11. Project Risk Management Flashcards
1
Q
What percentage of the exam do the objectives covered in this chapter make up?
A
8 percent
This is equivalent to about 11 questions.
2
Q
What is risk in project management?
A
An uncertain event or condition that can have a positive or negative effect on meeting project objectives
It relates to components such as schedule, cost, scope, or quality.
3
Q
What are the two characteristics of a risk in project management?
A
- It stems from elements of uncertainty.
- It might have negative or positive effects on meeting project objectives.
4
Q
What is the purpose of risk management?
A
To plan risk management, identify and analyze risks, plan and prepare risk responses, implement responses, and monitor risks.
5
Q
What does the process of ‘Plan Risk Management’ involve?
A
Determining how to conduct risk management for the project, including activities and how they will be performed.
6
Q
What is the output of the Plan Risk Management process?
A
The risk management plan.
7
Q
What does the ‘Identify Risks’ process entail?
A
Identifying and documenting risks that might occur for the project, including sources of overall project risk.
8
Q
What does ‘Perform Qualitative Risk Analysis’ aim to achieve?
A
Estimating the overall probability of risks occurring and their impact, and prioritizing them for further analysis.
9
Q
What is the purpose of the ‘Perform Quantitative Risk Analysis’ process?
A
To numerically analyze the effect of identified risks on meeting project objectives.
10
Q
What is the ‘Plan Risk Responses’ process used for?
A
Preparing a risk response plan to increase positive impacts and decrease negative impacts of risks.
11
Q
What does the ‘Implement Responses’ process ensure?
A
That all planned risk responses are executed as planned.
12
Q
What is the goal of the ‘Monitor Risks’ process?
A
Tracking identified risks, identifying new risks, and evaluating the effectiveness of risk management processes.
13
Q
True or False: All risk management processes belong to the planning process group.
A
False
Implement Risk Responses and Monitor Risks are part of the executing and monitoring/control process groups, respectively.
14
Q
What are the major goals for planning risk management?
A
- Ensure risk management fits the actual risk involved.
- Secure sufficient resources for risk management activities.
- Set up an agreed-upon basis for evaluating risks.
15
Q
What is included in the risk management plan?
A
- Strategy and Methodology.
- Identifying and Assigning Resources.
- Roles and Responsibilities.
- Funding.
- Timing and Scheduling.
- Stakeholders’ Risk Tolerance.
- Risk Categories.
- Definition of Risk Probability and Impact.
16
Q
What is a risk breakdown structure (RBS)?
A
A hierarchical structure that breaks the identified risk categories into subcategories.
17
Q
What is the significance of defining risk probability and impact?
A
To ensure the quality and credibility of qualitative risk analysis.
18
Q
What is the purpose of the probability-impact matrix?
A
To prioritize risks according to their probability of occurrence and impact on project objectives.
19
Q
What does risk reporting in the risk management plan describe?
A
What kind of content and in what format each output of the risk processes will be.
20
Q
What is the first step in the risk identification process?
A
Identifying individual risks and overall sources of project risks.
21
Q
Fill in the blank: An unidentified risk is a danger lurking out of your sight and waiting to _______.
A
[attack the project]
22
Q
What is the primary purpose of a risk management plan?
A
To provide basic guidance on how to perform risk management for a project.
23
Q
What are common sources of uncertainty that give rise to risks?
A
Assumptions, ambiguity, estimates.
24
Q
What initial areas should be examined to identify risks?
A
Assumptions, ambiguities, estimates in agreements, procurement documentation, project documents.
25
What is a checklist in risk identification?
A to-do list of actions to take or points to consider for identifying risks.
26
True or False: Risk identification checklists are always exhaustive.
False.
27
What is the role of interviewing in risk identification?
To gather information from stakeholders and subject-matter experts.
28
What is the goal of brainstorming in the risk identification process?
To create a comprehensive list of potential risks.
