40 Questions - Risk Management
1. As the project manager, you have the option of proposing one of three systems to a client: a full-feature system that not only satisfies the minimum requirements but also offers numerous special functions (the "Mercedes"); a system that meets the client's minimum requirements (the "Smart Car"); and a system that satisfies the minimum requirements plus has a few extra features (the "Toyota"). The on-time records and associated profits and losses are depicted on the below decision tree. What is the expected monetary value of the "Toyota" system? a. $9,900 b. $44,000 c. $45,000 d. $48,000
1. b. $44,000 Expected monetary value analysis (EVM) is a statistical concept that calculates the average outcome when the future scenarios may not happen, considered analysis under uncertainty. The EVM opportunities are generally evaluated as positive values, as in this example, while threats are expressed as negative values. They are used in decision tree analysis, which is a tool and technique in quantitative risk analysis. The purpose is to support selecting the best of several alternative courses of action. The decision tree shows branches that represent different decisions or events. Each one has costs and related individual project risks. The end points of the branches show the outcome from following a path, which is either positive or negative. [Planning] PMI®, PMBOK® Guide, 2017, 435
10. Assume you are using probability and impact analysis. In the below example, if the odds of completing activities 1, 2, and 3 on time are 50 percent, 50 percent, and 50 percent, what are the chances of starting activity 4 on day 6? a. 10 percent b. 13 percent c. 40 percent d. 50 percent
10. b. 13 percent Such an approach helps to prioritize risks for further quantitative analysis and to plan risk responses based on their risk rating. The rating is based on the assessed probability and impact for each individual risk and the impact on one or more project objectives. It uses the definitions of probability and impact from the risk management plan. The probability and impact matrix is a data analysis tool and technique in the Perform Qualitative Risk Analysis process. [Planning] PMI®, PMBOK® Guide, 2017, 425
11. A project health check identified a risk that your project would not be completed on time. You and your team are working to prevent this from occurring as you work to Implement Risk Responses. You and your team know risk management is continuous on projects, and new risks will occur. When they do occur analysis is needed, and a response strategy is determined. Your goal is to see if the strategy is executed. As you do so, you should use— a. Negotiations b. Influencing skills c. Schedule network diagram and duration estimates d. Probability/impact risk rating matrix
11. b. Influencing skills In the Implement Risk Responses process, interpersonal skills are a tool and technique. Within it, influencing is suggested. Some risk response actions may be owned by a stakeholder who is not part of the project team. These stakeholders tend to have competing demands for their time, and the same applies to project team member working on more than one project and working in a matrix structure. The project manager or the person responsible for the project's risk management activities then uses influencing to encourage risk owners to take action. [Executing] PMI®, PMBOK® Guide, 2017, 451
12. You are developing radio frequency (RF) technology that will improve overnight package delivery to one hour. You realize that the duration, cost, and resource requirements for a number of activities are uncertain. You want a model to represent individual project risk and other sources of uncertainty. This shows that for your next step you plan to— a. Use a probability distribution b. Conduct a sensitivity analysis c. Structure a decision analysis as a decision tree d. Determine the strategy for risk response
12. a. Use a probability distribution Representations of uncertainty is a tool and technique in quantitative risk analysis. With the types of uncertainties described in the question, the range of possible values is represented in a model as a probability distribution. The most common forms are triangular, normal, lognormal, beta, uniform, or discrete. Individual risks may be covered by the distribution. The best one to use should reflect the range of possible results for the activity. [Planning] PMI®, PMBOK® Guide, 2017, 432
13. You are determining the most effective risk response to a risk one of your team members identified. After analyzing it and including a risk management expert in the analysis process, it is evident it is a risk where the threat is such that it is outside of your authority as the project manager to determine a response. In this situation, you need to— a. Focus on changing the project management plan to eliminate the threat b. Escalate it to the next highest level c. Solicit the advice by the head of the Enterprise Project Management Office d. Change the project objective that is in jeopardy
13. b. Escalate it to the next highest level Escalate is a risk response strategy for both threats and opportunities. In this question, it is a threat as it is outside of the scope of this project or as in the question outside the scope of the project manager's authority. An escalated risk is managed at the program level, the portfolio level, or in another part of the organization; not at a project level. The project manager determines whom to notify and provide details of the work done thus far. Usually, threats are escalated to the level that is involved with the affected project objective for resolution if the threat would occur. These threats may be listed in the project's risk register, but the team is no longer involved with this risk. [Planning] PMI®, PMBOK® Guide, 2017, 442
