Three of Five – Risk Register
NZS3910 has no provision for risk registers. Tis is a missed opportunity.
The sole reference to risk is in the advance notification provision in clause 5.21. Under that clause, if either the contractor or the engineer (note, not the owner) becomes aware of any matter which may affect price, time of delivery or any statutory requirements (note, not quality), then they shall give notice of such event. Either may then call a meeting to address such event.
If the contractor fails to give such notice when it ought, then any resulting variation is to be valued as if such notice had been given and appropriate steps take to avoid or mitigate the event. Notably, this constraint does not apply to the owner or Engineer failing to give such notice - in such event the contractor must do battle to have the resulting variation valued under clause 9.3 and further time granted under clause 10.3, each including an expectation of mitigation.
The lack of any reference to a risk register, or to all parties contributing to its maintenance, is fatal to the effectiveness of this provision. Instead of promoting the proactive management of risk, the clause simply provides a further opportunity for the Engineer to undervalue variations.
Some of this may be attributable to a nervousness on the part of the industry to be transparent about risk, and an underlying belief that the allocation of responsibility for mitigating actions will be read to override the allocations of risk in the contract itself. Neither needs to be of concern.
Risk registers are an important project management tool. Most identify any risk which may increase cost, delay or otherwise have any adverse impact on the project, regardless of liability or responsibility under the conditions of contract. Usually set out in a table, columns identify the risk, its currency, likelihood of occurrence, impact if it occurs, possible mitigation measures and the person responsible for taking mitigating or avoiding action. The risk register should avoid terms like “ownership” as these can lead to misunderstanding as to liability under the contract. The fact that the Engineer will take some mitigating action does not automatically mean that the contractor is not responsible for the cost or time implications of such action; or the contractor taking the action and not being compensated.
Further, the risk register is not a “contract document” in the sense that it is bound into the contract as if it contained binding obligations. The risk register is best maintained by the owner’s project manager and updated following risk meetings. It needs to be a live document, much like the programme, which reflects actual risk in real time.
Following award of the contract, the first meeting between the owner and its consultants, and the contractor and key subcontractors, should be a risk meeting where the parties discuss how the work is to be carried out, lines of responsibility and risks to the project based on a line by line review of the risk register.
The risk register should then be reviewed at all project meetings, and as the need arises.
There should be no basis for “deemed” mitigation measures, based on notifications which ought to have been given by the contractor, as proposed by the current clause 5.21.3. That appears to be “just another opportunity to beat up on the contractor.”