Chapter 11: Project Risk Management Flashcards
The knowledge area that’s intended to increase the likelihood and impact of positive events and decrease the likelihood and impact of negative events is:
A. Project scope management
B. Project stakeholder management
C. Project risk management
D. Project communications management
C. Project risk management
CVR company is managing a project to construct a road. As they analyzed the risks for the project they saw that there was the possibility that additional foundation work might be necessary in a lower lying area. There wasn’t anything that they could do to proactively manage this risk so they should:
A. Establish a management reserve
B. Establish a contingency reserve
C. Establish it as an issue
D. Do nothing
B. Establish a contingency reserve
The degree of uncertainty that an entity is willing to take on in anticipation of a reward is:
A. Risk tolerance
B. Risk threshold
C. Risk appetite
D. Risk temperature
C. Risk appetite
Positive and negative risks can also be referred to as:
A. Opportunities and threats
B. Possibilities and negatives
C. Issues and opportunities
D. Stakeholder opportunities
A. Opportunities and threats
The plan risk management process should begin when:
A. The project management plan has been created
B. The project is conceived
C. The project scope statement has been drafted
D. After project communications management
B. The project is conceived
A technique that helps the project team to look at many sources from which project risk may arise in a risk identification exercise:
A. Risk interrogation
B. Risk breakdown structure
C. Risk case study
D. Risk investigation
B. Risk breakdown structure
A grid for mapping the probability of each risk occurrence and its impact on project objectives if that risk occurs is:
A. Risk probability chart
B. Risk probability matrix
C. Risk impact chart
D. Probability and impact matrix
D. Probability and impact matrix
Which of the following is an ambiguity risk:
A. Future developments in regulatory frameworks
B. Productivity above or below target
C. Errors during testing that are higher or lower than expected
D. Unseasonal weather conditions
A. Future develop,ents in regulatory frameworks
Overall project risk is:
A. The effect of uncertainty on the project as a whole
B. Opportunities that can be exploited
C. An uncertain event or condition
D. An event that has a positive or negative impact on the project
A. The effect of uncertainty on the project as a whole
The document in which the results of risk analysis and risk response planning are recorded is:
A. Risk matrix
B. Risk register
C. RBS
D. Risk management plan
B. Risk register
The technique that is used to evaluate the degree to which the data about risks is useful for risk management is:
A. Risk data quality assessment
B. Risk urgency assessment
C. Probability and impact matrix
D. Risk probability and impact assessment
A. Risk data quality assessment
Which of the following should not be used for risk categorization:
A. Risk breakdown structure
B. Work breakdown structure
C. Common root causes
D. Cause and effect analysis
D. Cause and effect analysis
As qualitative risk analysis is performed and new information becomes available, what should be updated:
A. The project scope statement
B. The risk register
C. The stakeholder register
D. The risk breakdown structure
B. The risk register
Which type of diagram is useful for comparing relative importance and impact of variables that have a high degree of uncertainty to those that are more stable:
A. Tornado diagram
B. Storm diagram
C. Hurricane diagram
D. Typhoon diagram
A. Tornado diagram
A common use of expected monetary value analysis is:
A. Cause and effect analysis
B. Fishbone analysis
C. Decision tree analysis
D. Sensitivity analysis
C. Decision tree analysis
Company GAE is developing a simulation to understand the possible impact of risks to their project. Which technique is typically used in performing simulations:
A. Marseille technique
B. Delphi method
C. Monte Carlo technique
D. Le Mans method
C. Monte Carlo technique
Which of the following is not a possible project document update from quantitative risk analysis:
A. Probability of achieving cost and time objectives
B. Prioritized list of quantitied tasks
C. Probabilistic analysis of the project
D. Risk urgency information
D. Risk urgency information
Which of the following is not an appropriate strategy for dealing with a negative risk:
A. Mitigate
B. Accept
C. Avoid
D. Enhance
D. Enhance
The strategy that is used to increase the probability and/or the positive impacts of an opportunity is:
A. Enhance
B. Exploit
C. Mitigate
D. Transfer
A. Enhance
The DND design team have been tasked with creating a prototype of a car that can travel at 200km/h and uses 1L of fuel for every 100km it travels in highway conditions. The project team have examined the prototype and determined that it can achieve 210km/h but uses 1.2L of fuel per 100km. This analysis is known as:
A. Variance and trend analysis
