Assess and Manage Risks
Once you've completed the Identify Risks process, the following findings can be added to the risk register:
1. Identified risks 2. Risk owners 3. Risk responses Depending on the size and complexity of your project, the risk register can also log other data such as risk categories, risk triggers (events that indicate the risk is about to occur), and timing information, such as when the risk is most likely to occur.
Risk Register
A document that records details of all identified individual risks to your project.
Risk Report
Provides a summarized view of the project's risk landscape. Unlike the risk register's detailed listings, the risk report highlights key areas of concern, including: Number of Identified Risks: Offering a high-level count of both threats and opportunities. Risk Distribution: How risks are spread across different categories, which can help in understanding areas of concentration and potential impact. Insights into Metrics and Trends: Analysis of risk data to identify patterns, trends, or emerging issues that require attention. This report is particularly useful for stakeholders and project leaders to quickly grasp the project's risk profile and make informed decisions.
What are all the documents that can be updated once you've completed identifying risks process?
Risk Register Risk Report Additional Project Documents such as: 1. Assumption Log 2. Issue Log 3. Lessons Learned Register
What is the main output of the Identify Risks Process
Risk Register.
What is the difference between risks and issues? (Choose two). A. Risks are uncertain and issues are certain. B. Risks are certain and issues are uncertain. C. Risks have occurred and issues may not occur. D. Risks may not occur and an issue has occurred.
Solution: A and D. A. Risks are uncertain and issues are certain. D. Risks may not occur and an issue has occurred. The correct answer is that risks are uncertain and may not occur, and issues are certain and have occurred. A risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives. An issue is a current condition or situation that may have an impact on the project objectives.
What tools or techniques are suitable for monitoring risks? (Choose 2) A. Data analysis B. Affinity grouping C. Risk Transference D. Risk audits
Solution: A and D. Data analysis and Risk audits The correct answer is data analysis and risk audits. Monitoring risks provides the assurance that risk responses are being applied, verifies whether they are effective, and, as necessary, initiates corrective actions. Periodic audits should be performed to determine strengths and weaknesses in handling risks within the project. Data should be analyzed and documented throughout the risk management process. Audit measurements and data analysis provide a reliable understanding of the status of risks. The other answer choices are incorrect. Affinity grouping involves classifying items into similar categories or collections on the basis of their likeness. Common affinity groupings include T-shirt sizing and Fibonacci numbers. Risk transference is a risk response strategy whereby the project team shifts the impact of a threat to a third party, together with ownership of the response.
The project team members are dispersed across different countries. Suddenly, travel restrictions do not allow team members to collocate. When analyzing project risks, which risk analysis tools should the project manager use? (Choose two). A. Risk checklist B. Context diagram C. Meetings D. Data representation E. Diagramming techniques
Solution: A and E. Risk checklist and Diagramming techniques
When managing a strategic project for their organization, what four tools should a project manager use for risk analysis? (Choose four) A. Brainstorming B. Inspection C. Risk checklists D. Product evaluation E. Interviewing F. Decision tree analysis
Solution: A, C, E and F. Brainstorming, Risk checklists, Interviewing and Decision tree analysis The following are the tools used for risk analysis: Brainstorming is to obtain a comprehensive list of individual project risks and sources of overall project risk. Risk checklists are developed based on historical information and knowledge that has been accumulated from similar projects and from other sources of information. Interviewing may be used to generate input for the quantitative risk analysis, drawing on on inputs that includes individual project risks and other sources of uncertainty. Decision tree analysis are used to support selection of the best of several alternative course of action. The following tools are not used for risk analysis: Inspection is examination of a work product to determine whether it conforms to documented standards. Product evaluation is an investigation conducted to provide objective information about the quality of the product or service under test in accordance with the project requirement.
