one of its seven primary
committees (the other committees are the Board commit-
tee, audit committee, tender committee, human resources
committee, remuneration and ethics committee, sustain-
ability committee, and executive management committee).
The RMC comprises three non-executive directors, the
finance director and the managing director (Generation
division). The RMC is chaired by an independent, non-
executive director. The committee is tasked with ensuring
that the company’s risk management strategies and pro-
cesses are aligned with best practice. It also deals with
1 Exchange rates as at 7th September 2006: R7.40 SA Rands = US$1;
R13.75 SA Rands = £1.
the company’s integrated risk management strategy and
processes, these embracing risk tolerance and appetite, risk
accountably, major risk exposures, and emerging risk
issues.
Eskom practices an integrated risk management strategy
and process by identifying risks and opportunities against
business objectives during risk assessments throughout
the organisation, from both a line and functional perspec-
tive. Risk integration between divisions and subsidiaries is
reviewed by the RMC to ensure a coordinated approach to
risk mitigation measures. Key risk management ‘‘buzz
words’’ feature prominently in the company’s risk manage-
ment process, as depicted in the company’s 186 page 2006
annual report (http://www.eskom.co.za/annreport06/).
The risk prefixes that are contained in the annual report
include: exposure, assessment, accountability, internal con-
trol, matrix, categories, mitigation measures, tolerance lev-
els, categories, identification, evaluation, appetite, profile,
audit, financing, issues, process, ownership, etc. A content
analysis of the annual report shows that the word ‘risk’ is
mentioned 206 times whilst the term ‘risk management’ is
mentioned 56 times; these being explicit indicators of the
importance that the company attaches to the risks to which
it is exposed. Risk categories that the company faces are
defined in the company’s risk matrix, and include: finance,
technical, environmental, legal, human resources, informa-
tion, stakeholders, regulatory and strategic.
The remit of the company’s Risk Management Commit-
tee (RMC) is to ensure that Integrated Risk Management
(IRM) is applied throughout the Eskom business. It
reviews the risk processes and all major risks within the
business and reports back to the Board. Integration
between the various Eskom divisions and subsidiaries is
ensured via the interaction of the different risk (or risk-
related) committees. Each division within the company
handles its own Risk Management System and may have
slightly different risk approaches within each of the six
regions: Western; Eastern; Northern; North-West; South-
ern; and Central. This diversity is allowed as long as it sup-
ports the strategy and milestones set by the RMC which
encourages a coordinated and common approach for the
business as a whole.
Eskom has adopted the Code of Practice published by
the Institute of Risk Management of South Africa. In
addition, it has developed its own methodology for deter-
mining the ‘value’ or weighting for specific risks faced by
the company. These weightings are used to assist the
organisation to better identify which risks should receive
priority and also show the value of risk mitigation mea-
sures. Aligned to this valuation methodology there are
risk tolerance levels for each division and main subsidiar-
ies, together with risk appetite parameters for each func-
tional risk area. Being a South African utility company
with a wider remit for the sale and purchase of electricity
from neighbouring countries, the company has identified
some risks that it considers it faces. These are depicted
in Table 1.
http://www.eskom.co.za/annreport06
Table 1
A list of key risks faced by the company
Key risks
1. Regulatory risk that encompasses the need for clear regulatory
framework and adequate price increases to ensure long-term
sustainability
2. Future capacity, where the following needs to be addressed:
a. The availability of capacity in the long-term
b. The impact of new capital projects on the overall business
c. The ongoing ability to maintain consistent supply
d. Aging plant and increasing plant performance indicators
3. Debt management of small power users
4. Non-technical energy losses where the theft of conductors results in
the lack of supply of power and the potential for injuries to the
public
5. The ability to respond to changes in the industry arising from the
proposed new Electricity Supply Industry in South Africa while
meeting the shareholder’s objective for the company
6. Shareholder relationships with the focus on the ability to manage
the different expectations of the shareholder and government
departments in terms of Eskom’s business objectives
7. Information security, management of the outsourced information
technology service contract, lack of skills and resources, and infor-
mation technology business continuity management
8. Availability of the skills required for the future business needs
including skills retention, training and succession planning. The
impact of HIV/AIDS is also addressed as a component of this
key risk area
2 The King Reports on Corporate Governance (King I and King II),
published by the King Committee on Corporate Governance, aimed at
promoting the highest standards of corporate governance in South Africa.
More specifically, the King I Report dealt with financial and regulatory
aspects of corporate governance and, in addition, advocated an integrated
approach to good governance in the interests of a wide range of
stakeholders. With the publication of the King II Report, in terms of
which risk management received official consideration for the first time in
South Africa, companies are now required to audit risk exposure on an
annual basis and disclose it to their shareholders. In addition, King II
acknowledged that a company’s activities are more than profit to
shareholders, embracing economic, environmental and social aspects.
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 151
3. Risk Management System within the Distribution Division
Given that each Division and each region within the
company handles its own Risk Management System, risk
management within the Distribution (Western Region)
Division forms part of the responsibilities of the Business
Planning and Integrated Risk (BPIR) Committee which is
led by the BPIR Manager. BPIR is therefore a subcom-
mittee of the Regional (Western) Executive Committee
(REC). BPIR duties focus on a holistic business planning
and integration function, which includes all associated
risks. The REC appoints the members and chairperson
of the BPIR committee, who, in return, report back
and advise on all Region’s business risk-related matters.
Membership of BPIR consists of REC members, subject
matter experts and other Eskom officials. They manage
the entire Risk Management Process at regional level
and include issues around process deadlocks and emer-
gency preparedness.
The BPIR committee meets once a month and has iden-
tified the following attributes of its approach to the overall
Eskom Integrated Risk Management (IRM):
� assists with business decision-making as more informa-
tion becomes available from the risk process being
executed;
� facilitates learning from and incorporating lessons from
the past;
� allows for an external view on matters which could lead
to more issues being identified;
� provides for integration between the different functional
departments leading to the optimal addressing of risk
issues;
� allows identification of any opportunities arising from
the matters at hand;
� ensures focus on objectives, keeping in line with the
regional objectives and those set by the Risk Manage-
ment Committee at Board level;
� ensures a proper audit trail for all risk-related matters:
the origin, owner, actions decided upon and taken,
and progress;
� assists with decision making, by providing input into the
continuous business planning which is also a function of
this committee;
� very importantly, it strives to protect against any impact
to the region’s financial results and image; and
� meets the requirements of the King II2 report.
4. Case study of the Western Cape Recovery Plan project
One of the projects of the Western Region Distribution
Division is Eskom’s Recovery Plan for the Western Cape.
The project was developed to address the current risk of
power interruptions due to a shortfall of supply and increas-
ing electricity demand during the winter period. To under-
stand the reasons for the shortfall in supply, it is necessary
to understand how the Western Cape is supplied with elec-
tricity and the existing constraints surrounding this.
The Western Cape requires up to 4250 MegaWatt (MW)
of power supply daily over peak periods during the winter
months. This is supplied from four power stations that pro-
vide a combined total of 4780 MW as follows:
2 · Nuclear reactors at the Koeberg Nuclear
Station (900 MW · 2)
1800 MW
Coal power stations in Mpumalanga
2400 MW
Palmiet hydro-electric pump station
400 MW
Steenbras hydro-electric pump station
180 MW
Total
4780 MW
However, there are peak periods in this region when
there is a surge in power consumption and these usually
occur between 5am and 8am, and 6pm and 8pm during
week days as shown in Fig. 1.
