Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Prince2 > Chapter 10: Risk > Flashcards

Chapter 10: Risk Flashcards

1
Q

What is the purpose of the Risk theme?

A

The purpose of the Risk theme is to identify, assess, and control uncertainty, and, as a result, improve the ability of the project to suceed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define Risk.

A

Risk is an uncertain event (or set of events) that, should it occur, will have an effect on the achievement of objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How is risk measured?

A

By a combination of the probability of a perceived threat or opportunity occurring, and the magnitude of its impact on objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TRUE or FALSE:
Risks can have a negative and a positive impact on the objectives if they occur.

A

TRUE.

If they have a negative impact then they are called threats.

If they have a positive impact then they are called opportunities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define Risk Management.

A

Risk management is the systematic application of principles, approaches and processes to the tasks of identifying and assessing risks, planning and implementing risk responses, and communicating risk management activities with stakeholders.

Identify > Assess > Plan > Implement
—– Communicate —–

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What should be done for risk management to be effective?

A
  • risks that might affect the project achieving its objectives need to be IDENTIFIED, captured and described
  • each risk needs to be ASSESSED to understand its probability, impact and timing
  • responses to each risk need to be PLANNED, and assigned to people to action and to own
  • risk responses need to be IMPLEMENTED, monitored and controlled.
  • throughout the process, information about the risks must be COMMUNICATED within the project and to stakeholders.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define risk exposure.

A

Risk exposure is the extent of risk borne by the organization at a time.

Risk exposure for a project can be calculated with the Expected Monetary value technique - likelihood x impact (sum of all identified risks)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the minimum requirements for the Risk theme?

A

A PRINCE2 Project must:
1. define its risk management approach that includes:
* how risks are identified and assessed, how risk management responses are planned and implemented and how management of risk is communicated throughout the project lifecycle
* assessing whether identified risks might have a material impact on the business justification of the project
* the roles and responsibilities for risk management

  1. maintain some for of risk register to record identified risks and decisions
  2. ensure that project risks are identified, assesses, managed and reviewed.
  3. use lessons to inform risk identification and management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the two management products that are produced and maintained within the Risk theme?

When are they created?

A
  1. Risk Management Approach - defines how risk will be managed on the project
  2. Risk register - provides a record of identified risks, including their status and history

These documents are created during the initiating a project process.
The risk management approach should be reviewed and possibly updated at the end of each management stage. The risk management approach will define how the risk register is reviewed and updated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Summarize the risk responsibilities.

A

Product Manager creates the risk management approach and Executive ensures that it is appropriate.

All (Executive, Senior User, Senior Supplier, Project Manager, Team Managers) ensure that risks are being identified throughout the project lifecycle.

Project Assurance reviews the risk management practices during the life of the project.

Project Support assists the Project Manager in maintaining the project’s risk register.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TRUE or FALSE:
The risk management approach should include the project board’s attitude towards risk-taking.

A

TRUE

It helps define the amount of risk that is acceptable and will, in turn, help set risk tolerances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

TRUE or FALSE:
The project manager can undertake risk management activities.

A

TRUE
On smaller projects, the project manager can undertake most risk management activities, however, on more complex projects these activities might be delegated to a risk manager or risk management team.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What should be considered when creating a risk management approach?

A
  1. the project board’s attitude to risk
  2. the project size, scale and complexity, and risk impact
    • risk impact - even though a project might be small, the risk can be huge (e.g., updating the company’s software on all computers might cause the whole company to stop working temporarily)
  3. project delivery approach
    • if deliveries are happening often (e.g., every week) then risk review should adjust (e.g., check risks outlined initially in the risk register every week to assess whether they are likely to happen in the delivery stage)
  4. commercial considerations
  5. establishing a risk budget
    • to fund management responses to the project’s threats that were identified in the beginning
    • risks might not be identified in the beginning, so take into consideration a provision (extra money for unpredictable risks)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Who can raise a risk?

A

Any member of the project, corporate or programme management, the customer, or other stakeholder.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Where do you capture risks as soon as they are identified?

A

Risk register

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

It is important to capture a clear and unambiguous expression of each risk. What aspect should be considered?