In an agile development environment, when should a risk analysis be performed? A. Before the start of each iteration B. During the daily standup meeting C. In the retrospective meeting D. After every scrum meeting
Solution: A. Before the start of each iteration The correct answer is before the start of each iteration. The initial iteration would occur after an initial risk analysis, and that process should be repeated after every subsequent iteration. It is necessary to analyze new and existing risks to thoroughly understand their potential impact on project outcomes while preparing for each iteration. An iteration planning meeting is used to clarify the details of the backlog items, acceptance criteria, and work effort required to meet an upcoming iteration commitment. The other options are incorrect because they are not appropriate times to analyze risks. A daily standup meeting (also referred to as a daily scrum) is a brief collaboration meeting during which the project team reviews its progress from the previous day, declares intentions for the current day, and highlights any obstacles encountered or anticipated. A retrospective meeting in a regularly occurring workshop in which participants explore their work and results to improve both the process and product. These meetings provide an opportunity for the project team to review how it works and to suggest changes to improve processes and efficiency. Retrospectives can be useful for identifying risks.
A project team implements a change that was approved by the change control board (CCB). The change was intended to minimize a risk but it had the opposite effect. What should the project manager have done to avoid this outcome? A. Confirmed the effectiveness of the risk response and monitored progress. B. Updated the assumption log with details concerning the risk. C. Performed a risk analysis to quantify project risk exposure. D. Developed a probability and impact matrix to determine the risk's priority level.
Solution: A. Confirmed the effectiveness of the risk response and monitored progress Project work should be continuously monitored for new, changing, and outdated individual project risks and for changes in the level of overall project risk by applying the Monitor Risks process. The Monitor Risks process uses performance information generated during project execution to determine if the response was effective.
A technology project has members of a project team from multiple countries. The stakeholders have stated that this arrangement will keep the project within budget. However, the project manager believes that the stakeholders have not accounted for issues that might arise that could affect the success of the project. What should the project manager do to record this concern? A. Document the risks in the risk register. B. Revise the stakeholder engagement plan. C. Capture the information in the issues log. D. Update the resource management plan.
Solution: A. Document the risks in the risk register. The correct answer is to document the risks in the risk register. Having a dispersed project team does not come without risks. These risks need to be identified and documented in the risk register for the project. A risk register is a repository in which outputs of risk management processes are recorded. Information in a risk register can include the person responsible for managing the risk, probability, impact, risk score, planned risk responses, and other information used to get a high-level understanding of individual risks. Revising the stakeholder engagement plan will not help in documenting the project risk. A stakeholder engagement plan is a component of the project management plan that identifies the strategies and actions required to promote the productive involvement of stakeholders in a project or program decision-making and execution. An issue log is a project document where information about issues is recorded and monitored. An issue is a current condition or situation that has occurred that may have an impact on the project objectives. Whereas a risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives. The resource management plan provides guidance on how project resources should be categorized, allocated, managed, and released, and doesn't help in capturing risks/issues that might arise.
A supplier of a critical component for a construction project notifies the project manager that the component will be significantly late. Because this risk had been identified during project planning, the cost baseline contains an adequate contingency reserve. What should the project manager do next? Identify a supplier that can provide the component within the amount of the reserve. A. Order the component from another supplier and submit a change request to the change control board (CCB). B. Review the risk response plan and the statement of work for the next steps and a penalty clause for late delivery. C. Update the project schedule and the lessons learned repository.
Solution: A. Identify a supplier that can provide the component within the amount of the reserve Realizing that project delivery is the prime focus, the project manager needs to assess alternatives without concern for the potential budget impact. Once a viable alternative is identified, they can present their case to the sponsor for a decision. So, identifying a supplier that can provide the component within the amount of reserve is the right choice. Ordering the component from another supplier without considering the reserve is not the right choice. Updating the project schedule and reviewing the statement of work for late delivery won't solve the current situation. That is equal to accepting the project delay.
