Analysis of interactions among barriers in project risk management

In the context of the scope, time, cost, and quality constraints, failure is not uncommon in project management. While small projects have 70% chances of success, large projects virtually have no chance of meeting the quadruple constraints. While there is no dearth of research on project risk management, the manifestation of barriers to project risk management is a less dwelt topic. The success of project management is oftentimes based on the understanding of barriers to effective risk management, application of appropriate risk management methodology, proactive leadership to avoid barriers, workers’ attitude, adequate resources, organizational culture, and involvement of top management. This paper represents various risk categories and barriers to risk management in domestic and international projects through literature survey and feedback from project professionals. After analysing the various modelling methods used in project risk management literature, interpretive structural modelling (ISM) and MICMAC analysis have been used to analyse interactions among the barriers and prioritize them. The analysis indicates that lack of top management support, lack of formal training, and lack of addressing cultural differences are the high priority barriers, among many others.


Introduction
A project is defined as a series of related activities with a well-defined set of desired end results (Fan et al. 2008). Projects are temporary organizational forms with unique features that set them apart from permanent organizational forms (Palm and Lindahl 2015). Walewski and Gibson (2003) defines international projects as those where owner or contractor of the projects are from a different country than the one, where the project is being executed. International projects are classified by Grey et al. (2010) as overseas (executed in a foreign country for a native firm), foreign (executed in a foreign country for a foreign firm), or global (project team consisting of professionals from multiple countries) projects. Han et al. (2008) claimed that overseas projects tend to have a high possibility of loss/failure compared to domestic projects.
In project management, high levels of risk are considered to be a significant obstacle for project success (Zwikael and Sadeh 2007). Zwikael et al. (2013) defined risk as a scenario in which a project suffers a damaging effect. Projects are often exposed and averse to risks, and stakeholders ask for risk management to cover themselves against financial or legal consequences (Fang and Marle 2012). Hence, risk management becomes an integral part of project management (Isaac 1995;Han et al. 2008;Elkington and Smallman 2002). Risk management is very crucial for any project to complete successfully without compromising on the quadruple constraints of scope, cost, schedule, and quality (Yazid et al. 2014). Miller and Lessard (2001)  project risks in large engineering projects are challenging tasks at the early phase. International projects have high levels of risk and complexity, which result in greater possibilities of overrun and conflict when compared with domestic projects (Eybpoosh et al. 2011). A survey conducted by Standish Group International Inc. (The Standish group CHAOS report 2013) shows that only 25-30% projects are completed successfully. Most of the projects fail due to cost overrun or schedule overrun. Success of any project mainly depends on upon understanding the risks associated with the specific project and effective implementation of risk management (Walewski and Gibson 2003). Tah and Carr (2001) emphasized the importance of establishing a systematic risk management process for each decision phase of a construction project. Effective project risk management is possible by knowing the various barriers in risk management and the strategies to overcome them (Hwang et al. 2014;Harner 2010).
Some risks remain constant throughout project, whereas some risks arise and diminish during the project (PMI 2013). To improve project performance, the risks which occur across entire project life cycle must be recognized and managed.