During routine maintenance on Unit 1 at the Koeberg
Nuclear Station in late 2005 serious damage was done to
the generator and its cooling system for this Unit. How-
Fig. 1. Demand for electricity as shown in the peak periods.
152 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
ever, the nuclear reactor was not affected. The time for
repairing the generator and cooling system was set for at
least three months from January 2006. The repair pro-
gramme was focused on minimizing the period for Unit 1
to be out of service. This meant that various options had
to be considered which included obtaining replacement
parts (i.e. stator and rotor), acquiring spare parts, and
repairing the damaged parts. The dismantling of the Unit
1 generator is considered a slow process due to the cool
down period required (5 days) and separation of the rotor
and stator (10 days). After the assessment of the extent of
the damage, it was decided to start repairs to the stator and
rotor and obtain a spare rotor from a company in France.
This particular company had been the original advisors to
the Koeberg plant some 20 years ago.
During this time, Koeberg Unit 2 continued to provide
the required electricity to the Western Cape. However, a
number of power interruptions were experienced during
the month of February 2006 due to a variety of reasons,
including:
1. Unit 6 of the Kendal Power Station in Mpumalanga
tripped causing a large fluctuation on the National Net-
work. As a safety precaution, Koeberg’s Unit 2 was
removed from the grid and placed in a controlled shut
down. After the stabilisation of the network, it took
Unit 2 about a week to start up and increase generation
to full capacity. Due to the shortage of supply during
this period, load shedding (controlled black-outs) were
required and implemented. Public opinion was vocifer-
ous in its condemnation of Eskom.
2. Flash-overs between transmission lines due to high pol-
lution from veld fires and unexpected fog caused various
power lines to trip; interrupting the power flow from the
north and forcing Koeberg’s Unit 2 to remove itself
from the grid once again. This led to more load shedding
to manage the power shortage. This served only to
increase public condemnation.
Another risk was identified from the scheduled refuel-
ling of Unit 2 which was scheduled for March 2006. How-
ever, the repairs to Unit 1 had to be completed in time so
that Unit 2 could be shut down for approximately two
months to complete the refuelling and routine maintenance
procedures. In normal circumstances both units would then
have been ready to provide power for the winter months.
The rotor from France was only expected (and delivered)
during April 2006 and the repairs to the local rotor and sta-
tor were still underway at that time. It was impossible to
remove Unit 2 before Unit 1 was repaired as there was
no means to provide for the shortfall in electricity supply.
The economic impact of the February power outages was
estimated to be in excess of R500 million (about US$68m
or £36m) and was subject of discussion at provincial and
national governmental levels. To remove Unit 2 from the
grid would immediately mean a shortfall of another
900 MW and would force further load shedding to occur
with its associated economic impact.
The Western Cape Recovery Plan was an effort to do
the following: (1) explain the electricity supply problem;
(2) forecast the power demand and expected shortfall for
the winter months; (3) provide the timelines for Koeberg
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 153
Unit 1 to be repaired and Unit 2 to be refuelled; (4) iden-
tify all risks that could impact on the project plan; (5)
develop mitigating actions for the identified risks; (6) iden-
tify other energy saving options to minimize the impact of
the shortfall; (7) provide load shedding principles and
guidelines; and (8) provide stakeholder and communica-
tion guidelines.
This plan was a combined effort between Eskom, the
City of Cape Town (electricity department) and RED
ONE (the recently formed regional electricity distributor).
Load Shedding
Streamlead
KSACS Streamlead
DSM Streamlead Customer Services
Streamlead
Grid and National
Control Streamlead
Human Resources
Streamlead
Koeberg/Generation
Streamlead
Corporate Finance
Streamlead
Eskom Enterprises
Streamlead
Other Corporate
Functions
Key
PM
DSM
ERD
WR
Recovery Programme PMO
Recovery Programme Manager
National Recovery Sponsor
Transmission Managing Director
Western Region Risk Manager
Fig. 2. Team structure for the Weste
Eskom
Holdings
Eskom
Executive
Eskom
Recovery
Team
Dept of
Public
Enterprises
Dept of
Provincial
&Local
Government
Provincial
Government
Energy Risk
Management
Committee
ERMC
Recovery
Team
Integrated
Recovery Team
M
Fig. 3. Stakeholder structure for risk man
An Eskom Recovery Team was established which was
headed by the Managing Director of the Transmission
Division. The team structure is shown in Fig. 2. The team
reported into a bigger operating model made up of various
stakeholders headed by the Energy Risk Management
Committee (ERMC) as shown in Fig. 3. The Eskom
Recovery Team (ERT) met at least once every two weeks
where progress on the Recovery Plan was given. The feed-
back was consolidated and forwarded to the Integrated
Recovery Team and finally to ERMC. A weekly status
Corporate Communications/ERD Streamlead
WR Communications & Stakeholders Streamlead
Corporate Spokesperson
SO – Programme Management Office
– Demand Side Management
– External Relations Dept.
– Western Region
Corporate Communications & Stakeholder Manager
Regional Recovery Sponsor
Western Region General Manager
rn Cape Recovery Plan project.
unicipal
Municipal
Recovery
Team
RED1 Other
Stakeholders
Dept of
Minerals
& Energy
agement of the Recovery Plan project.
154 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
report was also compiled by ERT and published internally
within Eskom and externally to the general public.
5. Risk management of the Recovery Plan project
There are typically five stages associated with risk man-
agement, namely: (1) risk management planning, (2) risk
identification, (3) qualitative and quantitative risk analysis,
(4) risk response planning, and (5) risk monitoring and con-
trol [3]. However, Edwards and Bowen [4] state that the pro-
cess of risk management should include evaluation and
reporting and they have as a result categorised the process
of risk management into nine stages: Identification; Classifi-
cation; Allocation; Analysis; Response; Recording; Moni-
toring; Control; and Evaluation. Chapman [5] identified
nine phases of the generic risk management process
(RMP), comprising: define; focus; identify; structure, owner-
ship; eliminate; evaluate; plan and manage. Practically, how-
ever, it is possible to classify all these stages into a four-stage
risk management cycle: risk identification; risk analysis; risk
response; and risk reporting. The risk identification stage
includes classification and allocation, while risk reporting
includes monitoring, control and evaluation. The risk man-
agement practice of the Recovery Plan project within the
Eskom integrated risk management protocol is presented
below along the lines of this four-stage framework.
5.1. Risk identification (and classification and allocation) of
the Recovery Plan project
The role of stakeholders in the RMP is emphasised by
Loosemore et al. [6]. According to them, effective and fre-
quent involvement of stakeholders at all stages of the RMP
will ensure that more risks are identified and commitment
obtained in managing them. Stakeholder management
becomes very critical in the risk identification process given
that they can have conflicting interests and the risks identi-
fied could be biased towards those interests or limited to their
own experiences. The possibility that the stakeholder mix
could change over time also has an impact on project objec-
tives and its associated risks. Furthermore, stakeholders
might be unable to express their objectives clearly or limit
the sharing of valid information due to confidentiality or
inter-stakeholder politics. Hence, they have suggested that
the risk manager or risk management service provider should
encourage stakeholders to balance their objectives with one
another, be flexible where possible, and understand the pres-
sures and background under which objectives are created.
It is generally accepted that companies with organic
structures allow for more creative and imaginary
approaches to identify risks, though it is still easier for
mechanistic structured companies to implement those
approaches [4]. This is because the latter could provide
backing in the form of authority sources, addressing possi-
ble resistance. Hence, companies’ management should be
committed to the risk management process, identifying
leaders with a strong personal passion for the subject.
