Risk Governance

Question 1

Which of the following is NOT an input of Risk Monitoring and Control Risk process?
A.	Approved change requests
B.	Work performance information
C.	Risk management plan
D.	Project scope statement

Answer 1

D. Project scope statement is an input to the first four – Plan Risk management, Identify risk; Perform Qualitative Risk Analysis and Perform Quantitative Risk Analysis processes. However, it is not used as an input for Plan Risk Response and Monitoring and Control Risk processes.

Question 2

Which of the following processes in which new risks will be identified?
A. Identify Risk and Monitoring and Control Risk
B. Identify Risk
C. Monitoring and Control Risk
D. Identify Risk and Plan Risk Response

Answer 2

A. New risks can also happen while Monitoring and Control risk, especially those risks that are detected as the project work is executed and in progress.

Question 3

While conducting Monitoring and Control Risk activities, what should be done with the Watchlist?
A. A response should be developed for each risk
B. Risks should be monitored for a change in status
C. Risks should be numerically analyzed
D. Do nothing unless one of the risks becomes an issue

Answer 3

B. We should continue to monitor Watchlist regularly to determine whether a change of status has occurred. It is not feasible to analyze low priority risks on a numerical level (option C) or develop a response plan (option A). Option D – do nothing should be an acceptance strategy that is planned.

Question 4

Three months after the execution of a project work had started; the project manager is concerned about potential risks occurring as a result of performance deviations from the baseline. What should the project manager do?
A. Reassess all risks
B. Perform risk audits
C. Conduct technical performance measurement
D. Perform variance and trend analysis

Answer 4

D. Variance / trend analysis forecasts potential cost and/or schedule deviations of a project at completion to reveal potential risks. It also looks for deviations of performance in comparison to the performance baselines (Cost and Schedule).

Question 5

Which of the following is an output of Monitoring and Control Risk activities?
A. Risk-related contractual agreements
B. Recommended preventive actions
C. Changes to the project management plan
D. The development of contingency plans

Answer 5

B. Option A and D are updates resulting from Plan Risk Response process. Although changes could be requested as a result of Monitoring and Control Risk process, they are not implemented until Change Control Board has given the approval, which makes option D incorrect. Thus, option B is the only choice.

Question 6

Two months after the execution of a project work had started; an issue emerges as a result of a risk had gone undetected.  What type of response should the risk management team implement?
A.	A contingency plan
B.	A secondary plan
C.	A workaround
D.	A fallback plan

Answer 6

C. A workaround is an unplanned response to a negative threat that has happened.

Question 7

When carrying out Monitoring and Control Risk activities, a new risk is identified. What is the FIRST thing that the risk management team should do?
A. The new risk is not found in the risk register, so it should be ignored
B. Audit the risk
C. Develop a risk response
D. Assess the risk

Answer 7

D. Whenever new risk is identified, we should go through the risk management processes which for this case, assessing the risk would come first – option D.

Question 8

A project manager has kicked start the process of monitoring risks with the project management team.  Out of 120 risks identified, half of them received an immediate response, and 20 of them have been realized.  What should the project management team do to ensure that enough funds remain to deal with the remaining risks if they occur?
A.	Perform reserve analysis
B.	Conduct a risk audit
C.	Implement a fallback plan
D.	Perform variance and trend analysis

Answer 8

A. Perform reserve analysis is used to compare the remaining risk to the remaining reserve. A reserve fund is typically set aside to deal with risks. For this case, perform reserve analysis allows the project management team to determine whether enough reserve remains to deal with risks.

Question 9

All the following are true EXCEPT:
A. Risk audits are concerned with the effectiveness of the risk management processes
B. New risks can be identified while performing Monitoring and Control Risk activities
C. Risk management should be discussed during status meetings at least quarterly
D. Risk reassessment should be scheduled regularly as part of Monitoring and Control Risk

Answer 9

C. Risk management should be discussed during status meetings on a regular basis. However, discussing risk management on a quarterly basis with project team is not effective which makes option C the best choice.