A
  1. Risk Cause = source of the risk (e.g., insufficient staffing capacity)
  2. Risk Event = area of uncertainty (e.g., could cause the construction to stop for a while)
  3. Risk Effect = impact on the project objectives (e.g., could result in the project taking one month longer than planned)
17
Q

How can the project manager identify the risks?

A

By looking at the project mandate, the project brief, and the project product description. For example:
* customer’s quality expectations
* number of organizations involved etc…

Also by looking at other project’s lessons.

18
Q

Give some examples of risk identification techniques

A

Review lessons - see other similar projects

Risk checklist - in-house documentation (if any)

Risk prompt lists - publicly available lists of risks categorized into types or areas

Brainstorming

Risk Breakdown structure - e.g., PESTLE analysis

19
Q

What is recommended by PRINCE2 to assess in terms of risk probability and impact?

A
  • probability of threats and opportunities and how likely they are to occur
  • the impact of each risk in terms of the project objectives
  • the impact of the risk on the stage plan, project plan and business case
  • how quickly the risk is likely to materialize if no action is take (i.e., risk proximity)
  • how the impact of the threats and opportunities might change over the life of the project
  • whether the project team is best placed to manage the risk or if the risk should be escalated to the project board
20
Q

Give some examples of Risk Estimation Techniques

A
  1. Probability Impact grid
  2. Expected value
  3. Probability trees
  4. Pareto analysis
21
Q

What is a risk profile?

A

A way of summarizing the set of risks and their estimations of probability and impact (more or less like the Probability Impact grid) and setting a risk tolerance line.

22
Q

Define Risk Appetite.

A

Risk appetite is an organization’s unique attitude towards risk-taking that in turn dictates the amount of risk that it considers acceptable.

23
Q

Define Risk Tolerance.

A

Risk tolerance is the threshold levels of risk exposure that, with appropriate approvals, can be exceeded, but which when exceeded will trigger some form of response.

24
Q

What are the two main risk evaluation techniques?

A
  1. Risk Models (e.g., the Monte Carlo simulation)
  2. Expected Monetary Value
    * Likelihood x Impact = Expected Value (sum of all risks) will give you the Expected Monetary Value
25
Q

What are the typical Risk Reponses? Give some examples.

A
  1. Avoid a threat/ Exploit an opportunity
    e.g., avoid a threat - team lacks expertise in REACT > to avoid the risk, you outsource the dev of REACT components
    exploit an opportunity - opportunity to launch product earlier than competition > allocate more resources
  2. Reduce a threat/ Enhance an opportunity
    e.g., reduce a threat - identified a risk of budget overruns due to unforseen construction complexities > to mitigate, you conduct a site survey and soil analysis to better plan for challenges
    enhance an opportunity - opportunity to easily add an extra feature to a software which will make it more competitive > allocate additional resources
  3. Transfer the risk
    e.g., insurance
  4. Share the risk
    - it seeks multiple parties, typically within supply chain, to share the risk on a pain/gain share basis
  5. Accept the risk
    - the organization ‘takes the chance’
  6. Prepare contingent plans
    - prepare plans now, but not taking action now
26
Q

Who can decide the appropriate response to a risk?

A

If the risk falls within the tolerances set for the project, the project manager decides on the appropriate response;
Otherwise, the decision is escalated to the project board.

Also, depending on the risk tolerance, escalation might also be to the overarching programme, corporate body or customer.

27
Q

What is residual risk?

A

When a threat is reduced (rather than removed), the remaining risk is called “residual” risk.

28
Q

How do you assess whether a risk response is worth it?

A

One way of assessing is to compare the cost of the risk response with the difference in the expected monetary value of the risk before and after the risk response.

29
Q

After a risk response implementation, what else should you do?

A

Planned risk responses need to be actioned, their effectiveness monitored and corrective action taken where responses do not match expectations.

30
Q

What are the roles of the Risk owner and Risk actionee in the risk response implementation stage?

A

Risk owner = a named individual who is responsible for the management, monitoring and control of all aspects of a particular risk assigned to them, incl. the implementation of the selected risk responses.

Risk actionee = a nominated owner of an action to address a risk.

31
Q

What are some reports that you can use to communicate information related to threats and opportunities?

A

checkpoint report - given by the team to the PM at a decided checkpoint
highlight reports - from PM to the board on management stage progress
end stage reports
end project report
exceptions reports

Prince2 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions