Manage Risks 1 Flashcards
During a morning update meeting, a team member informs you a risk response has created a spin-off risk and requires additional funds to resolve the issue. This new risk was not accounted for on the risk register and has the potential to derail the entire project if not handled in the next 48 hours. What is the best response to this situation?
A. Implement a risk response strategy followed by a reserve analysis
B. Appoint a risk owner and update the project budget
C. Identify a risk owner followed by a reserve analysis
D. Submit a change request for the additional funds to be added to the cost baseline
Answer: C
Process - Task 3 - Manage Risks
Identifying a risk owner and conducting a reserve analysis is the best answer. Typically you would also discuss potential responses, but this was not an option. Implementing a risk response strategy is not applicable because the risk was unknown at the time. Appointing a risk owner and updating the project budget is wrong because the PM does not own the project budget. You can’t submit a change request because you don’t have a probable cost yet.
In an effort to capture risks prevalent in the near term, as the project manager, you have opted to host an information gathering meeting with your key subject matter experts. While brainstorming some risks, one of your attendees recommends the team conduct a SWOT analysis. Which of the following describes SWOT analysis?
A. An analysis of strengths, weakness, options, and timing
B. An analysis of strengths, weakness, opportunities, and threats
C. An elite project team that comes in and fixes project risks and threats
D. Ratings of 1 to 100 used to categorize risks
Answer: B
Process - Task 3 - Manage Risks
SWOT analysis is part of risk identification. It examines the strengths and weaknesses of a project team and analyzes how the strengths help mitigate threats and exploit opportunities (and the converse as it pertains to weaknesses, i.e. how weaknesses block the exploitation of opportunities and allow vulnerabilities to threats).
Which of the following is not a key benefit of ensuring that risk responses are implemented properly?
A. Ensures agreed-upon risk responses are executed as planned
B. Addresses overall project risk exposure
C. Eliminates project threats
D. Maximizes project opportunities
Answer: C
Process - Task 3 - Manage Risks
While the Implement Risk Responses process seeks to minimize individual project threats, the elimination of threats may prove to be either impractical or impossible.
Four new risks for a project are identified while the project manager is preparing the monthly project status report. These four risks could affect vital key milestones. What should the project manager do before presenting this new risk information?
A. Refer to the risk register as well as the risk report.
B. Review the organizational process assets and risk register.
C. Refer to the risk management plan and the risk report.
D. Review the risk report and lessons learned repository.
Answer: A
Process - Task 3 - Manage Risks
The first step will be to analyze the new risks. Reviewing the current risk register and risk report will be the best starting point. PMBOK Guide Sixth Edition (2017) PMI/PMI/11.7/453
Which of the following is an accurate statement?
A. Qualitative risk analysis occurs prior to quantitative risk analysis
B. Quantitative risk analysis occurs prior to qualitative risk analysis
C. Qualitative risk analysis is performed on risks that have been prioritized during quantitative risk analysis
D. Both B and C
Answer: A
Process - Task 3 - Manage Risks
Qualitative risk analysis occurs prior to quantitative risk analysis and is a method for prioritizing identified risks for quantitative risk analysis. Note that quantitative analysis will not be necessary for all risks, however, qualitative analysis will be.
John is a project manager on a large Enterprise Resource Planning (ERP) implementation project. The implementing organization is fairly immature and does not have a Project Management Office (PMO) or formal processes. John is busy monitoring risk response plans, tracking identified risks, and evaluating risk process effectiveness. He has identified risks and is evaluating the effectiveness of his risk response plans. Of the following items, which one is John not performing during this process?
A. Implementing risk response plans
B. Risk reassessment
C. Risk audits
D. Risk reviews
Answer: A
Process - Task 3 - Manage Risks
During the Monitor Risks process many things are done, which include a risk review meeting, risk reassessment, risk audits, variance and trend analysis, technical performance measurement, reserve analysis, collecting and distributing work performance information, change requests, project management plan updates, project documents updates, and organizational process assets updates. Implementing risk response plans is done during the Implement Risk Responses process.
All of the following statements are true regarding the Risk Breakdown Structure (RBS) except for which one?