During a retrospective meeting, the project team confirmed that all deliverables were completed according to the specifications provided in the product backlog. However, the number of errors found during testing increased dramatically. What should the project manager do? A. Meet with quality assurance specialists to clarify the issue and seek resolutions. B. Review the risk management plan to determine the mitigation strategy. C. Perform a Monte Carlo analysis to identify possible scenarios and actions. D. Register the risk in the risk register and monitor it during the next iteration
Solution: A. Meet with quality assurance specialists to clarify the issue and seek resolutions. The project manager should meet with the quality assurance specialists to understand the root cause of the issue and work with them to find a solution. The reason is that the number of errors found during testing increased dramatically indicating that there is a quality issue with the deliverables. The other options are incorrect. Reviewing the risk management plan will not help to identify the root cause of the issue. Performing a Monte Carlo analysis is a statistical technique used to estimate the probability of different outcomes. It would not be helpful in this case because the project manager already knows that the number of errors found during testing increased dramatically. A Monte Carlo analysis would only be helpful if the project manager was trying to estimate the probability of this event occurring before it happened. Registering the risk in the risk register and monitoring it during the next iteration is a good practice, but it is not the most immediate action that the project manager should take. The other answer choices are incorrect as they refer to the issue as a risk.
A project manager calls a meeting to identify risks for a complicated project. Several subject matter experts are invited to this meeting along with the project team. Why has the project manager invited the subject matter experts? A. Subject matter experts have specialized expertise and can help identify and address high-risk issues. B. Identifying risks in a meeting with subject matter experts makes getting better project resources easier. C. Risks will be easier to accept if the subject matter experts who attended the meeting work together. D. The project manager can leverage subject matter experts' resources to follow up on the identified risks.
Solution: A. Subject matter experts have specialized expertise and can help identify and address high-risk issues.Subject matter experts are invited to the meeting because they provide functional expertise that will help to quickly identify high-risk areas. Expert judgment is the contribution provided to risk identification based on expertise in a subject area, industry segment, organizational processes, etc.The other answer choices are incorrect because the meeting was called to identify risks, not what may happen after the risk has been identified. When subject matter experts assist in identifying risks, they do not typically provide resources beyond their expertise. The participation of subject matter experts does not necessarily make risks easier to accept nor does it ensure that better resources will be secured.
During the execution phase of a project, a project team identifies a previously unforeseen risk that could delay the project for several months. What should the project manager do first? A. Update the risk register. B. Perform qualitative risk analysis. C. Update the project sponsors. D. Plan for additional budget.
Solution: A. Update the risk register. The project manager should first update the risk register with the new risk, its likelihood, impact, and response strategies. By updating the risk register, the project manager can ensure that all of the stakeholders are aware of the new risk and that there is a plan in place to manage it. The other options are incorrect because the risk resister should be updated first. The project manager needs to have a complete understanding of the new risk before performing a qualitative risk analysis, updating the project sponsors, or making any budget decisions.
During the development phase of a construction project, key stakeholders approved a project budget. The team identified risks and appropriate risk responses. However, during project execution, an unexpected local health emergency halted and delayed work on the project. This event type was not identified as a risk or listed in the risk register. The team decides that this issue must be mitigated, which would incur additional costs. How should the project manager address this unforeseen budgetary overrun? A. Use the management reserve to cover the cost. B. Identify potential ways to exploit the risk. C. Use the contingency reserve to cover the cost. D. Develop cost and performance baselines.
Solution: A. Use the management reserve to cover the cost. The correct answer is to use the management reserve to cover the cost. Since the health emergency was unforeseen, the management reserve would be the appropriate resource to cover the cost or mitigation. A management reserve is the amount of the project budget or project schedule held outside of the performance measurement baseline for management control purposes that is reserved for unforeseen work that is within the project scope. Risk exploitation addressed opportunities, not threats. Risk exploitation is a response strategy whereby the project team acts to ensure that an opportunity occurs. Further, the question states that the issue must be mitigated, so the risk response has already been determined. A contingency reserve is the time or money allocated in the schedule or cost baseline for known risks with active response strategies. This option is incorrect because the risk was not known. The cost baseline is the approved version of the time-phased project budget, excluding any management reserves, which can be changed only through formal change control procedures and is used as a basis for comparison to actual results.
