Chapter Eleven | Risk Management Flashcards
Note.
Risk is an uncertain event that could happen
constraints are real. We need to plan around them.
.
What does EMV stand for
Expected monetary value
What does PESTLE stand for
Political Economic Social technological Legal Environmental
What does RBS stand for in risk?
Risk breakdown structure
What does TECOP stand for
Technical Environmental Commercial Operational political
What does VUCA stand for
Volaltility
Uncertainty
Complexity
Ambiguity
Uncertainty spectrum
No info Is known as what
Partial information is called what
Full information is known as what
No information-unknown unknowns
Partial information – known unknowns
Full information – known knowns
Uncertainty spectrum
What are the components of the realm of project management in managing risk?
Complete uncertainty…….general or specific uncertainty…….no uncertainty
Uncertainty spectrum
Known known’s are built into what
Project management plan
Uncertainty spectrum
Known unknowns are built into what
Risk/response plans
Contingency reserve
Uncertainty spectrum
Unknown unknowns I built into what?
Management reserve
What is project risk management?
The processes of conducting risk management planning, identification, analysis, response planning, response implementation, and monitoring risk on a project
What are the two levels of risk in every project and their definition
Individual project risk
Event or condition that if it occurs as a positive or negative affect on one or more project objectives
Ex A piece of material
Overall project risk
The effect of uncertainty on a project as a whole arising from all sources of uncertainty, including individual risk, representing the exposure of stakeholders to the implications of variations in project outcome, both positive and negative
Ex These are outside of your control. 40% chance funding won’t come through.
Negative risks are called what
Threats
Positive risks are called what
Opportunities
More customers than expected
training may be expensive but the vendor will be able to provide it for free because you’re purchasing their project
They add value
make you more competitive
What are the three levels of risk the PM needs to be aware of?
Risk exposure
Risk appetite
Risk threshold
Risk Level | What is risk exposure
An aggregate measure of the potential impact of any risk in any given point in time in the project program or portfolio
Risk Level | What is risk appetite?
The general degree of uncertainty that an entity is willing to take on in anticipation of reward
Risk Level | What is risk threshold
Level of risk exposure above which risk are addressed and below which risks may be excepted. Explicitly stated specific degree of acceptable variation around the objective
Businesses fall into one of three risk categories. What are the categories?
Risk averse
Risk Seeker
Risk neutral
Risk types | what is risk averse
Minimal risk. Try to avoid it
Attitude of risk avoidance.
Typically selects the lowest risk item or the sure thing
Risk types | what is risk seekers
Not afraid of risk, looking for a risk.
love the risk
Risk is high and rewards are high
Grabs onto new ideas and runs with them
Risk types | what is risk neutral?
Middle ground attitude towards rescue next line most companies are in the middle
What are the four risk types?
Pure or insurable risk
Business or inherent risk
External risk
Internal risk
Risk type | What is pure or insurable risk
Only involves chance for loss
Risks that you identified that will have a negative impact
Risk type | What is business or inherent risk?
Inherent chance for either profit or loss, which is associated with the business value
Risk type | What is external risk?
Outside the control of the project manager.
Examples of regulatory or government
Risk type | What is internal risk?
Within the control of the project manager
Example of cost estimate
What are two types of non-event risks
Variability risk
Ambiguity risk
Nonevent risk | What is variability risk?
Uncertainty about
KEY CHARACTERISTICS
of a planned event, activity, or decision. Addressed using Monte Carlo analysis
Note - Could occur impact unknown
Nonevent risk | What does ambiguity risk mean
Uncertainty about the
PROJECT FUTURE
where limited knowledge may affect the projects ability to achieve objectives
addressed by finding knowledge deficiencies and filling the gap
Note - what would the risk mean to the overall project success
What is emergent risk? (Project resilience)
Emergent risk becomes clear when you become aware of unknowable unknowns after the risk occurred
Who will deal with integrated risk management
The team will deal with it.