The classification of risks creates a common framework
for grouping risks, although different cultures could classify
the same risk differently. Edwards and Bowen [4] suggest
two primary categories for classifying risks: Natural and
Human Risks. Natural risks are those from systems ‘‘beyond
human agency’’ which include risks from weather, geologi-
cal, biological and extraterrestrial systems. Risks from
human systems are more difficult to categorise due to their
overlapping nature. These include risks from social, political,
cultural, health, legal, economic, financial, technical and
managerial systems. Baber [7] refers to internally and exter-
nally generated risks. The Project Management Institute [8]
classifies risk into internal and external. Examples of internal
risk in project development are issues relating to labour,
materials, site conditions, cash flow, etc., while external risks
include governmental regulations, vandalism, sabotage,
environmental factors, market forces, inflation, etc.
It is generally accepted as a good risk management prac-
tice that a risk should be allocated to the party who can best
manage it that risk. To avoid duplication it is suggested that
continuous investigations are undertaken during the pro-
cess of risk management to ensure that another stakeholder
has not already taken up the control of a risk [6].
Eskom, in general, is very risk aware and has invested
considerable resources into this project management prac-
tice within the company. Many processes are in place to
identify and manage potential risks in its various functional
areas. Within its Distribution Division the foci of opera-
tions are customer services, engineering (safety standards
– occupational safety and health requirements); finance;
human resources; information management; and commer-
cial. All of these functional departments are represented
on the BPIR Committee where risks are raised and man-
aged. At this level risks are categorized as follows: finance;
technical operation and performance; legal audit and com-
pliance; people; strategic acquisitions, divestitures and pro-
jects; strategy; transformation; pricing; regulatory (NER);
stakeholders; information; subsidiaries, associates and joint
ventures.
In this particular case, the main reason for the inade-
quate supply capacity to meet the needs of the Western
Cape within the normally envisaged risk possibility of a
loss of generation at Koeberg was aggravated by decisions
by central government that limited the capacity of Eskom
to build new power stations or transmission lines. Arising
from the White Paper on Energy Policy [9], government
decided it was necessary to proceed with ‘the unbundling
of Eskom’s generation and transmission groups’ and ‘sep-
arate the power stations into a number of companies’ to
‘create the opportunity for private sector and Black Eco-
nomic Empowerment investment opportunities in the gen-
eration sector’. Later, the Intergovernmental Fiscal Review
[10] stated ‘The ESI restructuring involves three key
aspects: the sale of 30 per cent of Eskom’s generating
capacity to private investors, with a black empowerment
equity stake of at least 10 per cent of capacity; the separa-
tion of Eskom into several generation clusters and a sepa-
3 Eskom initiated a schemed whereby the public were encouraged to
exchange their conventional light bulbs for less electricity-consuming
CFLs – at no cost to the consumer.
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 155
rate transmission company; and the introduction of an
electricity market, which will ensure competition between
the different electricity generators. These reforms will begin
during the course of 2003.’ The central government had
taken responsibility to manage the investment decisions
of the supply industry, and it was only in late 2004, with
looming insufficient capacity, that the decision was made
to return the responsibility for electricity sufficiency to
Eskom [11]. Thus, Eskom was constrained by external
forces in its ability to respond to identified risk. Most sub-
sequent risk was a consequence of this external risk.
The identified risks are usually assigned to the BPIR
Committee members for mitigation. Although the commit-
tee members remain accountable, they could subsequently
delegate the risk mitigation actions and management to rel-
evant staff within the establishment.
The Eskom Recovery Team panel of experts responsible
for addressing the Western Cape Recovery Plan project
comprised senior managers drawn from the following
departments and/or divisions: National Recovery Sponsor
(this is represented by the Managing Director of the Trans-
mission Division who has overall accountability for execut-
ing the Recovery Plan); Regional Recovery Sponsor
(represented by the General Manager of Distribution –
Western Region); and Programme Manager (Risk Manager
– Distribution (Western Region), responsible for driving the
Recovery Team from a project and risk management
perspective). Other functions represented on the panel are
Project Managers and Consultants; Load Shedding stream,
Demand Side Management stream; Grid and National
Control stream, Koeberg stream (represented by the
Production Manager for Generation – Nuclear Cluster –
who is responsible for all activities happening at the
Koeberg Nuclear Power Station, i.e. repairing of Unit 1,
shutting down of Unit 2 for refuelling, and managing the
output capacities of the separate units); Eskom Enterprises
stream; Key Sales and Customer Services stream; Customer
Services stream; Human Resources stream, Finance stream;
Other Corporate Functions (Managers from Legal, Audit
and Security at corporate level); External Relations Depart-
ment stream; and Communication and Stakeholder stream.
This is a comprehensive stakeholder panel to ensure that
no function within Eskom that may contribute to the solu-
tion to resolve the risks associated with the Recovery Plan
project is left out. This panel compiled an extensive list of
risks and mitigating actions based on their individual exper-
tise and input from their respective teams and business envi-
ronments. Some risks were identified based on previous
experience, whilst others were based on documented rules
and regulations (especially in the nuclear environment).
The panel also identified risk ownership and reporting
mechanisms around these risks as shown in Table 2.
Many of the risks listed in Table 2 have arisen as a result
of the mitigation strategies for others. For example, the
risk of not being able to supply the demand for electricity
(Risk No. 20) is mitigated by Demand Side Management
(DSM) initiatives like providing an exchange programme
for Compact Fluorescent Lamps (CFLs).3 Provision of
enough lights (Risk No. 23) and the public’s take-on of
the programme (Risk No. 21) became additional risks to
manage as a result mitigating Risk No. 20.
In addition, there were a couple of unidentified risks
which arose as time went by: (i) a faulty valve at Koeberg
was discovered after Unit 1 was returned to service; (ii) a
pinhole leak was discovered in Koeberg Unit 1, though it
posed no threat to operations; and (iii) a problem with
the electrical supply boards at Koeberg was discovered
which forced Unit 1 to shut down after it had been re-
commissioned.
The risk identification matrix (Table 2) also indicates
whether Eskom or the City of Cape Town (or both) is
responsible to action the risks. The relevant Recovery
Team’s members are identified as accountable for particu-
lar risks and they are able to delegate such risks to the rel-
evant staff as appropriate.
Despite the involvement on the panel of various stake-
holders in the risk identification, classification and alloca-
tion processes, certain shortcomings became apparent,
including: (1) a weak relationship between Eskom and
the City of Cape Town (the two key ownerships – internal
and external respectively – of the various risks) leading to
each blaming the other and miscommunications to the
public, i.e. customers; (2) lack of an integrated Recovery
Plan between the different stakeholders (probably due to
an excessive number of members on the panel); and (3)
the risks were not necessarily categorised according to
Eskom standards i.e., they were grouped according to the
business areas identified for the Recovery Plan (i.e., Load
Shedding, Koeberg, Communication, etc.). The excuse
given for these shortcomings in the risk management pro-
cess at the identification stage is the crisis situation under
which these risks were identified.
