Perspectives of Severity in the Choice of Risk Management Techniques

. This study examines the risk management practices prevalent in the South African construction industry. This was necessitated by ine ﬀ ective risk management practices in the construction industry, particularly in developing countries such as South Africa. A comprehensive literature review was conducted to establish the risk management practices in use. The study adopted a quantitative research approach that employs an electronic questionnaire to contractors operating in South Africa. The ﬁndings suggest that the South African construction industry experiences ine ﬀ ective risk management implementation, which is impacted by the perception of the risk severity. The study established that contractors face many risks, chief among them high competition in bids, political instability, payment delays, corruption and bribery and an overbearing inﬂuence of bureaucratic processes from government-aligned agencies. Furthermore, it was also established that risk management techniques used amongst South African contractors are largely informal with low implementation. It also emerged that risk management implementation is perceived to be an expensive venture that erodes the marginal proﬁts contractors aim to make. Resultantly, risk management practices implementation is low among the contractors. The study recommends that public and private construction clients encourage adopting risk management practices linked to good practice and not based on perceptions of risk severity.


Introduction
The construction industry is an essential pillar of the South African economy [1]. The sector employed 11% of the national workforce [2] and made an average contribution of 4% to the national GDP between 2010 and 2018 [3]. In any economy, the construction industry is an engine for national economic development [4]. As the South African construction industry continues to experience growth in terms of complexity and output, Chihuri and Pretorius [5] noted that there is a need for improved operational efficiency and project risk management as one way of achieving better project yields in terms of time, cost and quality.
Risk management is a critical project management practice that aids in successful project delivery [6][7][8]. According to the Project Management Institute (PMI) [9], risk management is a formal process involving risk management planning, identification, analysis, response planning and risk control. Its objective is to minimise the negative impacts of the risks inherent in a project. A successful project can be described as one that is completed within the

The Concept of Risk
Literature has numerous definitions of risk [30,31]. Generally, risk can be described as a potential deviation from a predetermined target [11]. In construction, risk refers to interference in a planned project activity or expected outcome [32]. Accordingly, risk is any action or occurrence that negatively affects the achievement of project objectives [10,33]. The definitions above coincide with the general notion that risk is identified as a source of negative consequences without regard for its positive consequences [34]. However, several authors also proffer balanced definitions of risk, which capture its negative and positive effects. For instance, according to PMI [9], project risk is an uncertain event or condition that, in the event of its occurrence, has a positive or negative effect on one or more project objectives. Iqbal et al. [35] also describe risk as an event yielding a negative or positive impact on project objectives in the micro, meso and macro environments in which it occurs. This indicates that a risk event may result in either positive or negative outcomes, thus resulting in opportunity or loss respectively [36].
Without nullifying other risk definitions that focus on either its positive or negative outcomes, the purpose of risk adopted in this research is an event that yields negative consequences on achieving project objectives, thereby negatively affecting the viability of construction company operations. The study has also chosen to adopt the categorisation of construction risks based on a combination of previous research by Odediran [37] and Mhetre et al. [18]. The risk categories used in the study are political, economic/financial, procurement, social, design-related, construction, and environmental risks.

