Risk Management

Question 1

Acceptance

Answer 1

Acceptance

1. The risk may be small so the risk may be accepted.
2. A risk response appropriate for both positive and negative risks, but often used for smaller risks within a project.

Question 2

Ambiguity Risks

Answer 2

Ambiguity Risks

Risks that have an uncertain, unclear nature, such as new laws or regulations, the marketplace conditions, and other risks that are nearly impossible to predict.

Question 3

Avoidance

Answer 3

A risk response to avoid the risk.

Question 4

Escalate

Answer 4

Escalate: the risk (or opportunity) is outside of the project scope and is escalated to management.

Question 5

Acceptance

Answer 5

Acceptance

The risk may be small so the risk may be accepted.

Question 6

Transference

Answer 6

Transference

Risk ownership is transferred to third party, usually for a fee.

Question 7

Exploit

Answer 7

Exploit

A positive risk that a project wants to take advantage of.

Question 8

Share

Answer 8

Share

A positive risk that can be shared with the organization or other projects.

Question 9

Contingency fund

Answer 9

Contingency fund

An amount of funds used to offset a project’s risks.

Question 10

Secondary risks

Answer 10

Secondary risks

A risk response creates another risk.

Question 11

Residual risks

Answer 11

Residual risks

A risk response may create small generally accepted risks.

Question 12

Triggers

Answer 12

Triggers

Condition, event, or warning sign that a risk is about to happen. Usually “triggers” a risk
response.

Question 13

Positive risk

Answer 13

Positive risk

Risks with a positive impact; also called opportunities.

Question 14

Negative risks

Answer 14

Negative risks

Risks with a negative impact; also called threats.

Question 15

Pure risk

Answer 15

Pure risk

Only offers a negative impact (injury, fire, theft, destruction).

Question 16

Business risk

Answer 16

Business risk

Offer an upside or a downside. These risks may have negative or positive outcomes.

Examples include using a less experienced worker to complete a task, allowing phases or activities to overlap, or forgoing the expense of formal training for on-the-job education.

Question 17

Qualitative analysis

Answer 17

Qualitative analysis

Qualifying the risks for legitimacy.

This approach “qualifies” the risks that have been identified in the project. Specifically, qualitative risk analysis examines and prioritizes risks based on their probability of occurring and their impact on the project should they occur.

Question 18

Quantitative analysis

Answer 18

Quantitative analysis

Quantifies the risk exposure.

This approach attempts to numerically assess the probability and impact of the identified risks. It also creates an overall risk score for the project. This method is more in-depth than qualitative risk analysis and relies on several different tools to accomplish its goal.

Question 19

Utility function

Answer 19

Utility function

A person’s or organization’s willingness to accept risk. Relative to the project priority
as high-priority projects are typically risk adverse.

Also known as risk tolerance.

Question 20

Cardinal scales

Answer 20

Cardinal scales

A ranking approach to identify the probability and impact by using a numerical value, from .01 (very low) to 1.0 (certain).

Question 21

Checklists

Answer 21

Checklists

A quick and cost-effective risk identification approach

Question 22

Data precision

Answer 22

The consideration of the risk ranking scores that takes into account any bias, the accuracy of the data submitted, and the reliability of the nature of the data submitted.

Question 23

Delphi Technique

Answer 23

Delphi Technique

An anonymous method of querying experts about foreseeable risks within a project, phase, or component of a project.

The results of the survey are analyzed by a third party, organized, and then circulated to the experts.

There can be several rounds of anonymous discussion with the Delphi Technique, without fear of backlash or offending other participants in the process.

The goal is to gain consensus on project risks within the project.

Question 24

Decision tree

Answer 24

Decision tree

A method to determine which of two or more decisions is the best one.

The model examines the costs and benefits of each decision’s outcome and weighs the probability of success for each of the decisions.

Question 25

Enhancing

Answer 25

Enhancing A risk response that attempts to enhance the conditions to ensure that a positive risk event will likely happen.

Question 26

Expected monetary value (EMV)

Answer 26

Expected monetary value (EMV) The monetary value of a risk exposure based on the risk’s probability and impact in the risk matrix. This approach is typically used in quantitative risk analysis because it quantifies the risk exposure.

Question 27

External risks

Answer 27

External risks These risks are outside of the project, but directly affect it—for example, legal issues, labor issues, a shift in project priorities, or weather. “Force majeure” risks call for disaster recovery rather than project management. These are risks caused by earthquakes, tornadoes, floods, civil unrest, and other disasters.

