Manage Risks 3 Flashcards
While generally speaking, your risk management process has worked well on a few recent projects, and your mitigations have turned out to be ineffective. The project has been going on for over a year, and you realize it is time to have a meeting to consider the effectiveness of the risk management process. The meeting you decide to hold is called a:
A. Risk audit
B. Risk review
C. Risk workshop
D. Risk lessons learned
Answer: A
Process - Task 3 - Manage Risks
A risk review deals with the effectiveness of risk responses in terms of overall project risk and individual project risks. A risk workshop is used specifically for risk identification. There is no such thing as a risk lessons learned meeting.
Pat is a new project manager and wants to do a good job. His experienced sponsor and mentor is certified in and passionate about risk management. He recommends that Pat focuses on probably the most useful, certainly the most updated, risk document. Which document would his mentor suggest?
A. Risk register
B. Risk monitoring plan
C. Risk audit
D. Risk probability and impact matrix
Answer: A
Process - Task 3 - Manage Risks
The risk register is an output of the Identify Risks process and an input to various risk management processes including the Perform Qualitative Risk Analysis, Perform Quantitative Risk Analysis, Plan Risk Responses, and Monitor Risks. It is frequently updated as an output of all the above risk management processes.
Risk appetite on a project is represented by the degree of uncertainty an organization is willing to accept in anticipation of a reward. You work in a manufacturing organization where your stakeholders are averse to any risk to their main product. As project manager you inform the stakeholders that risk appetite should be expressed:
A. As measurable risk thresholds around each project objective
B. In terms of probability and impact
C. As a function of project total risk score
D. There is no way to measure risk appetite
Answer: A
Process - Task 3 - Manage Risks
Objectives such as cost, time, and schedule can have thresholds beyond which stakeholders will not take the risk. Probability and impact are for individual risks. There is no such thing in the PMBOK Guide as project risk score. Only individual risks are scored.
You are a Junior Project Manager on a large project with several other Junior Project Managers and you all report to a Senior Project Manager. You have identified many risks and entered them in the Risk Register with their corresponding impact and probabilities. The Senior Project Manager is reviewing your entries in the risk register and is expressing disagreement on some of the entries that you are showing as a 70% probability of occurring with a high impact. What would best describe the reason for this dissatisfaction?
A. The Senior Project Manager needs more information to make a decision on these risks
B. The Senior Project Manager has a different risk threshold than the rest of the team
C. Such high impact risks should have been identified earlier on in the project
D. The Senior Project Manager does not agree with the viability of these risks
Answer: B
Process - Task 3 - Manage Risks
Risk attitudes are influenced by a number of factors and are broadly classified into the three categories of risk appetite (the degree of uncertainty someone is willing to take); risk tolerance (the degree, amount, or volume of risk that someone or an organization can withstand); and risk threshold which is the level of uncertainty or the level of impact that a stakeholder may have specific interest. Below a certain threshold they will accept the risk. Above a certain threshold they will not tolerate the risk.
You just started another phase in your project and began creating deliverables, when you are approached by a team member. They inform you of warning signs of a threat they are responsible for monitoring. As the project manager, how should you proceed?
A. Initiate the response according to the risk management plan
B. Conduct a reserve analysis for the appropriate funds required for the risk
C. Implement the planned response, then follow up on the risk
D. Verify contingency reserves on risk register
Answer: C
Process - Task 3 - Manage Risks
During the process of Implement Risk Responses, we implement agreed-upon risk response plans. It is incumbent on the project manager to influence team members to follow the planned response. Once a risk response is complete, the project manager must follow up on the activity to ensure it worked properly. You may have chosen answer A here, but keep in mind risk response plans are not in the risk management plan. Each response is placed in its proper management plan, i.e., scope management plan, cost management plan, etc.
You are managing a construction project and there is a chance of a strike at one of your subcontractors which would delay your project. Which of the following is not a correct statement about risk response strategies?
A. You decide not to use that vendor and do the work yourself, which would be an example of avoidance.
B. If the strike happens, your team will work overtime once the delivery arrives to make up for the lost time. This is an example of mitigation.
C. You decide to use another vendor, which would be an example of sharing.
D. You decide to do nothing, which would be an example of acceptance.
Answer: C
Process - Task 3 - Manage Risks
The risk in this question is a negative risk. Sharing only takes place with a positive risk. Choices A, B, and D are all accurate statements about risk response strategies.
