Risk Management Flashcards
What is the process of risk management?
Plan risk management Identify risks Perform qualitative risk analysis Perform quantitative risk analysis Plan risk responses Control risks
What is the key output of the Plan Risk Management process?
Risk management plan
What is the key output of the Identify Risks process?
Risk register
What key outputs of the Perform Qualitative Risk Analysis process are added to the risk register?
Risk ranking for the project
Prioritized risks and their probability and impact ratings
Risks grouped by category
List of risks requiring additional analysis and response
List of risks requiring analysis in the near term
Watch list (noncritical risks)
What key outputs of the Perform Quantitative Risk Analysis process are added to the risk register?
Prioritized list of quantified risks, initial amount of contingency time and cost reserves needed, possible realistic and achievable completion dates and project costs, quantified probability of meeting project objectives, trends in quantitative risk analysis
What key outputs of the Plan Risk Responses are added to the risk register?
Residual risks, contingency plans, fallback plans, risk owners, secondary risks, risk triggers, contracts, reserves for time and cost
What are the key outputs of the Control Risks process?
Work performance informaiton, risk register updates, change requests, updates to the project management plan and project documents, updates to organizational project assets
What key outputs of the Control Risks process are added to the risk register?
Outcomes of risk reassessments and risk audits, results of implemented risk responses, updates to previous parts of risk management, closing of risks that are no longer applicable, details of what happened when risks occured, lessons learned
What is a risk?
A future occurrence that may or may not happen that can have a positive (opportunity) or negative (threat) impact on the project
What are the four key factors that need to be determined for each risk?
Probability, impact, timing, frequency
A person who is risk averse is:
Unwilling to take risks
Define risk appetite, risk tolerance, and risk threshold.
Appetite: a general high-level description of the acceptable level of risk
Tolerance: a measurable amount of acceptable risk
Threshold: the specific point at which risk become unacceptable
What are the inputs to the risk management process?
Project background information and other organizational process assets, enterprise environmental factors, project charter, network diagram, and other project documents, project management plan (including scope baseline and the knowledge area plans, time and cost estimates, procurement documents, stakeholder register, risk register, work performance data and reports
What are some examples of sources of risk?
Technical, project management, schedule, cost, quality, scope, resources, customer satisfaction
What are some examples of risk identification techniques?
Documentation reviews, information-gathering techniques, SWOT analysis (strengths, weaknesses, opportunities, threats), checklist analysis, assumptions analysis, diagramming techniques
What are risk triggers?
Early warning signs that a risk event has occurred, or is about to occur; they let risk owners know when to take action
What is assumption analysis?
When is it done?
Assessing the assumptions made on the project and determining whether they are valid
During identify risks
What is risk data quality assessment?
When is it done?
Determining how accurate, reliable, and well understood the risk information is
During perform qualitative risk analysis
What is a probability and impact matrix?
The company’s standard rating system to promote a common understanding of what each risk rating means
What is sensitivity analysis?
A technique to analyze and compare the potential impacts of identified risks
What is the formula for expected monetary value?
Probability times impact, or EMV=P x I
What is a decision tree?
A model of a decision to be made that includes the probabilities and impacts of future events
Who is a risk owner?
The person assigned to develop and execute risk responses for a critical risk
What are the possible risk response strategies for threats?
Avoid, mitigate, transfer, accept
What are the possible risk response strategies for opportunities?
Exploit, enhance, share, accept
What are residual risks?
Risks that remain after risk response planning
What are secondary risks?
New risks created by the implementation of risk response strategies
How does buying insurance relate to risk response planning?
It exchanges an unknown cost impact of a known risk for a known cost impact
It is a method to decrease project risk
How does a contract relate to risk response planning?
A contract helps allocate and mitigate risks
Risk analysis must be done before a contract is signed
What are contingency plans?
Planned responses to be implemented when and if a risk event occurs
What are fallback plans?
Actions that will be taken if the contingency plan is not effective
What are reserves?
What are the two kind of reserves?
Time or cost added to the project to account for risk
Management reserve, contingency reserve
What is a contingency reserve?
Time or cost allocated to cover known unknowns
It is included in the cost baseline
What is a management reserve?
Time or cost allocated to cover unknown unknowns
It is added to the cost baseline to get the cost budget
What are workarounds?
Unplanned responses developed to deal with the occurrence of unanticipated events or problems on a project (or to deal with risks that had been accepted because of unlikelihood of occurrence and/or minimal impact)
What are risk reassessments?
When do they occur?
Reviews of the risk management plan and risk register
During control risks
What is reserve analysis?
When is it done during the risk management process?
Managing the reserves and making sure the amount remaining is adequate
What are risk audits?
Assessing the effectiveness of the risk management process and specific risk responses that have been implemented