Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PMP > Project Risk Management > Flashcards

Project Risk Management Flashcards

1
Q

7 processes of Risk Management

A
  1. plan risk management
  2. identify risks
  3. perform qualitative risk analysis, qualifying risk for more analysis high level
  4. perform a quantitative risk analysis, more in-dept true understanding of odds and probability and the effect if it occurs
  5. plan risk responses, how to respond to positive and negative
  6. implement risk responses
  7. monitor risks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Acceptance

A

A risk response appropriate for both positive and negative risks, but often used for smaller risks within a project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Ambiguity risks

A

Risks that have an uncertain, unclear nature, such as new laws or regulations, the marketplace conditions, and other risks that are nearly impossible to predict

  • impossible to predict
  • new technical solution
  • future laws or regulations
  • complexity in the project
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Avoidance

A

A risk response to avoid the risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Brainstorming

A

The most common approach to risk identification; usually completed by a project team with subject matter experts to identify the risks within the project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Business risks

A

These risks may have negative or positive outcomes. Examples include using a less experienced worker to complete a task, allowing phases or activities to overlap, or forgoing the expense of formal training for on-the-job education.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cardinal scales

A

A ranking approach to identify the probability and impact by using a numerical value, from .01 (very low) to 1.0 (certain).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Checklists

A

A quick and cost-effective risk identification approach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data precision

A

The consideration of the risk ranking scores that takes into account any bias, the accuracy of the data submitted, and the reliability of the nature of the data submitted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Decision tree

A

A method to determine which of two or more decisions is the best one. The model examines the costs and benefits of each decision’s outcome and weighs the probability of success for each of the decisions.

  • which decision would cost the least, or
  • which decision would have the most benefit
  • Three different types of nodes:
    • chance nodes are circles and show probabilities of certain results
    • decision node are squares and shows a decision
    • end node are triangles shows the final outcome of a decision
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Delphi Technique

A

An anonymous method of querying experts about foreseeable risks within a project, phase, or component of a project. The results of the survey are analyzed by a third party, organized, and then circulated to the experts. There can be several rounds of anonymous discussion with the Delphi Technique, without fear of backlash or offending other participants in the process. The goal is to gain consensus on project risks within the project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Enhancing

A

A risk response that attempts to enhance the conditions to ensure that a positive risk event will likely happen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Escalating

A

A risk response that is appropriate for both positive and negative risk events that may outside of the project manager’s authority to act upon.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Expected monetary value (EMV)

A

The monetary value of a risk exposure based on the risk’s probability and impact in the risk matrix. This approach is typically used in quantitative risk analysis because it quantifies the risk exposure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Exploit

A

A risk response that takes advantage of the positive risks within a project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

External risks

A

These risks are outside of the project, but directly affect it—for example, legal issues, labor issues, a shift in project priorities, or weather. “Force majeure” risks call for disaster recovery rather than project management. These are risks caused by earthquakes, tornadoes, floods, civil unrest, and other disasters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Flowcharts

A

System or process flowcharts show the relationship between components and how the overall process works. These are useful for identifying risks between system components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Influence diagrams

A

An influence diagram charts out a decision problem. It identifies all of the elements, variables, decisions, and objectives and also how each factor may influence another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Ishikawa diagrams

A

These cause-and-effect diagrams are also called fishbone diagrams and are used to find the root cause of factors that are causing risks within the project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Low-priority risk watch list

A

Low-priority risks are identified and assigned to a watch list for periodic monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Mitigation

A

A risk response effort to reduce the probability and/or impact of an identified risk in the project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Monte Carlo technique

A

A simulation technique that got its name from the casinos of Monte Carlo, Monaco. The simulation is completed using a computer software program that can simulate a project, using values for all possible variables, to predict the most likely model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Ordinal scales

A

A ranking approach that identifies and ranks the risks from very high to very unlikely or to some other value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Organizational risks

A

The performing organization can contribute to the project’s risks through unreasonable cost, time, and scope expectations; poor project prioritization; inadequate funding or the disruption of funding; and competition with other projects for internal resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

PESTLE

A

A prompt list used for risk identification. PESTLE examines risks in the Political, Economic, Social, Technological, Legal, and Environmental domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Probability and impact matrix

A

A matrix that ranks the probability of a risk event occurring and its impact on the project if the event does happen; used in qualitative and quantitative risk analyses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Project management risks

A

These risks deal with faults in the management of the project: the unsuccessful allocation of time, resources, and scheduling; unacceptable work results; and poor project management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Pure risks

A

These risks have only a negative outcome. Examples include loss of life or limb, fire, theft, natural disasters, and the like.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Qualitative risk analysis

A

This approach “qualifies” the risks that have been identified in the project. Specifically, qualitative risk analysis examines and prioritizes risks based on their probability of occurring and their impact on the project should they occur.