A. The RBS is contained in the risk management plan.
B. It describes risk categories, which are a systematic way to identify risks and provide a foundation for understanding for everyone involved in the project.
C. The lowest level of the RBS can be used as a checklist, which is a tool and technique of the Identify Risk process.
D. The RBS is similar to the WBS in that the lowest level of both are assigned to a responsible party or owner as soon as it is identified.
Answer: D
Process - Task 3 - Manage Risks
The RBS describes risk categories and the lowest level can be used as a checklist to help identify risks. Risk owners are not assigned from the RBS; they’re assigned during the Plan Risk Response process.
You are defining the most efficient and effective way to allow stakeholders to participate in a risk identification exercise. As you do so, you are working to define clearly what risk means in context to your project so that your team members will be consistent with their risk identification cataloging within the Risk Register. To help them best understand risk events, which of the following would not be a characteristic of a project risk event?
A. It has a cause
B. The event, if occurs, has a consequence.
C. It impacts the project objectives.
D. Probability of occurrence is zero.
Answer: D
Process - Task 3 - Manage Risks
Project risk is an event or condition, which has a cause and if it occurs, a consequence. We are concerned with those risk events that have consequences on the project objectives, whether positive or negative. The origin of risk is the uncertainty inherent in projects and therefore the probability that the risk event would occur is always more than zero.
Your project team has identified several potential risks on your current project. You document these risks in the risk register and meet with your team two days later to examine the impact of the risks and potential risk responses. After 2 months of project implementation, you get together with your project team, and a couple of team members have identified more potential risks. You realize that the identification of risks associated with a project should occur when?
A. It occurs only at the beginning of a project when the risk management plan is developed
B. It’s an ongoing process, regularly scheduled throughout the life of a project
C. It occurs as needed throughout the life of a project
D. Both B and C
Answer: D
Process - Task 3 - Manage Risks
The identification of risks is an iterative process, because new risks may occur or become known as the project progresses through its life cycle.
During which risk management process would you actually transfer a known risk to another party?
A. Identify Risk
B. Perform Quantitative risk analysis
C. Plan Risk Response
D. Implement Risk Responses
Answer: D
Process - Task 3 - Manage Risks
Risk response plans are used to handle risks on a project. For negative risks you can avoid, transfer, mitigate or accept them. For positive risks you can exploit, share, enhance, or accept them. The project team plans for these risks during the planning process group, but will actually implement the risk response plans during the executing process group.
You and your team are working on identifying risks which may impact your project. One of the difficulties you have had in the past is certain categories of risk, such as social and technological, have been overlooked. The best thing you can do in this instance is to create a:
A. Risk categorization list
B. Watch list
C. Prompt list
D. Risk breakdown list
Answer: C
Process - Task 3 - Manage Risks
A prompt list is a predetermined list of risk categories which could give rise to individual project risks as well as overall project risk. There is no such thing as either a risk categorization list or a risk breakdown list. A watch list is specifically for already identified risks which are lower in priority.
You are the project manager in a health care company. Your organization is risk adverse. Your project team has completed identifying risks, ranking them, and planning responses to critical risks and secondary risks. What is the next step to be performed by the project manager?
A. Completing the risk management plan
B. Create responses to residual risks
C. Create Risk Breakdown Structure
D. Determining contingency reserves
Answer: D
Process - Task 3 - Manage Risks
Choice A is incorrect, because the risk management plan has already been created at this point. Choice B is incorrect, because you do not generally create responses for residual risks. Choice C is incorrect, because the risk breakdown structure is defined previously in the risk management plan. The correct answer is D, you would next determine contingency reserves.
If a project has a 60 percent chance of making a $100,000 profit and a 40 percent chance of suffering a $100,000 loss, the expected monetary value for the project is:
A. $20,000 loss
B. $60,000 loss
C. $20,000 profit
D. $ 40,000 loss
Answer: C
Process - Task 3 - Manage Risks
Expected monetary value (EMV) is computed as follows: probability * impact. We need to compute both positive and negative values and then sum them. Thus 0.6 * $100,000 = $60,000 and .04 * -$100,000 = -$40,000. Expected monetary value = $60,000 + (negative) $40,000 = $20,000 profit.