Literature survey Risks involved in projects
Risk is a triple characteristic of any project decision in the situation of uncertainty. It can be defined as a trinity of risk event (A), risk probability (P), and function of risk losses (u) (Titarenko 1997). According to PMBOK (2013), risk is often referred to as the presence of potential or actual threats or opportunities that have an influence on the objective of the project during construction, commissioning or at the time of use. Risk is also defined as an uncertain event or condition that, if it occurs, has a positive or negative effect on the project objectives. Jannadi and Almishari (2003) defined risk as the potential damage that may affect personnel or property. Sato and Hirao (2013) defined risk as the possibility of a critical situation, where an activity cannot deliver mandatory outcomes required for the project objectives and no other immediate alternatives are available. Ward and Chapman (2003) proposed the term uncertainty instead of risk to indicate that it may be a threat or opportunity as well.
The less predictable nature of projects makes them riskier than routine business activities (Elkington and Smallman 2002). All project lifecycles consist of a sequence of stages and activities, from origin to completion and there is always a degree of risk associated with each stage (Stewart and Fortune 1995). The organizational and technological complexity of projects can generate enormous risks (Marle and Vidal 2011;Aloini et al. 2012;Zou et al. 2007;Carr and Tah 2001). Managing risks in every phase is very important to improve project success rates (Bush et al. 2005;Keizer et al. 2002;Smith and Merritt 2002).
As stated by Latham (1994), risk can be managed, minimized, shared, transferred, or accepted, but cannot be ignored. As elaborated by Sarewitz et al. (2003), the two components of risk are event risk and outcome risk. Event risk is the occurrence of a particular event, whereas outcome risk is the particular outcome.
Risk management is one of the key project management processes (Raz and Michael 2001). In general, the risk management is a vital, an on-going and iterative process use to identify possible risks sources during different phases of projects under development (Boateng et al. 2015). Aven (2016) stated that the concept of risk and risk assessments has a long history, but risk assessment and management was established as a scientific field some 30-40 years ago. Most of the research on risk management has focused on risk identification and analysis (Kirkire et al. 2015). The information which is generated through the use of project risk management is applied within the project (Patterson and Neailey 2002). The main purpose of project risk management is to identify, evaluate, and control the risks for project success (Lee et al. 2009). Risk management can help project managers to anticipate delays that cause projects not to be delivered on time (Grant et al. 2006). The risks must be identified before they become problems. Elkington and Smallman (2002) mentioned risk identification as the most important stage of risk analysis as no work can be done on risks that no one has discovered. Risk identification and the development of implementation of risk management strategies must be carried out throughout the life of a project (Stewart and Fortune 1995;Turner et al. 2010). Earlier studies (Murray et al. 2011) put forth that various techniques such as brainstorming, Delphi technique, interviews, surveys, scenario analysis, work breakdown structure analysis, checklist, questionnaire, fault tree analysis, etc. are commonly used for identifying project risks. Based on studies by various researchers, risks involved in projects can be broadly generalized, as mentioned in Table 1.