30
Q

Quantitative risk analysis

A

This approach attempts to numerically assess the probability and impact of the identified risks. It also creates an overall risk score for the project. This method is more in-depth than qualitative risk analysis and relies on several different tools to accomplish its goal.

31
Q

RAG rating

A

An ordinal scale that uses red, amber, and green (RAG) to capture the probability, impact, and risk score.

32
Q

Residual risks

A

Risks that are expected to remain after a risk response.

33
Q

Risk

A

A project risk is an uncertain event or condition that can have a positive or negative impact on the project.

34
Q

Risk identification

A

The systematic process of combing through the project, the project plan, the work breakdown structure, and all supporting documentation to identify as many risks that may affect the project as possible.

35
Q

Risk management plan

A

A project management subsidiary plan that defines how risks will be identified, analyzed, responded to, and monitored within the project. The plan also defines the iterative risk management process that the project is expected to adhere to

36
Q

Risk management planning

A

The agreed-upon approach to the management of the project risk processes

37
Q

Risk owners

A

The individuals or entities that are responsible for monitoring and responding to an identified risk within the project.

38
Q

Risk register

A

The risk register is a project plan component that contains all of the information related to the risk management activities. It’s updated as risk management activities are conducted to reflect the status, progress, and nature of the project risks

  • general and specific nature of the project risks
  • status
  • progress
  • responses
  • outcomes
39
Q

Risk report

A

The risk report explains the overall project risks and provides summaries about the individual project risks.

40
Q

Risk response audit

A

An audit to test the validity of the established risk responses.

41
Q

Risk responsibilities

A

The level of ownership an individual or entity has over a project risk.

42
Q

Risk score

A

The calculated score based on each risk’s probability and impact. The approach can be used in both qualitative and quantitative risk analysis.

43
Q

Root cause identification

A

Root cause identification aims to find out why a risk event may be occurring, the causal factors for the risk events, and then, eventually, how the events can be mitigated or eliminated.

44
Q

Secondary risks

A

New risks that are created as a result of a risk response.

45
Q

Sensitivity analysis

A

A quantitative risk analysis tool that examines each risk to determine which one has the largest impact on the project’s success

  • sensitivity analysis create a tornado diagram
46
Q

Sharing

A

A risk response that shares the advantages of a positive risk within a project.

47
Q

SWOT analysis

A

SWOT analysis is the process of examining the project from the perspective of each characteristic: strengths, weaknesses, opportunities, and threats.

48
Q

TECOP

A

A prompt list used in risk identification to examine the Technical, Environmental, Commercial, Operational, and Political factors of the project.

49
Q

Technical, quality, or performance risks

A

Technical risks are associated with new, unproven, or complex technologies being used on the project. Changes to the technology during the project implementation can also be a risk. Quality risks are the levels set for expectations of impractical quality and performance.

50
Q

Transference

A

A risk response that transfers the ownership of the risk to another party. Insurance, licensed contractors, or other project teams are good examples of transference. A fee and contractual relationships are typically involved with the transference of a risk.

51
Q

Variability risks

A

A type of risk based on the variations that may occur in the project, such as production, number of quality errors, or even the weather.

  • uncertainty surrounding a project activity or decision or fluctuations in productivity
  • weather
  • number of errors and defects
52
Q

VUCA

A

A prompt list used in risk identification that examines the Volatility, Uncertainty, Complexity, and Ambiguity of risk factors within the project.

53
Q

Risk Management Plan Terminology

A
  • risk appetite: how hungry an organization is for risk
  • risk tolerance: level of tolerance for the amount of risk
  • risk threshold: at what point does it become uncomfortable, a line that is cross and risk event may occur
  • stakeholder tolerance: how willing will stakeholder will allow risk, appetite, and threshold
  • utility function: describes a person’s willingness to tolerate risks
54
Q

Two levels of Risks

A
  • individual project risks
  • overall project risks: risk exposure, how risky is the project, threats negative and opportunities positive
55
Q

Project Resilience

A
  • project resilience: awareness of unknowable-unknowns, know that weather changes, risks that can only be identified after the occurrence
  • Emergent risks require project resilience: the right level of budget and schedule contingency, flexible project processes, empowered project team, frequent review of early warning signs, project scope or strategy can be adjusted as part of risk response
56
Q

Plan Risk Management

A
  • defines risk, identify risks, analyze risks, create risk responses, control risks
57
Q

Integrated Risk Management

A
  • part of a program or portfolio
  • risks owned and managed at the appropriate level
  • some risks will be delegated to the project team
  • risks may be escalated to higher levels
  • enterprise-wide risk management needed
  • risk efficiency is part of organization and approach
58
Q

risk categories

A
  • identified categories of risks
  • risk breakdown structure, similar to wbs and resource breakdown structure
  • risk categories are updated to reflect the current status
  • template and tailor the risk categories
  • track and update risk within that categories
  • categories: technical, quality, or performance risks, etc.
59
Q