14. If the probability of event 1 is 80 percent and of event 2 is 70 percent and they are independent events, how likely is it that both events will occur? a. 6 percent b. 15 percent c. 24 percent d. 56 percent
14. d. 56 percent The likelihood is determined by multiplying the probability of event 1 by the probability of event 2. While probability investigates the likelihood that a specific risk will occur, impact investigates the possible effect on the project's objective such as schedule, quality, or performance. A probability and impact grid is a data representation tool and technique in Perform Qualitative Risk Analysis. The grid maps the probabilities of each risk occurrence and its impact on project objectives should the risk occur. The matrix can be set up to show individual risks by priority groups. The risks then can be prioritized further for additional analysis and to determine a specific response. Risk probabilities and impact are rated according to definitions in the risk management plan. [Planning] PMI®, PMBOK® Guide, 2017, 425-426
15. The project scope statement should be used in the Identify Risk process because it— a. Identifies project assumptions b. Identifies all the work that must be done and, therefore, includes all the risks on the project c. Helps to organize all the work that must be done on the project d. Contains information on risks from prior projects
15. a. Identifies project assumptions Project assumptions, which should be enumerated in the project scope statement, are areas of uncertainty, and as such are potential causes of project risk. Uncertainty of assumptions is evaluated as potential causes of project risk and include project assumptions and constraints. The scope statement, the WBS, and the WBS Dictionary are part of the scope baseline, part of the project management plan, an input to Identify Risks. [Planning] PMI®, PMBOK® Guide, 2017, 413
16. Your project team has identified all the risks on the project and has categorized them as high, medium, and low. As you work to Monitor Risks, you want to consider all three categories as a low risk can change quickly to a medium or high risk given changes that the project may encounter. Therefore, you plan to— a. Consider the threat level b. Hold meetings c. Set up a watch list d. Review work performance information
16. b. Hold meetings Meetings are a tool and technique in Control Risks. They may be formal or informal but should be used to document risk response effectiveness considering both overall project risk and identified individual project risks. New risks may be identified, including secondary risks in the meeting. Lessons learned for this project and other projects in the organization may be identified. [Monitoring and Controlling] PMI®, PMBOK® Guide, 2017, 457
17. A contingency reserve is used for— a. Risks for which the accept response is selected b. Risks that are not identified at the outset of the project but are known before they occur c. Risks that use a contingent response strategy d. Risk for which the avoid strategy is used
17. a. Risks for which the accept response is selected Risk response strategies should be selected for both individual project risks plus the overall project risk. The accept strategy is used when no proactive risk strategy is available for overall project risk, and the organization decides to continue the project even if the overall risk is outside of the agreed-upon threshold. Acceptance can be active or passive. If an active acceptance strategy is selected, an overall contingency reserve for the project including time, money, or resources is set aside should it be necessary to use it if the risk exceeds its thresholds. [Planning] PMI®, PMBOK® Guide, 2017, 446
18. The simplest form of quantitative risk analysis and modeling techniques is— a. Probability analysis b. Sensitivity analysis c. Delphi technique d. Utility theory
18. b. Sensitivity analysis Sensitivity analysis, as a quantitative risk analysis data analysis tool and technique, helps to determine which risks or other sources of uncertainty have the most potential impact on the project's outcomes. It examines the extent to which the variations in the project's objectives correlate with variations in the quantitative risk analysis model. A tornado diagram often is used to show the calculated correlation coefficient for each element in the model that can affect the project outcomes. [Planning] PMI®, PMBOK® Guide, 2017, 434
19. If a business venture has a 60-percent chance to earn $2 million and a 20-percent chance to lose $1.5 million, what is the expected monetary value of the venture? a. -$50,000 b. $300,000 c. $500,000 d. $900,000
19. d. $900,000 EMV = ($2M × 60%) + (-$1.5M × 20%) = ($1.2M) + (-$300,000) = $900,000 As another example of a quantitative risk analysis and modeling technique, EMV is a statistical concept in decision tree analysis that calculates the average outcome when the future includes scenarios that may or may not happen. This is an example of an opportunity with a positive value. Its use requires a risk-neutral assumption, and it is calculated by multiplying the value of each possible outcome by the probability of occurrence and adding the products together. [Planning] PMI®, PMBOK® Guide, 2017, 435
