Pure PRINCE2 - Risk theme Flashcards
What is a Risk
An certain event(s) that may occur and may have an effect (+ve or -ve) on the project.
What is a threat?
An uncertain event(s) that will most probably have a negative effect on the project
What is an opportunity?
An uncertain event(s) that will most probably have a positive effect on the project
What is Risk Management?
Risk Management is a systematic application of practises that handle any risk to the project, implements risk responses, and communicates with SH’s about risks
What is a risk appetite?
The Risk Appetite of an organisations particular attitude towards risk.
What is a risk tolerance?
The risk Tolerance is the threshold level of exposure, under which the PM can manage without escalation. If the threshold is breach, the risk must be escalated to the PB
What is risk exposure?
The Risk Exposure is the total potential impact of risks borne by an organisation at any given moment
What is the purpose of the risk theme?
The purpose of the Risk theme is to identify, assess and control uncertainty, maximising the chances of Project success. It has three main aims:
- Manage the overall risk exposure of a project
- Identify risks to a project, incl. their probability, impact, & timing, and a list of responses
- Keep risk exposure within an acceptable level in a cost-effective manner
What six things are needed for effective RM in PRINCE2?
- Project has a detailed RMA, mapping risk capture, mitigation, and communication
- Each risk is prioritised
- Risks are recorded in the Risk Register and are continually reviewed throughout the project
- The lessons log is reviewed for lessons related to risk
- Risk responses are planned, implemented and recorded in the correct and timely manner
- Two risk management products are continually updated - the Risk Register, and the RMA
What is the Risk Register?
Log of identified risks with the relevant information (ie. unique identifier, author, date of entry, description, probability, proximity, potential impact, RM approach, potential responses, status, and person responsible for the risk, category).
Maintained by the PM (or PS) and for the whole PM team.
What is the RMA?
Log of identified risks with the relevant information (ie. unique identifier, author, date of entry, description, probability, proximity, potential impact, RM approach, potential responses, status, and person responsible for the risk, category).
Maintained by the PM (or PS) and for the whole PM team.
Details the systems that handle and monitor risk.
It contains: RM procedures, RM tools and techniques, Risk Register, reporting structure, timing of RM procedures, roles and responsibilities, risk categories, risk response categories, early warning indicators, risk tolerances, risk budget, risk scale, proximity of RM activities.
It is created and maintained by the PM, and for the whole PM team.
What is a Probability - Impact Grid?
A Probability - Impact Grid can be use to visualise and measure the severity of risk to a project. A risk is plotting against its probability and impact, and it’s position on the matrix determines the ideal response.
High - Escalate to PB
Medium - PM to proactively manage and monitor, potentially implementing risk responses
Low - Accept and record the risk
What is the RM Procedure?
This is an ongoing project that allows the PM team to identify and manage risk.
A good RM procedure is highly recommended, but not mandatory in PRINCE2.
A RM procedure as five sections:
- Identify the context and details of a risk
- Assess the context and details of a risk, including the PI
- Plan the appropriate risk response to decrease risk exposure. The cost of a risk response should be proportional to the probability and impact of a risk, and the residual risk remaining.
-
Implement the risk response and measure its effectiveness
Clear roles and responsibilities are important for good risk mitigation.
There are two risk related roles: . The Risk Owner is responsible for managing a risk and implementing a response, whereas the Risk Actioner implements the risk response under direction of the Risk Owner. - Communication - a continuous process to update all SH’s on risks
What is a risk budget?
Portion of the project’s funding that is saved at start of the project to finance RM activities.
The size of risk budget should be proportional to the total risk exposure (impact, probability).
The RMA should outline how and when the risk budget should be spent.
It is important the Risk Budget is saved for RM activities for the entirety of the project.
The Risk Budget is advised, but not mandated, by PRINCE2.
What are the responsibilities of the Risk Theme?
PE / PB - responsible or the RMA as a whole for high impact risks related to CBJ.
SU - ensures risks to the user are identified and properly managed.
SS - ensures risks to the supplier are identified and properly managed.
PM - accountable or day-to-day RM activities and maintenance of the RMA and RR.
PA - reviews the actions of the PM and PM team to ensure they comply with the RMA.
TM - participates in the identification, assessment and management of risk.
What are the three categories of Risk?
There are three categories of risk:
- Inherent - risk before a response is implemented
- Residual - risk remaining after a response is implemented
- Secondary - risk generated as a result of the response to another risk
