Project Risk Management Flashcards
Acceptance
udemy- A risk response appropriate for both positive and negative risks, but often used for smaller risks within a project.
pmbok- Risk acceptance acknowledges the existence of a threat, but no proactive action is taken. This strategy may be appropriate for low-priority threats, and it may also be adopted where it is not possible to or cost-effective.
Ambiguity risks
udemy- Risks that have an uncertain, unclear nature, such as new laws or regulations, the marketplace conditions, and other risks that are nearly
impossible to predict.
pmbok- Uncertainty exists about what might happen in the future. Areas of the project where imperfect knowledge might affect the project’s ability to achieve its objectives include: elements of the requirement or technical solution, future developments in regulatory frameworks, or inherent systemic complexity in the project.
Avoidance
udemy- A risk response to avoid the risk.
pmbok- the project team acts to eliminate the threat or protect the project from its impact.
Brainstorming
udemy- The most common approach to risk identification; usually completed by a project team with subject matter experts to identify the risks within the project.
pmbok- the goal of brainstorming is to obtain a comprehensive list of individual project risks and sources of overall risk. The project team usually performs brainstorming, often with a multidisciplinary set of experts who are not part of the team.
Business risks
These risks may have negative or positive outcomes. Examples include using a less experienced worker to complete a task, allowing phases or activities to overlap, or forgoing the expense of formal training for on-the-job education.
Cardinal scales
udemy- A ranking approach to identify the probability and impact by using a numerical value, from .01 (very low) to 1.0 (certain).
pmbok-
Checklists
udemy- A quick and cost-effective risk identification approach.
pmbok- A checklist is a list of items, or actions, or points to be considered. It is often used as a reminder. Risk checklists are developed based on historical information and knowledge that has been accumulated from similar projects and from other sources of information.
Data precision
udemy- The consideration of the risk ranking scores that takes into account any bias, the accuracy of the data submitted, and the reliability of the nature of the data submitted.
pmbok-
Decision tree
udemy- A method to determine which of two or more decisions is the best one. The model examines the costs and benefits of each decision’s outcome and weighs the probability of success for each of the decisions.
pmbok- Decision trees are used to support selection of the best of several alternative courses of action.
Delphi Technique
udemy- An anonymous method of querying experts about foreseeable risks within a project, phase, or component of a project. The results of the survey are analyzed by a third party, organized, and then circulated to the experts. There can be several
rounds of anonymous discussion with the Delphi Technique, without fear of backlash or offending other participants in the process. The goal is to gain consensus on project risks within the project.
pmbok-
Enhancing
udemy- A risk response that attempts to enhance the conditions to ensure that a positive risk event will likely happen.
pmbok- The enhance strategy is used to increase the probability and/or impact of an opportunity. Examples of enhancing opportunities including adding more resources to an activity to finish early.
Escalating
udemy- A risk response that is appropriate for both positive and negative risk events that may outside of the project manager’s authority to act upon.
pmbok- This risk response strategy is appropriate when the project team or the project sponsor agrees that an opportunity is outside the scope of the project or that the proposed response would exceed the project manager ‘s authority.
Expected monetary value (EMV)
The monetary value of a risk exposure based on the risk’s probability and impact in the risk matrix. This approach is typically used in quantitative risk analysis because it quantifies the risk exposure.
Exploit
udemy- A risk response that takes advantage of the positive risks within a project.
pmbok- involves taking a focused action to capture the positive effect of uncertainty on the project as a whole. An example of exploiting at the overall project level would include addition of high0benefit elements of scope to the project to add value or benefits to stakeholders.
External risks
These risks are outside of the project, but directly affect it—for example, legal issues, labor issues, a shift in project priorities, or weather. “Force majeure” risks call for disaster recovery rather than project management. These are risks caused by earthquakes, tornadoes, floods, civil unrest, and other disasters.
Flowcharts
System or process flowcharts show the relationship between components and how the overall process works. These are useful for identifying risks between system components.
Influence diagrams
udemy- An influence diagram charts out a decision problem. It identifies all of the elements, variables, decisions, and objectives and also how each factor may influence another.
pmbok- a graphical aid to decision making under uncertainty. An influence diagram represents a project or situation within the project as a set of entities, outcomes, and influences, together with the relationships and effects between them.
Ishikawa diagrams
These cause-and-effect diagrams are also called fishbone diagrams and are used to find the root cause of factors that are causing risks within the project.
Low-priority risk watch list
Low-priority risks are identified and assigned to a watch list for periodic monitoring.
Mitigation
udemy- A risk response effort to reduce the probability and/or impact of an identified risk in the project.
pmbok- Action is taken to reduce the probability of occurrence and/or impact of a threat. Adopting less complex processes, conducting more tests, or choosing a more stable seller are examples of mitigation actions.
Monte Carlo technique
udemy- A simulation technique that got its name from the casinos of Monte Carlo, Monaco. The simulation is completed using a computer software program that can simulate a project, using values for all possible variables, to predict the most likely model.
pmbok- When running a Monte Carlo analysis for cost risk, the simulation uses the project cost estimates. When running a Monte Carlo for schedule risk, the schedule network diagram and duration estimates are used. An integrated quantitative cost-schedule risk analysis uses both inputs. The output is a quantitative risk analysis model.
Ordinal scales
A ranking approach that identifies and ranks the risks from very high to very unlikely or to some other value.