Risk Management Techniques
Actual risk management implementation involves using various techniques unique to each stage of the risk management process [38]. PMI [9] outlines the objectives of each risk management process as follows: risk management planning which allows for outlining of project objectives, the establishment of resources availability and overall determination of the risk management approach; risk identification allows for the definition of risk causes; risk analysis determines the probability of occurrence and anticipated impacts; finally, risk response enables the development of actions to reduce risks or enhance opportunities.
Risk management planning is the process of outlining the procedure to be used in project risk management. It is essential to obtain the support of the risk management effort from all relevant stakeholders early on in the project [9]. Risk management planning is the formulation of the risk management strategy [39]. The risk identification stage of the risk management process seeks to identify the risks, assess their relative importance and assign the risks to the parties best positioned to deal with them [17,40]. Earlier, Abu Mousa [41] presented a similar definition of risk identification; however, they added the aspect of documentation of identified risks, an essential feature should the exercise yield positive value. Other techniques used in identification are the risk checklist, flowchart, brainstorming, Delphi techniques, interview/expert opinion, questionnaire, influence diagrams, expert systems, experience, document review, SWOT analysis, and cause and effect diagrams.
Risk analysis is the systematic consideration of risk sources, their consequences and the likelihood that those consequences may occur [17]. The risk analysis management technique links systematic risk identification and managing identified substantial risks [42]. The step follows risk identification and can also be termed risk assessment or evaluation in various literature [43]. According to Taroun et al. [44], while it is arguably the most challenging stage of the risk management process, it is possibly the most important. Risk analysis is essential because it provides an early indication of the consequences of the project not going according to plan [41]. Supporting this view, Ahmed et al. [36] state that risk analysis is essential as it offers a global picture of the risk situation and allows for high-level risk analysis that considers the cumulative effects of risk events on successful project delivery. This enables a collective, all-encompassing approach to risk management. The risk analysis technique can be divided into Qualitative (descriptive) and Quantitative Risk Analysis techniques.
Risk response involves taking action to address the identified and analysed risks [45] and is measures (risk avoidance, risk transfer, risk reduction, risk sharing, risk exploitation, risk enhancement, contingency plan, risk acceptance/retention) taken to eradicate, reduce or transfer risks and their consequences [43]. According to Ghahramanzadeh [46], this is achieved through evaluating the potential impacts of risks and taking the necessary action to minimise their adverse impacts whilst maximising their positive effects. Meanwhile, risk control is the iterative process of employing risk response strategies, active and residual risk tracking, re-identifying risks, and overall evaluation of the risk management process [9]. This technique encompasses monitoring and assessing the overall risk management process [47]. Risk control is important because as the project progresses, new information becomes available, and changes occur regarding project risks [42].
Risk severity represents the outcome generated from a risk event [48]; thus, it reflects the seriousness of the risk [49]. According to Amoatey and Danquah [50], poor risk management competency results from a lack of risk severity knowledge; thus, organisations cannot counter risks, ultimately leading to project failure. To bring uniformity to organisational risk management, Carbonara et al. [51] introduced a systematic approach to risk management that enables the determination of risk severity and the establishment of a risk allocation scheme based on the type of project in question. This also means chances of adequate risk management techniques implementation are enhanced when the skills to determine risk severity are available [52]. However, it has been found that contractors typically apply risk management-aligned processes during construction hence a dearth of systematic risk management techniques implementation [53].