The team implemented a risk response plan when a vendor could not fulfill a contractual commitment to provide a key training class. The response was to choose another vendor. The new company can meet the contract terms but still has some issues from time to time. Which of the following best describes these problems?
A. Secondary risk
B. Workaround
C. Residual risk
D. Risk response plan
Answer: C
Process - Task 3 - Manage Risks
Residual risk is the risk that remains even after the response plan has been implemented. In this case, while you did procure new training, there was still a risk that the new company would have some problems delivering the training.
An approved change was implemented to manage a risk. Three months later, the project manager finds that the change did not yield the desired result. In fact, the change led to adverse consequences. What should the project manager do to avoid this issue in the future?
A. Confirm that an implemented risk response is effective.
B. Review the assumption log to revisit or change current assumptions.
C. Update the risk information to the lessons learned register.
D. Evaluate new risks and update the probability and impact matrix.
Answer: A
Process - Task 3 - Manage Risks
Project work should be continuously monitored for new, changing, and outdated individual project risks and for changes in the level of overall project risk by applying the Monitor Risks process. The Monitor Risks process uses performance information generated during project execution to determine if the response was effective. PMBOK Guide Sixth Edition (2017) PMI/PMI/11.7/454
Which of the following is the primary purpose of the project management plan?
A. To define all work to be completed
B. To define the work needed in each phase of the project life cycle
C. To prevent any changes to the scope
D. To define how the project is to be executed, monitored and changed
Answer: D
Process - Task 3 - Manage Risks
Of the choices presented, D is the best option. The project management plan communicates to the project team, the project sponsor, and the stakeholders how the entire project will be operated and controlled. It is important that the whole project team and all key stakeholders buy in to the Plan by reading and signing it.
You are implementing agreed upon risk responses and want to know where to set your targets for performance based upon risk thresholds. Where should you look for this information?
A. Risk register
B. Stakeholder register
C. Project Management Plan
D. Risk Management Plan
Answer: D
Process - Task 3 - Manage Risks
The Risk Management Plan would have this information. It is a component of the Project Management Plan, and is therefore a more correct answer.
The probability of risk A occurring is 20% and will have an impact of -$10,000 on your project. The probability of risk B occurring is 5% and will have an impact of $2000 on your project. What is the EMV?
A. ($1,900)
B. ($2,000)
C. $1,900
D. ($2,100)
Answer: A
Process - Task 3 - Manage Risks
Probability * Impact = EMV 20% * -$10,000 = -$2,000 5% * $2,000 = $ 100 Total EMV = -$2,000 + $100 = -$1,900
You are a project manager in a large financial industry firm. They are risk adverse and you are the risk owner for many risk responses. You need to analyze and prioritize many risks since this is a large multiyear project. Which of the following can be used to analyze multiple possible scenarios as they pertain to the probability and impact of risks?
A. Decision tree
B. Monte Carlo technique
C. Pareto diagram
D. Bar chart
Answer: B
Process - Task 3 - Manage Risks
The Monte Carlo technique reveals the likelihood of multiple scenarios occurring and is useful in examining risk probability and impact.
The team is trying to quantify the overall project risk as it pertains to the budget. Which process is used to do this?
A. Perform Quantitative Risk Analysis
B. Identify Risk
C. Monitor Risks
D. Plan Risk Response
Answer: A
Process - Task 3 - Manage Risks
Quantitative Risk Analysis seeks to associate a particular number or figure relative to how risk(s) will impact a particular constraint (i.e. there is a 55% chance of completing on schedule in light of certain risks). Note that this process is not always needed in order to adequately address a risk.
You had been concerned that a key project team member may be looking for another job. Half-way through the Integration Testing phase your concerns were realized after he handed in his two weeks notice. Now you are left with the additional cost of hiring and training a new team member to quickly get them up to speed. Where would this funding need to come from?
A. Contingency Reserves since this was an unknown unknown
B. Management Reserves since this was a known risk
C. Contingency Reserves since this was a known risk
D. Management Reserves since this was an unknown unknown
Answer: C
Process - Task 3 - Manage Risks
Since this was a known risk that the project manager was already concerned about, the funding would come out of the Contingency Reserves established for the risk.
Prior to preparing a monthly project status report, a project manager identifies three risks. All of these risks could impact critical key milestones. The project manager wants to reference additional information before presenting this new risk information. To which sources should the project manager refer?