B. Technical performance measurement
C. Risk assessment
D. Reserve analysis
B. Technical performance measurement
Processes in Project Risk Management
- Plan Risk Management
- Identify Risks
- Perform Qualitative Risk Analysis
- Perform Quantitative Risk Analysis
- Plan Risk Responses
- Implement Risk Responses
- Monitor Risks
Reasons for project risk management
Minimize the possibility that the risk will negatively impact the project and take advantage of risks that might offer opportunities
Two levels of project risk
Individual and overall
Individual risks
Single events or conditions that can impact the project and which are uncertain - we don’t know that they’ll definitely occur or not
Overall risks
Overall uncertainty of the project as a whole; the cumulative impact of individual risks
When risk management should be undertaken
Continuously as the project proceeds, as over time, new risks may arise and risks previously identified may no longer exist
Monte Carlo analysis
Analysis that can be used to assist the management of risks that occur or accumulate over time which are variable and ambiguous; a simulation technique
This type of risk can have a serious impact, but is often overlooked in risk management
Risks that occur or accumulate over time which are variable and ambiguous
Émergent Risk
Risk that can’t reasonably be anticipated but which needs to be dealt with when it occurs. Needs special attention in agile projects
How to deal with emergent risk
Adequate contingency funds, project team ready to respond, early warning system
These project management approaches have more uncertainty involved in them
Agile or adaptive projects
Plan Risk Management process
Process for describing how risk management will be conducted in the project, ensuring that the risk management is appropriate to the project
When Plan Risk Management process should be undertaken
At the beginning of a project and at points throughout as needed
Plan Risk management inputs
- Project charter
- Project management plan elements (subsidiary plans)
- Other project documents (stakeholder register)
- EEFs (organizations risk tolerance)
- Organizational process assets (organizations risk policies and resources)
Plan Risk management tools and techniques
- Expert judgement
- Stakeholder analysis
- Meetings
Plan Risk Management outputs
- Risk Management Plan
- Risk Breakdown Structure
Included in the Risk Management Plan
- Risk strategy
- approach to managing risk
- roles and responsibilities for managing risk
- funding needed
- timing of risk management activities
- categories of risk that will be managed (risk breakdown structure)
Identify Risks process
Process for guiding activity to identify and describe the characteristics of individual risks and overall project risk
When Identify Risks process should take place
Throughout the project
Identify Risks inputs
- Project management plans
- Other documents (project agreements and procurement documentation)
- Organizational process assets
Identify Risks tools and techniques
- Expert knowledge
- Data gathering techniques (brainstorming, checklists and interviews)
- Data analysis techniques (root cause, assumption and constraint, SWOT and documents analyses)
- interpersonal and team skills
- prompt lists
- Meetings
Identify Risks outputs
- risk register (main output)
- list of identified risks
- list of potential risk owners
- list of potential risk responses
- Risk report
- project document updates
- assumption log
- issue log
- lessons learned register
Risk register
Main output of Identify Risks process, the list of any descriptions of the risks and further information from other risk management processes
Risk report
Output of Identify Risks process, describing overall risks to the project and a summary of individual project risks
Perform Quakitative Risk Analysis process
Process for determining which risks are of sufficient importance to warrant further attention, examining how likely the risk is to occur and the impact that it’ll have if it does
Qualitative risk
Based on human opinion
The project team and other stakeholders are consulted for their views on the risks that have been identified for the project. Effort is needed to remove bias from the conclusions reached
Risk owner
In the Perform Qualitative Risk Analysis process, this person takes responsibility for specific risks, ensuring that they’re dealt with
Perform Qualitative Risk Analysis inputs
- Project management plan elements (risk management plan)
- Other project documents (assumption log, risk register and stakeholder register)
- knowledge from similar projects
Perform Qualitative Risk Analysis tools and techniques
- Expert knowledge
- Data gathering techniques (interviews)
- Data analysis (assessment of data quality, risk probability and impact on others)
- interpersonal and team skills
- Risk categorization
- dats representation techniques (probability and impact matrix and hierarchical charts)
- Meetings and discussion (wise workshops)
Perform Qualitative Risk Analysis outputs
