11.0 Project Risk Management (Multiple Choice)
Who is responsible for ensuring that agreed-upon responses will be executed for risk events that occur? A. Risk owner B. Risk manager C. Project Manager D. All of the above
Answer: A Executing - Risk Management Risk owners will take responsibility for planning an appropriate risk response and ensuring that it is implemented.
You are the project manager for a small project and are interested in finding out what the project's current risk exposure is and what, if any, risk responses are in place. What document should you examine? A. Risk Report B. Risk management plan C. Risk register D. Any of these
Answer: A Executing - Risk Management The risk report is a comprehensive document that lists the overall project risk exposure, while the risk register is concerned with individual risk. The risk management plan lays out the methodology of risk management for the project, but does not directly document what the current exposure level would be.
When should a risk assessment be performed? A. on all projects, at all times B. only on projects with high visibility C. only on projects with tight budgets D. prior to initiating a project
Answer: A Monitoring - Risk Management All projects should include risk assessment throughout.
You are the project manager for a small industrial engineering company, You are currently assigned to manage a project to support a strategic initiative within your company. Your team is developing the Risk Management Plan. Which tool and technique of this process is used to develop a framework for handling risk cost elements and schedule activities that will be included in the project budget and schedule? A. Meetings B. Strategies for both threats and opportunities C. Information gathering techniques D. Risk data quality assessment
Answer: A Planning - Risk Management Meetings, data analysis and expert judgment are the tools for Plan Risk Management (which is where the general framework for risk management is established). Answers B, C and D all pertain to other risk management processes.
Your project involves installing a new human resources system. You've identified the risks associated with this project and are ready for the next step. What is the next step? A. You will evaluate the risks and assign probabilities and impacts using Qualitative Risk Analysis B. You will use the Delphi technique to confirm the risks you've detailed and identify others you may have missed C. You must evaluate the risks and assign probabilities and impacts using Quantitative Risk Analysis D. You will define the steps to take to respond to the risks and detail them in the risk response plan
Answer: A Planning - Risk Management Once you have identified the risk, the next step is to Perform Qualitative Risk Analysis. The Delphi technique is a tool and technique of the Risk Identification process, so answer B is not correct. Quantitative Risk Analysis comes after Qualitative Risk Analysis, so answer C is wrong. Determining the risk response strategies is the last step in the process, so choice D is wrong.
Which of the following is an accurate statement? A. Qualitative risk analysis occurs prior to quantitative risk analysis B. Quantitative risk analysis occurs prior to qualitative risk analysis C. Qualitative risk analysis is performed on risks that have been prioritized during quantitative risk analysis D. Both B and C
Answer: A Planning - Risk Management Qualitative risk analysis occurs prior to quantitative risk analysis and is a method for prioritizing identified risks for quantitative risk analysis. Note that quantitative analysis will not be necessary for all risks, however, qualitative analysis will be.
You are the project manager for a major construction project. You just completed some calculations that have helped you determine contingency reserves to account for potential risks on your project. Which of the following processes would be most helpful in establishing contingency reserves? A. Perform Quantitative Risk Analysis B. Identify Risk C. Perform Qualitative Risk Analysis D. Plan Risk Response
Answer: A Planning - Risk Management Quantitative risk analysis involves numerically analyzing the effect of project risks on overall project objectives, and would therefore be useful in establishing the amount of contingency reserves.
A thorough review of the following will help identify potential risks to the project. A. Risk identification checklists based on historical information and knowledge B. The project's change control system C. The project charter D. The project budget
Answer: A Planning - Risk Management Risk identification checklists can be developed from historical information and knowledge that has been accumulated from previous similar projects, and from other sources of information. These help identify potential risks to the project.
You are the project manager for a large apparel company. The project team is involved in developing risk responses to the identified risks. This could potentially create all of the following except? A. Increase in stakeholder risk tolerance B. Secondary risks C. Updates to the risk register D. Updates to the schedule or budget
Answer: A Planning - Risk Management Secondary risks are new risks which arose by virtue of the actions taken to address the original risk. Risk responses would be included in the risk register, so you would have updates to that document. Also, the response plans will often require changes to the budget or schedule, depending on what is being done
You are using the interviewing technique of the Quantitative Risk Analysis process. Which of the following statements is true? A. Subject matter experts will be interviewed, even if they are not part of the project team, and the information derived will be used in your estimated monetary value analysis. B. The information gathered depends on the type of probability distribution used C. Only project team members will be interviewed. D. Quantitative risk analysis results in a high, medium or low ranking for a given risk.
