RISK MGMT Flashcards Preview

PgMP > RISK MGMT > Flashcards

Flashcards in RISK MGMT Deck (85)
Loading flashcards...
1
Q

2 TYPES OF RISK

A

Pure Risk and Business Risk

2
Q

3 TYPES OF RISK TOLERANCES

A
  1. Risk-Averse, 2. Risk Seeker, 3. Risk-Neutral
3
Q

4 Strategies for Negative Risks/Threats

A

Avoid, Transfer, Mitigate, Accept

4
Q

4 STRATEGIES for POSITIVE RISKS/OPPORTUNITIES

A

Exploitation, Sharing, Enhancement, and Acceptance

5
Q

ACCEPTANCE RISK STRATEGY

A

tolerate the risk and deal with it if the risk actually occurs. Usually only chosen if no other option is available

6
Q

ANALYZE PROGRAM RISKS

A

The process of prioritizing risks for action or further anlaysis, documenting incident probability and effect, and assessing the impact of risks on the program and its components

7
Q

ANALYZE RISKS INPUTS (5)

A
  1. Pg Risk Register - What to analyze 2. Pg Mgmt Plan - format and criteria for integrating risk analysis 3. Pg Risk Mgmt Plan - establishes R/R for risk, budgets, risk categories, RBS template, etc 4. Pg Architecture Baseline - Is this new structure? greater risk 5. Lessons Learned Database - history
8
Q

ANALYZE RISKS OUTPUTS (1)

A

Pg Risk Register Updates - how analysis done, results of analysis

9
Q

ASSUMPTION ANALYSIS

A

A technique to determine if the program or project assumptions are accurate, consistent, and complete and, if not, the resultant risks to the program or project

10
Q

AVOID RISK STRATEGY

A

modifying the plan to remove the risk - get rid of the problem

11
Q

BRAINSTORMING

A

A data-generating technique which includes team members or subject matter experts for the purpose of solving problems, identifying risk, and planning-related activities for programs or projects

12
Q

BUFFER

A

Compensation in the planning for unknown items that could occur; typically schedule or cost-related; sometimes calles reserve

13
Q

BUSINESS RISK

A

typically uninsurable - inherent in the process of doing business

14
Q

COMPONENT RISK MGMT PLANS

A

Risks escalated by component managers are incorporated and merged, then inter-dependent risk factors are identified

15
Q

CONTINGENCY PLAN

A

pre-established actions that the team executes if a known risk event occurs on the program or project. Contains information such as triggers, effect on schedule, impact on cost, required resources, and status (planned, ready, activated, obsolete)

16
Q

CONTINGENCY RESERVES

A

For risk events you know can happen on a project (Known Unknowns). reserves that can help mitigate schedule or cost issues (risk), in the case of changes with the scope or quality on the program or project

17
Q

DECISION TREE ANALYSIS

A

looking at the probability and impact of all potential decisions to determine the potential Expected Monetary Value of the opportunity; helps an organization make decisions based on potential outcome and impact.

18
Q

DELPHI TECHNIQUE

A

A technique to attain consensus wihtin a group of experts; typically used to gain vision about future direction or development

19
Q

DIAGRAMMING TECHNIQUES

A

used to help decompose or categorize risks (ishikawa, flowcharts, influence diagrams)

20
Q

ENHANCE RISK STRATEGY

A

takes steps to improve the size or capacity of the risk event by determining the key variable involved and then maximizing that variable

21
Q

EXPECTED MONETARY VALUE (EMV)

A

the product of multiplying the monetary value impact and probability of the risk event; helps an organization make decisions based on potential outcome and impact. EMV = %Prob outcome 1 * Result of outcome 1 + % Prob outcome 2 * result of outcome 2

22
Q

EXPLOIT RISK STRATEGY

A

takes steps to ensure the opportunity will occur

23
Q

FALLBACK PLANS

A

A type of plan created for risks with a great impact on program or project goals, to be executed if attempts to minimize the risk are not successful

