6.5.3 Managing Implementation Responsibilities and Processes


Managing Implementation Responsibilities and Processes

Monitoring the implementation of new business processes benefits from a clear definition of roles and responsibilities. This section illustrates approaches that agencies use to assign responsibility for implementation activities so that progress can be tracked.

Assigning Responsibility for Managing Risks and Implementation Activities

A key step in managing risks and other implementation activities is establishing a set of roles and responsibilities for each of the tasks at hand. The risk management process introduced in Chapter 2 includes a step for monitoring risks on a regular basis through a risk register or some other format.


When assigning responsibilities for managing risks, different types of risks are normally assigned to different individuals or divisions within a transportation agency:

  • Strategic risks – Impact the agency’s ability to achieve its goals and objectives. Ignoring risks at this level can cascade down to impact programs and projects at other levels of the agency. For this reason, strategic risks are generally assigned to members of agency leadership and may be addressed by incorporating risks into regular management meetings and key policy documents.
  • Program risks – Impact an organization’s ability to administer a program in a coordinated way. Risks at this level are typically the responsibility of the program manager ensuring there are effective controls over risk and documenting risk activities.
  • Project risks – In many agencies, a project risk management process is in place with responsibility for managing risks assigned to the project manager. At this level, primary responsibilities include managing risks associated with the project scope, schedule and quality.
  • Activity risks – Associated with routine activities performed by the agency, such as snow and ice control, incident response and pavement management modeling. Risks at this level are typically managed and monitored by the activity leader.

An agency may elect to appoint a Chief Risk Officer or to create an Enterprise Risk Unit charged with coordinating the agency’s risk processes and training agency personnel on risk management. If such a unit is created, the Chief Risk Officer often reports directly to the agency’s chief executive officer or another high-ranking executive, symbolizing the importance of risk management to the agency. Agencies without a formal Risk Unit may rely on the Asset Management Coordinator to serve in this role. Examples showing how risk roles and responsibilities have been assigned are provided in Figures 6.8 and 6.9.

Process Improvements

The success of a TAM Improvement Plan that outlines steps the agency plans to take to enhance its asset management program will also benefit from a clear set of roles and responsibilities for:

  • Implementing the suggested changes,
  • Monitoring progress, and
  • Repeating the assessment periodically.

Ownership for the implementation of the planned enhancements generally lies with the TAM Coordinator in an agency, with specific tasks assigned to one or more individuals with the specialized skills and capabilities that are needed.

A major function of the implementation leader is to ensure that all roles are understood and that the various assignments are being carried out as intended. This may require building buy-in among the team members, who are likely busy with other responsibilities. It is also important that the leader have the authority responsibility to hold individuals accountable for progress, even if they report to a different division within the agency.

Table 6.4 Risk Types and Owners

Risk LevelsOwnersTypes of Risks
Strategic RisksCEO

Senior Staff

Board or Commission
  • Financial risks to agency income
  • Operational risks caused by lack of staffing, training, or poor performance
  • External risks caused by political or social issues
  • Overall preparedness for disaster response
  • Information risks that create department-wide impacts, such as outdated management systems
  • Major regulatory or legal compliance risks
Program RisksLeaders of major programs, such as safety, pavement, bridge, maintenance, information technology, project delivery, human resources
  • Performance risks caused by lack of training, execution, or resources to deliver the program
  • Information risks caused by poor data in the program or inadequate analysis
  • Financial risks caused by increasing prices
  • Stakeholder risks caused by contractors or vendors essential to the programs
  • Major project risks if they exceed the level at which they can affect an entire program
Project RisksProject Managers
  • Risks to the cost, scope, schedule, or quality
  • Project impacts on neighborhoods and environmental compliance
Activity RisksActivity Managers
  • Performance risks caused by lack of training equipment, or execution
  • Cost increases impinging on activity performance
  • Risks to execution caused by outside events, such as extreme weather

Source: Transportation Research Board. 2014. Managing Risk Across the Enterprise: A Guide for State DOTs.

The availability of adequate resources is also important to the successful implementation of an improvement plan. Establishing clear role descriptions that describe the required tasks to be completed and the requirements needed to implement the changes enables an agency to compare the availability of existing staff to the implementation requirements. In some instances, staff may be temporarily assigned responsibility for a particular activity, such as developing a TAMP, to address a specific need.