Risk at each level of the organization, project, program, or portfolio, should be owned and managed at the appropriate level
Who will deal with enterprise wide risk management
Company will be bought out, government funding got messed up. Next line ensures alignment and coherence In risk management across all levels and provide the greatest overall value for the risk exposure
11.1 Plan risk management
What is planned risk management
The process of defining how to conduct risk management activities for projects
Note
11.1 Plan risk management: input
OPA - Risk categories. PMO looks at previous risks and if there are trends, they may make a category. They are also recurring risks that become a category
.
11.1 Plan risk management: output
Why is the risk probability and impacts important?
So everyone is speaking the same language
11.1 Plan risk management | output
What is the probability an impact matrix
Grid for mapping probability and impact of a risk on project objectives.
Risks are prioritize according to the potential implications for project objectives
Note.. Probability percentages is subjective. It is based on the experts best guess
.
11.2 Identify risks
What is identifying risks?
The process of identifying individual project risk and sources of overall project risk, and then documenting their characteristics
Note. Identifying risks is an iterative process. It begins with the charter and continues until close.
.
11.2 Identify risks
Most identification is done during the planning phase using what three critical components?
WBS
Cost estimates
Time estimates
11.2 Identify risks | T & T
What is a risk checklist
Using historical information from previous similar projects.
Helps identify specific risks within each risk category. Updated regularly.
11.2 Identify risks | T & T
Data gathering | what is Delphi technique used for?
Technique which uses a questionnaire to solicit experts anonymously, data is summarize, recirculating, until consensus is reached.
It reduces bias of data and keeps a one person from having too much influence
11.2 Identify risks | T & T
What are the three common frameworks to generate/focus risks from?
PESTLE
TECOP
VUCA
11.2 Identify risks | Output
What is the output?
Risk register. Overall document about risks, general status type of report.
Note details are progressively elaborated
Qualitative versus quantitative
What is qualitative risk analysis?
Subjective comparison of risk to us it priority.
The team does qualitative analysis to rank or prioritize risk
Based on opinion
Qualitative versus quantitative
What is quantitative risk analysis
Numerical analysis done in order to calculate a rating of critical risks in currency
11.3 Qualitative risk analysis
what are you doing when you perform a qualitative risk analysis?
The process of prioritizing individual project risks for further analysis or action by assessing the probability of occurrence and impact
11.3 Qualitative risk analysis | T&T
Data Analysis - What is a risk data quality assessment?
We evaluate the degree to which the data about risk is useful for risk management.
Do you trust the data?
11.3 Qualitative risk analysis | T&T
What is risk probability and impact assessment
The probability and impact of each risk is evaluated and rated on a standard scale. Typically done in interviews and meetings using definition tables.
Examples-
What is the risk probability end how likely it is to happen, percentage
What is the risk in that end in fact, either positive or negative
Investigates the effects on objectives such a schedule, cost quality
11.3 Qualitative risk analysis | T & T
Data representation – what is probability and impact matrix?
A grid of mapping the probability of each risk and it’s impact on project objectives if that risk of cars.
used to score risks and sort by priority groups
Uses the estimated probability an empath based on subjective evaluation
Note. which ones are critical
Which one should be put on the watchlist
11.3 Qualitative risk analysis
Note - Impact equals pain scale
.
Assessment of other risk parameters
What is proximity
Period of time before a risk impacts one or more objectives
Assessment of other risk parameters
What is dormancy
Period of time after a risk occurs before it’s discovered
Assessment of other risk parameters
What is Connectivity
The extent a risk is related to the other individual risk
Assessment of other risk parameters
What is propinquiry?
The degree to which a risk is perceived to matter by one or more stakeholders
11.3 Qualitative risk
Note. Watchlist is only an output qualitative analysis. This is the only place you see it.
.
11.4 Perform quantitative risk analysis
What does the process do?
Process numerically analyzes the fact of identified risk/uncertainty on overall project objectives.