Which of the following represents levels of risk attitude? A. Conservative, moderate, and liberal B. Risk-averse, risk-neutral, risk-tolerant, risk-seeking C. Risk-mitigating, risk-avoiding, risk-transferring, risk-accepting D. High, medium, and low E. Positive, negative, and indifferent
Solution: B Risk-averse, risk-neutral, risk-tolerant, and risk-seeking The correct answer is risk-averse, risk-neutral, risk-tolerant, and risk-seeking. Risk attitude is a disposition toward uncertainty, adopted explicitly or implicitly by individuals and groups, driven by perception, and evidenced by observable behavior. The correct answer is therefore the one that cites the averse, neutral, tolerant, and seeking attitudes towards risk as a characteristic of the stakeholders. The stakeholder register contains details of the project's stakeholders and provides an overview of their project roles and their attitude toward risk on the project. Risk attitude information is useful in determining roles and responsibilities for managing risk on the project, as well as setting risk thresholds for the project. Conservative, moderate, and liberal are not risk attitudes. Risk-mitigating, risk-avoiding, risk-transferring, and risk-accepting are risk response strategies. High, medium, and low are gradients that can be used for qualitative risk assessment. Positive, negative, and indifferent are not risk attitudes.
A project manager has been moved to a new division and is in charge of an existing project in an unfamiliar domain. When attempting to gain an understanding of the risks for this agile project, what is the primary tool the project manager should employ? A. Interview with the project champion B. Collaborative discussions C. Probability assessments D. Workshops for risk avoidance
Solution: B. Collaborative discussions It is very important for the Project Manager to have collaborative discussions in order gain knowledge on the domain since it is an unfamiliar domain. Hence this option is the most important for the project manager to do and is thus the correct option. Once the knowledge on the unfamiliar domain is gained, the remaining options like interviewing the Project Champion or performing probability assessments or conducting workshops for risk avoidance will be helpful for the Project Manager and the team to understand the project and the risks better. Hence these are the secondary options that the Project Manager could employ.
A company is about to start a project in a remote place known for extreme weather. It was agreed to implement the project using a predicted, multiphase approach. Each phase is composed of several iterations. What should the project manager do in the event of extreme weather? A. Pause work until a specialized team arrives to assess the damage that was done to the site. B. Consult the initial plans in case of an emergency, then update and follow the corrective procedures. C. Advise management to reconsider such an investment and the continuity of the project. D. Stop the iteration, run a retrospective, and move to the next phase of the project.
Solution: B. Consult the initial plans in case of an emergency, then update and follow the corrective procedures. The correct answer is to consult the initial plans in case of an emergency, then update and follow the corrective procedures. Planning risk responses is the process of developing options, selecting strategies, and agreeing on actions to address overall project risk exposure, as well as to treat individual project risks. The other options are incorrect because the first thing that the project manager should do is consult the initial plans. The risk of extreme weather was acknowledged. Pausing work or stopping the iteration may turn out to be the approved risk response, but the project manager must consult the initial plan to determine that. Advising management to reconsider is not an appropriate course of action because those discussions should have occurred prior to starting the project.
A project manager is leading a project that is vital to their organization and the local environmental and energy authority. During a team meeting to discuss project risks , the team raised a high risk that an important senior manager is not currently involved with project. What should the project manager do to mitigate this risk? A. Implement regular status reporting. B. Escalate this risk to senior management. C. Develop a highly detailed project management plan D. Invite the senior manager to daily project meetings.