29
What is assumption and constraint analysis?
A technique used to examine the validity of assumptions and constraints to identify risks.
30
What does root-cause analysis help identify?
The root causes of known risks to find new risks.
31
What does SWOT analysis help to expose in a project?
The risks involved by examining strengths, weaknesses, opportunities, and threats.
32
What is a prompt list?
A predetermined list of risk categories used to generate ideas for identifying risks.
33
What are the two main documents initiated from the risk identification process?
Risk register and risk report.
34
What information does the risk register contain?
List of identified risks, root causes, updates to risk categories, risk owner, potential responses.
35
What does the risk report summarize?
Sources of overall project risks, distribution of individual project risks, their impact, and trends.
36
What are the two forms of risk analysis?
Qualitative and quantitative risk analysis.
37
What is the purpose of performing qualitative risk analysis?
To prioritize identified project risks by estimating their probability and impact.
38
What is the focus of quantitative risk analysis?
To perform numerical analysis to estimate the combined effect of identified risks on project objectives.
39
What is assessed before performing qualitative risk analysis?
The quality of risk data.
40
What does risk probability refer to?
The likelihood that a risk will occur.
41
What does the impact of a risk refer to?
The effect the risk will have on a project objective if it occurs.
42
What is the purpose of the probability and impact matrix?
To prioritize risks based on their probability and impact.
43
Fill in the blank: The technique to assess risk data quality involves examining the _______.
[accuracy, reliability, and integrity of the data].
44
What factors are considered in assessing risk parameters?
* Risk urgency
* Manageability
* Controllability
* Connectivity
45
What is the significance of higher values in probability and impact scales?
Higher values indicate greater likelihood of risk occurrence and greater effect on project objectives.
46
What does a higher value on the probability scale indicate?
A greater likelihood of risk occurrence.
47
What does a higher value on the impact scale indicate?
A greater effect on the project objective should the risk occur.
48
What is the relationship between risk value and priority?
The higher the value for a risk, the higher its priority.
49
How are risks prioritized according to the risk probability and impact matrix?
Each risk is rated based on the probability and impact value assigned to it.
50
What are the three areas identified in the risk prioritization matrix?
* High-priority risks
* Medium-priority risks
* Low-priority risks
51
What is the difference between threats and opportunities in risk management?
Threats have a negative effect, while opportunities have a positive effect.
52
What is the purpose of hierarchical charts in risk assessment?
To assess priority for individual risks using more than two parameters.
53
What is risk categorization?
Assigning identified risks to predefined risk categories.
54
What is the output of the qualitative risk analysis?
Updated Risk Register.
55
What does the updated Risk Register include?
* Probability
* Impact
* Priority
* Owner
* Risk Urgency Information
56
What is the purpose of a Watch List of Low-priority Risks?
To monitor risks that are deemed unimportant but need continual observation.
57
What are the three major goals of quantitative risk analysis?
* Assess the probability of achieving specific project objectives
* Quantify the aggregated effect of individual risks on overall project objectives
* Prioritize risks by their contributions to overall project risk
58
What are the steps for performing quantitative risk analysis?
* Get Risk and 'How-to' Information
* Get Information about Reference Points
* Get Information about Variability
* Check the Result of Quantitative Analysis
* Model Individual Project Risks Effects
59
What are the two categories of techniques for quantitative risk analysis?
* Data gathering and representation techniques
* Analysis and modeling techniques
60
What is sensitivity analysis used for in risk management?
To determine which individual risks have the greatest impact on project outcomes.
61
What does a Monte Carlo simulation do in risk analysis?
Simulates the combined effect of individual project risks on project outcomes.
62
What is a probability distribution in the context of risk analysis?
A representation of uncertainty where several possible values have a probability assigned.
63
What is represented on the x-axis and y-axis of an S-curve?