What is the major difference between a risk audit and a risk review?
A. There is no difference.
B. A risk review examines and documents the effectiveness of risk responses as well as the effectiveness of the risk management process; a risk audit is the identification of new risks, reassessment of current risks, and the closing of risks that are outdated.
C. A risk audit is a tool and technique of control risks, while risk review is an output of control risks.
D. A risk audit examines and documents the effectiveness of risk responses as well as the effectiveness of the risk management process; a risk review is the identification of new risks, reassessment of current risks, and the closing of risks that are outdated.
Answer: D
Process - Task 3 - Manage Risks
A risk audit examines and documents the effectiveness of risk responses while the risk reassessment is the identification of new risks, reassessment of current risks, and the closing of risks that are outdated (PMBOK Guide page 351). C is not correct because risk reassessment is also a tool and technique of the Control Risks process.
Risks can either be positive or negative events that may impact the project should they occur. As such, response strategies may vary depending on the nature of the threat or opportunity. Which of the following are strategies for responding to positive risks?
A. Escalate, share, accept, mitigate, enhance
B. Mitigate, accept, share, exploit
C. Escalate, share, accept, enhance, exploit
D. Elevate, share, accept, transfer, enhance
Answer: C
Process - Task 3 - Manage Risks
The five types of strategies for responding to positive risks are escalate, share, accept, enhance and exploit.
You are the project manager for a large retail company. You are currently managing a project to expand an existing facility. Since this facility is overseas you are concerned with many uncertainties. You need to do a great job planning for and managing risk since you must be done prior to the holiday season. Which of the following is an output from Plan Risk Responses?
A. Risk Register
B. Risk-related contract decisions
C. Project document updates
D. Risk Management Plan
Answer: C
Process - Task 3 - Manage Risks
Project document updates and project management plan updates are the outputs of the Plan Risk Response process. The Risk Management Plan is an output from a prior process (Plan Risk Management). The risk register is an output of the Identify Risk process, and is an example of a document that would be updated following this process.
All of the following processes are designed to identify, analyze and/or address specific risks, except for which one?
A. Plan Risk Management
B. Identify Risks
C. Perform Qualitative Risk Analysis
D. Perform Quantitative Risk Analysis
Answer: A
Process - Task 3 - Manage Risks
The Risk Management Plan is not designed to address specific risks (though it may include risk categories). Rather, it sets forth the ways in which the project team will go about managing risk.
You are considering whether to seek out a potential contract. The probability of completing a contract is 92% which will yield a profit of $10,000. If the project fails to complete the contract then the associated risk is $10,000, which will be charged as a penalty. What is the expected monetary value of taking the contract?
A. $800
B. $8,400
C. $10,800
D. ($800)
Answer: B
Process - Task 3 - Manage Risks
This is a case of a decision tree analysis, the probability of each uncertainty point must total 100 percent (if using percentages); if using fractions, these must add up to 1. As such, given the probability to complete the contract is .92, then the probability of not completing the contract is .08, which would be multiplied by the impact (-$10,000), for a result of -$800. On the other hand, the chances of completing the contract on time and realizing the $10,000 profit is 92%, so you multiply .92 x $10,000 and get $9,200. When you sum the two values you get $8,400.
When you and your project team performed risk analysis, one of the identified risks was the material you needed, while less expensive, was not in plentiful supply. Your risk response was to import materials from overseas, as meeting the schedule was deemed more important than meeting the budget. During project execution, an expected shortage did in fact occur and you had to implement the risk response. Your next move should be to do what?
A. Extend the schedule
B. Start looking for another supplier
C. Put in a request to change the cost baseline
D. Escalate to the sponsor
Answer: C
Process - Task 3 - Manage Risks
You may do any of the other items but the first thing which must be done is to put in a change request to change the cost baseline as the materials are now raising your costs.
During a conversation with a friend, a project manager hears that a possible union action will occur within the next two weeks. The project manager knows that at this stage of the project, any project delays could cause substantial harm to both budget and schedule, and any union action will affect the project team. Earlier, the probability of a union action was considered minimal. Thus, it was unanticipated. How should the project manager respond to this issue?