Solution: B. Escalate this risk to senior management. The project manager should escalate the risk to senior management to ensure that they are aware of the issue and can take steps to address it. The senior manager is a key stakeholder who can have a major impact on the project. If they are not involved, it is more likely that the project will fail. The other answer choices are incorrect as they do not mitigate the risk. Implementing regular status reporting will keep the senior manager informed of the project's progress, but it will not ensure that they are involved in the project. Developing a highly detailed project management plan is important, but it will not guarantee that the senior manager will be involved in the project. Inviting the senior manager to daily project meetings is too frequent and could be disruptive.
A project manager learns that in-house resources are insufficient to produce a critical component of a deliverable. This poses a significant threat. The quality of the component is integral to the project, and the in-house resources cannot guarantee high-quality output. The project manager decides to outsource the production of the component by contracting a third-party vendor. Which threat response strategy did the project manager use? A. Accept B. Mitigate C. Enhance D. Escalate
Solution: B. Mitigate The correct answer is mitigate. A threat is an event or condition that, if it occurs, has a negative impact on one or more objectives. In threat mitigation, action is taken to reduce the probability of occurrence and/ or impact of a threat. Early mitigation action is often more effective than trying to repair the damage after the threat has occurred. The project manager acted to reduce the probability of the threat associated with the development of a project-critical component. The other answers are incorrect because they do not align with this situation. Threat acceptance acknowledges the existence of a threat, but no proactive action is planned. Enhancement refers to opportunities, not threats. In opportunity enhancement, the project team acts to increase the probability of occurrence or impact of an opportunity. Escalation is appropriate when the project team or the project sponsor agrees that a threat is outside the scope of the project or that the proposed response would exceed the project manager's authority.
A project depends on the reliability of one component. The project manager proposes designing redundancy into the system to reduce the impact that failure of this component would have on the success of the project. What type of risk response is the project manager demonstrating? A. Transfer B. Mitigate C. Accept D. Avoid
Solution: B. Mitigate The correct answer is mitigate. The project manager is attempting to reduce or mitigate the impact that failure of the component would have on the success of the project. Risk mitigation is an action that is taken to reduce the probability of occurrence and/ or impact of a threat. Early mitigation action is often more effective than trying to repair the damage after the threat has occurred. Where it is not possible to reduce probability, a mitigation response might reduce the impact by targeting factors that drive the severity. Risk transference is a risk response strategy whereby the project team shifts the impact of a threat to a third party, together with ownership of the response. Risk avoidance is a risk response strategy whereby the project team acts to eliminate the threat or protect the project from its impact. Risk acceptance acknowledges the existence of a risk, but no proactive action is planned. Actively accepting a risk can include developing a contingency plan that would be triggered if the event occurred; or it can include passive acceptance, which means doing nothing.
A project is in the execution phase, and product testing is almost complete. A team member proposes that the testing can be fast-tracked by removing some of the tests. The team member believes this will help to finish the job earlier and give the project more float. What should the project manager do? A. Request more information from the team member. B. Reject the team member's proposal. C. Discuss this proposal with the project team. D. Ask the quality manager to consider the proposal
Solution: B. Reject the team member's proposal Removing certain tests is a risky move, and can't be done just to fast-track the project. The Project Manager should have considered all tests while assigning time for the testing phase. If the project is progressing as per the assigned time, no review of tests is needed, and the proposal should be rejected.
What are the main outputs of the risk identification process? A. Risk report and risk register B. Risk report, risk register, and project documents updates C. Risk management plan, risk register, and risk responses D. Risk report, probability, and impact matrix
Solution: B. Risk report, risk register, and project documents updates The correct risk report, risk register, and project document updates. The process of identifying risk is intended to determine which risks may affect the project and document their characteristics. A risk report is a project document that summarizes information on individual project risks and the level of overall project risk. A risk register is a repository in which outputs of risk management processes are recorded. Project documents must be updated to include identified risks. The other options are incorrect because they contain options that occur after risks are identified. A probability and impact matrix would be conducted while analyzing risks, not while identifying them. Risk responses are not determined when identifying risks. The risk report and risk register option is partially correct, but the project document updates are an important output of the process.