Barriers in project risk management
While there is no dearth of research on project risk management, the manifestation of barriers to project risk management is a less dwelt topic (Kutsch and Hall 2010). Failure to identify and eliminate the barriers for risk management affects the risk management practices and leads to project failure. Failed projects have many consequences, including financial losses, negative press, loss of customer trust, and loss of competitive advantage. There exists a strong need for research that improves project success (Yim et al. 2015). Some common barriers to effective risk management as put forth in the literature in domestic or international projects are explained in this section. The barriers vary as per the circumstances and may exist with any typical combination.
(i) Inertia of employees (Resistance to change): Lundy and Morin (2013) state that how resistance to change or employees' inertia is one of the frequently encountered barriers for effective project risk management and leadership. As stated by Tummala et al. (1997), primary reasons for resistance are often lack of clarity and uncertainty of change, pressure, interference with interests, and reluctance to learn something new and hence managing resistance to change. (ii) Avoidance of talking about risk: Bhoola et al. (2014) mention that poor communication between top management and project team leads to risk avoidance, due to fear of transferring bad news. Individuals highlight only benefits and downplay risks to secure their positions in the project team by sounding more enthusiastic and positive. Liu et al. (2015) argue that blocking the communication  (ii) Retention of competent staff Camprieu (2007); Sennara and Hartman (2002) 16 Health related Low life expectancy age Anderson (2000); Ling and Hoi (2006) channels and discussion on risk implications can defeat the purpose of risk management and informed decision making. (iii) High cost of risk management: Allen et al. (2015) discuss the impact of risk management on cost management of projects. Project cost management can include planning estimating budgeting, financing, funding, and other forms of controlling costs, as well. Even risk mitigation strategies often require more budgets which may push project cash flows toward a negative side (Sato and Hirao 2013). (iv) Lack of top management support: Liu et al. (2015) argue that the major factor responsible for IT project failures is lack of top management. The authors suggest that repeated interactions with top management and gaining their confidence can often facilitate social capital and avert project failure. On the contrary, the absence of committed leadership along with lack of strategic direction toward implementation of risk management is an important barrier to effective risk management for projects. (v) Lack of formal training to employees: Tummala et al. (1997) highlighted the importance of training on risk management practices. Lack of formal training of employees in the area of concepts and principles of project risk management can become a stumbling block in the implementation of risk management methodologies. Hanna et al. (2016) argue that training is an enabler in better competency matching. The paper suggests that project managers should focus on developing their cognitive skills rather than working in a process-driven setup. (vi) Cultural difference: Jamil et al. (2008) opine that international projects are difficult to manage and complicated as they involve stakeholders from different cultures. Such cultural differences can cause serious concern for effective risk management. According to Harner (2010), there is a strong link between corporate culture and risk management practices. Cultural differences bring mismatch in strategic thinking which becomes a roadblock to effective implementation of risk management. (viii) Lack of cooperation between employee and top management: according to Liu et al. (2015), strong cooperation and mutual trust between employees and top management is a prerequisite for creating an atmosphere for effective implementation of risk management. Top management must delegate authorities, increase decision-making culture amongst employees, and pay heed to their suggestions which will help in building mutual trust in the organization. (viii) Cross-functional conflicts: any project consists of a large number of functions, and hence, employees are divided into many functional departments. Huo et al. (2016) discuss a set of antecedents to relationship conflicts in cross-functional projects or projects with several functions. The authors argue that relationship conflicts are universal phenomena in multi-functional projects. The authors further opine that relationship conflicts are often triggered by intrapersonal diversity, project uncertainty, culture diversity, and behavioural expectations from team members. (ix) Lack of resources: Farr-Wharton (2003) suggests that insufficient resources can result in project failure, despite all the endeavour of the team. The lack of resources such as funds, people, and technology can be a barrier to successful implementation of risk management in any project. Hwang et al. (2014) argue lack of budget as one of the prominent barriers to extract the benefits of risk management in small projects. (x) Failure to clearly define risks: Bhoola et al.
(2014) stress on the significance of risk identification. The authors divide risks into four categories-avoidance, transference, mitigation, and acceptance-and discuss the impact of each on project success. Vaisblat (2014) discusses the need for clarity in defining risks precisely and proposes a system of project risk indicators.

Interpretive structural modelling (ISM)
At this backdrop of the multiplicity of barriers to implementing effective risk management practices in project management, it would be interesting to look at tools that permit identification of structure within such barriers within a system. Warfield (1974) theoretically developed an interpretive structural model (ISM). ISM is a systematic application of some elementary graph theory in such a way that theoretical, conceptual, and computational advantages are exploited to explain complex pattern of conceptual relations among variables (Shahabadkar et al. 2012). ISM uses words, digraphs, and discrete mathematics to reveal the intrinsic structure of system/complex issues/problem under consideration (Jadhav et al. 2015a, b). ISM has been used by researchers for understanding direct and indirect relationships among various variables in different industries (Jadhav et al. 2014b(Jadhav et al. , 2015a. ISM is a tool which permits identification of structure within a system (Jadhav et al. 2014a;Kumar et al. 2013a, b;Raj et al. 2010;Rajesh et al. 2007;Solanki and Choudhary 2014). ISM is used for identifying and summarizing the relationship amongst the variables related to an issue or problem by developing a well-defined model (Alawamleh and Popplewell 2011;Attri et al. 2013;Charan et al. 2008;Eswarlal et al. 2011;Faisal 2010;George and Pramod 2014;Kannan et al. 2008;Ravi and Shankar 2005). Thakkar et al. (2008) compared three contemporary modelling techniques: analytic hierarchy process (AHP), analytic network process (ANP), and interpretive structural modelling (ISM) and found that ISM has a higher capability to capture dynamic complexity. Hence, in this study, we would use the ISM model.