A. Risk register and risk report
B. Risk register and organizational process assets
C. Risk management plan and risk report
D. Lessons learned repository and risk report
Answer: A
Process - Task 3 - Manage Risks
The project manager must check the risk register and risk report to see if this is indeed a new risk and to see if there was action already planned around it. PMBOK Guide Sixth Edition (2017), 11. Project Risk Management / 11.7 Monitor Risks, pp409-411
Which of the following is the best way to manage threats and opportunities proactively at both the project and individual risk levels?
A. Ensure all stakeholders participate in Risk activities
B. Perform a thorough risk identification
C. Conduct in-depth Risk Audits
D. Ensure appropriate effort is undertaken to implement responses
Answer: D
Process - Task 3 - Manage Risks
Ensuring that the required level of effort to implement the agreed-upon risk response is the correct answer. While risk identification is necessary, and extensive stakeholder participation is desirable, neither actually manage the risk. Risk audits are performed after a risk event has occurred or failed to occur, thereby also not being proactive.
You are a general contractor about to manage a project to finish the basement in a private home. You offered the buyer a firm fixed price contract based on the buyer’s procurement statement of work, and the buyer subsequently counter-offered with a fixed price incentive fee contract. The incentive is a 10% bonus that will be paid if your firm successfully finishes the work on or before December 15th, so the finished basement can be ready before the winter holidays when friends and family members will be at the buyer’s home. Although you are somewhat concerned about being able to finish the job by December 15th due to pending vacations of some of your workers, you and the buyer agree to the price, terms and conditions, and the contract is signed. What else should you principally document regarding this incentive fee clause?
A. The Risk Register, which should now include an opportunity risk for the incentive fee.
B. The Issues Log, since you are not sure if you can complete all of the work on or before December 15th due to pending vacation plans of some of your staff.
C. The Scope Management Plan, since there is now a project deadline date.
D. The Budget, since there is now an additional source of revenue from the project.
Answer: A
Process - Task 3 - Manage Risks
This is an example of an opportunity or positive risk, which should be captured initially in the Risk Register once the contract is signed. In all likelihood, you will try to enhance or exploit the opportunity so you can collect the bonus, such as working overtime or weekends, or bringing in additional staff as necessary while not exceeding the bonus amount from a cost standpoint. You might update the Issues Log once you determine that you are in fact short-staffed, but that would be a secondary document to update. The Budget is an aggregation of costs, not revenues. Target dates are not included in the Scope Management Plan.
The risk management team has identified risks and added them to the risk register during a risk workshop. The team is now prioritizing these risks. During this meeting the team notices that a particular risk will heavily impact the project if it occurs. The team digs deeper and they identify that the risk information they have is outdated and no longer a major factor. Based on this information the team decides to lower the risk probability to a lower category. What technique did the team utilize?
A. Risk data quality assessment
B. Risk categorization
C. Risk mitigation
D. Risk review
Answer: A
Process - Task 3 - Manage Risks
A is correct because risk data quality assessment is a technique used to evaluate the degree to which the data about risks is useful for risk management. B is incorrect because risk categorization organizes sources of risk to determine the areas of the project most exposed to risk. C is incorrect because risk mitigation is a risk response strategy. D is incorrect because a risk review examines the effectiveness of a risk response strategy.
Which of the following should immediately follow the Risk Identification process?
A. Risk Management Planning
B. Qualitative Risk Analysis
C. Plan Risk Response
D. Monitor Risks
Answer: B
Process - Task 3 - Manage Risks
Once risks are identified, you will then perform qualitative risk analysis in order to categorize the risks by their urgency as well as their severity.
Which of the following is true regarding spikes?
A. Spikes are used as an experiment to help mitigate risk
B. Spikes are not used to assist with estimating
C. Spikes are sudden required increases in the hours the project team needs to work to complete the sprint
D. They are performed outside of a time box
Answer: A
Process - Task 3 - Manage Risks
Option A is correct. Spikes are experiments used to identify and evaluate issues and risks. They can be used to assist in estimating and are performed within a time box (sprint).
You have nominated one of your team members to be a risk owner for the design of your product. As such, you have asked her to develop responses for any risks that involve design. She asks you if there is any historical information she can refer to that will inform her of the effectiveness of particular risk responses in earlier project phases. You suggest she consult the:
A. Lessons Learned Repository
B. Risk Report
C. Risk Register
D. Lessons Learned Register
Answer: D
Process - Task 3 - Manage Risks
The lessons learned register will contain information about what has been learned on the project to date, including lessons learned about risks.
