Risk Management

Question 1

Primary Risk Management Processes

Answer 1

• Plan Risk Management
• Identify Risks
• Perform Qualitative Risk Analysis
• Perform Quantitative Risk Analysis
• Plan Risk Responses
• Control Risks

Question 2

Known Risks

Answer 2

• have been identified and analyzed
• possible to plan responses
• Knwon risk that cannot be proactively managed should be assigned contingency reserves

Question 3

Unknown Risks

Answer 3

• cannot be managed proactively
• Should be assigned a management reserve

Question 4

Risk Appetite

Answer 4

• degree of uncertainty an entity is willing to take on in anticiaption of a reward

Question 5

Risk Tolerance

Answer 5

• Degree, amount, or volume of risk that an organization or individual will withstand
  *

Question 6

Risk Threshold

Answer 6

• measures along the level of uncertainty ir the level of impact at which a stakeholdr may have a specific interest
• Below the threshold, they will accept the risk
• Above the threshold, they will not tolerate the risk

Question 7

Risk Management Plan Components

Answer 7

• Methodology
• Roles and Responsibilities
• Budgeting
• Timing
• Risk Categories
• Definitions of risk probability and impact
• Probability and Impact Matrix
• Revised Stakeholder tolerances
• Reporting formats
• Tracking

Question 8

Risk Information Gathering Techniques

Answer 8

• Brainstorming
• Delphi Technique
• Interviewing
• Root Cause Analysis

Question 9

Brainstorming

Question 10

Delphi Technique

Answer 10

• Way to reach a concensus of experts
• Participate anonymously
• Use a quesitionairre to solicit ideasabout important risks
• ideas are consolidated then recirculated to the experts
• Helps to redues bias in the data

Question 11

Root-Cause Analysis

Answer 11

• USed to identify a problem or to discover the underlying cause that lead to it, and develop preventative action

Question 12

Risk Diagramming Techniques

Answer 12

• Cause and Effect Diagrams
• System or process flow charts
• influence diagrams

Question 13

Checklist Analsysis

Answer 13

• Use of a checklist for risks from historical information
• Should not be used in place or proper risk management
• Would likely be used for very repeatable projects and processes

Question 14

Risk Cause and Effect Diagrams

Answer 14

• Also known as fishbone diagrams

Question 15

Risk System or process flow charts

Answer 15

• how various elements of a system interrelate and the mechanism of causation

Question 16

Influence Diagrams

Answer 16

• Graphical representations of situations showing causal influences, time ordering of events, and other relationships aming variables and outcomes

Question 17

SWOT Analysis

Question 18

Qualitative Risk Assessment Tools and Techniques

Answer 18

• Risk proabability and Impact Assessment
• Probability and Impact Matrix
• Risk Data Quality Assessment
• Risk Categorization
• Risk Urgency Assessment

Question 19

Risk probability and impact assessment

Answer 19

• looking at the prbability and impact on each risk
• Think of the traditional risk log

Question 20

Probability and impact matrix

Answer 20

• Risk rating rules usually pre-defined
• matrix to score each risk based on probability and impact
• Color scales may be used to identify high, medium, low risk based on organizational rules
• Risk Scores help to determine priority of action and response

Question 22

Risk Data Quality Assessment

Answer 22

• Determining the degree to which riskl data is useful in managing those risks
• For example, do you have adequate information to understand and rsspond to the risk

Question 23

Risk Categorization

Question 24

Risk Urgency Assessment

Answer 24

• Considers indicators of priority
• risks requiring near-term responses

Question 25

Quantitative Risk Analysis

Answer 25

* Risk evaluation based on numerical analysis * May or may not be possible depdning on data available for the project * Almost always follows the qualitative analysis process

Question 26

Qualitative Risk Analysis Techniques

Answer 26

* Data Gathering and Representation Techniques * Interviewing * Probability Distributions * Modeling Techniques * Sensitivity Analysis * Expected Monetary Value (EMV) Analysis * Modeling and Simulation

Question 27

Data Gathering: Interviwewing

Answer 27

* drawing on historical data * Estimasting risk based on low, most likely, and high estaimtes

Question 28

Probability Distributions

Answer 28

* represent uncertsinty in values * Think bell curve * Shape of curves may be determined by data or by risk policies

Question 29

Sensitivity Analysis

Answer 29

* Used to determine which risks have the most potential impact on the project * Investigates the extent to which uncertainty or each proejct element affects the objecitves when all other uncertain elements are held constant * Common representation of this is the Tornado Diagram * Y-Axis contains each type of uncertainty * X-Axis contains the spread or correlation of the uncertainty at base values

Question 30

Expected Montetary Value Analysis

Answer 30

* Calculates the average outcome when future includes scenarios that may or may not occur * Used for analysis under uncertainty * Opportunities generally expressed as positive values * Threats usually expressed as negative values * Requires a risk-neutral assumption (neither risk averse, nor risk seeking) * Typically uses decision tree analysis * EMV is calculated by multiplying the value of each posible outcome by its probability of occurence and adding the products together

Question 31

Modelling and Simulation

Answer 31

* translates the specificed uncertainties into their potential impact on project objectives * Typically performed using the Monte Carlo technique

Question 32

Negative (Threat) risk response techniques

Answer 32

* Avoid * Transfer * Mitigate * Accept

Question 33

Positive (Opportunity) Risk Response Techniques

Answer 33

* Exploit * Enhance * Share * Accept

Question 34

Avoid

Answer 34

* Negative Risk Repsonse strategy where project team acts to eliminate the threat or protect the team from its impact * Usually changes the project's objectives, including changing scope, or to the extreme of shutting down the project

Question 35

Transfer

Answer 35

* Negative risk response strategy in which the proejct team transfers the impact of the threat to a third party, along with the ownership of the response * Does not eliminate risk * Typically includes payment of a risk premium to the owning party (higher rates, etc) * Contracts might be used to transfer liability * Reason for companies hiring vendors for example

Question 36

Mitigate

Answer 36

* Negative risk response sterategy in which the project team acts to minimize the probability of occurance or impact of a risk * Examples include: * adopting less complex processes * conducting more tests * choosing a more stable supplier * designing redundancy into a system

Question 37

Accept

Answer 37

* Negative risk response strategy in which the project team decides to acknowledge the risk and not take any action unless the risk occurs * Usually used when there is no way to address a risk in any other way

Question 38

Exploit

Answer 38

* Positive risk response strategy in which the organization wants to ensure that the opportunity is realized * Esnuring the opportunity definitely happens

Question 39

Enhance

Answer 39

* Positive risk response strategy used to increase pobabilityand/or positive impacts of an opportunity * Example: is adding more resources to an activity to finish early

Question 40

Share

Answer 40

* Positive risk response in allocating some or all of the ownership to a third party that is more capable of capturing the opporunity * Example might include outsourcing for a specialized task

Question 41

Accept

Answer 41

* Positive risk strategy in which the team is willing to take advantage of the opportunity if it arises, but does not actively pursue it

Question 42

Contingent Response Plan

Answer 42

* Risk response plan that will only be executed if certain conditions occur