2. A risk response strategy that can be used for both threats and opportunities is— a. Share b. Avoid c. Accept d. Transfer
2. c. Accept Risk exists on every project, and it is unrealistic to think it can be eliminated completely. There are certain risks that simply must be accepted because we cannot control whether or not they will occur (for example, an earthquake). Acceptance is a strategy for dealing with risk that can be used for both threats and opportunities. Using it, the project team decides to acknowledge the risk and not take any action. It is appropriate for low-priority threats or opportunities or if it is not possible or cost effective to address a threat opportunity in another way. [Planning] PMI®, PMBOK® Guide, 2017, 443-444
20. You are managing the construction of a highly sophisticated data center in Southeast Asia. Although this location offers significant economic advantages, the threat of typhoons has caused you to create a backup plan to operate in Manila in case the center is flooded. This plan is an example of what type of risk response? a. Contingent response b. Mitigation c. Accept d. Transfer
20. a. Contingent response The contingent response strategy is designed for use if certain events occur, as in this question - a typhoon. This response plan is only executed under pre-defined conditions when there is time to use it, such as a warning that a typhoon is coming. Other examples to consider are if a key milestone was missed or if using it results in a higher priority with a seller. Risk responses using this technique may be called contingency plans or fallback plans. [Planning] PMI®, PMBOK® Guide, 2017, 445
21. A recent earned value analysis shows that your project is 20 percent complete, the CPI is 0.67, and the SPI is 0.87. In this situation, you should— a. Perform additional resource planning, add resources, and use overtime as needed to accomplish the same amount of budgeted work b. Rebaseline the schedule, then use Monte Carlo analysis c. Conduct a risk response audit to help control risk d. Forecast potential deviation of the project at completion from cost and schedule targets
21. d. Forecast potential deviation of the project at completion from cost and schedule targets Earned value is used for monitoring overall project performance against a baseline plan. Outcomes from the analysis may forecast potential deviation of the project at completion from its cost and schedule targets. Deviations from the baseline plan also may indicate the potential impact of threats or opportunities. It is a part of earned value data, an input to Monitor Risks in work performance reports. [Monitoring and Controlling] PMI®, PMBOK® Guide, 2017, 456
22. The purpose of a numeric scale in risk management is to— a. Avoid high-impact risks b. Assign a relative value to the impact on project objectives if the risk in question occurs c. Rank order risks in terms of very low, low, moderate, high, and very high d. Test project assumptions
22. b. Assign a relative value to the impact on project objectives if the risk in question occurs You can develop relative or numeric, well-defined scales using agreed-upon definitions by the stakeholders. When using a numeric scale, each level of impact has a specific number assigned to it. Each risk then is rated on its probability and impact on an objective if it does occur. Evaluation of each risk's importance and priority is typically done by using a look-up table or a probability and impact matrix. This matrix specifies conditions of probability and impact that lead to ratings of risk such as low, moderate, or high priority. Descriptive terms or numeric value can be used. [Planning] PMI®, PMBOK® Guide, 2017, 407-408
23. Risk score measures the— a. Variability of the estimate b. Product of the probability and impact of the risk c. Range of schedule and cost outcomes d. Reduced monetary value of the risk event
23. b. Product of the probability and impact of the risk Using a probability and impact matrix, the project manager and the team can rate a risk separately for an objective, and they can develop ways to determine the overall rating for each risk. Threats and opportunities can be shown in the same matrix. The risk score provides a convenient way to compare risks because comparing impacts or probabilities alone is meaningless. It helps guide risk responses. [Planning] PMI®, PMBOK® Guide, 2017, 407-408, 423 PMI® PMP Examination Content Outline, 2015, Planning, 6, Task 10
24. In Monitor Risks the project manager, the team, and key stakeholders need to be aware of the level of risk exposure; new, changing, or outdated risks; and changes in the level of overall project risk. Information from project execution then is used to determine whether to— a. Conduct a risk audit b. Engage in additional risk response planning c. Modify contingency reserves d. Conduct a risk review
24. c. Modify contingency reserves The purpose of the Monitor Risks process is to implement the agreed-upon risk responses, track risks, identify and analyze existing risks, and evaluate the effectiveness of project risk management. Although this process uses tools and techniques, this answer, among others, is an example as to how the Monitor Project Risks process uses performance information from execution. It may be necessary to determine whether the contingency reserves for cost or schedule need modification. [Monitoring and Controlling] PMI®, PMBOK® Guide, 2017, 453-454