A. Notify relevant stakeholders and add the new risks to the risk register.
B. Get more information through informal discussions, and use what is found to decide on next steps.
C. Plan to reward those who do not participate and identify possible disciplinary actions for those who do participate.
D. Schedule a meeting with the union leader to resolve any outstanding conflicts.
Answer: A
Process - Task 3 - Manage Risks
The project manager needs to proactively approach this. By updating the risk register and by communicating this development to the appropriate stakeholders, they will be achieving this. PMBOK Guide Sixth Edition (2017), 11. Project Risk Management / 11.7 Monitor Risks, p453-454
The project sponsor requires a project team composed of resources that live in four different time zones, working in four different locations. The project sponsor did not consider the implications of this requirement, and believes that the dispersion will provide an ideal project team that will save costs. Where should this be documented in the project charter?
A. In the overall project risks
B. In the key stakeholder list
C. As part of high-level requirements
D. As part of the resource management plan
Answer: A
Process - Task 3 - Manage Risks
Having a dispersed project team does not come without risks. These risks need to be identified in the risk for the project. Develop Project Charter: Tools and Techniques, Expert judgement risk identification. PMBOK Guide Sixth Edition (2017), 4. Project Integration Management / 4.1.2 Develop Project Charter: Tools and Techniques, p79
You have prepared a risk response plan for a particular risk event, however, the response cannot eliminate the impact of the occurrence completely. Which of the following describes the impact of the risk which remains, notwithstanding your response plan?
A. Residual risk
B. Secondary risk
C. Acceptance
D. Mitigation
Answer: A
Process - Task 3 - Manage Risks
Residual risk is the risk that remains even after you have implemented your response plan.
When using an adaptive project life cycle how should the PM manage risk?
A. By first planning for risk to ensure organization risk appetite is considered then identifying all risks with documentation early in the project.
B. Risk should be considered in each iteration of the project; therefore, risk will be identified, analyzed, and managed during each iteration.
C. Risk should be managed in silos to prevent team members from distractions so that the team can focus on frequent delivery.
D. Risk doesn’t exist in adaptive projects instead, it is viewed as continuous change.
Answer: B
Process - Task 3 - Manage Risks
Risk will exist in all methodologies to aid in planning for risk in the agile environment Risk should be considered in each iteration see the Agile Practice Guide p 94
You are the project manager for a large banking institution. Due to the numerous federal regulations regarding the financial industry and your sponsors risk adverse attitude, risk planning and execution are key to your project success. Previous projects have failed due to inadequate risk planning and this is not an option for your project. Inputs to the Plan Risk Management process include which of the following?
A. Project management plan, Project charter, Enterprise environmental factors, Risk register
B. Project management plan, Organizational risk management policies, Defined roles and responsibilities Stakeholder risk tolerance, templates for an organizational risk management plan, and the Work breakdown structure
C. Project management plan, Project charter, Stakeholder register, Enterprise environmental factors, Organizational process assets
D. Project management plan, Project charter, Enterprise environmental factors, Procurement documents
Answer: C
Process - Task 3 - Manage Risks
The inputs to the Plan Risk Management process are Project management plan, Project charter, Stakeholder register, Enterprise environmental factors, and Organizational process assets.
A new project sponsor asks for a project team that includes resources working in three different time zones and locations. The project sponsor did not consider the implications of this requirement and believes the request will save costs while creating the ideal project team. Where should the project manager document this request in the project charter?
A. Overall project risks
B. Key stakeholder list
C. High-level requirements
D. Resource management plan
Answer: A
Process - Task 3 - Manage Risks
The project charter contains a section on overall project risk. PMBOK Guide Sixth Edition (2017) PMI/ 4.1.2.1 / p81
You are conducting interviews with key project stakeholders to assess the probability and consequences of identified risks to the project objectives, assign a risk score to each risk, and create a list of prioritized risks. Which process are you performing?