A risk was identified at the beginning of an agile project and a mitigation plan was established. The risk event occurs but the impact is much higher than anticipated and the originally planned response will be ineffective. The project team developed a more effective response, but it is drastically different from the original mitigation plan and must be implemented as soon as possible. What should the project manager do? A. Implement only the initial response as outlined in the risk management plan. B. Update the risk management plan and implement the newly created response. C. Defer risk response until the next progress meeting to inform stakeholders. D. Implement a contingency response and inform the stakeholders afterward.
Solution: B. Update the risk management plan and implement the newly created response.It is in the project's best interest to act quickly to mitigate the risk effectively and update the risk management plan accordingly. In agile project management, it's important to be adaptive and flexible. When a risk event's impact is much higher than anticipated, the agile approach is to adapt and modify the risk management plan accordingly. Updating the risk management plan will ensure that stakeholders are aware of the changes and the reasoning behind them. The other answer choices are incorrect. Implementing the original response will be ineffective due to the increased impact. Deferring the risk response can lead to further complications and project delays. Implementing a contingency response without stakeholder awareness can lead to confusion and mistrust.
In the planning stage of an upgrade project, a project manager benchmarked other recent projects that use the same technology. The project manager discovered that longer-than-planned outages occurred in most cases due to frequent maintenance activities. What will be the project manager's next step? A. Benchmark projects using other technologies to establish a more objective baseline. B. Compare other similar technologies and recommend the implementation of another technology. C. Create a risk item in the risk register and incorporate the thresholds according to the benchmarks. D. Discuss the probable downtime with the sponsor and obtain approval for outages.
Solution: C. Create a risk item in the risk register and incorporate the thresholds according to the benchmarks. The project manager should create a risk item in the risk register and incorporate the thresholds according to the benchmarks. Risk register updates are the most critical; the other actions listed are less useful for risk mitigation.
Due to a budget issue, the project team decides to use low-cost equipment with higher testing uncertainty to reduce cost. However, the test results are unstable and are creating discrepancies. One of the team members is aware of the situation and proposes to use high-resolution equipment with lower test uncertainty to increase the testing quality. How should the project manager respond to this proposal? A. Reject the proposal due to budget constraints and follow the quality management plan. B. Accept the proposal because the high-resolution equipment produces precise test results with lower test uncertainty. C. Evaluate the proposal to determine if the high-resolution equipment produces precise test results with lower test uncertainty. D. Accept the proposal because the budget is not an issue when quality assurance is taken into consideration.
Solution: C. Evaluate the proposal to determine if the high-resolution equipment produces precise test results with lower test uncertainty. The correct answer is to evaluate the proposal to determine if the high-resolution equipment produces precise test results with lower test uncertainty.In order to determine the appropriate course of action, the project manager must evaluate the proposal based on factors such as risk, cost, scope, schedule, and feasibility. There is a concern about unstable results and production discrepancies. As a result, the team should look for a resolution to these problems. The manager should review the proposal before deciding to accept or reject it. We do not know if the budget is, or is not an issue in this case. Choosing a low-cost equipment option does not mean that there is a budget constraint, nor that budget is not an issue. The only real way to know whether or not a proposal is suitable, it must first be evaluated.
The risk register is a document that records details of all identified individual risks to a project. What is the minimal content of this document? A. Identified risks, risk categories and effects on objectives B. Risks owners, potential risks responses and risks triggers C. Identified risks, risks owners and potential risks responses D. Issues log, metrics & trends and distribution of risks across risk categories
Solution: C. Identified risks, risks owners and potential risks responses This question and rationale were developed in reference to: https://standardsplus.pmi.org/home#,search=%20The%20Main%20Output%20of%20Identify%20Risks%20 [Item The risk register is a document that records details of all identified individual risks to your project. Once you've completed the Identify Risks process, the following findings can be added to the risk register: Identified risks Risk owners Risk responses Depending on the size and complexity of your project, the risk register can also log other data such as risk categories, risk triggers (events that indicate a risk is about to occur) and timing information, such as when the risk is most likely to occur.]