You are a project manager for a consulting company. While working with the client, you have decided to have a joint session to help identify the risks involved with this project. You have invited the client to participate in a session called a:
A. Risk audit
B. Working session
C. Facilitated meeting
D. Risk workshop
Answer: D
Process - Task 3 - Manage Risks
The terms risk audit and risk workshop are often confused. Remember, audits are always done on processes. For example, you would audit your risk management processes. A working session (Choice B) is a made up term and facilitated meeting (Choice C) is too vague. A risk workshop is used to identify and analyze identified risks.
A project has the following risks: 20% probability of a 14-day delay in the receipt of customer requirements; 10% probability of a 21-day delay in the procurement process; 50% probability the integration will take 14 days longer. What is the expected time value of these events?
A. 11.9 days
B. 35.8 days
C. 49 days
D. Seven days
Answer: A
Process - Task 3 - Manage Risks
EMV for customer requirements = 20% * 14 days = 2.8 days; EMV for procurement process = 10% * 21 days = 2.1 days; EMV for integration = 50% * 14 days = 7 days; Total EMV = 2.8 + 2.1 + 7 = 11.9 days
Which of the following risks may be an uncontrollable risk?
A. Scope changes in the project
B. Team member’s errors/mistakes
C. Increase in raw material costs
D. Changes with internal stakeholders
Answer: C
Process - Task 3 - Manage Risks
Material costs are often uncontrollable risks, and can usually only be addressed by contingency reserves.
Unfortunately, risk analysis was not done regularly by the previous manager of a project you inherited. As you are performing the project work, you and your team are reviewing all potential risk events, and analyzing their current probability and impact. Which of the following best describes what you are doing?
A. Critical path method (CPM)
B. Risk re-assessment
C. Sensitivity analysis
D. Expert judgment
Answer: B
Process - Task 3 - Manage Risks
Risk re-assessment involves reviewing the various risk events to determine whether their probability or impact has changed since your initial assessment (done during planning). This is an important part of control risks, and should be performed regularly throughout the project.
You have just finished the risk response plans for your project, which require additional action by several team members. Which of the following should you do next?
A. Determine the risk rating for each risk
B. Calculate EMV
C. Add work packages to the work breakdown structure
D. Hold a project risk review
Answer: C
Process - Task 3 - Manage Risks
Now that you have added activities as part of your risk response plans, you must include the additional items in your WBS (as well as your schedule).
A risk management technique which simulates the combined effects of individual project risks to evaluate their potential impact on achieving project objectives is known as:
A. Sensitivity analysis
B. Decision tree analysis
C. Monte Carlo analysis
D. Regression analysis
Answer: C
Process - Task 3 - Manage Risks
Monte Carlo analysis uses a computer model to run iterations of input values chosen at random, producing probability distributions and probabilistic branches that provide a range of possible outcomes for the project. Sensitivity analysis determines which individual project risks have the most potential impact on project outcomes. Decision tree is a diagramming and calculation technique for evaluating the implications of a chain of multiple options. Regression analysis is an analytical technique where input variables are examined in relation to output variables to develop a statistical relationship.
__ __ determines which individual project risks have the most potential impact on project outcomes.
Sensitivity analysis determines which individual project risks have the most potential impact on project outcomes.
__ __ is a diagramming and calculation technique for evaluating the implications of a chain of multiple options.
Decision tree is a diagramming and calculation technique for evaluating the implications of a chain of multiple options.
__ __ is an analytical technique where input variables are examined in relation to output variables to develop a statistical relationship.
Regression analysis is an analytical technique where input variables are examined in relation to output variables to develop a statistical relationship.
Risk exists at two levels on every project. It is important the project manager know what these are and deals with each of them. They are:
A. Non-event risk and individual project risk
B. Individual project risk and overall project risk
C. Variability risk and individual project risk
D. Overall project risk and non-event risk
Answer: B
Process - Task 3 - Manage Risks
Individual project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives. Overall project risk is the effect of uncertainty on the project as a whole, arising from all sources of uncertainty including individual risks, representing the exposure of stakeholders to the implications of variations in project outcome, both positive and negative.
__ __ __ is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives.
Individual project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives.
__ __ __ is the effect of uncertainty on the project as a whole, arising from all sources of uncertainty including individual risks, representing the exposure of stakeholders to the implications of variations in project outcome, both positive and negative.
Overall project risk is the effect of uncertainty on the project as a whole, arising from all sources of uncertainty including individual risks, representing the exposure of stakeholders to the implications of variations in project outcome, both positive and negative.