25. The primary advantage of using decision tree analysis in project risk management is that it— a. Considers the attitude of the decision maker toward risk b. Forces consideration of the probability of each outcome c. Helps to identify and postulate risk scenarios for the project d. Supports the selection of the best approach of several alternatives
25. d. Supports the selection of the best approach of several alternatives Decision tree analysis is a tool and technique in Perform Quantitative As a graphical way to bring together information, decision tree analysis quantifies the likelihood of failure or opportunities and places a value on each decision. In the decision tree, alternative branches are shown. They represent different decisions or events, each one having different costs and individual risks. The end point in the analysis represents the preferred outcome. It is evaluated through expected monetary value analysis. [Planning] PMI®, PMBOK® Guide, 2017, 435
26. Your project is using complex, unproven technology. Your team conducted a brainstorming session to identify risks. Poor allocation of project resources was the number one risk. This risk was placed on the risk register, which included at this point a— a. Watch list b. Potential risk response c. Known unknown d. List of other risks requiring additional analysis
26. b. Potential risk response The risk register is prepared in the Identify Risks process as an output. It is a document in which the results of risk analysis and risk response planning are recorded, and as they are conducted it contains the outcomes of the other risk management processes. The identified risks are described in as much detail as is reasonable. They may use structured risk statements to distinguish risks from their causes and effects. Each risk in the register has an identification number and is described in as much detail as possible. Risk owners may be included. Potential risk responses also may be identified during the Identify Risks process, and if this is the case they will be confirmed in the Plan Risk Responses process. [Planning] PMI®, PMBOK® Guide, 2017, 417
27. When managing current projects, it is important to use lessons learned from previous projects to improve the organization's project management process. Therefore, in the Identify Risks process one can review the— a. Process flow charts b. Checklists c. WBS d. Root-cause analysis
27. b. Checklists Checklists are a tool and a technique in the Identify Risks process. Often, they are used as a reminder and include risks encountered on similar, previous projects based on historical information and knowledge. They are effective in capturing lessons learned by listing specific risks that may have occurred on other projects and may be relevant for this project. Generic risk checklists also are available. However, while it is easy to prepare a checklist and simple to use, it is impossible to make sure it covers all items relative to the project, and some items on it may not apply to the project. It should be reviewed occasionally during the project to update it with new information and to remove any obsolete data from it. [Planning] PMI®, PMBOK® Guide, 2017, 414
28. Risk mitigation involves— a. Using performance and payment bonds b. Eliminating a specific threat by eliminating the cause c. Avoiding the schedule risk inherent in the project d. Reducing the probability and/or impact of an adverse risk event to an acceptable threshold
28. d. Reducing the probability and/or impact of an adverse risk event to an acceptable threshold It is often more effective to take early action to reduce probability and/or impact of a risk occurring on a project rather than attempting to repair the damage after the risk has occurred. Examples of mitigation or enhancement strategies include adopting less complex processes, conducting more tests, or choosing a more stable supplier. Other examples are replacing the project, changing its scope, modifying its priority, and adjusting delivery times. It is a risk response strategy for overall project risks. [Planning] PMI®, PMBOK® Guide, 2017, 446
29. Risk management is not a one-time process and transcends project management. Risks are first discussed as part of the— a. Project plan b. Project charter c. Business case d. Enterprise environmental factors
29. c. Business case Each project should have a business case that is used to determine whether the project should be initiated. It lists the objectives and reasons the project should be done and helps measure success at the end of the project against these objectives. One section of the business case is an analysis of the situation. This section identifies any known risks at the time the business case is prepared. Decision makers, since resources are scarce and not all proposed projects can be pursued, can review these risks a part of the decision-making process. [Planning] PMI®, PMBOK® Guide, 2017, 30-31
3. The risk urgency is a tool and technique used for— a. Plan Risk Responses b. Identify Risks c. Perform Qualitative Risk Analysis d. Perform Quantitative Risk Analysis
