Chapter 11 Flashcards
Individual Project Risk
It is an uncertain evet or condition that if it occurs has a positive or negative effect on one or more project objectives
Overall Project Risk
It is the effect of uncertainty on the project as a whole arising from all sources of uncertainty including individual risks, representing the exposure of stakeholders to the implications of variations in project outcome both positive and negative
Plan Risk Management
It is the process of defining how to conduct risk management activities for a project.
Risk Breakdown Structure
It is a hierarchical representation of potential sources of risk
Reporting formats
These define how the outcomes of the project risk management process will be documented, analyzed and communicated
Tracking
This documents how risk activities will be recorded and how risk management processes will be audited.
Identify Risks
It is the process of identifying individual project risks as well as sources of overall project risk and documenting their characteristcs
Prompt List
It is a predetermined list of risk categories that might give rise to individual project risks and that could act as sources of overall project Risk
PESTLE
TECOP
VUCA
Risk Data Quality Assessment
It evaluates the degree to which the data about individual project risks is accurate and reliable as a basis for qualitative risk analysis
Risk Probability and impact assessment
It consides the likelihood that a specific risk will occur
Characteristics of risks to be considered
- Urgency
- Proximity
- Dormancy
- Manageability
- Controllability
- Detectability
- Connectivity
- Strategic Impact
- Propinquity
Urgency
The period of time within which a response to the risk is to be implemented in order to be effective
Proximity
The period of time before the risk might have an impact on one or more project objectives. A short period indicates high proximity
Dormancy
The period of time that may elapse after a risk has occured before its impact is discovered. A short period indicates low dormancy
Manageability
The ease with which the risk owner or owning organization can manage the occurance or impact of the risk. Where management is easy manageability is high
Controllability
The degree to which the risk owner or owning organization is able to control the risk’s outcome. Where the outcome is easily controlled, controllability is high
Detectability
The ease with which the results of the risk is occurring, or being about the occur can be detected and recognized . Where the risk occurrence can be detected easilty, Detectability is high
Connectivity
The extent to which the risk is related to other individual project risks. Where a risk is connected to many other risks, connectivity is high
Strategic Impact
The potential for the risk to have a positive or negative effect on the organization’s strategic goals. Where the risk has a major effect on strategic goals, the strategic impact is high
Propinquity
The degree to which a risk is perceived to matter by one or more stakeholders. Where a risk is received as very significant, propinquity is high
Perform Quantitative Risk Analysis
It is the process of numerically analyzing the combined effect of identified individual project risks and other sources of uncertainty on overall project objectives.
Plan Risk Responses
It is the process of developing options, selecting strategies and agreeing on actions to address overall project risk exposure as well as treat individual project risks
Strategies for threats
- Escalate
- Avoid
- Transfer
- Mitigate
- Accept
Strategies for overall project risk
- Avoid
- Exploit
- Transfer/share
- Mitigate/Enhance
- Accept
Implement Risk Responses
It is the process of implementing agreed-upon risk response plans
Monitor Risks
It is the process of monitoring the implementation of agreed-upon risk plans, tracking identified risks, identifying and analyzing new risks and evaluating risk process effectiveness throughout the project.
Acceptance
A risk response appropriate for both positive and negative risks, but often used for smaller risks within a project.
Ambiguity risks
Risks that have an uncertain, unclear nature, such as new laws or regulations, the marketplace conditions, and other risks that are nearly impossible to predict.
Avoidance
A risk response to avoid the risk.
Brainstorming
The most common approach to risk identification; usually completed by a project team with subject matter experts to identify the risks within the project.
Business risks
These risks may have negative or positive outcomes. Examples include using a less experienced worker to complete a task
Cardinal scales
A ranking approach to identify the probability and impact by using a numerical value, from .01 (very low) to 1.0 (certain).
Checklists
A quick and cost-effective risk identification approach.
Data precision
The consideration of the risk ranking scores that takes into account any bias, the accuracy of the data submitted, and the reliability of the nature of the data submitted.
Decision tree
A method to determine which of two or more decisions is the best one. The model examines the costs and benefits of each decision’s outcome and weighs the probability of success for each of the decisions.
Delphi Technique
An anonymous method of querying experts about foreseeable risks within a project, phase, or component of a project. The results of the survey are analyzed by a third party, organized, and then circulated to the experts. There can be several rounds of anonymous discussion with the Delphi Technique, without fear of backlash or offending other participants in the process. The goal is to gain consensus on project risks within the project.
Enhancing
A risk response that attempts to enhance the conditions to ensure that a positive risk event will likely happen.
Escalating
A risk response that is appropriate for both positive and negative risk events that may outside of the project manager’s authority to act upon.