5.2. Risk analysis of the Recovery Plan project
It is important for perceived risks to be evaluated,
decomposed, and subjected to some form of assessment
in order to understand the magnitude of the risks facing
the organization [4]. The assessment method, which should
be appropriate for the risk and organisation, should mea-
sure the risk severity to determine what management action
and priority to apply. Risk analysis relies on a qualitative
and/or quantitative approach. It is, however, suggested
that quantitative risk analysis should only follow on qual-
itative risk analysis, where the latter has exposed important
risks which could be analysed with reliable data and where
numbers will make logical sense and could be interpreted
sensibly [6]. Qualitative risk analyses could, in many cases,
be sufficient to assess the magnitude of risks, although such
analysis is subjective and subject to errors of judgement. To
Table 2
Risk identified for Western Cape Recovery Plan project
Risk no. Description Allocated to
Eskom City of Cape Town
1 Collapse of aging infrastructure due to frequent switching X
2 Inability to stick to load shedding schedules X X
3 Insufficient numbers of authorized staff for manual switching operations X
4 Poor operational communications X
5 Poor communications with public X X
6 Inability to soften impact X X
7 Dependency on standby plant and equipment X
8 Normal maintenance and refurbishment/expansion work will be impacted
by the abnormal state of the networks, resulting in maintenance backlogs,
failure to complete projects, etc.
X X
9 Electricity staff burn-out will result in low efficiency, increased risk of
accidents and equipment damage
X
10 Potential commissioning delays in the recovery of Unit 1: X
� Potential for commissioning delays due to the rotor from France not
being identical to the one removed to Rosherville
� Another reason for commissioning delays could include stator bar failure
during stator repair
� Past records indicate that delays in unit start-up following an outage are
quite common
11 Koeberg: Unexpected tripping on the turbine-generator set X
12 Koeberg: Controlled shutdown due to operational constraints X
13 Delayed return of a Koeberg unit after a trip. X
14 Potential commissioning delays of Unit 2 X
15 Logistics of transporting the generator equipment on time X
16 Unavailability of Palmiet hydro-electric supply X
� Due to limited opportunities to restore dam levels, Palmiet could be con-
strained in terms of power output.
� Potential plant failures could also limit the full output of Palmiet.
17 Failure of some transmission equipment has in past resulted in partial or
total blackout of the Cape.
X
18 Transmission Lines and substations X
� Fires
� Fog and mist
19 Total Blackout X
20 Inability to supply the demand of electricity X
21 Extent of consumer adoption of energy efficiency measures less than
expected
X
22 Verbal and physical abuse of implementers X
23 Project delays caused by time required to acquire equipment (Compact
Fluorescent Lamps (CFL’s), gas cylinders, etc.)
X
156 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
overcome the disadvantages associated with qualitative
risk analysis, some quantitative attributes can be incorpo-
rated making it a semi-quantitative risk analysis. This can
be done by assigning predetermined values to the probabil-
ity and impact which will result in more precise estimates of
risks as shown in Table 3 [4].
Table 3
Predetermined values allocated to probability and impact of risk factor
Probability Predetermined
Value
Impact Predetermined
Value
Rare 0.10 Insignificant 5% of cost
Unlikely 0.30 Minor 10% of cost
Possible 0.50 Moderate 20% of cost
Likely 0.70 Major 40% of cost
Almost
Certain
0.90 Catastrophic 80% of cost
Of course, different organisations will assign different
values for semi-quantitative risk analysis which will take
their risk attitude and exposure into account. An organisa-
tion could also assign different values for different projects.
According to Edwards and Bowen [4], whether organisa-
tions use quantitative or qualitative risk analysis methods,
decisions could still be based on emotions and ‘gut-feel’
rather than on the results generated by the application of
risk analysis techniques.
Risks of various natures and magnitudes could arise
from the different areas of the Distribution business within
Eskom (Customer Services, Engineering, Finance, etc.).
Hence, the BPIR Committee has produced a qualitative
analysis rating and description protocol to be applied to
risk management within the establishment as show in
Table 4. Based on the rating and the description protocol,
Table 5
Qualitative risk analysis of the Recovery Plan project risks
Risk no. Description
1 Collapse of aging infrastructure due to frequent switc
2 Inability to stick to load shedding schedules
3 Insufficient numbers of authorized staff for manual sw
4 Poor operational communications
5 Poor communications with public
6 Inability to soften impact
7 Dependency on standby plant and equipment
8 Normal maintenance and refurbishment/expansion w
by the abnormal state of the networks, resulting in m
failure to complete projects, etc.
9 Electricity staff burn-out will result in low efficiency,
accidents and equipment damage
10 Potential commissioning delays in the recovery of Un
� Potential for commissioning delays due to the ro
being identical to the one removed to Rosherville
� Another reason for commissioning delays could incl
during stator repair
� Past records indicate that delays in unit start-up fol
quite common
11 Koeberg: Unexpected tripping on the turbine-generat
12 Koeberg: Controlled shutdown due to operational co
13 Delayed return of a Koeberg unit after a trip
14 Potential commissioning delays of unit 2
15 Logistics of transporting the generator equipment on
16 Unavailability of Palmiet
� Due to limited opportunities to restore dam levels, P
strained in terms of power output
� Potential plant failures could also limit the full out
17 Failure of some transmission equipment, have in past
total blackout of the Cape
18 Transmission Lines and substations
� Fires
� Fog and mist
19 Total blackout
20 Inability to supply the demand of electricity
21 Extent of consumer adoption of energy efficiency mea
expected
22 Verbal and physical abuse of implementers
23 Project delays caused by time required to acquire equ
cylinders, etc.)
Table 4
BPIR Committee qualitative analysis rating and description
Rating Descriptor
Probability
1 Adverse event will not occur
3 Highly unlikely that the event will occur
5 Event can occur
7 Highly likely that the event will occur
10 Adverse event will definitely occur
Impact
1 Ignore – event is negligible
3 Minor – financial loss or injuries
5 Significant – loss of business, significant financial
loss, loss of jobs, some fatalities
7–9 Severe – loss of business opportunities, major
financial loss, many job losses and fatalities
10 Catastrophic impact on Eskom or the business
entity
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 157
the BPIR Committee is able to decide how the risks will be
ranked and prioritised (Table 5).
A semi-quantitative approach is also used to evaluate
Eskom projects, where probability is indicated as a possi-
bility percentage of a risk occurring and impact as a Rand
value which relates to the percentage cost impact of the
specific project. The product of the probability and impact
is then used to determine the ranking of the risk. Quantita-
tive risk analysis is mostly applied in the business areas of
the company where they are more applicable, e.g. finance
and commercial issues where investment risks need to be
considered.
A qualitative risk analysis method was adopted for the
Recovery Plan project, based on the expertise of the Recov-
ery Plan team and lessons learnt from previous less serious
crisis projects. Quantitative analysis is applied for transmis-
sion load factors whilst impact and probability ratings,
Impact Probability
hing H M
H M
itching operations M H
M M
H M
M M
H H
ork will be impacted
aintenance backlogs,
M M
increased risk of M H
it 1: H L
tor from France not
ude stator bar failure
lowing an outage are
or set H M
nstraints H L
H M
M L
time L L
H M
almiet could be con-
put of Palmiet
resulted in partial or Very high L
H L
Very high L
M M
sures less than H M
M L
ipment (CFL’s, gas H M
Table 7
Risk scenarios for power supply interruption
Base Case Scenario 2 Scenario 3 Scenario 4
One Koeberg
Unit
No Koeberg One Koeberg
Unit
No Koeberg
Two Palmiet
Units
Two Palmiet
Units
Two Palmiet
Units
No Palmiet Unit
Tx system
intact
Tx system
intact
Tx system
contingency
Tx system
contingency
158 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
based on high, medium or low ratings, are allocated to the
risks identified for the project. Priority was given to all
risks that could impact on either the restoration of the
power supply or the reduction of electricity demand – these
being regarded as the main project objectives. As the
Recovery Plan was implemented and time moved on, risks
were re-assessed and updated accordingly. For example, as
the repairs to Koeberg Unit 1 were progressing, the risk of
not synchronizing it to the grid was lowered accordingly
over time before Unit 2 had to be shut down for refuelling.