Answer: A Planning - Risk Management Subject matter experts should be interviewed to derive the relevant information, and they need not be part of the project team.
You are the project manager for a large diesel motor company. You have been awarded a new contract that you are the project manager for. A new risk is identified on your project. Which documents need to be updated? A. Risk register B. Work breakdown structure (WBS) C. Risk management plan D. A and C
Answer: A Planning - Risk Management When a new risk is identified, the risk register must be updated. The risk management plan is the framework for performing risk processes and does not contain a list of identified risks (though it would contain known risk categories, set forth in the risk breakdown structure). Risks are not documented in the Risk management plan.
You are the project manager for a franchise of bowling alleys. Your project involves installing a new cash processing system that allows for ease of collecting all forms of payment. You have identified several problems along with potential causes of those problems using an Ishikawa diagram. Which process are you performing? A. Identify Risk B. Perform Qualitative Analysis C. Control Quality D. Plan Risk Response
Answer: A Planning - Risk Management You are working on the Identify Risks process (specifically, using the Diagramming tool and technique- Ishikawa diagram). Identify Risks is the process of determining which risks might affect the project
Which of the following is not an input to Implement Risk Responses? A. Risk Register B. Enterprise Environmental Factors C. Risk Management Plan D. Lessons Learned Register
Answer: B Executing - Risk Management Enterprise Environmental are notably absent from this process because they had been taken into account previously. This process involves the execution of a plan rather than the development of one, which would necessitate considering those internal and external factors that are outside of the control of the project management team.
You have identified disaster situations (e.g. floods, earthquakes etc.) as potential risks to your project. When discussing with your project sponsor, she mentioned that at the project level, no steps can be taken to deal with such risk and suggested creating a contingency reserve (5% of the project budget) to be used in case of disaster situations. This is an example of: A. Risk Mitigation B. Risk Acceptance C. Risk Avoidance D. Bad policy decision
Answer: B Planning - Risk Management Acceptance is a strategy that often must be adopted because it is seldom possible to eliminate all risk from a project. This strategy indicates that the project team has decided not to change the project management plan to deal with a risk, or is unable to identify any other suitable response strategy. This commonly involves "active acceptance," which utilizes a contingency reserve, including amounts of time, money, or resources set aside to help cover a risk event's impact.
You are managing a project which has a tight schedule and even tighter budget. You have recently learned of a truckers' strike which could delay the delivery of essential materials, which would throw you well off schedule. As the project manager, what can you do to avoid the potential harm caused by the delay in procuring materials? A. Get the approval from relevant Stakeholders to use the contingency reserves B. Purchase the needed materials from a local vendor so the trucking strike will not affect you C. Put the project on hold until the truckers come back to work D. Perform research to determine how best to mitigate this risk
Answer: B Planning - Risk Management By procuring the materials elsewhere you eliminate the risk that the strike will delay the delivery of the needed materials.
During risk response planning, you are in the process of developing options and determining actions to reduce threats to your project's objectives. When you show the results of your risk response planning to your project sponsor, she is not comfortable with the risks in the project and suggests that the project scope should be decreased. This is an example of: A. Inappropriate risk management because it is having a direct impact on your project scope B. Risk Avoidance C. Risk Mitigation D. Risk Transfer
Answer: B Planning - Risk Management Risk avoidance involves changing some aspect of the project management plan to eliminate the threat posed by a risk, and reducing the scope of the project would be a good example of such an avoidance.
You are conducting interviews with key project stakeholders to assess the probability and consequences of identified risks to the project objectives, assign a risk score to each risk, and create a list of prioritized risks. Which process are you performing? A. Quantitative Risk Analysis B. Qualitative Risk Analysis C. Identification of Risks D. Plan Risk Management
Answer: B Planning - Risk Management The purpose of Perform Qualitative Risk Analysis is to determine what impact the identified risk events will have on the project and the probability of occurrence. It also puts risks in priority order according to their effects on the project objectives and assigns a risk score for the project. Finally, this process examines the timing of the risk events so those which are upcoming in the near future can be addressed first.