A. Quantitative Risk Analysis
B. Qualitative Risk Analysis
C. Identification of Risks
D. Plan Risk Management
Answer: B
Process - Task 3 - Manage Risks
The purpose of Perform Qualitative Risk Analysis is to determine what impact the identified risk events will have on the project and the probability of occurrence. It also puts risks in priority order according to their effects on the project objectives and assigns a risk score for the project. Finally, this process examines the timing of the risk events so those which are upcoming in the near future can be addressed first.
You are the project manager a large manufacturing project. You are expecting one of your team members to hand-deliver a deliverable to you by the end of the day. Toward the end of the day you notice the team member has not arrived and you call to find out the status of the deliverable. The team member tells you he was unable to get to your office so they sent the deliverable via e-mail. You explain to the team member the reason you needed this deliverable hand delivered was so you could give it a final once over before it is given to the client. The team member tells you they informed you about sending this deliverable via e-mail, rather than in person, due to their work schedule. What could have been done to avoid this situation?
A. Better attention during communications requirements analysis
B. Using paralingual communication
C. Adding the risk to the risk register and developing an appropriate response plan
D. Adding this issue to the issues log
Answer: C
Process - Task 3 - Manage Risks
The only way to have avoided this situation is to have identified the possibility (risk) the deliverable would not be able to be hand delivered and developing an appropriate response strategy. Simply paying better attention during communications requirements analysis would not have avoided the situation, only identified it. Adding this item to the issue log may occur after it becomes an issue, but would not have avoided the situation.
A company wants to reduce costs by installing solar panels. Their local government provides subsidies for specific energy-efficient projects. After project start, the program manager learns that solar panels may not qualify for the energy-efficiency subsidy. How should the program manager address this issue?
A. Add the risk to the risk register.
B. Ensure the issue log is updated.
C. Make use of the contingency reserve.
D. File a change request.
Answer: A
Process - Task 3 - Manage Risks
The risk level on this issue must be elevated as an expected monetary result might not be achieved. PMBOK Guide Sixth Edition (2017), 11. Project risk management / Key Concepts For Project Risk Management, pp397-398
You and your team have traditionally considered probability and impact as the two main parameters against which you will measure risk. This is an important consideration as you work in a very demanding environment where it may be challenging for your risk owners to deal with individual risks. Given this set of facts, your main concern is with which of the following parameters?
A. Manageability
B. Connectivity
C. Proximity
D. Urgency
Answer: A
Process - Task 3 - Manage Risks
Manageability is the ease with which the risk owner can manage the occurrence or impact of a risk. All of the others are real risk parameters but are unrelated to the risk owner.
You are working with the project manager for a construction project. One of the identified risks within the project has a 20 percent chance of happening. If the risk occurs, it will cost your project an additional $150,000. What is the EMV for this risk event?
A. $150,000
B. $30,000
C. $75,000
D. Zero; the risk is not real until it occurs
Answer: B
Process - Task 3 - Manage Risks
The risk has a 20 percent chance of happening and will cost the project $150,000 if it does. Twenty percent of $150,000 is $30,000.
Although the sponsor and project team say that the new project has an adequate budget and realistic schedule, the project manager worries that unplanned events could threaten project success. What should the project do first?
A. Engage in identification of project risks, then assess those risks.
B. Ask the project sponsor for additional funding to cover project planning.
C. Schedule a meeting with the functional manager to address the potential impact of unplanned risks.
D. Execute the project as planned, recognizing that additional project funds must be requested at a later point in the project.
Answer: A
Process - Task 3 - Manage Risks
Project managers need to be proactive and familiarize themselves with the identified risks and their mitigation strategies. PMBOK Guide Sixth Edition (2017), 11. Project Risk Management / 11.1.2.1 Expert Judgement, p 404
You are the project manager for a small industrial engineering company. You are currently assigned to manage a project to support a strategic initiative within your company. Your team is developing the Risk Management Plan. Which tool and technique of this process is used to develop a framework for handling risk cost elements and schedule activities that will be included in the project budget and schedule?