Research Methodology
The research adopted a quantitative research approach which employs a cross-sectional research design and a questionnaire survey to obtain data from respondents. The study targeted all construction companies registered on the cidb Register of Contractors in South Africa. The companies were to be selected from the sample frame using the random sampling technique. However, collecting information from the entire population is virtually impossible. Czaja and Blair [54], cited by Ankrah [55], proposed the determination of minimum sample size using a non-response bias method shown in Eq. (1).
Where: ss = sample size z = standard variable p = percentage picking a choice expressed as a decimal c = confidence interval expressed as a decimal Equation 1's effectiveness depends on the required degree of accuracy and confidence level. According to Ankrah [55], a 95% confidence level is appropriate for constructionrelated research with a significant level, a = 0.05; z = 1.96 and a confidence interval, c of ± 10%. According to Czaja and Blair [54], cited by Ankrah [55], to determine the sample size for a defined level of accuracy, the worst-case percentage picking a choice (p) should be assumed. In the research, it was considered to be at 50%.
The results obtained show that the required sample size is 96 contractors. However, the figure requires correction for defined populations; in this research, it is the total number of contractors on the CIDB register. The formula for the new sample size is given by Czaja and Blair [54], cited by Ankrah [52], and shown in Eq. (2).
( The sample size remains 96 contractors. However, the construction industry is known for poor responses to questionnaire surveys ranging from 10 -70% [37]. Considering this, the study sought to adjust the sample size to account for the high incidence of non-response. Thus, a modest response rate of 15% was assumed, and therefore the new sample size was determined in Eq. (3).
survey ss = 96 0.15 = 640 contractors Upon establishing the sample size, a random list of 640 contractors was selected from the cidb Register of Contractors. At the end of the survey period, 173 responses were received, representing a response rate of 27%.
The questionnaire contained general personal questions such as job title, academic qualifications, and years of construction experience, which provided a general idea of the characteristics of individuals and companies participating in the survey. Another section sought to identify risks and their severity. Another section presented the respondents with a list of risks and requested them to highlight their likelihood of occurrence. Consequently, the respondents had to highlight the impact of such risk events. Obtaining the likelihood of occurrence and impact of a risk would thus lead to establishing the severity of the risks. To establish the risk management techniques used amongst companies, techniques were categorised per risk management process -that is, risk identification, risk assessment and risk response. From these lists, the respondents indicated their usage level of each technique.  20 Extremely low severity 0.20 -0. 40 Low severity 0.40 -0. 60 Moderate severity 0.60 -0.80 High severity 0.80 -1.00 Extremely high severity Source: [9]  The collected data were analysed using descriptive and inferential statistics such as the Mean Item Score (MIS) and scatter plots to study the relationships between variables. The MIS was used to rank the various researched concepts and was determined using Eq. (4).
Where M 5 , M 4 ,M 3 ,M 2 , and M 1 are the frequencies of the rating responses allocated to each risk factor. Furthermore, upon establishing the likelihood and impact of risk events, the risk severity was subsequently determined using the formula severity = likelihood x impact [56]. Determining the risk severity allows for risk ranking, thus enabling the importance of each risk to be established [56]. Further categorisation of risk severity was conducted based on PMI [9] and is shown in table 1.
Additionally, the study used data to produce scatter plots to establish the relationships between the severity of the risks encountered by the contractors and the risk management techniques used. The Spearman Rho statistical analysis technique, was used in testing the hypothesis stated to guide the direction of the study and confirm the significance of the results of the Scatterplots. The formula to determine the Spearman Rho coefficient, r s , was adopted from Ramsey [57] and is shown in Eq. (5). To test for significance, the significant level of p = 0.05 was chosen.
Where: r s = the Spearman Rho coefficient. d 2 = difference between the rankings of the X-Y variables N = Number of items Cronbach's alpha was used to determine the internal consistency of the Likert scale scores [58]. Reliability results are summarised in table 2. Table 2 shows that the Cronbach alpha for the items in the questionnaire was above the minimum threshold of 0.7 for reliability.
Considering the competitive nature of the construction industry and the sensitivity of company information received, high confidentiality was maintained throughout the research.
Respondents were notified that participation in the survey was voluntary and that they could withdraw at any point during the survey. In addition, the anonymity of respondents was guaranteed. In the presentation and analysis, there is no reference to the identity of any of the participants. Data obtained was kept securely, and no access has been granted to third parties.

Data Presentation, Analysis and Discussion
This section comprises the research findings concerning individual and organisational profiles, risks encountered in construction and the risk management techniques used.

Background Profile of the Respondents
Most respondents held positions with influence over risk management decisions made within their respective organisations. Markedly, 53% of respondents had the title of Managing Director within their respective organisations. Other influential positions respondents hold include Project and Contracts Managers, encompassing 15% and 11% of respondents. Others indicated varying job titles, such as Safety and Health Officer, Business Development Manager, and Finance and Human Resources Manager. Also, 56% of respondents had more than ten years of direct experience in construction. Regarding academic qualifications, 69% of respondents held a diploma as their minimum attained qualification. This level of experience and academic exposure enhances confidence in findings as respondents are knowledgeable in the construction given their extensive experience and academic backgrounds.
A significant number of the respondents (88%) work for organisations in the building and civil engineering sub-sectors, while others worked in electrical engineering (6%), specialist works 5% and mechanical engineering sub-sectors. The geographical spread of head office locations covers the entire country. Economic centres such as the Western Cape (17.92%), Gauteng (16.76%), and KwaZulu Natal (13.88%) are well represented as there is a larger number of companies domiciled in these provinces. Also, 75% of the organisations are registered in grades 1 to 6 of the cidb Register of Contractors. In terms of turnover generated in 2019, 64.74% of participating organisations generated an annual turnover of less than R10Million signifying slow activity in the construction industry.