Question 28

Influence diagrams

Answer 28

An influence diagram charts out a decision problem. It identifies all of the elements, variables, decisions, and objectives and also how each factor may influence another.

Question 29

Low-priority risk watch list

Answer 29

Low-priority risks are identified and assigned to a watch list for periodic monitoring.

Question 30

Mitigation

Answer 30

Mitigation A risk response effort to reduce the probability and/or impact of an identified risk in the project.

Question 31

Ordinal scales

Answer 31

Ordinal scales A ranking approach that identifies and ranks the risks from very high to very unlikely or to some other value.

Question 32

Organizational risks

Answer 32

Organizational risks The performing organization can contribute to the project’s risks through unreasonable cost, time, and scope expectations; poor project prioritization; inadequate funding or the disruption of funding; and competition with other projects for internal resources.

Question 33

PESTLE

Answer 33

A prompt list used for risk identification. PESTLE examines risks in the Political, Economic, Social, Technological, Legal, and Environmental domains.

Question 34

Probability and impact matrix

Answer 34

Probability and impact matrix A matrix that ranks the probability of a risk event occurring and its impact on the project if the event does happen; used in qualitative and quantitative risk analyses.

Question 35

Project management risks

Answer 35

Project management risks These risks deal with faults in the management of the project: the unsuccessful allocation of time, resources, and scheduling; unacceptable work results; and poor project management.

Question 36

RAG rating

Answer 36

RAG rating An ordinal scale that uses red, amber, and green (RAG) to capture the probability, impact, and risk score.

Question 37

Risk

Answer 37

Risk A project risk is an uncertain event or condition that can have a positive or negative impact on the project.

Question 38

Risk identification

Answer 38

Risk identification The systematic process of combing through the project, the project plan, the work breakdown structure, and all supporting documentation to identify as many risks that may affect the project as possible.

Question 39

Risk management plan

Answer 39

Risk management plan A project management subsidiary plan that defines how risks will be identified, analyzed, responded to, and monitored within the project. The plan also defines the iterative risk management process that the project is expected to adhere to.

Question 40

Risk management planning

Answer 40

Risk management planning The agreed-upon approach to the management of the project risk processes.

Question 41

Risk owners

Answer 41

Risk owners The individuals or entities that are responsible for monitoring and responding to an identified risk within the project.

Question 42

Risk register

Answer 42

Risk register The risk register is a project plan component that contains all of the information related to the risk management activities. It’s updated as risk management activities are conducted to reflect the status, progress, and nature of the project risks.

Question 43

Risk report

Answer 43

Risk report The risk report explains the overall project risks and provides summaries about the individual project risks.

Question 44

Risk response audit

Answer 44

Risk response audit An audit to test the validity of the established risk responses.

Question 45

Risk responsibilities

Answer 45

Risk responsibilities The level of ownership an individual or entity has over a project risk.

Question 46

Risk score

Answer 46

Risk score The calculated score based on each risk’s probability and impact. The approach can be used in both qualitative and quantitative risk analysis.

Question 47

Root cause identification

Answer 47

Root cause identification Root cause identification aims to find out why a risk event may be occurring, the causal factors for the risk events, and then, eventually, how the events can be mitigated or eliminated.

Question 48

Sensitivity analysis

Answer 48

Sensitivity analysis A quantitative risk analysis tool that examines each risk to determine which one has the largest impact on the project’s success.

Question 49

Sharing

Answer 49

Sharing A risk response that shares the advantages of a positive risk within a project.

Question 50

SWOT analysis

Answer 50

SWOT analysis is the process of examining the project from the perspective of each characteristic: strengths, weaknesses, opportunities, and threats.

Question 51

TECOP

Answer 51

TECOP A prompt list used in risk identification to examine the Technical, Environmental, Commercial, Operational, and Political factors of the project.

Question 52

Technical, quality, or performance risks

Answer 52

Technical, quality, or performance risks Technical risks are associated with new, unproven, or complex technologies being used on the project. Changes to the technology during the project implementation can also be a risk. Quality risks are the levels set for expectations of impractical quality and performance.

Question 53

Transference

Answer 53

Transference A risk response that transfers the ownership of the risk to another party. Insurance, licensed contractors, or other project teams are good examples of transference. A fee and contractual relationships are typically involved with the transference of a risk.

Question 54

Variability risks

Answer 54

Variability risks A type of risk based on the variations that may occur in the project, such as production, number of quality errors, or even the weather.

Question 55

VUCA

Answer 55

VUCA A prompt list used in risk identification that examines the Volatility, Uncertainty, Complexity, and Ambiguity of risk factors within the project.