Problem definition
The literature survey resulted in certain research gaps.
Research in the area of exploring barriers to effective project risk management is scanty. The authors failed to identify any research that prioritizes barriers for implementing project risk management using the ISM or any other similar model. This paper aims to generate a general list of barriers to project risk management by referring the various barriers identified in the literature, analyse the interaction among the barriers for risk management, develop the interpretive structural model for prioritization of barriers affecting risk management in projects, and suggest strategies for overcoming such barriers.

Research objective
To sustain competition, organizations are expanding their businesses into new and uncharted markets by undertaking domestic as well as international projects. It is essential for companies to understand the risks involved with projects and their impact on sustained competitiveness and growth in global markets. Project risk management is a systematic process of identifying, analysing, and responding to project risks. Project risk management can be effective if the barriers to risk management are identified and tackled effectively (Han et al. 2008).
Based on extensive literature review, the paper identifies various barriers in project risk management and explores the possibility of applying the interpretive structural model (ISM) and MICMAC analysis to identify and summarise the relationship among risk barriers and their relative significance.

Research methodology
The study is exploratory in nature and uses the literature as a secondary source of data. Using the vast literature that exists in the field of project management and risk management in projects, the following criteria were used for selecting literature: Primary and secondary keywords such as ''project risk management'', ''barriers'', ''project success'', ''project failure'', ''project challenges'', and a combination of these were used for preparing a repertoire for the study. The references of the recent research papers were also linked to previous work done by the same authors in project risk management, as well (see Fig. 1).

Procedure of ISM
ISM is a modelling technique in which the specific relationships among the variables and the overall structure of the system under consideration are portrayed in a digraph model. The various steps involved in the ISM methodology are as follows (Ravi and Shankar 2005): Step 1: Variables affecting the system under consideration can be objectives, actions, individuals, etc. In this case, the variables are barriers to risk management in projects.
Step 2: From the variables identified in Step 1, a contextual relationship is established among variables with respect to which pairs of variables would be examined. Step 3: A structural self-interaction matrix (SSIM) is developed for variables, which indicates pairwise relationships among variables of the system under consideration.
Step 4: Initial reachability matrix is developed from the SSIM and the matrix is checked for transitivity. Transitivity of the contextual relation is a basic assumption made in ISM. It states that if a variable A is related to B and B is related to C, then A is necessarily related to C. This transitivity is reflected in the final reachability matrix.
Step 5: The reachability matrix obtained in Step 4 is partitioned into different levels.
Step 6: Based on the relationships given above in the reachability matrix, a directed graph is drawn and the transitive links are removed.
Step 7: The resultant digraph is converted into an ISM, by replacing variable nodes with statements.
Step 8: The ISM model developed in Step 7 is reviewed to check for conceptual inconsistency and necessary modifications are made.
These steps of ISM modelling are illustrated in Fig. 2.

Development of structural self-interaction matrix (SSIM)
Ten barriers were identified from literature review and expert opinion. More than 20 industry professionals were consulted to confirm the various barriers to risk management, as represented in the literature. ''Leads to'' or ''influences'' type of contextual relationship is chosen for analysing barriers of risk management. It indicates that a particular barrier influences another barrier. Considering this as a basis, the contextual relationship amongst barriers is developed.
The following four symbols were used to denote direction of relationship between the barriers (i and j): V: barrier i influences barrier j. A: barrier i is influenced by barrier j. X: barrier i and j influence each other. O: barrier i and j do not influence each other, since they are unrelated.
The contextual relationship among barriers to risk management was identified in consultation with five industry experts having more than 10 years of experience in the project risk management area. Using their expertise, the SSIM was developed, as represented in Table 2.
As observed in Table 2, in most cases, either one barrier influences the other, as denoted by symbols ''V'' and ''A''. For example, the symbol ''A'' connecting ''inertia of employees'' and ''10'' implies that the former gets influenced by ''failure to clearly define the risk''. Similarly, the symbol ''V'' connecting ''inertia of employees and ''8''