You are managing a project to install a new robot at a car manufacturer. You are very comfortable with the installation, but the electrical is not your team’s area of expertise. You decide it is too big of a liability to do the electrical work yourself and hire a subcontractor to do it for you. This is an example of what?
A. Delegation
B. Transference
C. Avoidance
D. Mitigation
Answer: B
Process - Task 3 - Manage Risks
This is an example of the risk transfer response strategy. When you take a risk and transfer it to a third party, this is called transferring your risk.
You have just taken over a large construction project from a previous project manager. The project has a charter and you have begun planning. The stakeholders have been very supportive to date. You have been analyzing risk and identifying risk responses as appropriate. You notice the risk identification process only involved the input of the previous project manager. Why would the Sponsor not be happy with the progress of this project?
A. You are 10% behind schedule
B. The sponsor feels you do not have the experience to manage this project
C. Stakeholders have begun withdrawing support due to the many unmanaged changes
D. The sponsor feels risk identification should include a larger group of stakeholders, especially on a larger project, to make sure all risks are identified
Answer: D
Process - Task 3 - Manage Risks
There is nothing in the question to indicate you are behind schedule, because it says you have begun planning. There is nothing to suggest you are inexperienced or stakeholders have begun withdrawing their support. Risk identification should be done by a larger number of stakeholders to make sure you cast a wide net to identify all potential risks. In smaller projects, risk identification may be done by the project manager and a small group of project team members. But, in larger projects (such as this one), a larger group would be warranted.
A project is being implemented. The research and development department communicates to the project manager that the product’s requirements have changed. These changes were not anticipated, may significantly influence potential sales numbers, and could impact project scope. What is the appropriate action for the project manager to take?
A. Anticipate risk responses and modify the risk register accordingly.
B. Use forecasting methods.
C. Plan to use the contingency reserve and update the risk mitigation plan.
D. Utilize methods such as earned value management (EVM).
Answer: A
Process - Task 3 - Manage Risks
These new requirements may pose additional risks. These risks need to be documented and appropriate responses need to be identified. PMBOK Guide Sixth Edition (2017) PMI/PMI/11.2.3.1/417
You are the project manager for a small project and are interested in finding out what the project’s current risk exposure is and what, if any, risk responses are in place. What document should you examine?
A. Risk Report
B. Risk management plan
C. Risk register
D. Any of these
Answer: A
Process - Task 3 - Manage Risks
The risk report is a comprehensive document that lists the overall project risk exposure, while the risk register is concerned with individual risk. The risk management plan lays out the methodology of risk management for the project, but does not directly document what the current exposure level would be.
You are the project manager for a major construction project. You just completed some calculations that have helped you determine contingency reserves to account for potential risks on your project. Which of the following processes would be most helpful in establishing contingency reserves?
A. Perform Quantitative Risk Analysis
B. Identify Risk
C. Perform Qualitative Risk Analysis
D. Plan Risk Response
Answer: A
Process - Task 3 - Manage Risks
Quantitative risk analysis involves numerically analyzing the effect of project risks on overall project objectives, and would therefore be useful in establishing the amount of contingency reserves.
You are the project manager for a large apparel company. The project team is involved in developing risk responses to the identified risks. This could potentially create all of the following except?
A. Increase in stakeholder risk tolerance
B. Secondary risks
C. Updates to the risk register
D. Updates to the schedule or budget
Answer: A
Process - Task 3 - Manage Risks
Secondary risks are new risks which arose by virtue of the actions taken to address the original risk. Risk responses would be included in the risk register, so you would have updates to that document. Also, the response plans will often require changes to the budget or schedule, depending on what is being done.
Which of the following properly lists the strategies employed for handling negative risks (threats)?
A. Avoid, Mitigate, Transfer, Contingency, Accept
B. Avoid, Transfer, Mitigate, Share
C. Escalate, Avoid, Transfer, Mitigate, Accept
D. Exploit, Enhance, Share, Accept
Answer: C
Process - Task 3 - Manage Risks
There are 5 response strategies for negative risks: Escalate, Avoid, Transfer, Mitigate and Accept. Note that acceptance can be active if there is a contingency set aside.
You are managing a project which has a tight schedule and even tighter budget. You have recently learned of a truckers’ strike which could delay the delivery of essential materials, which would throw you well off schedule. As the project manager, what can you do to avoid the potential harm caused by the delay in procuring materials?