Organizational risks
udemy- The performing organization can contribute to the project’s risks through unreasonable cost, time, and scope expectations; poor project prioritization; inadequate funding or the disruption of funding; and competition with other projects for internal resources.
pmbok-
PESTLE
A prompt list used for risk identification. PESTLE examines risks in the Political, Economic, Social, Technological, Legal, and Environmental domains.
Probability and impact matrix
udemy- A matrix that ranks the probability of a risk event occurring and its impact on the project if the event does happen; used in qualitative and quantitative risk analyses.
pmbok- a grid for mapping the probability of each risk occurrence and its impact on project objectives if that risk occurs. This matrix specifies combinations of probability and impact that allow individual project risks to be divided into priority groups.
Project management risks
These risks deal with faults in the management of the project: the unsuccessful allocation of time, resources, and scheduling; unacceptable work results; and poor project management.
Pure risks
These risks have only a negative outcome. Examples include loss of life or limb, fire, theft, natural disasters, and the like.
Qualitative risk analysis
udemy- This approach “qualifies” the risks that have been identified in the project. Specifically, qualitative risk analysis examines and prioritizes risks based
on their probability of occurring and their impact on the project should they occur.
pmbok- the process of prioritizing individual project risks for further analysis or action by assessing their probability of occurrence and impact as well as other characteristics.
Quantitative risk analysis
udemy- This approach attempts to numerically assess the probability and impact of the identified risks. It also creates an overall risk score for the project. This method is more in-depth than qualitative risk analysis and relies on several different tools
to accomplish its goal.
pmbok- The process of numerically analyzing the combined effect of identified individual project risks and other sources of uncertainty on overall project objectives.
RAG rating
An ordinal scale that uses red, amber, and green (RAG) to capture the probability, impact, and risk score.
Residual risks
Risks that are expected to remain after a risk response.
Risk
A project risk is an uncertain event or condition that can have a positive or negative impact on the project.
Risk identification
The systematic process of combing through the project, the project plan, the work breakdown structure, and all supporting documentation to identify as many risks that may affect the project as possible.
Risk management plan
udemy- A project management subsidiary plan that defines how risks will be identified, analyzed, responded to, and monitored within the project. The plan also defines the iterative risk management process that the project is expected to adhere to.
pmbok- a component of the project management plan that describes how risk management activities will be structured and performed.
Risk management planning
The agreed-upon approach to the management of the project risk processes.
Risk owners
udemy- The individuals or entities that are responsible for monitoring and responding to an identified risk within the project.
pmbok- Where a potential risk owner has been identified during the Identify Risks process, the risk owner is recorded in the risk register. This will be confirmed during the perform qualitative risk analysis process.
Risk register
udemy- The risk register is a project plan component that contains all of the information related to the risk management activities. It’s updated as risk management activities are conducted to reflect the status, progress, and nature of the project risks.
pmbok- The risk register captures details of identified individual project risks. Th results of perform qualitative risk analysis, plan risk responses, implement risk responses, and monitor risks are recorded in the risk register as those process are conducted throughout the project.
Risk report
udemy- The risk report explains the overall project risks and provides summaries about the individual project risks.
pmbok- presents information on sources of overall project risk, together with summary information on identified individual project risks.
Risk response audit
An audit to test the validity of the established risk responses.
Risk responsibilities
The level of ownership an individual or entity has over a project risk.
Risk score
The calculated score based on each risk’s probability and impact. The approach can be used in both qualitative and quantitative risk analysis.
Root cause identification
Root cause identification aims to find out why a risk event may be occurring, the casual factors for the risk events, and then, eventually, how the events can be mitigated or eliminated.
Secondary risks
udemy- New risks that are created as a result of a risk response.
pmbok- risks that arise as a direct result of implementing a risk response
Sensitivity analysis
udemy- A quantitative risk analysis tool that examines each risk to determine which one has the largest impact on the project’s success.
pmbok- helps determine which individual project risks or other sources of uncertainty have the most potential impact on project outcomes. It correlates variations in project outcomes with variations in elements of quantitative risk model.
Sharing
udemy- A risk response that shares the advantages of a positive risk within a project.
pmbok- involves transferring ownership of an opportunity to a third party so that it shares some of the benefit if the opportunity occurs. Example of sharing actions include forming risk-sharing partnerships, teams, special purpose companies, or joint ventures.
SWOT analysis
SWOT analysis is the process of examining the project from the perspective of each characteristic: strengths, weaknesses, opportunities, and threats.
TECOP
A prompt list used in risk identification to examine the Technical, Environmental, Commercial, Operational, and Political factors of the project.
Technical, quality, or performance risks
Technical risks are associated with new, unproven, or complex technologies being used on the project. Changes to the technology during the project implementation can also be a risk. Quality risks are the levels set for expectations of
impractical quality and performance.
Transference
udemy- A risk response that transfers the ownership of the risk to another party. Insurance, licensed contractors, or other project teams are good examples of transference. A fee and contractual relationships are typically involved with the transference of a risk.
pmbok- shifting ownership of a threat to a third party to manage the risk and bear the impact if the threat occurs.
Variability risks
udemy- A type of risk based on the variations that may occur in the project, such as production, number of quality errors, or even the weather.
pmbok- uncertainty exists about some key characteristics of a planned event or activity or decision. Examples include: productivity may be above or below target, the number of errors found during testing may be higher or lower than expected, or unseasonal weather conditions may occur during the construction phase.
VUCA
A prompt list used in risk identification that examines the Volatility, Uncertainty, Complexity, and Ambiguity of risk factors within the project