Normally done after qualitative ranking of risks
quantifies overall project risk exposure
must have high quality data about the risk and uncertainty
not required for all projects
What is the only method to assess overall project risk by evaluating to affect of all project risk
Quantitative risk analysis
11.4 quantitative risk analysis | T&T
During data gathering interviews what three words are used to categorize the scenarios?
Pessimistic
most likely
optimistic
11.4 quantitative risk analysis | T&T
Which data analysis technique is used to determine which individual project risk have the most potential impact on project outcomes?
Sensitivity analysis
A tornado diagram is typically used as a display of sensitivity analysis
11.4 quantitative risk analysis | T&T
What is the expected monetary value formula?
Multiplying the probability P times impact I to calculate a risk value
EVM = P * (I $)
probability as a percentage between zero and one and impact is currency
11.4 quantitative risk analysis | T&T
EMV. How do you calculate contingency reserves
Total threats minus total opportunities equals contingency reserves
11.4 quantitative risk analysis | T&T
What is a decision tree analysis
A diagramming and calculation technique used to support selection between several alternative courses of action when faced with the risk
Uses EMV to make a choice between each decision tree branch
11.5 Plan risk responses
What does the plan risk response process do
The process to develop opinions, select strategies, and agree on actions to address the overall project risk exposure, and to treat individual project risks
11.5 Plan risk responses NOTE
Plans are made by the risk owner
Primary and secondary strategies are developed to
decrease the probability or impact of a threat before the cars or
to increase the probability or impact of an opportunity before it occurs
.
11.5 Plan risk responses
Input - What is the enterprise environmental factor?
Risk appetite and thresholds
11.5 Plan risk responses | T&T
What are the two data analysis?
Alternatives analysis
cost benefit analysis
11.5 Plan risk responses | T&T
Explain cost benefit analysis
Individual project risk impacts are quantified and currency to calculate the ratio
the higher the ratio, the more effective the response.
Bigger is better
Change in impact level/ Implementation cost = response strategy cost effectiveness
11.5 Plan risk responses | T&T
What are the five strategies for negative risks and threats
Avoid transfer = insurance Mitigate - To reduce the probability or impact of a threat. Look at options separately for both probability versus impact escalate Accept
11.5 Plan risk responses | T&T
What are the five strategies for opportunities
Share enhance exploit escalate Accept
11.5 Plan risk responses | T&T
What are the two types of acceptance for both threats and opportunities and what is the definition
Active acceptance
Creates contingency time reserves, cost reserves, or contingency plans to use if the risk occurs
Passive acceptance
Involves no actions are taken except periodic review to see if the risk changes or occurs
11.5 Plan risk responses | Output
What is residual risk
Risks that remain after risk responses have been taken or risks that have been deliberately accepted
11.5 Plan risk responses | Output
What is secondary risks
A direct outcome of implementing a risk response.
Ex: The side effects of a pill. You implemented the process and now you have another risk
11.6 Implement risk responses
What Occurs in this process
The process of implementing an agreed-upon risk response plan
11.7 Monitor risks
What occurs in this process?
The process of monitoring the implementation of agreed-upon risk response plans, tracking identified risk, monitoring residual risk, identifying and analyzing new risk, and evaluating risk process effectiveness throughout the project
11.7 Monitor risks
NOTE
Risk related questions on the exam are very complex and assume a proper risk management plan is being utilized
risk owners are in place and are tracking the risks
the project has less risk since risk management plan has been done
.
11.7 Monitor risks | output
What are the OPA updates
Templates for the risk management plan, risk register, and risk report
risk breakdown structure
Risk Summary
Assume risk management is performed on the project
the exam has complex situational questions with the project manager would have experienced the event
The exam also may ask how the risk management activities change during the project
visualize where you are in the risk process
know what actions need to be done for each risk process
if a risk is identified after the initial process the first step … is it already in the risk plan on risk register?
It’s a risk occurs notify the risk on her to implement the response
.