A quantitative risk analysis method was used to deter-
mine the Western Cape power load and its associated risks.
Table 6 depicts the load forecast in comparison with supply
and the associated predicted shortfall. By using this analy-
sis, the Recovery Team was able to compile various risk
scenarios pertaining to the possibility of power supply
interruptions as shown in Table 7. By using these scenarios,
the expected amount of load shedding could be determined
as shown in Table 8.
Based on this information, load blocks could be
designed to manage the amount of load to be shed. Load
blocks for different areas were aggregated to determine
the required load to be shed. There was a different load
block for every two hours that load shedding was required
Table 6
Predicted loading and electricity supply for Western Cape
Load Forecast Tx Limita Koebergb
13-Mar-06 3967 2400 900
20-Mar-06 3954 2442 858
27-Mar-06 3969 2484 816
3-Apr-06 4036 2526 774
10-Apr-06 3952 2568 732
17-Apr-06 4054 2610 690
24-Apr-06 4003 2652 648
1-May-06 4043 2694 606
8-May-06 4094 2736 564
15-May-06 4223 2778 522
22-May-06 4202 2820 480
29-May-06 4103 2400 900
5-Jun-06 4276 2400 900
12-Jun-06 4267 2400 900
19-Jun-06 4207 2400 900
26-Jun-06 4261 2400 900
3-Jul-06 4191 2400 900
10-Jul-06 4128 2400 900
17-Jul-06 4261 2400 900
24-Jul-06 4130 2400 1800
31-Jul-06 4151 2400 1800
07-Aug-06 4156 2400 1800
14-Aug-06 4201 2400 1800
21-Aug-06 4204 2400 1800
28-Aug-06 4146 2400 1800
04-Sep-06 4174 2400 1800
11-Sep-06 4067 2400 1800
18-Sep-06 4056 2400 1800
25-Sep-06 3948 2400 1800
a Tx limit is the transmission limit on electricity import from the North. 280
b Koeberg’s Unit 2 output was reduced over time to delay its shutdown for
c Customer interruptability are those agreements with larger power users to
– to ensure that one geographical area was not interrupted
for longer than two hours at a time in terms of an under-
taking to the general public.
The project adopted a combination of qualitative, semi-
quantitative and quantitative methods risk analysis
depending on the task to be tackled as one would expect.
However, certain shortcomings arose from the analyses.
In essence, the analyses were as only as good as the data
that were used. For example, the load forecast indicated
that the week of 5th June would be the period when load
shedding could be the worst (i.e. with a 376 MW shortfall).
It happened that this week was one of the warmest weeks
of the early winter, which of course increased the factor
of uncertainty. Nonetheless, it is assumed that the mitigat-
Palmiet Customer
interruptabilityc
Predicted shortfall
before DSM
400 200 �67
400 200 �54
400 200 �69
400 200 �136
400 200 �52
400 200 �154
400 200 �103
400 200 �143
400 200 �194
400 200 �323
400 200 �302
400 200 �203
400 200 �376
400 200 �367
400 200 �307
400 200 �361
400 200 �291
400 200 �228
400 200 �361
400 200 670
400 200 649
400 200 644
400 200 599
400 200 596
400 200 654
400 200 626
400 200 733
400 200 744
400 200 852
0 MW is the absolute maximum.
refuelling.
use self generation over peak periods.
Table 8
Load shedding based on the risk scenarios
Month Peak load
expected (MW)
Customer
interruptability (MW)
Load to be shed in MW
Base case Scenario 2 Scenario 3 Scenario 4
March 3969 200 69 569 969 2069
April 4054 200 154 654 1054 2154
May 4223 200 323 823 1223 2323
June 4276 200 376 876 1276 2376
July 4261 200 361 861 1261 2361
August 4204 200 – 804 1204 2304
September 4174 200 – 774 1174 2274
% of Peak load to be shed Up to 9% Up to 20% Up to 30% Up to 56%
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 159
ing actions to minimise load shedding is adequate when
unexpected shortfalls do occur. In this instance plans were
prepared for the forecasted shortfall in power supply, but it
never materialised. This means that forecasting could be
inaccurate the other way around as well, i.e. a shortfall
of power supply when it is not expected. However, it is
assumed that even if this should happen, the necessary mit-
igating plans will kick in regardless.
5.3. Risk response of the Recovery Plan project
The aim of risk response should be to minimise the mag-
nitude of the risk or in the case of an upside risk, to maximise
its opportunity and benefits [6]. Nonetheless, organisations
can decide not to respond to a risk, because, for instance,
existing controls are adequate to minimise a threat or where
there is a high probability that the risk will disappear in the
future. It could also be that risks are so insignificant that
nothing needs to be done about them. An organisation’s risk
attitude and exposure will guide this decision or it could be
that the cost/benefit result of any action is actually negative.
It does not, however, mean that these insignificant risks
should be denied or forgotten. Rather, they should be con-
tinuously monitored to determine if any of the underlying
circumstances have changed which might require a different
risk response. Public perception and/or legislation could
force an organisation to respond to a risk even if it is insig-
nificant [6]. This is particularly relevant when it comes to
public health issues. For example, any type of radioactive
contamination of the environment will create a public
expectation for the organisation to attend to the risk or leg-
islation will force radioactive materials to be handled in a
(more costly) certain manner even if the risk probability
and impact is extremely low.
Forms of risk response are risk reduction, transfer,
avoidance and retention, or a combination of these. An
organisation will apply these responses based on its risk
attitude and cost/benefit results aiming towards the ‘‘as
low as possibly reachable’’ risk that is left and then assign-
ing the proper level of management to it [4].
One of the BPIR Committee’s remits was to ensure that
the appropriate response was assigned to mitigate risks
based on Eskom’s risk response nomenclature: (1) treat
risk (i.e. to reduce risk); (2) tolerate risk (i.e. to retain risk);
(3) terminate risk (i.e. to avoid risk) and (4) transfer risk.
Eskom policy is to provide financial backing to a set of a
certain risk decisions. For example, it does not have exter-
nal insurance cover for its motor vehicle fleet and would
stand in for any claims or repairs that are required in that
regard. This is because the company considers that insur-
ance premiums on its vast number of vehicles will be much
more costly than the occasional cost when a fleet risk does
occur. In addition, because the company is continuously in
the public eye, it prefers to address insignificant risk (toler-
ate insignificant risk) to improve its corporate image. For
example, the company continuously endeavours to mini-
mise pollution from its coal stations although the emission
levels are well within acceptable regulatory levels and spec-
ifications. The company, however, will prefer to share or
transfer some project risks to a project partner or third
party on a high magnitude value project.
Table 9 shows the various mitigating actions that the
Recovery Plan project team applied in their attempt to
reduce the impact and probability of the risks identified
and analysed by the team. The table shows that Eskom car-
ries most of the risks by treating and tolerating them.
