Risk Theme Flashcards
What is the definition of risk, and what are the two types?
An uncertain event that, should it occur, will have an effect in the achievement of objectives.
It consists of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives.
A risk can be a threat or opportunity.
What is risk management?
The systematic application of procedures to the tasks of identifying and assessing risks, and then planning and implementing risk responses
What needs to be done with risk, for risk management to work effectively? (4)
- Identified
- Assessed
- Planned for
- Controlled (by making sure responses are implemented and monitored)
Prince2 is based on which nine generic risk principles?
- Understanding the project context
- Involve the stakeholders
- Establishing clear project objectives
- Developing a project risk management approach
- Reporting on risks regularly
- Defining clear roles and responsibilities
- Establishing a support structure and supportive culture for risk management
- Monitoring for early warning indicators
- Establishing a review cycle and seek continual improvement
What’s the minimum a Prince2 project must do under risk management?
- Define the risk management approach (identify and assess risks, assign roles and responsibilities, maintain a risk register and use lessons to inform risk identification and management)
- Have two products - the risk management approach and the risk register.
Both these products are created during initiating a project.
What should a risk management approach be based on?
An organization’s risk management policy or a program risk management (if available)
lessons from previous projects
What should the risk register contain? (6)
- A risk identifier
- A risk author (the person who raised the risk)
- The date registered
- A risk category
- A risk description
- The probability, impact and expected value of the risk
It should also contain the risk’s proximity (how close to the present time it is expected to occur)
What are the five steps Prince2 recommends as a risk management procedure?
- Identify
- Assess
- Plan
- Implement
- Communicate (runs in parallel to all others)
What are some of the techniques that can be used to identify risks?
- Review lessons
- Risk checklists
- Risk prompt lists
- Brainstorming
- Risk breakdown structures
It is important to express a risk in terms of its cause and the event. What does that mean?
The cause - the situation that gives rise to the risk
The event - the threat that may occur and its effect
What is a Probability Impact Grid?
Under the Risk Theme
Risks are placed on the grid with ranking values, e.g. measure of probability, impact scale.
This allows to prioritize time and effort
What are secondary risks?
Risks that relate to a new situation after a risk response has been implemented
What six responses does Prince2 suggest for threats and opportunities?
Common
- Prepare contingent plans
- Accept (to live with the risk)
- Share (e.g. through a contract)
- Transfer (to a third party, e.g. through a contract)
For threats:
- Avoid
- reduce
For opportunities:
- Exploit (take action to realize opportunity)
- Enhance (take action to make opportunity more likely to happen or increase impact)
To manage risks, what two roles need to be assigned?
- Risk owner (responsible for management, monitoring and controlling all aspects of a risk)
- Risk actionee (Assigned to carry out risk response actions, upon direction of the risk owner)
Through which products can risks be communicated? (5)
- Checkpoint reports
- Highlight reports
- End stage reports
- End project reports
- Exception reports