3. c. Perform Qualitative Risk Analysis Risks that may happen in the near-term need urgent attention. Risk urgency is part of many considerations in assessments of other risk parameters, a data analysis tool and technique in Perform Qualitative Risk Analysis. In assessing other parameters, the project team considers other characteristics of risk, such as urgency, in addition to probability or impact as the team prioritizes individual project risks for additional analysis or action. The purpose of the risk urgency assessment is to identify those risks that have a high likelihood of happening sooner rather than later. It assesses the time when a response to the risk is implemented to be effective. High urgency is shown by a short period of time. [Planning] PMI®, PMBOK® Guide, 2017, 423-424
30. Two key inputs to the Perform Quantitative Risk Analysis process are the— a. WBS and milestone list b. Scope management plan and process improvement plan c. Schedule baseline and cost baseline d. Procurement management plan and quality baseline
30. c. Schedule baseline and cost baseline The cost and schedule baselines of a project are two areas significantly affected by risk occurrences. Information on these two areas, because of their quantitative nature, provides excellent input to the Perform Quantitative Risk Analysis process to help determine overall impact and to provide guidelines on establishing and managing risks. Both baselines are the starting point where the effect of individual risks can be evaluated. [Planning] PMI®, PMBOK® Guide, 2017, 430
31. Often in preparing the risk management plan meetings are held. The key purpose of these meetings is to— a. Involve those involved in executing the plan b. Enable anyone in the organization to participate c. Define how best to conduct risk management activities d. Ensure the key stakeholders are invited and participate
31. c. Define how best to conduct risk management activities Meetings are a tool and technique in the Plan Risk Management process. Typical attendees are the project manager, selected team members, key stakeholders, anyone in the organization with authority to manage the risk management planning and execution activities [such as a member of a PMO with expertise in this area or a member of the core team with this expertise], and others as needed. Customers, sellers, and regulators external to the organization may be invited. In these meetings, the risk management plan may be developed, and plans for conducting risk management activities are defined, which later are part of the risk management plan. The risk management plan may be prepared in a kick-off meeting or in a separate meeting. [Planning] PMI®, PMBOK® Guide, 2017, 404
32. As you work to Identify Risk, an item to review is— a. Activity estimates b. Duration estimates c. Communications management plan d. Procurement management plan
32. b. Duration estimates While a number of plans and project documents should be reviewed in the Identify Risk process, of the possible answers, only duration estimates are listed. They should be reviewed since they are quantitative assessments of project durations. While they often are expressed as a range, they can indicate the degree of risk associated with these estimates. A structured review of the duration estimates may indicate the current estimates could be flawed and may pose a risk to the project. [Planning] PMI®, PMBOK® Guide, 2017, 412
33. A risk audit is a useful tool and technique in Monitor Risks because it— a. Focuses on implementing agreed-upon risk responses b. Considers the effectiveness of the risk management process c. Enables risk reassessments to be performed d. Serves as a risk review
33. b. Considers the effectiveness of the risk management process The purpose of the risk audit is the answer to this question. The project manager has the responsibility to see that they are performed frequently or as described in the risk management plan. They may be done during a project team meeting, as part of a risk review meeting, or as a separate risk audit meeting. Before a risk audit is conducted, the project manager should determine its format and clarify its objectives. [Monitoring and Controlling] PMI®, PMBOK® Guide, 2017, 456
34. Accurate and unbiased data are essential for Perform Qualitative Risk Analysis. The best approach to follow is to use— a. Data quality assessment b. Project assumptions testing c. Sensitivity analysis d. Influence diagrams
34. a. Data quality assessment Perform Qualitative Risk Analysis requires accurate and unbiased data. The use of low-quality data may result in a qualitative risk analysis that is of little use to the project manager regarding understanding of the risk, data available about the risk, data quality, and data reliability and integrity. Often, the collection of risk information is difficult and consumes more time and resources than planned. It may be done through a questionnaire that measures stakeholder perceptions of various characteristics, such as completeness, objectivity, relevancy, and timeliness. Then, a weighted average of data quality characteristics can be prepared for an overall score. A risk data quality assessment is one of the data analysis tools and techniques in this process. [Planning] PMI®, PMBOK® Guide, 2017, 423
35. Assigning more talented resources to the project to reduce time to completion or to provide better quality than originally planned are examples of which one of the following strategies? a. Enhance b. Exploit c. Share d. Contingent response