24
Q

ID RISKS INPUTS (7)

A
  1. Pg Scope Doc - lists assumptions or dependencies 2. Pg Risk Mgmt Plan - method for ID risks, tracking, etc 3. Comp Risk Mgmt Plans - ID’d risks from components and approaches 4. Pg Mgmt Plan - How to integrate risks into other areas 5. Pg Governance Structure - mech to monitor 6. Lessons Learned Database - history to ID 7. Pg Stakeholder Mgmt Plan - Risk tolerances and how to influence levels
25
Q

ID RISKS OUTPUTS (2)

A
  1. Pg Risk Register - ID’d risks, descrip, potential effect 2. Root Causes of Risk Updates - what might cause a risk (?)
26
Q

IDENTIFY PROGRAM RISKS

A

The process of distinguishing risks to the program and recording their traits

27
Q

ISSUE

A

An unresolved item needing attention or a program or project item causing confusion or disagreement

28
Q

LESSONS LEARNED DATABASE

A

Contains the knowledge learned during the execution of similar programs, both in-house and public domain; the information is vital to the development of a comprehensive risk management plan

29
Q

M/C PG RISKS INPUTS (7)

A
  1. Pg Risk Mgmt Plan - schedules and resources for M/C risks 2. Pg Risk Register - what to monitor and triggers to what for 3. Contingency Reserves - review for usage rate - High indicates not managing risks well 4. Pg Architecture Baseline - review to examine current risks and see if they are passed or if new ones exist 5. Pg Performance Reports - how we are progressing? are risks prob increasing? 6. Pg Issue Register - Are the Risk Resp Plans effective in resolving issues? 7. Contract Reviews - review for risk levels and if properly address issues with supplier
30
Q

M/C PG RISKS OUTPUTS (4)

A
  1. Preventative Actions - action requests to address risks 2. Pg Risk Register Updates - updates to existing risks and new ID Risks 3. Pg Risk Mgmt Plan Updates - feed improvements needed regarding risk into plan 4. Lessons Learned Updates - for use now and for pg final report
31
Q

MANAGEMENT RESERVES

A

Money set aside to account for events you cannot forecast happening. (unknown unknowns such as natural disastor)

32
Q

MITIGATE RISK STRATEGY

A

minimizes the bad characteristics of the risk. Ex: Choosing to do the work internally instead of externally if the risk would be decreased

33
Q

MONITOR AND CONTROL PROGRAM RISKS

A

The process of tracking and regulating risks, determining new risks, conducting ris response plan activities, and assessing the effectiveness of the risk response plan

34
Q

MONTE CARLO ANALYSIS

A

A technique to simulate the outcome of a program or project many times to determine the range of possible outcomes and the probability of their occurrence. Often used in scheduling area.

35
Q

PLAN PG RISK MGMT INPUTS (7)

A
  1. Pg Scope (sets scope of risk mgmt)
  2. Pg Mgmt Plan (sets how risk is incorporated with other parts of program)
  3. Pg Architectural Baseline (sets what made when - assess for risks)
  4. Pg Governance Structure - group that will help address risks
  5. Resource Plan - what resources will be available)
  6. Pg Stakeholder Mgmt Plan - What are the tolerance levels and how they might respond to various risks
  7. Lessons Learned Database (historical info)
36
Q

PLAN PG RISK MGMT OUTPUTS (1)

A

Pg Risk Mgmt Plan

37
Q

PLAN PG RISK RESPONSES INPUTS (3)

A
  1. Pg Risk Register - risks and analysis 2. Component Risk Response Plans - for interactions with each other 3. Pg Risk Mgmt Plan - guide process
38
Q

PLAN PG RISK RESPONSES OUTPUTS (4)

A
  1. Pg Risk Register - add plans, owner, triggers, etc 2. Contingency Reserves - funds needed to cover plans if enacted 3. Contingency Plans - plan to enact if risk occurs 4. Change Requests - proactive plans may affect schedule, budget, resources, quality, etc
39
Q