Project documentation updates (assumption log, issue log, risk register, risk report)
Perform Quantitative Risk Analysis process
Process for numerically analyzing project risks, quantifying risk exposure and supporting risk response planning
Perform Quantitative Risk Analysis inputs
- Project management plan elements (risk management plan)
- Scope, schedule and cost baselines)
- Other project documents (assumption log and project constraints)
- basis of estimates
- cost estimates and forecasts
- Duration estimates
- Milestone list
- resource requirements
- risk register and report
- schedule forecasts
- EEFs
Perform Quantitative Risk Analysis tools and techniques
- Expert judgement
- Data gathering techniques (interviews, especially with experts)
- interpersonal and team skills
- statistical techniques
- Data analysis techniques (simulation - Monte Carlo analysis)
- sensitivity analysis
- decision tree analysis
- influence diagrams
Perform Quantitative Risk Analysis outputs
- project document updates (assessment of overall project risk exposure)
- detailed probabilistic analysis (recommendations on contingency reserves, details of serious risks and major drivers of project risk)
Plan Risk Responses process
Process for identifying Risk Responses, which can reduce or eliminate risks and maximize benefits from opportunities presented by some risks
Plan Risk Responses inputs
- Project management plan elements (Resource Management Plan, Risk Management Plan and cost baseline)
- lessons learned register
- Project schedule
- project team assignments
- resource calendars
- risk register and report
- stakeholder register
- risk appetite of key stakeholders
- Organizational process assets (templates for risk management, historical project activity and lessons learned)
Plan Risk Responses tools and techniques
- Expert judgement
- interviews
- interpersonal and team skills
- strategies for dealing with threatening risks
- strategies for dealing with opportunities presented by some risks
- strategies for dealing with overall project risk
- alternatives analysis
- cost benefit analysis
- decision making techniques (multi-criterion decision analysis)
Strategies for dealing with risks
- escalate
- avoid
- transfer
- mitigate
- accept
Stratégies for dealing with opportunities
- escalate
- exploit
- share
- enhance
- accept
Strategies for dealing with overall risk
- avoid
- exploit
- transfer/share
- mitigate/enhance
- accept
Plan Risk Responses outputs
- change requests
- Project management plan updates (schedule, cost, quality, resource, procurement management plans, scope and cost baselines)
- project document updates (assumption log, cost forecast, lessons learned register, etc.)
Implement Risk Responses process
Process for implementing Risk Responses once identified; often an area of difficulty in projects
Implement Risk Response inputs
- Project management plan elements (risk management plan)
- Project documents (lessons learned register, risk register, risk report)
- Organizational process assets (lessons learned repository)
Implement Risk Responses tools and techniques
- Expert judgement
- interpersonal and team skills (influencing)
- PMIS
Implement Risk Responses outputs
- change requests
- project document updates (issue log, lessons learned register, project team, etc)
Monitor Risks process
Process for monitoring risk response plans, tracking identified risks, identifying and analyzing new risks and ensuring that the risk process operates effectively
When to perform Monitor Risks process
Throughout the project
Monitor Risks inputs
- Project management plan elements (risk management plan)
- Project documents (issue log, lessons learned register, risk register and report)
- work performance data and reports
Monitor Risks tools and techniques
- Data analysis techniques (technical performance analysis and reserve analysis)
- risk audits
Technical performance analysis
Monitor Risks process technique, which compares actual with targeted technical performance
Reserve Analysis
Monitor Risks process technique, which compares existing with needed contingency reserves
Monitor Risks outputs
- work performance information
- change requests
- Project management plan updates
- Other project document updates (assumption log, issue log, lessons learned register, risk register, risk report)
- Organizational process assets updates
Example EEFs that are inputs to Plan Risk Management
Organizations risk tolerance
Example organizational process assets that are inputs to Plan Risk Management
- organizations risk policies
- organizations resources used for managing risk (templates, forms, etc)
Example organizational process assets that are inputs to Plan Risk Responses
- templates (for risk management)
- Information from previous projects
- lessons learned
Example organizational process assets that are inputs to Implement Risk Responses
Organizations lessons learned
Example organizational process assets that are outputs of Monitor Risks
Changes to organizations templates for risk management activity