35. b. Exploit Although it might have a negative connotation, exploitation is a strategy used for risks with positive impacts where the organization wants to ensure that the opportunity is realized. This strategy seeks to eliminate uncertainty with a particular upside risk by ensuring the opportunity happens. Other examples, in addition to that in the question, are using new technology or upgrading technology to reduce the cost and duration required to realize the project's objectives. [Planning] PMI®, PMBOK® Guide, 2017, 444
36. You are striving to determine whether to accept a risk or transfer it to a contractor. You also may decide to just avoid the risk. You can— a. Collect more data using questionnaires b. Use influencing skills to gather stakeholders' opinions c. Conduct an assumptions analysis d. Use decision making
36. d. Use decision making Decision-making techniques are often used to select a risk response strategy. They also can help prioritize strategies to consider. Multi-criteria decision analysis can be used to provide a systematic approach for establishing criteria, evaluating and ranking alternatives, and making a selection. Some criteria to consider are cost, the effectiveness of the response in changing conditions, resources, time constraints, the level of impact if the risk occurs, and possible secondary risks. [Planning] PMI®, PMBOK® Guide, 2017, 446
37. Assume you remain unclear about what to do about a possible risk that may affect the overall project. You and your team have several strategies you can use, but before selecting one, you decide to— a. Conduct an alternatives analysis b. Establishing a management reserve to cover unplanned expenditures c. Review the stakeholder engagement plan d. Determine needed adjustments to make during the implementation phase of a project
37. a. Conduct an alternatives analysis Another tool and technique in Plan Risk Responses is data analysis. These techniques can help to select a preferred risk response strategy. One is to conduct an alternatives analysis. This analysis is a simple comparison of the requirements and characteristics of alternative risk response actions. It is used to make a decision about which strategy is the most appropriate to use. [Planning] PMI®, PMBOK® Guide, 2017, 446
38. Assume that you are working on a new product for your firm. Your CEO learned that a competitor was about to launch a new product that has similar features to those of your project. The competitor plans to launch the product on September 1. It is now March 1. Your schedule called for you to launch your product on December 1. Your CEO now has now mandated that you fast track your project, so you can launch your product on August 1. This fast track schedule is an example of an— a. Unknown risk b. A risk taken to achieve a reward c. A risk that impacts strategic goals d. A passive avoidance strategy
38. c. A risk that impacts strategic goals The situation in this question shows time to market is essential and must be shortened; otherwise the risk will have a negative impact on the company's strategic goals. Therefore, the strategic impact of the risk is high. Even though fast tracking can result in risks, the approach also can be monitored for effective results. In the Perform Qualitative Risk Analysis process, assessment of other risk parameters is a data analysis tool and technique in which other characteristics in addition to probability and impact are considered. [Planning] PMI®, PMBOK® Guide, 2017, 424
39. As head of the project management office, you need to focus on those items where risk responses can lead to better project outcomes. One way to help you make these decisions is to— a. Use interviews b. Assess trends in Perform Quantitative Risk Analysis results c. Prioritize risks and conditions d. Assess trends in Perform Qualitative Risk Analysis results
39. a. Use interviews Data gathering techniques are a tool and technique in Plan Risk Responses. Within it, interviews are suggested. By using interviews, developing responses to individual and overall project risks can be done. The interview can be structured or semi-structured. In using interviews, the interviewer needs to be unbiased and promote an atmosphere of trust with the interviewee. Confidentiality should be pointed out before the interview begins so the interviewee then provides honest and unbiased suggestions for decisions. Key stakeholders and members of the project team, including the sponsor and perhaps customer representatives, may be interviewed. [Planning] PMI®, PMBOK® Guide, 2017, 442
4. Projects are particularly susceptible to risk because— a. People assume there will be problems b. There is uncertainty in all projects c. Project management tools are generally unavailable at the project team level d. There are never enough resources to do the job
4. b. There is uncertainty in all projects Every project has uncertainty associated with it because a project by its definition is a temporary endeavor undertaken to create a unique product, service, or result. Projects have varying degrees of complexity. As projects work to deliver benefits, they also are working with constraints and assumptions as they respond to expectations of stakeholders that may conflict and change. The goal is to identify and manage risks that are not covered in other project management processes. If risks are not managed, they may cause the project to deviate from the plan and fail to meet their objective. Effective risk management contributes to successful projects. [Planning] PMI®, PMBOK® Guide, 2017, 397