* x-axis: predicted value of a project variable (e.g., cost)
* y-axis: cumulative probability for the predicted values
64
True or False: Qualitative risk analysis is a quick and cost-effective way to prioritize risks.
True
65
What does the term 'risk urgency information' refer to?
Information about risks that require immediate attention.
66
Fill in the blank: The main result of qualitative risk analysis is the prioritization of risks based on a _______.
probability and impact matrix
67
What does the name 'Monte Carlo' refer to in project objectives?
It refers to the random behavior of the input
## Footnote
It could also be called 'Las Vegas.'
68
What is an S-curve in simulation analysis?
A cumulative probability diagram where the x-axis represents the predicted value of a project variable and the y-axis represents the cumulative probability for the predicted values.
69
What is Expected Monetary Value (EMV) analysis?
A method used to calculate the expected value of an outcome when different possible scenarios exist with assigned probabilities.
70
How is EMV calculated?
By multiplying the value of each possible outcome by its probability and summing the results.
71
What is the formula for calculating EMV when considering both opportunities and threats?
EMV = (probability of opportunity × value of opportunity) - (probability of threat × value of threat).
72
What is Decision-tree Analysis used for?
To choose from different available options represented by branches, analyzing probabilities of outcomes.
73
What does an Influence Diagram represent?
A graphical representation of uncertain situations showing relationships among variables and outcomes.
74
What is the purpose of interviews and expert judgment in quantitative risk analysis?
To gather information from experts and validate risk data and analysis.
75
What does the updated risk report from quantitative risk analysis include?
It includes project success probability, overall project risk effect, prioritized list of risks, trends in results, and risk-response recommendations.
76
What is the main goal of the Plan Risk Response process?
To develop actions and strategies for responding to individual project risks and overall project risk.
77
What are the three goals of risk-response planning?
* Minimize threats to meeting project objectives
* Maximize opportunities
* Reduce overall project risk effect
78
What does AARCO stand for in risk-response planning?
Appropriate, Agreed upon, Realistic, Cost-effective, Owned by appropriate stakeholder.
79
What are the three strategies to respond to negative risks?
* Avoid
* Transfer
* Mitigate
80
What does the 'Avoid' strategy entail?
Eliminating the risk or its impact on the project.
81
What is meant by 'Transfer' in risk management?
Shifting the responsibility and negative impact of the risk to another party.
82
What does 'Mitigate' mean in the context of risk management?
Taking action to reduce the probability or impact of a risk.
83
What are the three strategies to respond to opportunities?
* Share
* Exploit
* Enhance
84
What does the 'Share' strategy involve?
Transferring the ownership of a positive risk to another party better equipped to capitalize on the opportunity.
85
What is the goal of the 'Exploit' strategy?
To ensure that a high-priority opportunity is realized.
86
What does 'Enhance' refer to in risk response?
Increasing the size of the opportunity by improving its probability or impact.
87
What does exploiting a positive risk refer to?
Ensuring that the positive risk occurs
88
What does enhancing a risk mean?
Increasing the size of the opportunity by increasing its probability, impact, or both
89
What are the strategies to plan for negative and positive risks?
Share/transfer, exploit/avoid, enhance/mitigate, and accept
90
What is a contingency in risk management?
A future event or condition that is possible but cannot be predicted with certainty
91
What triggers a contingency response?
Predefined conditions or events, such as missing a milestone
92
What are secondary risks?
Risks that arise as a result of implementing a risk response
93
What is the output of the risk-response planning process?
Appropriate risk response strategies and related schedule activities with assigned resources
94
What is included in the risk register?
* Planned risk-response strategies
* Symptoms and warning signs of risk occurrences
* Contingency plans and triggers for contingency risks
* Budget and schedule activities for planned responses
* Fallback plans for inadequate responses
* List of passive, accepted risks
* Residual risks after planned responses
* List of secondary risks
95
What must be generated for proposed changes to project plan components?
Change requests
96
What is the goal of implementing risk responses?