ITTOs Identify Risks

A
  • inputs: PM plan, requirements management plan, schedule management plan, cost management plan, quality management plan, resource management plan, risk management plan, scope baseline, schedule baseline, cost baseline, Project docs, assumption log, cost estimates, duration estimates, issue log, lessons learned register, requirements documentation, resource requirements, stakeholder register, agreements, procurement docs, EEFs and OPAs
  • tools and techniques: Expert judgment, data gathering, brainstorming, checklists interviews, data analysis, root cause analysis, assumption and constraint analysis, SWOT analysis, document analysis, interpersonal and team skills, facilitation, prompt lists, meetings
  • outputs: risk register, risk report, project docs updates, assumption log, lessons learned register
60
Q

ITTOs Perform Qualitative Risk analysis

A
  • inputs: PM plan, risk management plan, Project docs, assumptions log, risk register, stakeholder register, EEFs and OPAs
  • Tools and techniques: expert judgment, data gathering, interview, data analysis, risk data quality assessment, risk probability and impact assessment, assessment of other risk parameters, Interpersonal and team skills, facilitation, risk categorization, data representation, probability and impact matrix, hierarchical charts, meetings
  • Outputs: Project docs updates, assumption log, issue log, risk register, risk report
61
Q

ITTOs Perform Quantitative Risk Analysis

A
  • inputs: PM plan, risk management plan, scope baseline, schedule baseline, cost baseline, Project docs, assumption log, basis of estimates, cost forecasts, duration estimates, milestone list, resource requirements, risk register, risk report, schedule forecasts, EEFs and OPAs
  • Tools and techniques: expert judgment, data gathering, interviews, interpersonal and team skills, facilitation, representations of uncertainty, data analysis, simulations, sensitivity analysis, decision tree analysis, influence diagrams
  • Outputs: Project docs updates, risk report
62
Q

ITTOs Plan Risk Responses

A
  • inputs: PM plan, resource management plan, risk management plan, cost baseline, Project docs, lessons learned register, project schedule, project team assignments, resource calendars, risk register, risk report, stakeholder register, EEFs and OPAs
  • Tools and techniques: expert judgment, data gathering, interview, interpersonal and team skills, facilitation, strategies for threats, strategies for opportunities, contingent response strategies, strategies for overall project risk, data analysis, alternatives analysis, cost-benefit analysis, decision making, multi-criteria analysis
  • outputs: change requests, PM plan updates, schedule management plan, cost management plan, quality management plan, resource management plan, procurement management plan, scope baseline, schedule baseline, cost baseline, Project docs updates, assumption log, cost forecasts, lessons learned register, project schedule, project team assignments, risk register, risk report
63
Q

Responding to Negative Risks

A
  • escalate: to management outside of PM ability
  • avoidance
  • transference
  • mitigation
  • acceptance: low level little to no control over ex weather
64
Q

Responding to Positive Risks

A
  • escalate
  • exploiting
  • sharing
  • enhancing
  • accepting
65
Q

Managing Risks Types

A
  • Residual risks: implement risk response and create new risks is residual, lower probability, lower impact
  • secondary risks: domino effect
  • justifying risk reduction
    *
66
Q

Justifying risk reduction

A
  • additional time or monies are typically needed
  • determine if the solution is worth tradeoffs
  • probability and impact assessment
67
Q

ITTOs Implementing Risk Responses

A
  • Inputs: PM plan, risk management plan, Project docs, lessons learned register, risk register, risk report, OPAs
  • tools and techniques: expert judgment, interpersonal and team skills, influencing, PMIs
  • outputs: change requests, Project docs updates, issue log, lessons learned register, Project team assignments, risk register, risk report
68
Q

ITTOs Monitoring Risks

A
  • implementing risk response plans, tracking identified risks, monitoring residual risks, evaluating risk response effectiveness
  • inputs: PM plan, risk management plan, Project docs, issue log, lessons learned register, risk register, risk report, work performance data, work performance reports
  • tools and techniques: data analysis, technical performance analysis, reserve analysis, audits, meetings
  • outputs: work performance information, change requests, PM plan updates, any component, Project doc updates, assumption log, issue log, lessons learned register, risk register, risk report, OPAs updates
69
Q

risk trigger

A

aka warning signs, trigger signal that a risk is about to happen or has happened

70
Q

Thee common types of prompt lists

A
  • VUCA: volatility, uncertainty, complexity, ambiguity
  • TECOP: technical, environmental, commercial, operational, political
  • PESTLE: political, economic, social, technological, legal, environmental

PMP (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions