Risk and Issues

Question 1

What is risk management?

Answer 1

The process of identifying, evaluating, and planning responses to uncertain events that might occur during the course of a project

Question 2

What is on a watch list?

Answer 2

Risks that currently do not warrant planned risks responses, but it is understood that any of these risks could become more probable and need a planned response

Question 3

Who is a risk owner?

Answer 3

An individual who watches out for the occurrence of an assigned risk and leads the implementation of preplanned responses

Question 4

What is an opportunity in risk management?

Answer 4

A risk event that has a positive impact to deliver even more value to the organization and customer than planned

Question 5

What is a spike?

Answer 5

A short iteration dedicated to explore an issue or an approach

Often used to explore big risks like new processes or technology

Question 6

What are the two types of spikes?

Answer 6

Architectural spikes
Risk-based spikes

Question 7

What is the purpose of fast failure?

Answer 7

The earlier failure occurs the quicker resources can be diverted to a different strategy on a project, or even to a different project

Question 8

According to the Process Groups model, what processes are involved in risk management?

Answer 8

Plan Risk Management
Identify Risks
Perform Qualitative Risk Analysis
Perform Quantitative Risk Analysis
Plan Risk Responses
Implement Risk Responses
Monitor Risks

Question 9

Name the factors to consider when assessing risk.

Answer 9

The probability that a risk event will occur (how likely)

The range of possible outcomes (impact or amount at stake)

Expected timing for it to occur in the project life cycle (when)

The anticipated frequency of risk events from that source (how often)

Question 10

Define risk appetite.

Answer 10

A general, high-level description of the acceptable level of risk to an individual or organization

Question 11

Define risk threshold.

Answer 11

The specific point at which risk becomes unacceptable

Question 12

What are the desired outcomes of risk management?

Answer 12

Internal and external environmental factors are considered.

Risk and responses address the inherent uncertainty and complexity on projects.

Risk related to all possible variables and constraints are accounted for.

Issues are eliminated with risk response plans.

Risks are reviewed in every meeting, triggers are monitored, and risks are addressed before they happen.

There is normally a plan in place to deal with risk events.

Risk management helps to limit cost, time, and resource investments on the project.

Question 13

Describe the difference between qualitative and quantitative risk analysis.

Answer 13

Qualitative risk analysis is a subjective evaluation and the numbers used to rate each risk are usually based on a scale of 1-5 or 1-10

Quantitative risk analysis is a more objective evaluation and the rating of each risk is based on an estimate of the actual probability and the actual monetary value at stake (impact)

Question 14

What may be included in the risk management plan?

Answer 14

Risk strategy
Methodology
Roles and responsibilities
Funding
Timing
Risk categories
Stakeholder risk appetite/thresholds
Definitions of probability and impact
Reporting
Tracking

Question 15

What is a risk breakdown structure?

Answer 15

A hierarchical chart that can help identify and document risk categories

Question 16

What are the risk categories related to project constraints?

Answer 16

Schedule
Cost
Quality
Scope
Resources
Customer satisfaction

Question 17

What does risk data quality assessment show?

Answer 17

Accuracy and reliability of a risk to determine if it is valid and whether more research is needed to understand it

Question 18

What is the main artifact that results from the Identify Risks process?

Answer 18

Risk register

Question 19

What are some examples of risk identification techniques?

Answer 19

Brainstorming
Checklist analysis
Interviewing
Root cause analysis
Assumption analysis
Constraint analysis
SWOT analysis
Documentation reviews

Question 20

What is a project pre-mortem?

Answer 20

A facilitated team exercise that aims to identify the possible failure points on a project before they happen

Question 21

What steps are typically involved in a project pre-mortem?

Answer 21

1. Imagine the failure
2. Generate reasons for the failure
3. Consolidate the list
4. Revisit the plan

Question 22

Name methods used for the Perform Qualitative Risk Analysis process.

Answer 22

Risk management quality assessment
Risk categorization
Probability and impact matrix
Risk parameters assessment

Question 23

What does quantitative risk analysis determine?

Answer 23

Which risk events warrant a response plan and which require the most attention

Overall project risk (risk exposure)

The quantified probability of meeting project objectives

Question 24

What tools can a project manager use to determine quantitative probability and impact?

