Module 1

Question 1

is the process of identifying, assessing and controlling threats to an organization’s capital, earnings and operations. These risks stem from a variety of sources, including financial uncertainties, legal liabilities, technology issues, strategic
management errors, accidents and natural disasters.

Answer 1

Risk Management

Question 2

also examines the relationship between different types of business risks and the cascading impact they could have on an organization’s strategic goals.

Answer 2

Risk Management

Question 3

ISO 31000:2018 Risk management – Guidelines,

Answer 3

1. Identify the risks faced by your organization.
2. Analyze the likelihood and possible impact of each one.
3. Evaluate and prioritize the risks based on business objectives.
4. Treat – or respond to – the risk conditions.
5. Monitor the results of risk controls and adjust as necessary.

Question 4

describes how an organization will manage risk. It lays out
elements such as the organization’s risk approach, the roles and responsibilities of risk management teams, resources that will be used in the risk management process and internal policies and procedures.

Answer 4

risk management plan

Question 5

risk management plan steps

Answer 5

1. Communication and consultation.
2. Establishing the scope and context.
3. Risk identification.
4. Risk analysis.
5. Risk evaluation.
6. Risk treatment.
7. Monitoring and review

Question 6

means withdrawing from a risk scenario or deciding not to participate.

Answer 6

risk avoidance

Question 7

is applied to keep risk to an
acceptable level and reduce the severity of loss through.

Answer 7

risk reduction

Question 8

Risk can be reduced or made more acceptable if it is shared.

Answer 8

risk transfer

Question 9

When risk is agreed, accepted, and accounted for in
budgeting, it is retained.

Answer 9

risk retention

Question 10

are the lifeblood of any business, they are also the business element that incurs the most risk.

Answer 10

contracts

Question 11

are elements of the risk management program that should be kept under constant review as they fluctuate in
relation to the company’s financial position.

Answer 11

risk appetite and risk tolerance

Question 12

four types of risk management

Answer 12

Risk Avoidance
Risk Reduction
Risk Transfer
Risk Retention

Question 13

There are four elements to contract risk avoidance that arise after the risk associated with a contract is deemed to be too high.

Answer 13

refuse of proposal
renegotiation
non-renewal
cancellation

Question 14

If due diligence reveals the contract risk to be too high
during the first stage of the contract life cycle, the company will simply decline the
contract as proposed.

Answer 14

refuse of proposal

Question 15

When risk has increased during the course of the contract life
cycle, opportunities to review and renegotiate terms may be taken to introduce new
conditions that avoid new risk.

Answer 15

renegotiation

Question 16

At the end of the initial contract life cycle, the business may
decline to renew the contract if the risk is estimated as being too high.

Answer 16

non-renewal

Question 17

Where circumstances cause risk to increase beyond acceptable
levels during the course of the contract life cycle and outside of the agreed renewal timeframe, cancellation clauses may be enacted.

Answer 17

cancellation

Question 18

2 types of Risk Reduction

Answer 18

Contract Negotiation
Standardization

Question 19

When necessary, renegotiation at later contract life cycle stages can be effective in contract risk reduction, including at the renewal stage. This should always be aimed toward the mitigation of risk and the reduction of loss.

Answer 19

Contract Negotiation

Question 20

Creating a library of standardized terms, conditions, and clauses is an important method of contract risk reduction. It ensures a cohesive
approach by all personnel and enables teams to author contracts with the confidence of knowing that legal language is pre-approved and falls within the acceptable risk profile of the business.

Answer 20

Standardization

Question 21

When developing your risk management plan, it’s vital to identify all the risks that may affect the operation of your company.

Answer 21

Risk Identification Techniques

Question 22

Risk Identification Techniques

Answer 22

Decision Tree Program

SWOT Analysis

Fishbone Diagram

Question 23

helps project teams and enterprise risk managers to assess each decision’s potential impact and then choose the best option to minimize risk.

Answer 23

Decision Tree Program

Question 24

is a method for evaluating these four components of your project and the environment that may affect your project. With the aid of a SWOT analysis, you can determine where your business performs well right now and where to be wary of potential risks to create a winning plan.

Answer 24

SWOT Analysis

Question 25

is also known as a “cause-and-effect diagram.” It is an effective tool for identifying the root causes of a particular problem and factors influencing specific effects.