Which of the following is not a key benefit of the Implement Risk Responses process? A. Ensures agreed-upon risk responses are executed as planned B. Addresses overall project risk exposure C. Eliminates project threats D. Maximizes project opportunities
Answer: C Executing - Risk Management While the Implement Risk Responses process seeks to minimize individual project threats, the elimination of threats may prove to be either impractical or impossible.
You are a senior project manager and you are discussing project risk with a new PM. She is having trouble differentiating what is part of the Risk management plan and what is documented in the risk register. Which of the following is not a component of the risk management plan? A. Roles and responsibilities B. Methodologies used to handle risk C. Risk responses D. Risk categories
Answer: C Planning - Risk Management Answer choices A, B, and D are all valid components of the risk management plan, which defines the framework and methodology for conducting the various risk processes. Choice C is the correct answer. Risk responses are documented in the risk register.
You have just finished the risk response plans for your project, which require additional action by several team members. Which of the following should you do next? A. Determine the risk rating for each risk B. Calculate EMV C. Add work packages to the work breakdown structure D. Hold a project risk review
Answer: C Planning - Risk Management Now that you have added activities as part of your risk response plans, you must include the additional items in your WBS (as well as your schedule).
You have identified a risk that you may run out of plywood on your construction project. Which of the following statements is not true regarding identifying project risks? A. Identify risks is an iterative process B. Checklist analysis, expert judgment and SWOT analysis are tools and techniques used in the Identify Risks process C. Project risks will always adversely affect the project D. Once a new risk is identified it should be analyzed to determine whether a response plan is needed
Answer: C Planning - Risk Management Project risks may or may not adversely affect the project. Positive risks, also referred to as opportunities, are typically associated with the organization's strengths and could benefit the project if they materialize.
Upon review of your project risk register, you determine that you need to assign numeric probabilities to the risks on your project. Your analysis involves interviews and conducting expected monetary value analysis through the use of a decision tree. The outcome of your analysis is a prioritized list of quantified risks. Which of the following processes did you perform? A. Perform Qualitative Risk Analysis B. Identify Risk C. Perform Quantitative Risk Analysis D. Plan Risk Response
Answer: C Planning - Risk Management Quantitative Risk Analysis analyzes the probability of risks and their consequences using numeric probability assignments
You are a project manager in the process of identifying project risks. The data-gathering techniques you might utilize include all of the following except which one? A. Root Cause Analysis B. Brainstorming C. Assumption and Constraint Analysis D. The Delphi Technique
Answer: C Planning - Risk Management The data-gathering techniques in the Identify Risks process are brainstorming, checklists and interviews. Assumption and Constraint analysis (where you confirm the validity of assumptions made) is a tool and technique of Identify Risk, but is not a data-gathering technique.
Which of the following is the best way to proactively manage threats and opportunities at both the project and individual risk level? A. Ensure all stakeholders participate in Risk activities B. Perform a thorough risk identification C. Conduct indepth Risk Audits D. Ensure appropriate effort is undertaken to implement responses
Answer: D Executing - Risk Management Ensuring that the required level of effort to implement the agreed-upon risk response is the correct answer. While risk identification is necessary, and extensive stakeholder participation is desirable, neither actually manage the risk. Risk audits are performed after a risk event has occurred or failed to occur, thereby also not being proactive.
Which of the following documents is least likely to be updated as a result of the Implement Risk Responses process? A. Lessons learned register B. Risk register C. Risk report D. Stakeholder register
Answer: D Executing - Risk Management While it is possible that the stakeholder register may be updated as a result of this process, the other three project documents would certainly be updated upon the implementation of any risk response.
Your project team has identified several potential risks on your current project. You document these risks in the risk register and meet with your team two days later to examine the impact of the risks and potential risk responses. After 2 months of project implementation, you get together with your project team, and a couple of team members have identified more potential risks. You realize that the identification of risks associated with a project should occur when? A. It occurs only at the beginning of a project when the risk management plan is developed B. It's an ongoing process, regularly scheduled throughout the life of a project C. It occurs as needed throughout the life of a project D. Both B and C
Answer: D Monitoring - Risk Management The identification of risks is an iterative process, because new risks may occur or become known as the project progresses through its life cycle.