PLAN PROGRAM RISK MANAGEMENT

A

The process of defining responses to program opportunities and threats

40
Q

PLAN PROGRAM RISK RESPONSES

A

the process of determining what risk responses will be used on risk events and who will be responsible for implementing the responses if the risks occur

41
Q

PREVENTIVE ACTION

A

Documented activities to execute, if needed, that should minimize or eliminate the impact of a negative risk on the program or project

42
Q

PROBABILITY TABLES

A

Tables which show the probability associated with costs and duration projections on a program/project. Often derived from a Monte Carlo analysis. Note: The greater the cost and duration estimate, the higher the confidence level.

43
Q

PROGRAM ISSUES REGISTER

A

Comprised of issues; the responses compiled during Plan Program Risk Responses must adequately address those issues

44
Q

PROGRAM RISK MANAGEMENT PLAN

A

A document that details and describes the plan for managing risk over the life of the program

45
Q

PURE RISK

A

a risk for which insurance can be purchased, thereby transferring the risk for financial benefit to the party accepting the risk

46
Q

QUANTITATIVE RISK ANALYSIS AND MODELING TECHNIQUES

A

Monte Carlo simulation, sensitivity analysis, and scenario modeling are done to learn about the characteristics of the risks.

47
Q

RESERVES

A

Compensation in the planning for unknown items that could occur; typically schedule or cost-related; sometimes calles buffer

48
Q

RESIDUAL RISK

A

Risk that remains aftere response strategies have been applied

49
Q

RESOURCE PLAN

A

Developed to establish the resources required to manage the program or conduct program governance

50
Q

RISK

A

The possibilty of a negative (threat) or positive (opportunity) event

51
Q

RISK & CONTRACTING RELATIONSHIP

A

If you outsource, you transfer SOME of the risk, but not all. Also, you take on different risks related to contracting.

52
Q

RISK ACCEPTANCE

A

Opting to accept the impact or consequences of a risk event

53
Q

RISK AUDIT

A

formal examination of risk-related items done typically at major mielstones. The Pg mgmt team should the review the results and adjust risk mgmt plan accordingly

54
Q

RISK AVERSE

A

mentality of Risk Avoidance. Seleccting the low risk item or the sure thing often

55
Q

RISK AVOIDANCE

A

Eliminating a risk of threat, usually by eliminating the cause

56
Q

RISK BREAKDOWN STRUCTURE (RBS)

A

A decomposition of the risk categorization, and the risks within those categories that could occur on a program or project. Often created via brainstorming type of environmet

57
Q

RISK CATEGORIES (6)

A

A grouping of types of risk on a program or project. 1. Environmental - external, internal culture, political & stakeholder positions 2. Program Level - Pg Definition, governance, interactions 3. Project Risks - Prj Mgs handle, NOT prg mgr) 4. Operational Level - transfer of results to ops, integration of changes to processes/proc/tools/system 5. Portfolio Level - interaction between progs 6. Benefits Related - collection of benefits risks from proj, but also interaction of those risks

58
Q

RISK DATABASE

A

a data repository that stores and manipulates information associated with the risk management processes

59
Q

RISK EVENTS

A

events that may impact the program or project either negatively or positively

60
Q

RISK FACTORS

A

numbers representing the risk of certain events, the likelihood of their occurring, plus the impact on the program or project if the event does occur.

61
Q

RISK IMPACT

A

Consequence or amount at stake if something does happen.