Question 10

Upon the closure of risk management activities, a project manager archives the risk register, updates the project management plan, and also archives the updated risk management templates. What has the project manager forgotten to do?
A. Hold a risk review
B. Celebrate the closure of all risk management activities
C. Conduct risk reassessment
D. Archive lesson learned

Answer 10

D. Option A – risk review should be done before any closure and not upon closure. Option B – it may be necessary to celebrate with the project team for the closure but not the most important thing. Option C – conduct risk reassessment is done before any closure. Thus, the best choice is option D.

Question 11

Fine-turning risk management policies and practices can happen as a result of:
A.	Reserve analysis
B.	Risk audits
C.	Risk assessment
D.	Status meetings

Answer 11

B. Risk audits are concerned with measuring risk responses effectiveness as well as measuring the effectiveness of the risk management processes. As a result of risk audits, risk management policies and practices can be better fine-tuned.

Question 12

Which of the following BEST describes the purpose of technical performance measurement?
A. Comparing actual technical achievements to planned achievements
B. Recording technical performance as risk are monitored
C. Creating a baseline of technical performance based on the amount of risk
D. Measuring the amount of technical performance achieved

Answer 12

A. Technical performance measurement is to ensure that deviations in technical performance and milestones have not occurred. The purpose is for the team to forecast the degree of success in achieving the scope of the project.

Question 13

Which of the following techniques uses earned value analysis to determine whether any deviations exist?
A.	Reserve analysis
B.	Risk audits
C.	Technical performance measurement
D.	Variance and trend analysis

Answer 13

D. Variance and trend analysis uses earned value analysis, which is supported by work performance information and performance reports to identify deviations from the plan.

Question 14

A project manager of a pharmaceutical company has uncovered several new risks after a new drug project work was executed.  After conducting analysis, the project manager became concerned that there would not be enough funds to cover these additional risks if they occur.  What should the project manager do?
A.	Perform risk analysis
B.	Perform risk audits
C.	Perform reserve analysis
D.	Request more funds

Answer 14

C. At this point, the project manager does not know whether there are enough funds remaining in the contingency reserve. To get this information, the project manager needs to perform reserve analysis. This technique compares the remaining risks to the remaining amount of contingency reserve in order to determine whether the contingency reserve is enough to cover the existing risks.

Question 15

Which if the following responses are unplanned?
A.	Response plans
B.	Workaround 
C.	Fallback plans
D.	Contingency plans

Answer 15

B. Workarounds are unplanned responses to negative risks that have occurred.

Question 16

Monitoring and Control Risk process utilizes all the following as tools and techniques EXCEPT:
A.	Risk audits
B.	Planning meetings
C.	Reserve analysis
D.	Risk assessment

Answer 16

B. Planning meetings cannot take place during Monitoring and Control Risk process. Instead, status meetings are used as a tool to address risk items as part of the meeting agenda.

Question 17

All the following are concerned with Monitoring and Control Risk process EXCEPT:
A.	Monitoring residual risks
B.	Identifying new risks
C.	Identifying root causes
D.	Tracking identified risks

Answer 17

C. Identifying root causes of risks happens within the Identify Risk process while the rest of the options (A, B and D) are part of the Monitoring and Control Risk process.

Question 18

Which of the following is NOT an output of the Monitoring and Control Risk process?
A. Recommended preventive actions
B. Updates to the organizational process assets
C. Updates to the risk register
D. Approved change requests

Answer 18

D. Change requests are outputs of Monitoring and Control Risk process but not the “approved” change requests. The accepted change requests are input to the Monitoring and Control Risk process.

Question 19

Monitoring and Control Risk process will update all the following to the risk register EXCEPT:
A.	Fallback plans
B.	Outcomes of risk audits
C.	Actual outcomes of risk responses
D.	Outcomes of risk reassessments

Answer 19

A. Fallback plans are developed as part of Plan Risk Response process.

Question 20

All the following are activities in the Monitoring and Control Risk process EXCEPT:
A. Create reserves
B. Ensuring the execution of risk management plan and risk response plans
C. Dealing with risks that were not identified
D. Taking corrective actions to adjust the severity of actual risks

Answer 20

A. Create reserves is an activity in the Plan Risk Response process.

Question 21

Risk review includes all of the following EXCEPT:
A. Monitoring residual risks
B. Changing the order of top risks
C. Adjusting to the severity of actual risks
D. Documenting the effectiveness of contingency and fallback plans

Answer 21

D. Documenting the effectiveness of contingency and fallback plans is part of risk audit. Risk review is to look forward in time, while risk audit is to look backward at what had already happened.

