Chapter 11 - Risk Mgmt Flashcards
What is individual project risk?
An uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives
What is overall project risk?
The effect of uncertainty on the project as a whole, arising from all sources of uncertainty including individual risks. It represents the exposure of stakeholders to the implications of variations in the project outcome
What sort of things might be in the risk management plan?
- risk strategy
- methodology to perform risk management (tools, data sources etc)
- roles and responsibilities
- funding: identifies the funds needed to perform risk management and establishes protocols for the application of contingency and management reserves
- timing: when will risk mgmt be performed?
- risk categories and risk breakdown structure (rbs) (categories of risks)
- stakeholder risk appetite
- definition of risk probability and impacts
- probability and impact matrix
- reporting formats
- tracking of how risk activities will be recorded
What are techniques for identifying risks?
- Expert judgement
- Data gathering (brainstorming, checklists, interviews)
- Data analysis (root cause analysis, assumption and constraint analysis, SWOT analysis, document analysis)
- Interpersonal and team skill
- Prompt lists (predetermined list of risk categories)
- Meetings
What is qualitative risk analysis?
The process of prioritising individual project risks for further analysis or action by assessing their probability of occurrence and impact as well as other characteristics. The key benefit is that it focuses efforts on high-priority risks
What is quantitative risk analysis?
The process of numerically analysing the combined effect of identified individual project risks and other sources of uncertainty on overall project objective. Not required for every project
What are examples of data analysis tools used for quantitative risk analysis?
- Simulation (e.g. Monte Carlo»_space;>S-curve) & criticality analysis (which elements of the risk model have the greatest effect on the critical path)
- Sensitivity analysis: which individual project risks have the most potential impact on the project outcomes»_space;> tornado diagram
- decision tree analysis: possible decisions and events and associated costs
- influence diagrams
What is the risk report?
A project document developed progressively throughout the Project Risk management processes, which summarises information on individual project risks and the level of overall project risk
What is a secondary risk?
A risk that arises as a direct result of implementing a risk response
What is the risk register?
Contains details on individual project risks, for which risk responses are required:
- Priority of the risk
- Risk owner
- Root causes
- Risk triggers
- Response strategies
- Budget and schedule required for response strategies
- Residual risk after response
- Secondary risks
What are the five strategies for dealing with threats?
- Escalate - threat is outside scope of project and manager has insufficient authority to respond
- Avoid
- Transfer - e.g. insurance
- Mitigate
- Accept
What are the five strategies for dealing with opportunities?
- Escalate
- Exploit
- Share
- Enhance
- Accept
What is an example of avoiding overall project risk?
Example 1: Reduce scope
Example 2: Cancel project (!)
What are the inputs to plan risk management?
– Project charter – project management plan – project documents (stakeholder register) – enterprise environmental factors – organisational process assets
What is risk appetite?
A high-level description of an individual or group’s openness to risk