10) Risk Management

Question 1

What is the process of risk management?

Answer 1

• Plan Risk Management
• Identify Risks
• Perform Qualitative Risk Analysis
• Perform Quantitative Risk Analysis
• Plan Risk Responses
• Control Risks

Question 2

What is the key output of the Plan Risk Management process?

Answer 2

Risk management plan

Question 3

What is the key output of the Identify Risks process?

Answer 3

Risk register

Question 4

What key outputs of the Perform Qualitative Risk Analysis process are added to the risk register?

Answer 4

• Risk ranking for the project
• Prioritized risks and their probability and impact ratings
• Risks grouped by category
• List of risks requiring additional analysis and response
• List of risks requiring analysis in the near term
• Watch list (noncritical risks)

Question 5

What key outputs of the Perform Quantitative Risk Analysis process are added to the risk register?

Answer 5

• Prioritized list of quantified risks
• Initial amount of contingency time and cost reserves needed
• Possible realistic and achievable completion dates and project costs
• Quantified probability of meeting project objectives
• Trends in quantitative risk analysis

Question 6

What key outputs of the Plan Risk Responses process are added to the risk register?

Answer 6

• Residual risks
• Contingency plans
• Fallback plans
• Risk owners
• Secondary risks
• Risk triggers
• Contracts
• Reserves for time and cost

Question 7

What are the key outputs of the Control Risks process?

Answer 7

• Work performance information
• Risk register updates
• Change requests
• Updates to the project management plan and project documents
• Updates to organizational process assets

Question 8

What key outputs of the Control Risks process are added to the risk register?

Answer 8

• Outcomes of risk reassessments and risk audits
• Results of implemented risk responses
• Updates to previous parts of risk management
• Closing of risks that are no longer applicable
• Details of what happened when risks occurred
• Lessons learned

Question 9

What is a risk?

Answer 9

A future occurrence that may or may not happen that can have a positive (opportunity) or negative (threat) impact on the project

Question 10

What are the four key factors that need to be determined for each risk?

Answer 10

• Probability
• Impact
• Timing
• Frequency

Question 11

A person who is risk averse is:

Answer 11

Unwilling to take risks

Question 12

Define risk appetite, risk tolerance, and risk threshold.

Answer 12

Risk appetite:

A general, high-level description of the acceptable level of risk

Risk tolerance:

a measurable amount of acceptable risk

Risk threshold:

the specific point at which risk becomes unacceptable

Question 13

What are the inputs to the risk management process?

Answer 13

• Project background information and other organizational process assets
• Enterprise environmental factors
• Project charter, network diagram, and other project documents
• Project management plan (including scope baseline and the knowledge area plans)
• Time and cost estimates
• Procurement documents
• Stakeholder register
• Risk register
• Work performance data and reports

Question 14

What are some examples of sources of risk?

Answer 14

• Technical
• Project management
• Schedule
• Cost
• Quality
• Scope
• Resources
• Customer satisfaction

Question 15

What are some examples of risk identification techniques?

Answer 15

• Documentation reviews
• Information-gathering techniques
• SWOT analysis (strengths, weaknesses, opportunities, threats)
• Checklist analysis
• Assumptions analysis
• Diagramming techniques

Question 16

What are risk triggers?

Answer 16

• Early warning signs that a risk event has occurred, or is about to occur
• They let risk owners know when to take action

Question 17

What is assumptions analysis?

Answer 17

Assessing the assumptions made on the project and determining whether they are valid

Question 18

When is assumptions analysis done?

Answer 18

During Identify Risks

Question 19

What is risk data quality assessment?

Answer 19

Determining how accurate, reliable, and well understood the risk information is

Question 20

When is the risk data quality assessment done?

Answer 20

During Perform Qualitative Risk Analysis

Question 21

What is a probability and impact matrix?

Answer 21

The company’s standard rating system to promote a common understanding of what each risk rating means

Question 22

What is sensitivity analysis?

Answer 22

A technique to analyze and compare the potential impacts of identified risks

Question 23

What is the formula for expected monetary value?

Answer 23

Probability times impact, or

EMV = P x I

Question 24

What is a decision tree?

Answer 24

A model of a decision to be made that includes the probabilities and impacts of future events

Question 25

Who is a risk owner?

Answer 25

The person assigned to develop and execute risk responses for a critical risk

Question 26

What are the possible risk response strategies for threats?

Answer 26

**Avoid:** Eliminate the threat by eliminating the cause **Mitigate:** Reduce the probability or impact of the threat **Transfer:** Make another party responsible for the risk (outsourcing, insurance, warranties, bonds, guarantees) **Accept:** * Passive acceptance - do nothing; if it happens, it happens * Active acceptance - develop contingency plans in advance

Question 27

What are the possible risk response strategies for opportunities?

Answer 27

**Exploit:** Make sure the opportunity occurs **Enhance:** Increase probability or positive impact of the risk event **Share:** Allocate full or partial ownership of the opportunity to a third party **Accept:** Do nothing; if it happens, it happens

Question 28

What are residual risks?

Answer 28

Risks that remain after risk response planning

Question 29

What are secondary risks?

Answer 29

New risks created by the implementation of risk response strategies

Question 30

How does buying insurance relate to risk response planning?

Answer 30

* It exchanges an unknown cost impact of a known risk for a known cost impact * It is a method to decrease project risk

Question 31

How does a contract relate to risk response planning?

Answer 31

* A contract helps allocate and mitigate risks * Risk analysis must be done before a contract is signed

Question 32

What are contingency plans?

Answer 32

Planned responses to be implemented when and if a risk event occurs

Question 33

What are fallback plans?

Answer 33

Actions that will be taken if the contingency plan is not effective

Question 34

What are reserves?

Answer 34

Time or cost added to the project to account for risk

Question 35

What are the two kinds of reserves?

Answer 35

* Management reserve * Contingency reserve

Question 36

What is a contingency reserve?

Answer 36

* Time or cost allocated to cover known unknowns * It is included in the cost baseline

Question 37

What is a management reserve?

Answer 37

* Time or cost allocated to cover unkown unknowns * It is added to the cost baseline to get the cost budget

Question 38

What are workarounds?

Answer 38

Unplanned responses developed to deal with the occurrence of unanticipated events or problems on a project (or to deal with risks that had been accepted because of unlikelihood of occurrence and/or minimal impact)

Question 39

What are risk reassessments?

Answer 39

Reviews of the risk management plan and risk register

Question 40

When do risk reassessments occur?

Answer 40

During Control Risks

Question 41

What is reserve analysis?

Answer 41

Managing the reserves and making sure the amount remaining is adequate

Question 42

When is reserve analysis done during the risk management process?

Answer 42

During Control Risks

Question 43

What are risk audits?

Answer 43

Assessing the effectiveness of the risk management process and specific risk responses that have been implemented