40. You are the project manager for the construction of an incinerator to burn refuse. Local residents and environmental groups are opposed to this project. Management agrees to move this project to a different location. This is an example of which one of the following risk responses? a. Passive acceptance b. Active acceptance c. Mitigation d. Avoidance
40. d. Avoidance Risk avoidance involves eliminating the threat entirely or protecting it from its impact. It may involve changing some parts of the project management plan or the entire plan. The project manager may isolate the project's objectives from the risk's impact or change the objective in jeopardy, reducing the probability of its occurrence to zero. [Planning] PMI®, PMBOK® Guide, 2017, 443
5. As project manager, you have assembled the team to prepare a risk management plan for your project. It is to describe how risk management will be handled on your project. Within this plan, there is a— a. OBS b. WBS c. RBS d. CCB
5. c. RBS The risk breakdown structure (RBS) is a way to group individual project risks. It is a hierarchically organized depiction of potential sources of risk. It helps the team consider a number of sources where project risks may arise. It is useful in categorizing and identifying risks. Different RBS structures are appropriate for different types of projects, or the organization can use a previously prepared framework that can be a simple list of categories, or it may be structured into a RBS. It is described in the risk categories section of the risk management plan. [Planning] PMI®, PMBOK® Guide, 2017, 405-406
6. You are working on identifying possible risks to your project to develop a nutritional supplement. You want to develop a comprehensive list of risks that can be addressed later through qualitative and quantitative risk analysis. A data gathering technique used to identify risks is— a. Documentation reviews b. Probability and impact analysis c. Prompt lists d. Brainstorming
6. d. Brainstorming Brainstorming is a frequently used data gathering technique for identifying risk. It enables the project team to develop a list of potential risks relatively quickly. Project team members, often with invited experts, possibly under the direction of a facilitator, participate in the session. Traditional brainstorming sessions are free form, or other approaches may be used. Categories of risks, such as in a RBS, can be used as a framework. The identified risks should be described as brainstorming may result in ideas that may not be completely formed. It is part of several data gathering approaches as data gathering is a tool and technique in Identify Risks. [Planning] PMI®, PMBOK® Guide, 2013, 324
7. Assume you have prepared your risk management plan, identified possible risks, analyzed them, and determined possible responses if they occur. Now it is time to Implement Risk Responses. The benefit of this process is to— a. Present a sequence of decision choices to decision makers b. Ensure agreed-upon risk response are executed as planned c. Ensure actions to implement risks are only taken from people who are on the team d. Help take into account the attitudes of the decision makers toward risk
7. b. Ensure agreed-upon risk response are executed as planned The purpose of the Implement Risk Response process is to implement agreed-upon risk responses. The key benefit is it ensures these responses are executed as planned such that it addresses overall project risk exposure, minimizes individual potential threats, and maximizes project opportunities. [Executing] PMI®, PMBOK® Guide, 2017, 449
8. You are working Monitor Risks on your manufacturing project. You are fortunate to have a subject matter expert available with a specialty in risk management to assist you and your team. As you work to monitor these risks, you want to make sure your team and stakeholders are aware of— a. Any unplanned response to a negative risk event b. A plan of action to follow when something unexpected occurs c. The level of overall project risk d. A proactive, planned method of responding to risks
8. c. The level of overall project risk The Monitor Risk process involves monitoring the agreed-upon risk management plans, tracking and identifying new risks, and evaluating the effectiveness of risk responses throughout project. You want your team and other stakeholders to be aware of the current level of risk exposure and to recognize project work that should be continuously monitored for new risks, outdated risks, and changes in the level of overall project risk. The level of overall project risk is important to see if it has changed. [Monitoring and Controlling] PMI®, PMBOK® Guide, 2017, 454
9. Most statistical simulations of budgets, schedules, and resource allocations use which one of the following approaches? a. PERT b. Decision-tree analysis c. Present value analysis d. Monte Carlo analysis
9. d. Monte Carlo analysis A project simulation uses a model that translates the specified detailed uncertainties into their potential outcomes on project objectives and is a data analysis tool and technique in Perform Quantitative Risk Analysis, Simulations are typically performed using Monte Carlo analysis in which a project model is computed many times. The input values for cost risk simulation use project cost estimates, and for simulations of schedule risks, the network diagram and duration estimates are used. [Planning] PMI®, PMBOK® Guide, 2017, 433