Answer 24

Expert judgment from the team and risk specialists
Data-gathering techniques, such as interviewing
Data analysis techniques, such as sensitivity analysis and decision tree analysis
Interpersonal and team skills
Cost and schedule estimating
Use of historical records from previous projects

Question 25

What is sensitivity analysis?

Answer 25

A technique to analyze and compare the potential impacts of identified risks

Question 26

What is the formula for expected monetary value?

Answer 26

Probability times impact, or
EMV = P × I

Question 27

What is the purpose of a decision tree?

Answer 27

To model all the possible choices to resolve an issue

Question 28

What are the possible risk response strategies for threats?

Answer 28

Avoid: Eliminate the threat by eliminating its cause

Mitigate: Reduce the probability or impact of the threat

Transfer: Make another party responsible for the risk (outsourcing, insurance, warranties, bonds, guarantees)

Escalate: Move the threat to the program or portfolio level

Accept:
Passive acceptance—do nothing; if it happens, it happens
Active acceptance—develop contingency plans in advance

Question 29

What are the possible risk response strategies for opportunities?

Answer 29

Exploit: Make sure the opportunity occurs
Enhance: Increase probability or positive impact of the risk event
Share: Allocate full or partial ownership of the opportunity to a third party
Escalate: Move the opportunity to the program or portfolio level
Accept: Do nothing; if it happens, it happens

Question 30

What key outputs of the Plan Risk Responses process are added to the risk register?

Answer 30

Residual risks
Contingency plans
Fallback plans
Risk owners
Secondary risks
Risk triggers
Contracts
Reserves (contingency and management)

Question 31

What is communicated in a risk report?

Answer 31

The risks of greatest threat or opportunity, overall project risk exposure, anticipated changes, and anticipated outcomes of planned risk responses

Question 32

What is a pure risk?

Answer 32

An insurable risk, such as fire, theft, property damage

Question 33

What are residual risks?

Answer 33

The risks that remain after risk response planning

Question 34

What are secondary risks?

Answer 34

New risks created by the implementation of risk response strategies

Question 35

What is the difference between a contingency plan and a fallback plan?

Answer 35

A contingency plan describes the specific actions that will be taken if the opportunity or threat occurs

A fallback plan describes specific actions that will be taken if the contingency plans are not effective

Question 36

What are risk triggers?

Answer 36

Events that trigger contingency responses

They let risk owners know when to take action

Question 37

What is a risk-adjusted backlog?

Answer 37

A backlog that is prioritized for the risk responses that have been developed for identified risks

Question 38

Describe set-based design.

Answer 38

Exploring multiple options, or designs, early in the project and eliminating the ones that won’t work

It creates flexibility and allows teams to develop knowledge as they work through the different options

Question 39

What are workarounds?

Answer 39

Unplanned responses developed to deal with the occurrence of unanticipated events or problems on a project (or to deal with risks that had been accepted because of unlikelihood of occurrence and/or minimal impact)

Question 40

What can a contingency reserve be used for?

Answer 40

To handle the impact of the specific risk for which it was set aside

Question 41

What is technical performance analysis?

Answer 41

Uses project data to compare planned versus actual completion of technical requirements to determine if there is any variance from what was planned

Question 42

What happens during a risk reassessment?

Answer 42

The team reviews the risk management plan and risk register and adjusts the documentation as required

Question 43

What is a risk review?

Answer 43

A regular review to discuss the effectiveness of planned risk responses that have been implemented on the project

They may result in the identification of new risks, secondary risks created by risk response plans, and risks that are no longer applicable

Question 44

What are risk audits?

Answer 44

Assessments of the overall process of risk management on the project

Question 45

What agile tools allow for ongoing monitoring and controlling for risk?

Answer 45

Retrospectives and risk burndown charts

Question 46

What is the purpose of technical performance analysis?

Answer 46

Compares planned versus actual completion of technical requirements to determine if there is any variance from what was planned

Any variance could indicate possible risks to the project, either opportunities or threats

Question 47

What artifacts result from the Monitor Risks process?

Answer 47

Change requests
Project management plan updates
Project document updates (includes the risk register)
Work performance information
Organizational process assets updates

Question 48

What key outputs of the Monitor Risks process are added to the risk register?

Answer 48

Outcomes of risk reassessments and risk audits
Results of implemented risk responses
Updates to previous parts of risk management
Closing of risks that are no longer applicable
Details of what happened when risks occurred
Lessons learned