Question 22

What happens when a risk is closed?
A. Some risk reserve may be returned to the company
B. Risks are never closed until the project is completed
C. The team can relax a bit
D. More attention should be given to the watchlist

Answer 22

B. Option B is just wrong. Option C may happen but not the best answer. Option D is partially correct but the focus should be more on all open risks, and not just the watchlist.

Question 23

Risk governance is concerned with:
A. The impacts of a risk response plan on the other constraints of the project
B. Ensuring consistency in risk management practices throughout the organization
C. The roles and responsibilities of each risk owner
D. Creating the risk response plans for each risk

Answer 23

B. Risk governance takes an organizational view of risk management to ensure it is practiced consistently. The details of each risk management activity of a single project are not the primary focus of Risk governance.

Question 24

Which of the following BEST describes the purpose of risk metrics?
A. Measure how risk tolerances and thresholds change throughout the organization during the project
B. Create reports in the format requested by management team
C. Give the project manager an additional means of measuring the success of the project
D. Measure the responses of individual risk owners and determine who is the most effective

Answer 24

C. Risk governance creates metrics that project manager can use them on their projects as an additional means of measuring whether their efforts and the project are successful. Hence, option C is the answer.

Question 25

Risk owners are BEST used during which parts of the risk management process?
A. Monitoring and Control Risks and Perform Quantitative Risk Analysis
B. Perform Qualitative Risk Analysis and Identify Risk
C. Identify Risk and Plan Risk Responses
D. Plan Risk Response and Monitoring and Control Risks

Answer 25

D. Risk owners are not always used in Identify Risk process – option B and C. Risk owners might only be used for certain projects in the Perform Quantitative Risk Analysis process.

Question 26

When can a project manager close risks?
A. When the project team needs to focus on new risks
B. Project manager can never close risks
C. When the risk management team lowers the impact value of the identified risks
D. When the time in which the identified risk can logically happen passes

Answer 26

D. Option A is wrong as the project team needs to watch all the open risks. Option C is wrong as project manager cannot close the identified risks just because the impact value was lowered. When impact value was lowered, this risk will be moved into watchlist. Option B is definitely wrong and hence the only choice is option D.

Question 27

During the execution phase of a project, a new risk is identified by the project team which will seriously jeopardize the completion of the project. What should the project manager do?
A. Contact the stakeholders to get their advice on how to response to this risk
B. Determine a response strategy
C. Inform the sponsor and customer immediately
D. Evaluate the probability and impact of the risk and determine a response strategy

Answer 27

D. The project manager cannot do option A or B until you evaluate the risk. The project manager will not have enough information to advise the sponsor / customer (option C) until you have evaluated the risk. Thus, the best choice is option D

Question 28

A project manager is working in an organization that doesn’t have consistency within its risk management practices and tends to have deviating results as to the effectiveness of risk management.  What does the project manager need?
A.	To practice proper risk management
B.	Lessons learned
C.	Risk governance
D.	A project management office

Answer 28

C. All options in this question could be correct to certain degree, but the best choice is option C

Question 29

Workarounds are determined during which risk management process?
A.	Perform Quantitative Risk Analysis
B.	Plan Risk Responses
C.	Monitoring and Control Risks
D.	Identify Risks

Answer 29

C. Workarounds are to handle risks that occur but are not included in the risk register. Therefore, the project must be in the Monitoring and Control Risks process if risks have occurred.

Question 30

Which of the following is NOT an activity in the Monitoring and Control Risk process?
A. Creating the definitions of impact ratings
B. Collecting and communicating risk status
C. Performing risk audits
D. Performing risk reviews

Answer 30

A. Option A is an activity of Plan Risk Management process to create the Risk Management Plan.