Expected monetary value (EMV)
The monetary value of a risk exposure based on the risk’s probability and impact in the risk matrix. This approach is typically used in quantitative risk analysis because it quantifies the risk exposure.
Exploit
A risk response that takes advantage of the positive risks within a project.
External risks
These risks are outside of the project, but directly affect it—for example, legal issues, labor issues, a shift in project priorities, or weather.
Flowcharts
System or process flowcharts show the relationship between components and how the overall process works. These are useful for identifying risks between system components.
Influence diagrams
An influence diagram charts out a decision problem. It identifies all of the elements, variables, decisions, and objectives and also how each factor may influence another.
Low-priority risk watch list
Low-priority risks are identified and assigned to a watch list for periodic monitoring.
Mitigation
A risk response effort to reduce the probability and/or impact of an identified risk in the project.
Ordinal scales
A ranking approach that identifies and ranks the risks from very high to very unlikely or to some other value.
Organizational risks
The performing organization can contribute to the project’s risks through unreasonable cost, time, and scope expectations; poor project prioritization; inadequate funding or the disruption of funding; and competition with other projects for internal resources.
PESTLE
A prompt list used for risk identification. PESTLE examines risks in the Political, Economic, Social, Technological, Legal, and Environmental domains.
Probability and impact matrix
A matrix that ranks the probability of a risk event occurring and its impact on the project if the event does happen; used in qualitative and quantitative risk analyses.
Project management risks
These risks deal with faults in the management of the project: the unsuccessful allocation of time, resources, and scheduling; unacceptable work results; and poor project management.
Pure risks
These risks have only a negative outcome.
Qualitative risk analysis
This approach “qualifies” the risks that have been identified in the project. Specifically, qualitative risk analysis examines and prioritizes risks based on their probability of occurring and their impact on the project should they occur.
Quantitative risk analysis
This approach attempts to numerically assess the probability and impact of the identified risks. It also creates an overall risk score for the project. This method is more in-depth than qualitative risk analysis and relies on several different tools to accomplish its goal.
RAG rating
An ordinal scale that uses red, amber, and green (RAG) to capture the probability, impact, and risk score.
Residual risks
Risks that are expected to remain after a risk response.
Risk
A project risk is an uncertain event or condition that can have a positive or negative impact on the project.
Risk identification
The systematic process of combing through the project, the project plan, the work breakdown structure, and all supporting documentation to identify as many risks that may affect the project as possible.
Risk management plan
A project management subsidiary plan that defines how risks will be identified, analyzed, responded to, and monitored within the project. The plan also defines the iterative risk management process that the project is expected to adhere to.
Risk management planning
The agreed-upon approach to the management of the project risk processes.
Risk owners
The individuals or entities that are responsible for monitoring and responding to an identified risk within the project.
Risk register
The risk register is a project plan component that contains all of the information related to the risk management activities. It’s updated as risk management activities are conducted to reflect the status, progress, and nature of the project risks.
Risk report
The risk report explains the overall project risks and provides summaries about the individual project risks.
Risk response audit
An audit to test the validity of the established risk responses.
Risk responsibilities
The level of ownership an individual or entity has over a project risk.
Risk score
The calculated score based on each risk’s probability and impact. The approach can be used in both qualitative and quantitative risk analysis.
Secondary risks
New risks that are created as a result of a risk response.
Sensitivity analysis
A quantitative risk analysis tool that examines each risk to determine which one has the largest impact on the project’s success.
Sharing
A risk response that shares the advantages of a positive risk within a project.
SWOT analysis
SWOT analysis is the process of examining the project from the perspective of each characteristic: strengths, weaknesses, opportunities, and threats.
TECOP
A prompt list used in risk identification to examine the Technical, Environmental, Commercial, Operational, and Political factors of the project.
Technical, quality, or performance risks
Technical risks are associated with new, unproven, or complex technologies being used on the project. Changes to the technology during the project implementation can also be a risk. Quality risks are the levels set for expectations of impractical quality and performance.
Transference
A risk response that transfers the ownership of the risk to another party. Insurance, licensed contractors, or other project teams are good examples of transference. A fee and contractual relationships are typically involved with the transference of a risk.
Variability risks
A type of risk based on the variations that may occur in the project, such as production, number of quality errors, or even the weather
VUCA
A prompt list used in risk identification that examines the Volatility, Uncertainty, Complexity, and Ambiguity of risk factors within the project.
Project Risk Management Processes
Planning: 1. Plan Risk Management 2. Identify Risks 3. Perform Qualitative risk Analysis 4. Perform Quantitative Risk Analysis 5. Plan Risk Responses Executing 6. Implement Risk Responses Monitoring and Controlling 7. Monitor Risk