Development of initial reachability matrix
The initial reachability matrix is obtained from SSIM by transforming information of each cell of SSIM into binary digits (i.e., 1 or 0). This transformation has been done by  Table 3. Therefore, we assign ''1'' corresponding to ''V'' if barrier ''i'' influences barrier ''j'' and ''0'' otherwise. If barrier ''j'' influences ''i'', it is captured by ''A''. If there is mutual interdependence, then both the entries are assigned ''1'' and ''0'' if there is no relationship.
Following above rules of transformation, initial reachability matrix is developed, as shown in Table 4.
Capturing the relationship among the barriers in the form of binary numbers, Table 4 is generated. In the cases of ''V'' and ''A'', the relationships follow one way. However, in the case of barriers ''7'' and ''8'', for example, it is ''1'' both ways. Similarly, in the case of barriers ''6'' and ''9'', it is ''0'' both ways.

Development of final reachability matrix
To get final reachability matrix, the concept of transitivity is introduced, and some of the cells of initial reachability matrix are filled by inference. If a variable 'i' is related to 'j' and 'j' is related to 'k', then transitivity implies that variable 'i' is necessarily related to 'k'. The final reachability matrix is developed after incorporating transitivity concept and is represented in Table 5.
The number of drivers is captured by the horizontal summation of the rows. The vertical summation of the rows is called ''dependence''. As observed from this table, ''lack of top management support has the lowest dependence value and the highest driver value. This implies that top management support is a significant driver to all other barriers; however, it is not true, the other way.

Level partitioning the final reachability matrix
The reachability set and antecedent set for each barrier are established from final reachability matrix. The reachability set for a particular barrier consists of the barrier itself and the other barriers, which it influences, whereas the antecedent set consists of the barrier itself and other barriers which may influence it. Subsequently, the intersection of Table 2 Structural selfinteraction matrix (SSIM) Barriers (i;; j?) 10 9 8 7 6 5 4 3 2  If the (i, j) entry in the SSIM is Entry in initial reachability matrix  The barriers for which reachability sets and intersection sets are identical, assigned top level in the ISM hierarchy. Top-level barriers are those that will not lead the other barriers above their own level in the hierarchy. Once the top-level barrier is identified, it is discarded from the further hierarchical analysis. This iteration is repeated until the levels of each barrier are found out (Tables 6,7,8,9,10,11,12,13). Level identification process of these barriers is completed in eight iterations.
The fourth iteration is carried out for five barriers. The five barriers selected in the initial three iterations are excluded. The fourth iteration shows that the ninth barrier has intersection set and reachability set as identical and contains a maximum number of common barriers. Hence, the barrier ''Lack of resources'' is selected at the fourth level (ref. Table 9).
The fifth iteration is carried out for four barriers. The six barriers selected in the initial four iterations are excluded. The fifth iteration shows that the seventh barrier has intersection set and reachability set as identical. Hence, the barrier ''lack of cooperation between employee and top management'' is selected at the fifth level (ref. Table 10).
The sixth iteration is carried out for three barriers. The seven barriers selected in the initial five iterations are excluded. The sixth iteration shows that the sixth barrier has intersection set and reachability set as identical. Hence, the barrier ''cultural difference'' is selected at the sixth level (ref. Table 11).
The seventh iteration is carried out for two barriers. The eight barriers selected in the initial six iterations are excluded. The seventh iteration shows that the fifth barrier has intersection set and reachability set as identical. Hence, the barrier ''lack of formal training to employees'' is selected at the seventh level (ref. Table 12).
The eighth iteration is carried out for the last one remaining barrier. The nine barriers selected in the initial seven iterations are excluded. The eighth iteration shows that the fourth barrier has intersection set and reachability set as identical. Hence, the barrier ''lack of top management support'' is selected at the lowermost eighth level (ref . Table 13). Table 14 represents the summary of all eight iterations which divides the ten barriers into eight different levels.