62
Q

RISK MGMT PLAN PARTS (11)

A
  1. Approach ? define methods, tools used, data sources 2. R&R - RACI for each activity in risk mgmt. plan 3. Budgeting ? assigns resources, estimate risk mgmt. costs, protocol to apply contingency reserves 4. Timing ? reviews sched and when activities occur 5. Risk Categories ? Simple list or RBS 6. Probability & Impact Matrix 7. Revised Stakeholder Tolerances 8. Reporting Formats ? format, content template 9. Tracking ? Docs how risk activities will be recorded 10. Approval ? map to governance structure 11. Input to Enterprise Pg Risk Mgmt Process
63
Q

RISK MITIGATION

A

minimizing the impact of a risk event by minimizing the likelihood or probability of its occurrence

64
Q

RISK OWNER

A

The person who is responsible for implementing the risk response plan if the risk occurs.

65
Q

RISK PROBABILITY

A

Likelihood that something will happen. The sum of all possible outcomes for a single event totals 100%.

66
Q

RISK PROBABILITY AND IMPACT MATRIX

A

A tool used to determine where a risk fits on a program or project; the typical rating for is high, medium, or low for probability and impact regarding scope, time, cost, and quality.

67
Q

RISK REGISTER

A

the documented results of Plan Risk Management which can include the outputs of Perform Qualitative Risk Analysis and Perform Quantitative Risk Analysis, as well as Plan Risk Responses. Contains the following: Risk #, Risk Name, Triggers, Probability of occuring, Impact if occurs, Planned Responses, Risk Owner, Reserve Amount.

68
Q

RISK RESPONSE STRATEGIES (SEE the ATM)

A

Share, Exploit, Enhance, Avoid, Transfer, Mitigate, Accept for both)

69
Q

RISK REVIEWS

A

Assess the documented risks for changes in the assessment and the program for any new risks

70
Q

RISK SEEKING

A

Possessing a higher tolerance than most for risk. Often looking for risk (or at least not afraid). Typically early adopter of new products, or a business/person willing for an “all or nothing” approach to an initiative

71
Q

RISK SYMPTOMS

A

Characteristics which indicate that a risk event is possibly starting to occur; could also be called risk triggers

72
Q

RISK TOLERANCE

A

The level of satisfaction from a potential risk payoff; also known as risk utility

73
Q

RISK TRANSFERENCE

A

Allocating the responsibility for and impact of the risk event to another party

74
Q

RISK-AVERSE

A

Possessing a low desire or tolerance for risk

75
Q

RISK-NEUTRAL

A

A middle ground mentality. (between the risk taken and the benefit received). Can shift to seeker or averse under some situations.

76
Q

ROOT CAUSES OF RISK UPDATES

A

The environments or occurrences that engender identified risks and must be updated as the change

77
Q

SECONDARY RISKS

A

Risks that result from the execution of a risk response. For example - the risk you take on by choosing to outsource work as a Transfer Risk Strategy

78
Q

SENSITIVITY ANALYSIS

A

A technique used in risk management that helps show which risks will likely have the most impact on the program or project

79
Q

SHARE RISK STRATEGY

A

splits the resonsibility and benefit of the risk with a third party to maximize an opportunity

80
Q

STRENGTHS, WEAKNESSES, OPPORTUNITIES, AND THREATS (SWOT) ANALYSIS

A

A risk analysis technique which considers the strengths of, weaknesses of, opportunities of, and threats to the program or project to facilitate a more knowledgeable risk management analysis

81
Q

THREAT

A

A negative risk to the program or project

82
Q

TRANSFER RISK STRATEGY

A

reassign the risk exposure to another party. NOTE: do not remove all risk, just decrease. Also take on others. Ex: hire outside company to do something. Buy insurance.

83
Q

TRIGGER(S)

A

A signal that a risk event could occur in the near future

84
Q

WORKAROUND

A

A response to a risk that wasn’t planned or the original plan did not work. Reactive response

85
Q

PLAN PROGRAM RISK MGMT T/T (2)

A
  1. RISK PLANNING METINGS - bring together key team members and experts to plan. NOTE: Key to share results with component managers for truly Integrated Program Risk Mgmt
  2. LESSONS LEARNED REVIEWS - review historical info, BUT must use judgment for relevancy