Answer 25

Fishbone Diagram

Question 26

Additional business risk identification techniques include:

Answer 26

• Brainstorming
• Risk surveys
• Root cause and checklist analyses
• Assumption analyses

Question 27

To analyze and prioritize risks, you can use any of these tools:

Answer 27

-Risk probability and impact matrix
-Pareto chart
-Fault tree analysis

Question 28

rate and prioritize potential risks based on probability and impact.

Answer 28

Risk Probability and impact matrix

Question 29

identify risks based on the cumulative effects.

Answer 29

pareto chart

Question 30

identify the probabilities of various potential outcomes from given faults.

Answer 30

fault tree analysis

Question 31

5 Effective Project Risk Management Techniques

Answer 31

-Identify Past and Future Risks
-Identify Direct and Indirect Results of a Risk
-Conduct Risk Audits
-Design a Risk Action Plan
-Prepare a Contingency Plan

Question 32

Perform a historical analysis of past projects and the risks that affected them. How did
you address them? Then identify any new risks that could affect this project. Next, check each potential threat and the critical risks associated with each. Finally, log all these risks
in a database so you can develop a risk register.

Answer 32

Identify Past and Future Risk

Question 33

A futures wheel diagram is an effective way to identify every potential risk’s direct and
indirect results. Brainstorm with relevant stakeholders to chart out this diagram. Consider the impact of the risk on the project’s timeline, quality, and cost.

Answer 33

Identify Direct and Indirect Results of a Risk

Question 34

If your organization already has a risk response plan, that’s great, but you’ll still need to
examine and document the effectiveness of risk responses and controls as they apply to
your project. Such an audit will reveal any gaps to be addressed to shore up your risk
management program.

Answer 34

Conduct Risk Audits

Question 35

If a risk comes to fruition, how will your project team members respond?

Answer 35

Design a Risk Action Plan

Question 36

Each risk on your risk register should have a corresponding response strategy. There are
four primary strategies:

Answer 36

Risk Avoidance
Risk Transfer
Risk Mitigation
Risk Acceptance

Question 37

avoiding risk means you seek to eliminate all uncertainties

Answer 37

risk avoidance

Question 38

pass risk liability to a third party, such as by taking out an insurance policy

Answer 38

risk transfer

Question 39

implement controls to reduce the risk probability below a certain acceptable threshold

Answer 39

risk mitigation

Question 40

accept risks and devise strategies to control and monitor them

Answer 40

risk acceptance

Question 41

is vital for project risk management and mitigation.

Answer 41

Prepare a contingency plan

Question 42

Since raising risk awareness is an essential part of risk management, risk leaders must also develop a communication plan to convey the organization’s risk policies and procedures to employees and relevant parties. This step sets the tone for risk decisions at
every level. The audience includes anyone who has an interest in how the organization takes advantage of positive risks and minimizes negative ones.

Answer 42

communication and consultation

Question 43

This step requires defining both the organization’s risk appetite and risk tolerance – the latter is how much the risks
associated with specific initiatives can vary from the overall risk appetite.
Factors to consider here include business objectives, company culture, regulatory requirements and the political environment, among others.

Answer 43

establishing the scope and context

Question 44

This step defines the risk scenarios that could have a
positive or negative impact on the organization’s ability to conduct business. As noted above, the resulting list should be recorded in a risk register and keptup to date.

Answer 44

Risk Identification

Question 45

it provides a visual representation of the nature and impact of a company’s risks.

Answer 45

risk assessment matrix

Question 46

The likelihood and impact of each risk is analyzed to help sort risks. Making a risk heat map can be useful here; also known as a risk assessment matrix, it provides a visual representation of the nature and impact of a company’s risks.

Answer 46

risk analysis

Question 47

Here is where organizations assess risks and decide how to
respond to them through the following approaches:

Answer 47

risk evaluation

Question 48

This step involves applying the agreed-upon controls and
processes and confirming they work as planned.

Answer 48

risk treatment

Question 49

Are the controls working as intended? Can they be
improved? Monitoring activities should measure performance and look for key risk
indicators that might trigger a change in strategy.

Answer 49

monitoring and review