You are the project manager and have decided during one of your planning meetings that it would be helpful to develop risk categories as a way to systematically identify risks. You have determined that the best way to document the categories of risk is to develop a risk breakdown structure. In which process do you create the Risk Breakdown Structure? A. Identify Risk B. Plan Risk Response C. Perform Qualitative Analysis D. Plan Risk Management
Answer: D Planning - Risk Management A) Choice A is incorrect. Identify Risk involves determining which risks might affect the project and documenting their characteristics. The RBS is not created at this stage. B) Choice B is incorrect as Plan Risk Response develops procedures and techniques to enhance opportunities and reduce threats to project objectives. C) Choice C is incorrect. Performing qualitative analysis of risks allows the project team to prioritize the effects of risks on project objectives by assessing their probability of occurrence and impact. D) The RBS is part of the Risk Management Plan. The RBS helps you to see how risks fit into categories so you can organize your risk analysis and response planning.
While you are quantifying risk for your project, several of your experts are offsite, but wish to be included. How can this be done? A. Use Monte Carlo analysis B. Apply the critical path method C. Determine options for recommended corrective action D. Apply the Delphi technique
Answer: D Planning - Risk Management A) Choice A is incorrect. Monte Carlo analysis is a simulation technique used through software. This will not allow off site meeting. B) Choice B is incorrect. Critical path method is used to find minimum time required to complete the project. C) Choice C is incorrect. Determining options is alternative analysis to find corrective actions for deviation in project. D) Since the Delphi technique means you are having private one-on-one meetings with the various experts, this is the correct answer. The Delphi technique is most commonly used to obtain expert opinions on technical issues, the necessary project or product scope, or the risks.
You are the project manager in a health care company. Your organization is risk adverse. Your project team has completed identifying risks, ranking them, and planning responses to critical risks and secondary risks. What is the next step to be performed by the project manager? A. Completing the risk management plan B. Create responses to residual risks C. Create Risk Breakdown Structure D. Determining contingency reserves
Answer: D Planning - Risk Management Choice A is incorrect, because the risk management plan has already been created at this point. Choice B is incorrect, because you do not generally create responses for residual risks. Choice C is incorrect, because the risk breakdown structure is defined previously in the risk management plan. The correct answer is D, you would next determine contingency reserves.
You are the project manager for a technology company. You are currently managing a project to upgrade a software application. This application will automate the end of month financial calculations and could save your company a lot of money. You have identified a huge list of risks and are attempting to determine which risks are most important. All of the following are true regarding the probability and impact matrix except for which of the following? A. It helps prioritize risks according to their potential for meeting the project's objectives B. It is defined in the risk management plan, which is an output of the Plan Risk Management process C. It is used as a tool and technique in the Perform Qualitative Risk Analysis process D. It is used as an input to the Monitor Risks process
Answer: D Planning - Risk Management Probability and impact matrix is not used as an input to the Monitor Risks process.
Your team has done a great job on regularly updating the Risk Register. As is your normal practice, you have noticed several very low impact and probability risks on your project during your weekly review. Which term best describes these risks? A. Reserves B. Residual risks C. Threats D. Watchlist items
Answer: D Planning - Risk Management Risks that have a very low impact and very low probability of occurring are put on a watchlist. Basically you just keep an eye on them.
All of the following statements are true regarding the Risk Breakdown Structure (RBS) except for which one? A. The RBS is contained in the risk management plan. B. It describes risk categories, which are a systematic way to identify risks and provide a foundation for understanding for everyone involved in the project. C. The lowest level of the RBS can be used as a checklist, which is a tool and technique of the Identify Risk process. D. The RBS is similar to the WBS in that the lowest level of both are assigned to a responsible party or owner as soon as it is identified.
Answer: D Planning - Risk Management The RBS describes risk categories and the lowest level can be used as a checklist to help identify risks. Risk owners are not assigned from the RBS; they're assigned during the Plan Risk Response process.
While preparing the Risk Management Plan for your project, you find that you are still unsure how to determine if certain risk responses are a proper fit in given situations. When is it appropriate to accept a project risk? A. When the qualitative rating is moderate or lower B. Never -- all risks must be mitigated or transferred. C. When the project team has never completed this type of project work before D. When the expense and hassle of responding to the potential risk event outweigh the effects it would cause if it occurred
Answer: D Planning - Risk Management Those risks which carry an impact that is lower than the impact created by responding to the risk itself should generally be accepted.