Development of diagraph
After removing transitivity, a final diagraph is prepared. The top-level barrier, i.e., failure to clearly define the risk, is placed at the top of diagraph and the second-level barriers at the second position and so on, until the bottom-level barrier, i.e., lack of top management support, is placed at the lowest position in the diagraph, as shown in Fig. 3.
From left to right, the power to influence other barriers decreases, whereas from right to left, the tendency to get influenced by other barriers increases. Thus, barrier 4 is the most influencing, whereas barrier 10 has the highest influence from other barriers.

MICMAC analysis
After obtaining the ISM model for the risk management barriers, the cross-impact matrix multiplication applied to classification abbreviated as MICMAC analysis is applied to prioritize the barriers based on their driving power and dependence. The MICMAC principle is based on multiplication properties of matrices (Mudgal et al. 2010;Sharma et al. 1995;Jadhav et al. 2014a). The objective of MICMAC analysis is to analyse driving power and dependence of the variables (Faisal et al. 2006;Mandal and Deshmukh 1994;Jadhav et al. 2014a). Higher driving power indicates that the barrier highly influences other barriers. Higher dependence indicates that the barrier is highly influenced by other barriers. In the MICMAC analysis, four clusters, namely, autonomous, dependant, linkage, and independent, are represented at the four corners of the square. The horizontal axis represents dependence and the vertical axis represents driving power. As shown in Fig. 5, each barrier is represented by its number and located in the cell corresponding to its driving power and dependence, as calculated in Table 5. As an illustration, the barrier like lack of top management support has dependence value as 01 and driving power of 10. Hence, it is located in independent barriers cluster, as shown in Fig. 5.
In this analysis, the project risk management barriers which are described earlier have been classified into four clusters.
Cluster 1(Autonomous risk management barriers): These barriers are relatively disconnected from the system with very few weak links. Cluster 2(Dependent risk management barriers): These barriers are automatic followers of other barriers.
Cluster 3(Linkage risk management barriers): These barriers are unstable, because any action on these will have an effect on others and also a feedback on themselves.
Cluster 4(Independent risk management barriers): These barriers are the key drivers for implementation. Management has to pay maximum attention to get quick and sustainable results.
Clusters in MICMAC analysis diagram and their characteristics are depicted in Table 15.

Results and discussions
The practitioners in the field of project risk management must always take into account various possible barriers that can affect adversely their efforts to manage the risks. Understanding the barriers and their interactions among each other is of utmost importance in the project risk management. The ISM methodology combined with MICMAC analysis provided a model as well as dependence and driving power diagram of barriers to project risk management. The interactions among barriers are clearly visible through the ISM model developed. The ISM model indicates that barriers like lack of top management support, lack of formal training, and cultural difference are the top priority barriers which have an effect on other barriers. Hence, more attention should be given to minimize the occurrence of these barriers. The driving power-dependence diagram provides valuable insight about the relative importance of the barriers. The MICMAC analysis concludes that barriers like lack of top management support and cultural difference which appear in the fourth quadrant are the key barriers and management has to pay attention to get quick and sustainable results. Since effective risk management is a crucial part of any project, barriers must be identified at the early stage and prioritized according to their severity. Preparing an action plan to remove the high priority barriers will be the key to effective implementation of risk management which will lead to a successful project.

