Introduction 

Risk Quantification involves
evaluating risks and risk interaction to assess the range
of possible project outcomes. It is primarily concerned
with determining which risk events warrant response by
considering the following factors:

11.2.1 Inputs 





Different organizations and different individuals have different tolerances for risk.
11.2.1.2 to 11.2.1.5 are discussed elsewhere.
Expected monetary value = Risk event probability X Risk event value
The risk event value must reflect both tangibles and intangibles.
Statistical sums can be used to calculate a range of total project costs from the cost estimates for individual work items.
This could involve using standard deviation formulae for example:
Triangular distribution
Mean = (a + m + b) / 3 and
Variance = [(b  a)² + (m  a)(m  b)] / 18
Beta Distribution
Mean = (a + 4m + b) / 6 and
Variance = [(b  a) / 6]²
In order to sum probability distributions, calculate:
Simulation uses a representation or model of a system to analyze the behaviour or performance of the system. The most common form of simulation on a project is schedule simulation using the project network as a model of the project.
Using Monte Carlo analysis, the results of a schedule simulation could provide a statistical distribution of the probability of project completion by a certain date. Traditional mathematical analysis techniques such as CPM and PERT do not account for path convergence and thus tend to underestimate project duration.
A decision tree is a diagram that depicts key interactions among decisions and associated chance events as they are understood by the decision maker. The branches of the tree represent either decisions (shown as boxes) or chance events (shown as circles).
Expert judgement can often be identified in lieu of or in addition to mathematical techniques. For example risk events could be described as having a high, medium or low probability of occurrence and a severe, moderate or limited impact.
This is the major output from risk quantification.
The process should also document (a) those sources of risk and risk events that project management has decided to ignore or accept and (b) who made the decision to do so.