A. Get the approval from relevant Stakeholders to use the contingency reserves
B. Purchase the needed materials from a local vendor so the trucking strike will not affect you
C. Put the project on hold until the truckers come back to work
D. Perform research to determine how best to mitigate this risk
Answer: B
Process - Task 3 - Manage Risks
By procuring the materials elsewhere you eliminate the risk that the strike will delay the delivery of the needed materials.
At what point in a project is the possibility of failure the highest?
A. The beginning of the project
B. After the initial project plan is published but before work actually begins
C. After the halfway point of the project is reached
D. Just before the end of the project
Answer: A
Process - Task 3 - Manage Risks
Risk is highest at the beginning of a project and makes the possibility of failure the highest at the beginning. The more you know about a project, the better chance you will have of completing it successfully.
You are conducting risk management activities on your project. You are starting to develop risk responses to some of the higher priority risks. You have identified the potential for hurricane damage due to the fact you are building a new facility in a known hurricane zone during hurricane season. If a hurricane should occur, the damage to the building, and subsequent repairs, will push out your project end date quite substantially. You decide to move out your schedule so the building will occur outside of the normal hurricane season. What type of risk response is this?
A. Avoidance
B. Exploiting
C. Mitigation
D. Transfer
Answer: C
Process - Task 3 - Manage Risks
Choice C is the correct answer, since the probability is being reduced by building the facility outside of hurricane season. A hurricane could still happen, but the probability is reduced. If you were avoiding the chance of hurricane damage (Choice A), you would move it to a location where there are no hurricanes. Choice B is a response for a positive risk (opportunity) - this is a threat. Transfer (Choice D) involves a contract or an insurance policy, which is not mentioned in the question.
Your project involves installing a new human resources system. You’ve identified the risks associated with this project and are ready for the next step. What is the next step?
A. You will evaluate the risks and assign probabilities and impacts using Qualitative Risk Analysis
B. You will use the Delphi technique to confirm the risks you’ve detailed and identify others you may have missed
C. You must evaluate the risks and assign probabilities and impacts using Quantitative Risk Analysis
D. You will define the steps to take to respond to the risks and detail them in the risk response plan
Answer: A
Process - Task 3 - Manage Risks
Once you have identified the risk, the next step is to Perform Qualitative Risk Analysis. The Delphi technique is a tool and technique of the Risk Identification process, so answer B is not correct. Quantitative Risk Analysis comes after Qualitative Risk Analysis, so answer C is wrong. Determining the risk response strategies is the last step in the process, so choice D is wrong.
You are the project manager of a small, extremely short-term project for a startup company. You want to be mindful of the aggressive timelines and limited resources available to the project, so as you consider your project processes, you opt to right-size your project plan to minimize the need for over processing of risks. As you author a risk management plan suitable to the needs of the new company, you realize you are somewhat unsure to what degree risk assessment may be needed. When should a risk assessment be performed?
A. on all projects, at all times
B. only on projects with high visibility
C. only on projects with tight budgets
D. prior to initiating a project
Answer: A
Process - Task 3 - Manage Risks
All projects should include risk assessment throughout.
You are working as a project manager on a construction project, and you have identified a risk that you will run out of plywood because the building has odd angles, resulting in 20% more scrap than normal. You decide to go to the supply house and buy 20% more plywood than originally planned. Which strategy are you using?
A. Avoidance
B. Mitigation
C. Transference
D. Acceptance
Answer: B
Process - Task 3 - Manage Risks
This is an example of mitigation. By purchasing the extra materials, you minimize - but do not totally avoid – the risk of running out. Often times mitigate will sound like a backup plan. It is not transference because you are not transferring the risk to a third party. It is not avoidance because you are not changing the plan; instead, you are just adding a backup plan. Usually, avoidance will involve implementing an alternate plan, such as using a different material where the scrap can be reused.
You are a project manager and have just taken over a project that is approximately 80% complete. The project work so far has been on-schedule and on-budget, but you are concerned about a possible labor dispute that your team has been tracking for months. Should this dispute occur, which process should you ensure handles it appropriately?
A. Control Procurements
B. Control Resources
C. Acquire Resources
D. Implement Risk Responses
Answer: D
Process - Task 3 - Manage Risks
Since this is a risk that has been identified, the response strategy should be implemented as part of the Implement Risk Responses process. This may involve submitting a change request that will modify the type or number of resources, or possibly start a procurement activity.