Strategies to overcome the barriers in risk management of projects
The following strategies are suggested in consultation with more than 20 project practitioners to overcome the common barriers to project risk management.
Strategy 1: There must be clarity in the mission and goals of the project. The cost and time estimates of the project must be realistic. A clear communication with all stakeholders to gain their buy-into project scope and project management plan is essential to avoid scope creep.
Strategy 2: Risk management must be integrated into the organizational culture and concept of risk responsibility must be promoted. Risks should be prioritized and action  plan for individual risk response must be prepared and standardized. Strategy 3: Risk identification must be started at an early stage even before the design starts. Some rewards and incentives can be offered for identifying crucial risks in the project. This will lead to active involvement of employees in risk management implementation.
Strategy 4: Top management must offer a commitment to risk management efforts. They should set up risk management teams, regularly revise risk management plans, allocate risk management responsibilities, listen to problems and suggestions from employees, and arrange for appropriate resources as and when required.
Strategy 5: Employees must be formally trained to create awareness regarding risk management efforts. The training should focus on the importance of risk management in projects; a systematic methodology to identify, clearly define, and prioritize risks related to the specific project; and need and benefits of working in cross-functional teams and optimum utilisation of the available resources.
Strategy 6: Project team members must put emphasis on effective communication within and outside the organization. Communication provides opportunities for clarification, for members to discuss improvement to an organization and impact of using different risk mitigation strategies.
Strategy 7: Top management must ensure effective use of information technology throughout project life cycle as it enables easy access and retrieval of risk data, prompt searches, effective communication, and sharing information about risk identification and response strategies. Information technology also supports top management in controlling project.
Strategy 8: An organizational culture supported by cross-functional teamwork, collaboration, and open communication must be developed within project organization. It will encourage the team members to work more efficiently and effectively. Organizational culture must support trust and cooperation among the team members. This will improve risk management in the project.
Strategy 9: A risk management organizational structure must be established to indicate formal lines of authority and communication and the information and data that flow through these lines.
Strategy 10: High cost involved in risk management efforts must be viewed in a manner, such that it is an investment to prevent the forthcoming losses on account of the occurrence of certain risks in the project. The cost benefit analysis of risk management should be carried out and budget for the risk management implementation should be incorporated into the overall project budget during initial stage only.

Conclusion and remarks-Conclusion
This paper represents the general scenario of the 17th various risk categories involved in any project and ten barriers associated with effective project risk management. It also attempts to identify possible causes of each risk category which may lead to failure of the project. The paper describes interaction among barriers which will be helpful for further studies in the area of effective implementation of risk management.
The barriers not only affect effective implementation of risk management in projects but also affect one another. The interaction of barriers amongst themselves had been analysed by developing a model using interpretive structural modelling (ISM). The model indicates that barriers like lack of top management support lead to other barriers. A thorough understanding of such barriers can be very helpful to management to effectively implement risk management. It can guide top management to tackle the barriers effectively. MICMAC analysis categorizes barriers into four clusters and emphasizes the need to concentrate more on the barriers which belong to the independent cluster.
The barriers to risk management if identified initially can be of great help to the company to plan for strategies to overcome them. For successful implementation of risk management in any project, risk management team must define risks clearly and proactively address risks consistently throughout the project. Barriers to risk management must be identified at the initial stage, assessed for their probability of occurrence and then responded.

Limitations and future directions
The primary focus of the study is on risk management in projects in various sectors such as construction engineering, piping engineering, power generation plants, mining, automotive industries, steel industries, and other heavy industries. According to the type of project, barriers to the risk management implementation and strategies to overcome them may vary. The authors have attempted to develop a generic model for barriers to risk management and hence can be used as a basis for risk management planning in any project. The study failed to consider service sector project management, which could open up new dimensions to risk management. In addition, the list of journals considered for the study can be increased to include more diversified risk management practices.
The interaction among barriers can also be analysed using a modelling technique like analytic network process (ANP). The model obtained using ANP can be compared with model obtained through ISM technique and a hybrid model can be formed which can be validated using structural equation modelling (SEM). A meta-analysis considering a larger pool of sectors and journals can explore new categories of barriers and investigate the relationship and effect of those new barriers on these existing barriers.
Research work in this area may act as a roadmap for effective implementation of risk management in projects and will help the risk management practitioners and researchers.