A. Meetings
B. Strategies for both threats and opportunities
C. Information gathering techniques
D. Risk data quality assessment
Answer: A
Process - Task 3 - Manage Risks
Meetings, data analysis and expert judgment are the tools for Plan Risk Management (which is where the general framework for risk management is established). Answers B, C and D all pertain to other risk management processes.
While you are quantifying risk for your project, several of your experts are offsite, but wish to be included. How can this be done?
A. Use Monte Carlo analysis
B. Apply the critical path method
C. Determine options for recommended corrective action
D. Apply the Delphi technique
Answer: D
Process - Task 3 - Manage Risks
Monte Carlo analysis is a simulation technique used through software. This will not allow off-site meetings. Critical path method is used to find the minimum time required to complete the project. Determining options is an alternative analysis to find corrective actions for deviation in the project. However, since the Delphi technique means you are having private one-on-one meetings with various experts, this is the correct answer. The Delphi technique is most commonly used to obtain expert opinions on technical issues, the necessary project or product scope, or the risks.
___ is a simulation technique used through software.
Monte Carlo analysis
__ __ __ is used to find the minimum time required to complete the project.
Critical path method is used to find the minimum time required to complete the project.
__ __ means you are having private one-on-one meetings with various experts. The __ __ is most commonly used to obtain expert opinions on technical issues, the necessary project or product scope, or the risks.
Delphi technique means you are having private one-on-one meetings with various experts, this is the correct answer. The Delphi technique is most commonly used to obtain expert opinions on technical issues, the necessary project or product scope, or the risks.
While carrying out qualitative risk analysis, you determine a risk has a 25% chance of occurring in any month of the project with an eight-month duration. 8% of the project budget has been allocated for a contingency reserve, and the project cost performance index is 0.7. What is the probability of the risk happening during the sixth month?
A. Question lacks sufficient information to answer
B. 20%
C. 25%
D. 12.5%
Answer: C
Process - Task 3 - Manage Risks
The risk identified has a 25% chance of occurring each month; therefore the correct answer is C. The other information in the question is irrelevant.
On a project it is always important to keep track of individual project risks in a risk register. But it is also important to be aware of overall project risk, which is the effect of uncertainty on the project as a whole. The document(s) on which overall project risk should be recorded in is(are):
A. Project charter
B. Project charter and risk report
C. Risk report
D. Project charter, risk report and risk register
Answer: B
Process - Task 3 - Manage Risks
The charter is the first document that addresses overall project risk. But it should also be recorded in the risk report. The risk register is for identified individual project risks.
Even though it is early in the planning process, Erin has made sure to identify as many risks as she could to make sure a viable starting inventory of risks could be assessed. It is crucial that each of these risks be given a response plan that is agreed upon by the individuals involved in funding and executing those responses. Who of the following is responsible for the risk response implementation?
A. Risk manager
B. Risk controller
C. Risk registrar
D. Risk owner
Answer: D
Process - Task 3 - Manage Risks
The person responsible for the risk response implementation is the risk owner.
You are using the risk register and trying to find the risk score for each identified risk. Which of the following is not a tool and technique of this process?
A. Risk data quality assessment
B. Expected Monetary Value (EMV) analysis
C. Risk categorization
D. Probability and impact matrix
Answer: B
Process - Task 3 - Manage Risks
First, you must know what process this question is referring to, which is Qualitative Risk Analysis. The keyword Risk Score should have tipped you off. Choice B, Expected Monetary Value (EMV) analysis, is not part of Qualitative Risk Analysis. EMV is done during Quantitative Risk Analysis. The other answer choices are tools and techniques of Qualitative Risk Analysis (along with risk probability and impact assessment, risk urgency assessment and expert judgment).
When is EMV done?
EMV is done during Quantitative Risk Analysis.
What are the strategies for dealing with positive risks?
A. Avoid, mitigate, transfer, accept
B. Transfer, mitigate, avoid, exploit
C. Exploit, share, enhance, accept
D. Mitigate, enhance, exploit, accept
Answer: C
Process - Task 3 - Manage Risks
Positive risks are opportunities that could occur on your project, and can be exploited, shared, enhanced or accepted.