Although it is difficult to comment on the validity of the
selected mitigating actions, the response options that
Eskom took shows the level of its capacity to absorb mas-
sive financial impacts of risks given that the Demand Side
Management risk mitigation initiatives alone amounted to
R230 million (about US$31M or £17m) while the total
Recovery Plan project was estimated at R1.2 billion (about
US$162M or £87m). An amount of R645m was spent dur-
ing the crisis period. The remainder of the budget is
planned for work previously unplanned, to be undertaken
in terms of the lessons learned and to prevent similar situ-
ations arising in the future e.g. a line re-insulation project.
Timelines are until 2011.
Part of the Demand Side Management risk mitigation
strategic was television broadcasts to the public using col-
our codes to mitigate the risk of poor communication risk
with the public. Unfortunately, an anomaly was created by
using the same colour scenarios on television for load shed-
ding purposes and the Power Alert campaign. The Power
Alert campaign used colour code scenarios to inform
Table 9
Risk responses strategies for the Recovery Plan project
Risk
no.
Description Mitigation
1 Collapse of aging infrastructure due to frequent switching � Identify ‘problem’ areas
� Reduce switching?
� Repair/replace
2 Inability to stick to load shedding schedules � Redesign blocks with larger margin of safety
� Use scenarios
3 Insufficient numbers of authorized staff for manual switching
operations
� Train, authorize additional switching personnel
� Arrange load blocks such that most switching can be done via
SCADA (remote)
4 Poor operational communications � Share info with ESKOM
� Dedicated phone lines
5 Poor communications with public � Implement communications strategy
� Increase fault reporting centre, better routing of calls
6 Inability to soften impact � DSM, ripple control, better shedding schedules, communication
strategy
7 Dependency on standby plant and equipment � Critical allocation of available plant and equipment to support key
installations
8 Normal maintenance and refurbishment/expansion work will be
impacted by the abnormal state of the networks, resulting in
maintenance backlogs, failure to complete projects, etc.
� Facilitate that most of these activities continue
� Create an understanding, through good communication with con-
sumers, for these activities
9 Electricity staff burn-out will result in low efficiency, increased risk
of accidents and equipment damage
� Arrange load blocks such that most switching can be done via
SCADA
� Limit need for overtime Better planned switching schedules. Dual
shift system for ops centre
10 Potential commissioning delays in the recovery of Unit 1: � The strategy is to TREAT the risk: Inspections have occurred in
France and actions taken to mitigate this difficulty. Further inspec-
tions will occur once the rotor arrives on site. The project team is
monitoring the situation closely and pro-actively taking actions to
minimize the risk
� The strategy is to TREAT the risk: The project team is monitoring
the situation closely and pro-actively taking actions to minimize
the risk
� The strategy is to TREAT the risk: Production Manager role
assigned (24/7) focusing on current and future activities to minimize
any risks
� Potential for commissioning delays due to the rotor from France
not being identical to the one removed to Rosherville
� Another reason for commissioning delays could include stator bar
failure during stator repair
� Past records indicate that delays in unit start-up following an out-
age are quite common
11 Koeberg: Unexpected tripping on the turbine-generator set � The strategy is to TREAT the risk: Communicated to applicable
Transmission staff
� The strategy is to TREAT the risk: Worker instructions for stretch-
out operations have been developed and implemented previously.
Production Manager role assigned (24/7) focusing on current and
future activities to minimize any risks
� The strategy is to TREAT the risk: Production Manager role
assigned (24/7) focusing on current and future activities to minimize
any risks
� The strategy is to TOLERATE the risk since it is not deemed
significant
12 Koeberg: Controlled shutdown due to operational constraints � The strategy is to TREAT the risk: Communicated to applicable
Peaking staff
� The strategy is to TREAT the risk: Production Manager role
assigned (24/7) focusing on current and future activities to minimize
any risks. The number of PTs will be minimised
� The strategy is to TREAT the risk: Production Manager role
assigned (24/7) focusing on current and future activities to minimize
any risks
� The risk strategy is to respond only once informed since no fore-
knowledge is possible
13 Delayed return of a Koeberg unit after a trip � The strategy is to TREAT the risk: This is due to physical properties
of the core at this stage in its operation and cannot be changed
� The risk strategy is to respond only once NNR communicate a con-
cern since no foreknowledge is possible
14 Potential commissioning delays of unit 2 � The strategy is to TREAT the risk: Production Manager role
assigned (24/7) focusing on current and future activities to minimize
any risks
160 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
Table 9 (continued)
Risk
no.
Description Mitigation
15 Logistics of transporting the generator equipment on time � The strategy is to TREAT the risk: A team in France comprised of
Eskom, Alsthom, EdF and French customs representatives are
working to ensure that the departure of the rotor from France
remains on track. It is confirmed that the SA Navy ship, the SAS
Drakensberg, will be used to expedite transport. This will cut
approximately one week off the shipment time. The ship will be
tracked on a daily basis. A dedicated logistics team is currently
working on customs and port arrangements as well as transportation
from CT Harbour to Koeberg. In addition, recovery of the Koeberg
rotor currently being repaired at Rosherville is being pursued in
parallel to the shipment of the EdF rotor
16 Unavailability of Palmiet � Not captured
� Due to limited opportunities to restore dam levels, Palmiet could
be constrained in terms of power output
� Potential plant failures could also limit the full output of Palmiet
17 Failure of some transmission equipment, have in past resulted in
partial or total blackout of the Cape
� Not captured
18 Transmission lines and substations � Fires: Extension of the fire protection agents (FPAs) to other areas.
FPAs are for fire management, and include local fire departments,
policing forums and civil society
� Fog and Mist: Re-insulation of the lines – Replacing glass with sili-
con composite insulators (short-term – focus on key lines and pro-
jects to focus on all coastal lines)
� Fires
� Fog and mist
19 Total Blackout � Regional Control will be directed by National Control
� There will be direct communication between Eskom’s Regional and
National Control with City of Cape Town’s Control Centre
� The Emergency Operating Centre (EOC) will be responsible for
communication with the Regional Crisis Centre
� If the EOC is not yet active the Regional Control Centre will alert
the Regional Crisis Centre (Required is only one contact person to
avoid sidetracking the Control Centre from doing switching)
� The emergency will further be managed as per the ESKOM proce-
dures do restore power supply to affected areas in the Cape
� All communication with ESKOM will be through the EOC
� All external communication about the blackout will be through the
Regional Crisis Centre
20 Inability to supply the demand of electricity � Initiate various Demand Side Management Programmes. This will
include:
� CFL exchange
� Self generation
� Gas conversions
� Voluntary conservation
� Subsidising electricity efficient devices
21 Extent of consumer adoption of energy efficiency measures less than
expected
� A diverse range of projects will be pursued. Successful projects will be
accelerated to make up for projects with lower success
22 Verbal and physical abuse of implementers � Implementers will work in teams and will avoid ‘hot spots’
23 Project delays caused by time required to acquire equipment (CFL’s,
gas cylinders, etc.)
� Procurement processes will be streamlined as far as possible
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 161
viewers of what the immediate situation was and to request
them to take certain actions. For example, a green scenario
on TV meant ‘‘No action is required’’, although for load
shedding purposes up to 9% of load could be shed at any
time. The red scenario requested users to switch off multi-
ple appliances and power points (e.g., from electric heating
to unnecessary lighting); this also meant up to 30% load
shedding. The 30% load shedding meant one third of the
Western Cape could sit in the dark; this was a very consid-
erable risk! There was lack of correlation between the
severity of the TV alert program and what the actual situ-
ation was. It worked out well nonetheless, as very few inter-
ruptions took place during the time that interruptions were
expected – except for an unexpected fault at Koeberg which
forced Unit 1 to be shut down. Although all the crisis plans
were in place and the principles of the Western Cape
Recovery Plan were immediately applied, it could not avert
controlled blackouts in the City and surrounding areas as a
result of fault at Koeberg Unit 1.