Table 6.5 Risk Management Roles and Responsibilities for the Highways Agency, England

Project Manager
  • Approve the project RMP.
  • Approve and ensure implementation of response actions to identified risks, particularly significant risks that emerge as prospects for risk response.
  • Confirm who will carry out response actions and when action will be taken; incorporate into work plan.
  • Monitor effectiveness of response actions.
  • Regularly review and update the project RMP.
  • Promote aggressive risk management for this project.
  • Actively participate in risk workshops.
  • Communicate to senior management the risk and uncertainty the project is exposed to and the action that will be taken to address it.
Project Team Member
  • Proactively identify risks and their characteristics in terms of probability of occurrence and impact.
  • Proactively respond to risks within specialty area.
  • Document actions and report to Project Manager for inclusion in risk management updates.
  • Monitor effectiveness of response actions.
  • Communicate with Project Manager regarding risk management actions and changing project risk profile (addition of new risks or retirement of old risks - as appropriate).
Project Risk Manager
  • Prepare and update the project RMP.
  • Develop a schedule for key check-in milestones for review and update of the RMP.
  • Determine when risk workshops will be needed and ensure appropriate preparation is accomplished prior to the workshop.
  • Collaborate with the Strategic Analysis and Estimating Office, CREM Unit, to coordinate pre-workshop, workshop, and post-workshop activities, including the need for consultants and/or other participants - both internal and external.
  • Oversee and manage day-to-day risk management process for the project.
  • Ensure quality of risk data.
  • Track and monitor effectiveness of response actions.
  • Promote risk management activities within the project team and with stakeholders.
  • Communicate with Project Manager on all matters related to risk.
Risk Owner

(Action Owner)
  • Implement agreed response actions.
  • Report on effectiveness of the risk actions to the Project Manager/Risk Manager and affected project team members.
  • Identify new risks that may emerge after response actions.
  • Communicate with Project Manager regularly, including the need for other risk response actions if needed.

Source: Washington State DOT. 2018. Project Risk Management Guide.

Using a RACI Matrix to Assign Roles and Responsibilities

A variety of tools can be used to track roles and responsibilities, including spreadsheets or various type of matrices. One form of responsibility assignment matrix is known as a RACI matrix. The term RACI is taken from the words:

  • Responsible. Assigning responsibility for getting the work done or making a needed decision. This is typically the person who gets the work done.
  • Accountable. Identifying the person who is responsible for making sure the work is done and is ultimately answerable for the activity or decision.
  • Consulted. Recognizing that others will provide information needed to complete an activity.
  • Informed. Keeping people aware of progress that is made.

A RACI matrix can be used for virtually any type of activity with a combination of tasks, milestones, and key decisions that will be carried out by several different individuals. It is a common technique used for managing different types of construction, implementation, and monitoring activities and is especially useful when responsibilities are divided across divisions or departments within an organization. For that reason, it is commonly used as part of an enterprise-wide risk management program to help ensure that risks are monitored regularly. An example of a RACI matrix showing responsibilities for adopting an enterprise risk management (ERM) policy is shown in figure 6.7.

Figure 6.7 Example RACI Chart

Source: AASHTO. 2016. Managing Risk Across the Enterprise: A Guide for State DOTs.

Seattle DOT

The City of Seattle has a Sidewalk Safety Repair Program to oversee the maintenance of the City’s many sidewalks and curbs to keep them safe and accessible. The Program includes a process for monitoring sidewalk conditions, investigating complaints of unsafe or inaccessible sidewalks, determining repair responsibility (e.g.., adjacent property owner, City, or other utility), using existing conditions to proactively mitigate conditions (beveling and asphalt shimming), and permanently repairing sidewalks that are the City’s responsibility. Repairs are leveraged with other capital projects as much as possible, so coordination with other Divisions is vital to the effectiveness of the program.

Because of the number of Divisions involved in managing sidewalks, the City assigned roles and responsibilities in a RACI matrix, that identifies those with Responsibility (R) or Accountability (A), those that need to be Consulted (C), and those that need to be Informed (I). The RACI matrix developed by the City includes one additional role beyond the four that are commonly included in the matrix. The City of Seattle added an “S” to represent a support role for personnel who might provide information to the process but are not necessarily responsible for completing the activity. The RACI matrix has served the City well by clarifying the responsibilities of each of the Divisions involved in some aspect of the Program so the program looks seamless to the public, as shown on the City’s website (https://www.seattle.gov/transportation/projects-and-programs/programs/maintenance-and-paving/sidewalk-repair-program).

Excerpt From a RACI Matrix Developed by the City of Seattle for Managing Roles and Responsibilities for its Sidewalk Repair Program

Source: City of Seattle. 2019.