Risks Encountered in Construction and the Impact of the Occurrence of the Risk Events
Respondents were asked to indicate the likelihood of risk events prevalent in construction projects they recently executed within the last five years and are familiar with. Broadly, risks were listed under various categories: economic, political, social, environmental, procurement, design and construction-related risks.

Level of Use of Risk Management Techniques on Projects
The study sought to establish the use of risk management techniques across all the risk management processes of risk identification, risk assessment and risk response. It was found that risk response is the most adopted risk management technique, with a contingency plan, risk mitigation and risk avoidance techniques (average use

Risk Severity
The study found that the most severe risks encountered by contractors using the formula severity = likelihood x impact (El-Sayegh, 2008) are high competition in bids, political instability, payment delays, corruption and bribery and bureaucracy of government institutions (SI = 0.6389, 0.5659, 0.5617, 0.5583 and 0.5473) respectively. The least severe risks are environmental factors such as floods and earthquakes, prosecution due to unlawful disposal of construction waste, absence of fire systems on site, equipment/property/materials damage and on-site accidents (SI = 0.2174, 0.2246, 0.2378, 0.2941 and 0.4956 respectively. Further risk categorisation based on severity was conducted and summarised in table 4. It emerged that 58.33% of surveyed risks are in the low severity category, 39.58% are in the moderate category, and 2.09% are in the high severity category. None of the risks encountered is in the extremely low and extremely high severity categories. The average severity per risk category was also determined and presented in table 5. The study found that the most severe risks encountered by contractors are distributed amongst procurement, political and economic risk categories (average severity = 0.526, 0.484 and 0.481), respectively. The least severe risks encountered by contractors are distributed amongst the environmental, design-related and construction-related risk categories (average severity = 0.279, 0.337 and 0.362).

Relationship between the Severity of the Risks Encountered and Risk Management Techniques Used on Construction Projects
The study sought to establish whether there is a relationship between the severity of the risk and the risk management techniques used on construction projects. The data collected on risk management techniques and severity were used in generating the scatter plots shown in figure  1, 2 and 3. The scatter plots show a positive relationship between the perceived severity of the risks and the level of usage of risk identification and assessment techniques by respondents.    The results support the alternate Hypothesis stating that there is a relationship between the severity of the perceived risk and the use of risk identification and risk assessment techniques.
However, a weak positive relationship between the two variables becomes apparent when the perceived severity of the risk is related to the risk response techniques, as shown in figure  3.
It can be deduced from these findings that contractors sense the risks faced in their industry and that the higher the perceived severity of the risks, the higher their adoption of risk  The Spearman Rho correlation coefficient was used to test the significance of the relationship between the risk severity and risk management techniques -identification, assessment, and response used on construction projects. The results obtained -risk identification techniques (Spearman Rho coefficient = 0.198062), risk assessment techniques (Spearman Rho coefficient = 0.154488) and risk response techniques (Spearman Rho coefficient = 0.009896) all confirm the positive relationship between the usage of risk management techniques and the individual risk severity. Also, the results are significant at the 5% level, thus confirming the hypothesis that risk severity and risk management techniques used on construction projects are positively related. As perceived risk severity increases, project risk management techniques used also increase.