The main problem, however, with the mitigation strate-
gies employed was that many of the strategies were imple-
mented too slowly; this was apparent for the Demand Side
Management initiatives and for communication and stake-
holder management.
4 http://www.fin24.co.za/articles/economy/display_article.aspx?
Nav=ns&lvl2=econ&ArticleID=1518-25_1836685 (20/10/06).
5 http://www.mg.co.za/articlePage.aspx?articleid=280838&area=/
breaking_news/breaking_news__business/ (15/9/06).
6 http://www.mg.co.za/articlePage.aspx?articleid=281096&area=/
breaking_news/breaking_news__business/ (15/9/06).
7 http://www.southafrica.info/what_happening/news/erwin_koe
berg180806.htm (20/10/06).
8 061004_Exco Board_Presentation_Close-out Report_RvW2.ppt.
Internal Eskom document, unpublished.
162 R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163
5.4. Risk reporting (recording, monitoring, control and
evaluation) of the Recovery Plan project
It is considered good practice for risks to be recorded in
a risk log or register database system [12] after they have
been identified and assessed. This is to facilitate the moni-
toring, control and evaluation of the risks. Each risk
should be uniquely identifiable (using a risk number/code),
indicating: the description; the type of risk; the assigned
risk owner; and the applicable risk response and mitigation
action. It is important that the frequency of monitoring the
risk and the method of reporting are pre-decided very early
in the risk process [4]. At the same time, mode(s) of com-
municating the risks to relevant staff and external stake-
holders must be introduced [6].
According to Loosemore et al. [6], the greater the risk
the more senior management should become involved. This
is also important where risk response implementation is
likely to meet with resistance, particularly where resources
(funds and people) are redirected from other projects or
functions to mitigate risks [6]. Monitoring and controlling
of risks will highlight the urgency of the Risk Management
System and make risks more obvious to identify. It also
increases risk awareness and therefore reduces risk magni-
tude as more information becomes available; and it should
also allow risk knowledge/lessons learnt to be captured for
future project use [4].
The BPIR Committee has the oversight responsibility
of all the risks within the Western Region Distribution
Division business. One of its main objectives is to inte-
grate these risks and assess how one risk could impact
on, or create, another. It also identifies the risk impact
on the other regions, divisions and/or subsidiaries. It
aims to make the business more risk-aware and encour-
ages the inclusion of risk management processes in the
normal business processes. The BPIR Committee suggests
that risks be reviewed annually for those where the expo-
sure is long term and could have an impact on long-term
business objectives. Monthly reviews are done, however,
to keep the RMS dynamic and up to date. Ad-hoc risk
analyses are undertaken in the case where changes occur
that could have a negative (or positive) impact on the
business. For project development, the Committee sug-
gests that risk analysis and monitoring are undertaken
at three stages: concept phase; before implementation;
and when there are significant changes/problems during
implementation.
The risks on the Recovery Plan project were recorded,
continuously monitored, and regularly reported to the
Committee and to the various stakeholders involved in
the project with lessons learnt incorporated into the feed-
back process. Nonetheless, the initial Recovery Plan
report did not indicate all the risk analysis results on
impact, probability and mitigating actions. This was
noted and remedied just in time to ensure that these omit-
ted information did not impact on the management of the
risks.
6. The Western Cape electricity crisis aftermath
The National Electricity Regulator South Africa
(NERSA) decided to formally investigate the incidents at
Koeberg’s Units 1 and 2 which occurred during November
2005. These incidents are not discussed in this report, but
were also due to a switching fault and flash-overs between
transmission lines due to high pollution from veld (grass)
fires.4 At the time only one unit was generating power as
the other unit was off line due to maintenance being carried
out. NERSA, however, found that Eskom was negligent in
terms of maintenance procedures. It identified faulty pro-
tection systems and found Eskom in breach of its license
conditions. At Koeberg it found deficiencies in its configu-
ration management, non-conformance to procedures and
ill-discipline in certain areas. The Regulator indicated that,
if found guilty, Eskom could be fined up to R300 million.5
Eskom contested the NERSA report and responded that
not all incidents indicated negligence or a breach of license con-
ditions. It emphasised that the nuclear safety regulations, as set
by the National Nuclear Regulator (NNR), have never been
violated. Eskom has, however, acknowledged that there were
oversights regarding some of its practices and procedures.6
The damage done during the January 2006 mainte-
nance on Unit 1 (as per the report) was caused by a bolt
left behind in the generator. At the time a concern was
raised because the bolt was of another type than those
used in the generator. Three investigations took place:
one by the police and the security services including the
National Intelligence Agency, one by the National Energy
Regulator, and a third by Eskom itself. Originally it was
thought that the unit could have been sabotaged, but
these fears were laid to rest after the investigations were
completed and the cause of failure ascribed to human
error.7
Some of the key lessons learnt include:8
� The Western Cape is vulnerable to power supply issues –
ensure mitigation plan is in place at all times.
� Ensure support from all operations to allow plant per-
sonnel to focus on the problems at hand.
� Streamline the communication process to be less cum-
bersome and time consuming.
� Co-ordinate all communication with government across
all three tiers.
� Need to know and be sensitive to the direct and knock-
on impact on customers and the Economy.
http://www.fin24.co.za/articles/economy/display_article.aspx?
http://www.fin24.co.za/articles/economy/display_article.aspx?
http://www.mg.co.za/articlePage.aspx?articleid=280838&area=/breaking_news/breaking_news__business
http://www.mg.co.za/articlePage.aspx?articleid=280838&area=/breaking_news/breaking_news__business
http://www.mg.co.za/articlePage.aspx?articleid=281096&area=/breaking_news/breaking_news__business
http://www.mg.co.za/articlePage.aspx?articleid=281096&area=/breaking_news/breaking_news__business
http://www.southafrica.info/what_happening/news/erwin_koeberg180806.htm
http://www.southafrica.info/what_happening/news/erwin_koeberg180806.htm
R. van Wyk et al. / International Journal of Project Management 26 (2008) 149–163 163
� Ensure protection of Key Industrial Customer loads
(within limits).
� Prioritise load shedding based on upfront determined
principles.
� Publish Load Shedding schedules a week in advance and
stick to these since businesses plan operations around
them.
� Restore confidence in the electricity industry, i.e. build/
sustain reputation and corporate image.
� Media education and relationship building.
� Identify multiple levels of risk and perform adequate
risk management.
� Understand the impact and importance of various levels
of crisis communication and messages being sent out.
7. Conclusions
The objective of this paper was to document the process
of risk management used by a utility company for manag-
ing risks associated with its projects. The paper has
reflected on the theory and practice of risk management
by presenting risk management of the Recovery Plan pro-
ject of the Distribution Division of Eskom Holding Ltd
in South Africa. The company’s risk management system
policy allows for total risk integration between divisions,
regions and functional departments. The company ensures
that a risk management process forms part of its strategy
and develops a company governance structure to imple-
ment and maintain the process. However, potential risks
and opportunities are identified within its various business
divisions, departments and functions. Risk accountability
is implemented at the company, divisional and project lev-
els by assigning risks to the members of the risk manage-
ment team to ensure that mitigating actions are
implemented. The progress of risk mitigation is tracked
on a regular basis.