You are the project manager and have decided during one of your planning meetings that it would be helpful to develop risk categories as a way to systematically identify risks. You have determined that the best way to document the categories of risk is to develop a risk breakdown structure. In which process do you create the Risk Breakdown Structure?
A. Identify Risk
B. Plan Risk Response
C. Perform Qualitative Analysis
D. Plan Risk Management
Answer: D
Process - Task 3 - Manage Risks
A) Choice A is incorrect. Identify Risk involves determining which risks might affect the project and documenting their characteristics. The RBS is not created at this stage. B) Choice B is incorrect as Plan Risk Response develops procedures and techniques to enhance opportunities and reduce threats to project objectives. C) Choice C is incorrect. Performing qualitative analysis of risks allows the project team to prioritize the effects of risks on project objectives by assessing their probability of occurrence and impact. D) The RBS is part of the Risk Management Plan. The RBS helps you to see how risks fit into categories so you can organize your risk analysis and response planning.
__ __ __ develops procedures and techniques to enhance opportunities and reduce threats to project objectives.
Plan Risk Response develops procedures and techniques to enhance opportunities and reduce threats to project objectives.
__ __ __ of risks allows the project team to prioritize the effects of risks on project objectives by assessing their probability of occurrence and impact.
Performing qualitative analysis of risks allows the project team to prioritize the effects of risks on project objectives by assessing their probability of occurrence and impact.
You are a project manager in the process of identifying project risks. Which of the following data-gathering techniques might you utilize?
A. Root Cause Analysis
B. Brainstorming
C. Assumption and Constraint Analysis
D. The Delphi Technique
Answer: B
Process - Task 3 - Manage Risks
The data-gathering techniques to identify risks include brainstorming, checklists, and interviews. Assumption and Constraint Analysis and Root Cause Analysis are both data-analysis techniques, not data-gathering techniques. Answer D is a distractor answer.
The data-gathering techniques to identify risks include?
The data-gathering techniques to identify risks include brainstorming, checklists, and interviews.
data-analysis techniques are?
Assumption and Constraint Analysis and Root Cause Analysis
A project is at the multi-functional planning phase. The project manager realizes that producing a complex application is not feasible with the current number of resources and decides to hire more resources for the production of the application. The project manager identifies temporary resources and signs a service level agreement (SLA) with them. Which risk response strategy does this scenario exemplify?
A. Mitigate
B. Transfer
C. Accept
D. Avoid
Answer: D
Process - Task 3 - Manage Risks
The risk to the project was posed by insufficient resources. The risk was Avoided by hiring additional resources. PMBOK Guide Sixth Edition (2017) PMI/PMI/11.5.2.4/443
You have included contingency reserves in many activity cost estimates when developing the budget for your project. Management reserve funds have also been set aside for the project. The contingency reserves are intended to cover which of the following?
A. Foreseeable and certain events
B. Foreseeable and uncertain events
C. Foreseeable but uncertain events
D. None of the above
Answer: C
Process - Task 3 - Manage Risks
A risk is any uncertain event which may impact the project. Contingency reserves are estimated costs to be used at the discretion of the project manager to deal with foreseeable, but not certain, events. These events are known as known unknowns” and are part of the project cost baselines. These would be found in your risk register as identified risks.”
The team is trying to establish an overall project risk ranking for the identified risks on the project. What process did they complete just before doing this?
A. Perform Qualitative Risk Analysis
B. Identify Risks
C. Monitoring and Controlling Risk
D. Plan Risk Response
Answer: B
Process - Task 3 - Manage Risks
You are currently working on the Perform Qualitative Risk Analysis process, which is where you do the relative risk ranking. However, the questions asks which process you just completed. That would be Identify Risks, choice B.
You have identified a risk to your project but have deemed it a minor issue given its low likelihood of occurring and its minimal impact if it did occur. In which document should you record this risk?
A. Risk Breakdown Structure
B. Watchlist
C. Probability and Impact Matrix
D. Monte Carlo analysis report
Answer: B
Process - Task 3 - Manage Risks
A watch list is where you note risks that don’t have a high enough probability or impact to make it into the risk register, yet still need to be monitored. By recording the risk in a watch list, you will have a reminder to ensure circumstances haven’t changed as your project proceeds.
All of the following are true regarding Risk Audits except for which one?
A. The frequency with which they are conducted should be specified in the Risk Management Plan.
B. They may be conducted during routine project review meetings or via special risk audit meetings.
C. The format of the audit and its objectives should be open and flexible, such that they can be adapted as the audit is in progress.