A project manager decided to involve a third party to manage project risk given that they had more experience than the current project team. What kind of response strategy did the project manager apply to address overall project risk? A. Avoid B. Exploit C. Transfer D. Reduce
Solution: C. Transfer The correct answer is transfer. Risk transference is a risk response strategy whereby the project team shifts the impact of a threat to a third party, together with ownership of the response. The other options are incorrect because involving a third party to manage specific project risks, does not necessarily reduce, avoid, or exploit the risk, it shifts (or transfers) the impact of the risk to the third party. Risk avoidance is a risk response strategy whereby the project team acts to eliminate the threat or protect the project from its impact. Risk exploiting is a risk response strategy whereby the project team acts to ensure that an opportunity occurs.
During an important project, one of the contractors complains that the approval process is difficult to handle and may delay the project schedule. What should the project manager do first? A. Hire additional resources for the team to mitigate this risk. B. Discuss with the team to find options to mitigate the risk. C. Escalate the risk to upper management as critical for timely delivery. D. Add the risk to the risk register to be monitored and reviewed.
Solution: D. Add the risk to the risk register to be monitored and reviewed. The project manager should immediately record the risk in the risk register. After that, the project manager can discuss with the team to determine solutions to mitigate the risk. Hiring additional resources for the team could potentially increase the project cost, and escalating the risk to upper management should be done only after the project manager and team fail to find a mitigating solution.
A project manager was just given a new project to handle. She is working on the project documents and, after reading the Project Charter, is compiling the risks as she sees them. Once she completes the list, when should it be reviewed? A. When starting the project and as each risk is closed. B. While organizing, preparing, and carrying out the work. C. During weekly meetings as new risks are identified and added. D. Regularly and throughout the project.
Solution: D. Regularly and throughout the project Identify Risks is the process of identifying individual project risks as well as sources of overall project risk, and documenting their characteristics. The key benefit of this process is the documentation of the existing individual project risks and the sources of overall project risk. It also brings together information so the project team can to respond appropriately to the identified risks. This process is performed throughout the project
Which of the following is a tactic that a project manager can employ to effectively monitor the impact of the risk on the project while monitoring risks? A. Risk avoidance B. Risk escalation C. Risk acceptance D. Risk reporting
Solution: D. Risk reporting The correct answer is risk reporting. While monitoring risks, the risk manager collects project performance data, produces performance measures, and reports and disseminates performance information. A risk report is a project document that is developed progressively throughout the risk management processes and summarizes information on individual project risks and the level of overall project risk. The other options are incorrect because they are risk responses, not tactics for monitoring risks. Risk responses are the agreed-upon response actions that are appropriate for the priority of the individual risks and the overall risk.
While performing a qualitative project risk analysis process the project manager finds that the product is missing the "Definition of Done". What type of risk is this? A. Commercial risk B. External Risk C. Management Risk D. Technical Risk
Solution: D. Technical Risk The correct answer is a technical risk. Definition of Done (DoD) is a checklist of all the criteria required to be met so that a deliverable can be considered ready for customer use. A missing DoD is an example of technical risk. A technical risk would be centered around scope, requirements, technical processes, etc. An external risk would be centered around factors outside of the organization; competition, legislation, regulation, environmental factors, etc. A management risk would be centered around managerial duties and processes; operations, resourcing, organization, communication, etc. A commercial risk would be centered around transactional factors; procurement, contracts, subcontractors, partnerships, etc
Identify Risks Process
The Identify Risks process is a fundamental first step in managing project risk. It pinpoints individual risks to a project and sources of overall project risk while also gathering key risk characteristics.