However, certain shortcomings are evident in the risk
management process of the company. These shortcom-
ings include: an excessive number of stakeholders that
are represented on the risk management panels and com-
mittees; an inability to stick to the overall company risk
management process at a time of crisis; and loose imple-
mentation of the company’s risk management system
across its various divisions and business functions. Lack
of integration of external and internal stakeholders (in
this case, Eskom and the City of Cape Town) is another
shortcoming of the risk management system, as was the
associated risk communication to the public and key
customers.
The company has access to and uses different tech-
niques of risk management, suggesting that there is con-
gruence between the theory and practice of risk
management by the company. However, the company
adheres to a very simple risk management process that
enables it to carry out its business functions. The com-
pany’s use of quantitative risk analysis is very limited,
although it has the resources to use more sophisticated
types of analyses to assist in its RMS. This tends to sup-
port Elkington and Smallwood’s [2] view that the current
process that this utility company uses for risk manage-
ment is weak.
Although this is a utility company with more attendant
risks compared with the risks levels and factors faced by
other industries, there is no evidence that the company uti-
lises more sophisticated risk management tools. Rather, the
company strategy was to raise risk awareness within its
business supported by high level governance structures
and to ensure that risk management is an integral parts
of business activities.
Risk management activities take place at different levels
within the company. Future research could meaningfully
be directed at establishing the effectiveness and efficiency
of this multilevel risk management strategy.
Acknowledgement
The authors are indebted to Professor Trevor Gaunt,
Department of Electrical Engineering, University of Cape
Town, for his valuable input concerning external forces ini-
tially constraining Eskom’s ability to respond to identified
risk.
References
[1] Miller R, Lessard D. Understanding and managing risks in large
engineering projects. Int J Project Manage 2001;19:437–43.
[2] Elkingston P, Smallman C. Managing project risks: a case study from
utilities sector. Int J Project Manage 2002;20:49–57.
[3] Taylor H. Congruence between risk management theory and practice
in Hong Kong vendor-driven IT projects. Int J Project Manage
2005;23:437–44.
[4] Edwards PJ, Bowen PA. Risk management in project organisations.
Elsevier: Butterworth Heinemann; 2005.
[5] Chapman C. Project risk analysis and management – PRAM the
generic process. Int J Project Manage 1997;15:273–81.
[6] Loosemore M, Raftery J, Reily C, Higgon D. Risk management in
projects. 2nd ed. Taylor and Francis; 2006.
[7] Baker RB. Understanding internally generated risks in projects. Int J
Project Manage 2005;23:584–90.
[8] Project Management Institute. A guide to the project management
body of knowledge (PMBOK), 2000 ed. Newton Square, PA: Project
Management Institute; 2000.
[9] Department of Minerals and Energy (1998) White paper on the
Energy Policy of the Republic of South Africa (p.55), available at
http://www.dme.gov.za/pdfs/energy/planning/wp_energy_policy_
1998 (accessed on 11 May 2007).
[10] National Treasury (2003) Intergovernmental Fiscal Review, Chapter
12: Electricity (p.230), available at http://www.treasury.gov.za/docu-
ments/ifr/2003/chp12 (accessed on 11 May 2007).
[11] Phasiwe, K. (2004) Power-Station Plans Pique Foreign Interest.
Business Day, 27 October, available at http://allafrica.com/stories/
200410270280.html (accessed on 14 May 2007).
[12] Patterson FD, Neailey KA. Risk Register Database System to aid
the management of project risk. Int J Project Manage 2002;20:
365–74.
http://www.dme.gov.za
http://www.dme.gov.za
http://www.treasury.gov.za
http://www.treasury.gov.za
http://allafrica.com/stories/200410270280.html
http://allafrica.com/stories/200410270280.html
- Project risk management practice: The case of a South African utility company
Introduction
Corporate risk management within Eskom Holdings Ltd.
Risk Management System within the Distribution Division
Case study of the Western Cape Recovery Plan project
Risk management of the Recovery Plan project
Risk identification (and classification and allocation) of the Recovery Plan project
Risk analysis of the Recovery Plan project
Risk response of the Recovery Plan project
Risk reporting (recording, monitoring, control and evaluation) of the Recovery Plan project
The Western Cape electricity crisis aftermath
Conclusions
Acknowledgement
References
Option #1: The Recovery Plan Project
Read the Recovery Plan project:
Van Wyk, Bowen, & Akintoye. (2008).
Project risk management practice: The case of a South African utility company (Links to an external site.)
. International Journal of Project Management, 26(2), 149-163.
1. Examine the project management issues detailed in the case, including those concerning procurement, contracts, and risk management.
2. In no more than one page, give an overview of the case and the project management issues to be covered in more detail.
3. Discuss, in logical order, the following topics: (Note: You must determine the logical order of these topics; this is part of your grade. See the grading rubric in this week’s folder.)
· Risk identification
· Risk assessment and prioritization
· Risk response for prevention
· Mitigation or contingent actions
· The fundamental conceptual steps used to respond to project risks
· The strengths and weaknesses of the project risk management practices
4. In an appendix, identify the risks and categorize each one. (This categorization is left to you; however, you might include external risks, such as regulatory and currency changes, or technical risks, such as complexity or design.) You must discuss the appendix in the body of your paper. In other words, do not simply say “see appendix,” but rather explain what the appendix covers.
5. Discuss the prioritization of the risks identified, their severity, and the management response strategies
Submission:
· Write a paper addressing the Recovery Plan project. Your paper should be 8-10 pages in length, not including the required title and references pages and the appendix.
· Support your paper with a minimum of three to four current scholarly sources from the CSU-Global Library (no older than five years). This is in addition to any course textbooks or lecture material you decide to use. Of course, you may always exceed the minimum number of sources.
· Assess and critique the risk response strategies used and identify a minimum of three new recommended risk response strategies in response to the risks identified.
· Format your entire paper according to the
CSU-Global Guide to Writing & APA (Links to an external site.)
.
PROJECT MANAGEMENT
1
The general idea of corporate risk management remains to be a key strategy in dealing with some of the emerging issues. Some of these emerging issues are the idea of risk management in procurement and contract negotiation. Ideally, any company will want to ensure that it is in line with some of the modern trends and techniques when it comes to these two important aspects of the organizations running. But how do a company identify risk, assess the impact of the risk to the functioning or longevity of the company, how do they initiate prevention response, or how do they mitigate or come up with contingency plans? This discussion chooses to highlight how a company can successfully initiate risk management practices concerning how these measures will serve their interest.
According to Van Wyk, Bowen, and Akintoye (2007), corporates should majorly focus on three aspects of risk management. These are managing risk within their corporate scope, managing risk within their distribution division, and initiating risk management of the recovery plan project. Within the corporate scope, every company should initiate a risk management committee that will be able to oversee and ensure that company’s risk management strategies and processes are aligned with best practices. Risk management within the distribution division line should also be initiated through a committee that will ensure various processes, such as assisting with the business decision-making process when a lot of information becomes available as a result of the risks being executed. Secondly, this approach will be necessary for the facilitation of learning from and incorporation of lessons likely to be executed, and thirdly, the approach is likely to facilitate learning and incorporations of lessons from the past. Risk management towards recovery plan projects should be focused on factors such as risk identification, risk analysis, and risk response towards the initiated recovery plan.
References
Van Wyk, R, Bowen, P, and Akintoye, A. (2007). Project risk management practice: The case of
a South African utility company. International Journal of Project Management 26 (2008)
149–163.