You are managing a project with a large number of identified risks. Your stakeholders are very risk-averse and want you to manage this very closely. There is a 30% probability that a particular risk event will happen in any given month. The project is an 18-month project. What is the probability of that risk event occurring during the ninth month of the project?
A. 10%
B. 15%
C. 30%
D. 90%
Answer: C
Process - Task 3 - Manage Risks
The risk event has a 30% change of happening in any given month - regardless of which month is being considered. Probability will remain constant throughout the project unless circumstances change or the risk is past its trigger point (indicating it is no longer a concern).
A team member identifies a risk that will most likely affect the project but not in this upcoming sprint. The risk event’s probability and impact are currently unknown but will become clearer later in the project. What could you do as the project manager to plan for this risk?
A. Agile is a mindset so keep the team focused on delivery and hope the risk goes away on its own.
B. Do not add it to the risk register till you have sponsor approval
C. Place the risk on the watch list or risk parking lot
D. Add the risk to the risk register and schedule risk review meetings to monitor the impact of the risk on the project as it changes
Answer: D
Process - Task 3 - Manage Risks
Risk reviews can be used in multiple methodologies to aid in planning for emerging risk events or in a high change environment. Read more in the PMBOK Guide p. 457 11.7.2.3
You have identified a risk that you may run out of plywood on your construction project. Which of the following statements is not true regarding identifying project risks?
A. Identify risks is an iterative process
B. Checklist analysis, expert judgment, and SWOT analysis are tools and techniques for identifying risks.
C. Project risks will always adversely affect the project
D. Once a new risk is identified it should be analyzed to determine whether a response plan is needed
Answer: C
Process - Task 3 - Manage Risks
Project risks may or may not adversely affect the project. Positive risks, also referred to as opportunities, are typically associated with the organization’s strengths and could benefit the project if they materialize.
Qualitative Risk Analysis involves using which of the following?
A. A probability and impact matrix
B. Expected monetary value (EMV)
C. Tornado diagrams
D. Decision tree
Answer: A
Process - Task 3 - Manage Risks
Qualitative Risk Analysis uses a probability and impact matrix to rank risks and create an overall rating for each risk (typically high, medium or low). The other answer items are specifically used for the Perform Quantitative Risk Analysis.
You are in the process of installing a new heating and air system in your office building when you realize that because of the way the exhaust fan is situated, winds of over 30 MPH will cause the AC unit not to vent or work properly. You decide not to change anything and continue as planned. What strategy did you choose?
A. Exploit
B. Accept
C. Transfer
D. Mitigate
Answer: B
Process - Task 3 - Manage Risks
Since you have chosen not to do anything different, you have decided to accept the risk.
Which of the following processes does not result in updates to the Risk Register?
A. Identifying lessons learned in risk management during project closure
B. Perform Qualitative Risk Analysis
C. Plan Risk Responses
D. Monitor and Control Risks
Answer: A
Process - Task 3 - Manage Risks
Lessons identified during closure would not be captured in a Risk Register, which is used to document and track risks during project performance. The remaining answers all have risk register updates as outputs.
Risk identification can best be defined as:
A. Identifying all areas from which risks can occur on a project
B. Determining which risks might affect a project and recording their attributes
C. Identifying key risks by performing a Pareto analysis
D. Knowing when to label issues as risks for mitigation purposes
Answer: B
Process - Task 3 - Manage Risks
Identifying Risks involves determining which risks might affect a project and recording their attributes. Choice A refers to the creation of a Risk Breakdown Structure, which is part of Risk Planning.
You are the project manager for a technology company. You are currently managing a project to upgrade a software application. This application will automate the end of month financial calculations and could save your company a lot of money. You have identified a huge list of risks and are attempting to determine which risks are most important. All of the following are true regarding the probability and impact matrix except for which of the following?
A. It helps prioritize risks according to their potential for meeting the project’s objectives
B. It is defined in the risk management plan, which is an output of the Plan Risk Management process
C. It is used as a tool and technique in the Perform Qualitative Risk Analysis process
D. It is used as an input to the Monitor Risks process
Answer: D
Process - Task 3 - Manage Risks
Probability and impact matrix is not used as an input to the Monitor Risks process.