D. They examine and document the effectiveness of risk responses in dealing with identified risks and their root causes.
Answer: C
Process - Task 3 - Manage Risks
The format of the audit and its objectives should be clearly defined before the audit is conducted.
You are a project manager on a construction project. So far things have been going well; you are on schedule and slightly under budget. The rainy season is coming so you are anxious to get the project completed before it starts to rain. However, you have identified risks of inclement weather and created appropriate risk responses. Suddenly, you find out the roofing materials planned for shipment has been delayed. The new expected delivery date will jeopardize project completion, especially considering the risk of bad weather. What should you do next?
A. Review your risk register to see if you have accounted for the risk of delay in shipment of materials.
B. Find another vendor to provide the materials.
C. Contact your procurement department to manage the issue.
D. Evaluate the situation, submit a change request, then document it on the change log.
Answer: D
Process - Task 3 - Manage Risks
While carrying out the Control Resources process, any changes must be processed, reviewed and approved through the Perform Integrated Change Control process. Choice A, reviewing the risk register may help, but ultimately a change request must be submitted. Choice B; You may find another vendor as a result of an approved change request, but not before. Choice C; You may contact the procurement department but not before submitting a change request and documenting it on the change log.
You are managing an IT project for a law firm. You are using a computer program to analyze your risks. The program does random iterations to compute probability distributions. What tool are you using?
A. EVM analysis
B. Monte Carlo analysis
C. Sensitivity analysis
D. Probability and impact matrix
Answer: B
Process - Task 3 - Manage Risks
Monte Carlo analysis is a computer-based program that does thousands of random iterations to compute probability distributions for risk on a project.
You have inherited a project from another project manager who has left the company. While he did brief you on many project items, you did not have enough time to understand risk thresholds based upon the risk appetite of key stakeholders. Your next move should be to consult:
A. The sponsor
B. The key stakeholders
C. The risk management plan
D. The project charter
Answer: C
Process - Task 3 - Manage Risks
In a well-run, well-documented project, this information should always be in the risk management plan. The project charter is too high-level for this level of detail.
You are the project manager in a large financial company. You are working through all the necessary steps to plan and execute your project. You are concentrating on the risk portion of your project when your sponsor calls you and requests that you perform a SWOT analysis. Which of the following are analyzed using SWOT analysis?
A. Strengths, weaknesses, options, and timing
B. Strengths, weaknesses, opportunities, and threats
C. Watchlist items
D. Positive and negative risks
Answer: B
Process - Task 3 - Manage Risks
SWOT analysis is part of risk identification and examines the strengths, weaknesses, opportunities, and threats of the project to make certain all possibilities for risk identification are covered.
You are a project manager working on a software project to implement a new application for ride sharing. This will be cutting-edge technology that will enable the rider to customize the experience based upon vehicle type, driver qualifications and trip experience. Since this is new technology there is plenty of uncertainty to consider. Additionally, your project sponsor just received her PMI-RMP (Risk Management Professional) certification so is keenly interested in effective risk management. You have created your Risk Management Plan. What would you do next:
A. You and your project team should start to identify project risks, select risk owners and document as quickly as possible.
B. You, your project team, stakeholders, SMEs and risk experts should start to identify risks, nominate risk owners and document in a consistent format.
C. You, your project team, stakeholders, SMEs and risk experts should start to identify risks, select risk owners and document in a consistent format.
D. You and your project team should start to identify risks, nominate risk owners and document in a consistent format.
Answer: B
Process - Task 3 - Manage Risks
The answers to this question are describing steps in the Identify Risk process. Participants in risk identification may include the project manager and team, stakeholders, subject matter experts and other risk experts (PMBOK Guide, Page 411). Risk owners may be nominated in the Identify Risk process and will be confirmed in Perform Qualitative Risk Analysis process (PMBOK Guide, pages 417 and 427). When describing and recording individual project risks a consistent format should be used for risk statements to ensure each risk is understood clearly and unambiguously in order to support effective analysis and risk response development.
Your team has done a great job on regularly updating the Risk Register. As is your normal practice, you have noticed several very low impact and probability risks on your project during your weekly review. Which term best describes these risks?
A. Reserves
B. Residual risks
C. Threats
D. Watchlist items
Answer: D
Process - Task 3 - Manage Risks
Risks that have a very low impact and very low probability of occurring are put on a watchlist. Basically you just keep an eye on them.