Minimize the impact of threats and maximize the impact of opportunities
97
What is the first step in the Implement Risk Responses process?
Get 'How-to' and Other Information about Risk
98
What does the Monitor Risks process include?
* Tracking the status of identified risks
* Monitoring residual risks
* Identifying new risks
* Evaluating the effectiveness of risk processes
99
What is technical performance measurement?
Comparison of actual versus planned quantities related to the technical progress of the project
100
What is reserve analysis in risk management?
Comparing the remaining reserve amount to the remaining risk to determine adequacy
101
What is the purpose of risk audits?
To assess the effectiveness of risk management processes
102
What does the risk monitoring process help identify?
New risks and updates to existing risks
103
What is the importance of the risk identification process?
It initiates the risk register and risk report
104
What is the main goal of risk-response planning?
Minimize threats and maximize opportunities
105
Fill in the blank: Risk refers to an uncertain event or condition that, if it occurs, has a ______ effect on meeting the project objectives.
[positive or negative]
106
True or False: The risk monitoring process only focuses on identified risks and does not consider new risks.
False
107
What is the goal for risk-response planning?
To minimize the threats and maximize the opportunities.
108
What is monitored in the risk monitoring process?
Identified risks, secondary risks, residual risks, and new risks.
109
Define risk in the context of project management.
An uncertain event or condition that can have a positive or negative effect on meeting project objectives.
110
List the key processes involved in risk management.
* Planning risk management
* Identifying and analyzing risks
* Planning and preparing risk responses
* Implementing risk responses
* Monitoring risks.
111
What is the only output of risk management planning?
The risk management plan.
112
What does the risk management plan include?
* List of tools and approaches for risk management
* Identification and assignment of resources
* Definition of risk categories
* Risk probabilities and impacts
* Format of risk reporting and tracking.
113
What are the outputs of the risk identification process?
* Risk register
* Risk report.
114
What is the main output of qualitative risk analysis?
Prioritization of risks based on a probability and impact matrix.
115
What does quantitative risk analysis emphasize?
* Assessing the probability of meeting project objectives
* Prioritizing risks based on total impact.
116
What does risk-response planning involve?
Examining and selecting risk-response strategies and planning responses to individual project risks.
117
What activities are involved in monitoring risks?
* Tracking the status of identified risks
* Evaluating the effectiveness of risk processes
* Identifying new risks.
118
True or False: A risk can only have a negative effect on a project.
False.
119
The risk register is not an input to which process?
Implement Risk Responses.
120
Which technique is not listed in PMBOK Edition 6 for risk identification?
Root-cause analysis.
121
True or False: An updated risk report is the output of both qualitative and quantitative risk analysis.
True.
122
What is an example of risk mitigation?
Installing extra servers in another city as a backup for natural disasters.
123
What is an example of risk transfer?
Outsourcing development due to lack of adequate talent.
124
What is being evaluated when assigning numbers like expected monetary value?
The probability and impact of a risk.
125
What is the EMV for the positive impact if the risk has a 50% probability and could yield $200,000?
$100,000.
126
What is the EMV for the risk with a 50% probability yielding $200,000 or $50,000?
$125,000.
127
What are secondary risks?
Risks that can result from responses to the identified risks.
128
Which of the following is not a valid risk response?
Risk rejection.
129
What does SWOT analysis help identify?
Risks.
130
What is not an output of qualitative risk analysis?
A list of trends in the analysis results.
131
What is not an output of quantitative risk analysis?
Decision about a risk-related contractual agreement.
132
In which process is a project manager involved when recommending corrective actions related to risk?
Plan Risk Responses.
133
In which process is a project manager involved when getting risk-related corrective actions approved?
Perform Integrated Change Control.
134
Which statement is not true about project risk management?
Exploiting an opportunity ensures that the positive risk does occur.
135
Which of the following is not an input to the Monitor Risks process?
Work performance information.