Discussion of Findings
The study showed that the most prevalent risk management techniques used on the construction projects studied from a ranking perspective are the contingency plan, risk mitigation/reduction and risk avoidance. Since these three are risk response techniques, construction practitioners focus more on responding to the risk events as and when they become apparent. This is evidenced by haphazard risk management that only responds to risk events as and when they happen without adequate systems through prior risk management planning. However, these findings are not aligned with the results of earlier research by Lyons and Skitmore [59], who found risk assessment techniques to be the most used by contractors.
Past experience, risk checklists, brainstorming and document reviews which are risk identification techniques, follow closely as the most widely used risk management techniques. However, as all these techniques are primarily based on reliance on past projects, it shows that construction practitioners are inclined to refer to experiences from the past and will continuously refer to past projects for future project execution. Similar findings were made by Taroun [60], where these particular risk identification techniques were found to be dominant.
However, an overreliance on the past may be inappropriate for the less experienced practitioners as they might have limited project exposure, thus rendering them unfit to make correct risk management decisions. It thus becomes prudent for effective record keeping and knowledge management to enable less experienced personnel to refer to and make the right risk management decisions.
The study also found that risk probability, impact assessment, and probability/impact risk rating matrix are extensively used in construction projects. Importantly, they are risk assessment techniques that fall under qualitative risk assessment techniques. This suggests that contractors conduct more qualitative than quantitative risk assessments due to a limited understanding of the latter. Mid-tier risk management techniques contractors use include SWOT analysis, risk transfer, flow charts, risk sharing, interviews, sensitivity analysis and risk exploitation. At the lower end, the techniques such as expert judgement, cause and effect diagrams, questionnaires, expert systems and risk enhancement become more complex and specialised; hence they are less used by the contractors.
The study showed that the average use of risk management techniques across the three risk management processes of identification, assessment and response is positively and significantly related to perceived risk severity on construction projects. It can be deduced that respondents' usage of risk management techniques is determined by the risks they encounter. This assertion is not appropriately aligned with prior findings by Mahendra et al. [33] that using risk management techniques depends on the individual's knowledge.

Conclusions and Recommendations
This research sought to determine whether there is a significant relationship between the risks and risk management practices used in the South African construction industry. The study found that the local construction industry is prone to various risks with varying degrees of severity. Significant risks plaguing the South African construction industry include high bid competition, political instability, payment delays, corruption and an inherent bureaucracy in government institutions. At the same time, the least significant risks are environmental factors, prosecution due to unlawful disposal of construction waste, on-site accidents and absence of fire systems on-site. Across the various risk categories, the local construction industry was most prone to procurement-related risks, followed by political, economic and social risks. The least severe risks were found to be in the environmental, construction and design-related risks categories. Overall, the study found that most risks companies encounter range from moderate to high severity, meaning they can be dealt with without halting projects completely. This project continuity is crucial for a developing economy like South Africa, where construction is vital to the country's overall economic performance.
The study identified the risk management techniques prevalent across the risk management processes of risk identification, risk assessment and risk response. The findings suggest that risk response techniques -contingency plan, risk reduction/mitigation, risk avoidance and acceptance-are used more than the other risk management techniques. This is evidence of a lack of understanding of construction companies' risk management processes and planning, as there is a greater focus on countering risks when they become apparent rather than identifying, assessing and planning for an adequate response strategy. The findings suggest that the more severe the risks contractors are exposed to, the more likely they will implement risk management techniques in response to them. This means that the more severe the risks companies face, the more likely they will implement risk management techniques to counter them.
Based on the findings, the study concludes that South Africa offers a hazardous environment for construction companies. Many failed small and large construction projects are a testament to this. However, the limited risk management planning on projects is compounding the effects of the construction industry's risky nature. The response to risk and techniques used depends on the perceived severity of the risk. The study recommends that construction companies plan for risks and avoid a reactive approach to risk management. Given the high severity of risks attributed to the government and its agencies, further research should also be undertaken to establish the role of government in enabling risk management competency amongst construction companies.