An organization faces immense competition in the market and decides 10 accelerate a key project.
What is the first action for the project risk manager to take?
B
Explanation:
The risk management plan is a document that describes how risk management activities will be
structured and performed on a project. It defines the roles and responsibilities, risk categories, risk
appetite and thresholds, risk identification and analysis methods, risk response strategies, risk
monitoring and reporting mechanisms, and risk governance mechanisms1. The risk management
plan should be aligned with the project management plan, which defines the project scope,
schedule, cost, quality, and other aspects2. When an organization decides to accelerate a key project,
it means that the project objectives, assumptions, constraints, and environment have changed. This
will affect the risk exposure and profile of the project, as well as the risk management approach and
resources. Therefore, the first action for the project risk manager to take is to revise the risk
management plan to reflect the new situation and ensure that the risk management process is still
effective and efficient. Revising the risk management plan may involve updating the risk categories,
risk appetite and thresholds, risk identification and analysis methods, risk response strategies, risk
monitoring and reporting mechanisms, and risk governance mechanisms to suit the accelerated
project. The project risk manager should also communicate the revised risk management plan to the
relevant stakeholders and obtain their approval and support1. Ensuring sufficient resources are
available, updating the risk register, and meeting with the project’s stakeholders are all important
actions to take when accelerating a project, but they are not the first action. These actions should be
done after revising the risk management plan, as they depend on the updated risk management
approach and process. For example, the project risk manager may need to allocate more resources to
risk management activities, identify and analyze new or changed risks, implement new or modified
risk responses, and report the risk status and performance to the stakeholders based on the revised
risk management plan1. Reference: 2, 1.
When a project is accelerated, the risk landscape changes. The project risk manager should first
revise the risk management plan to address the new timeline and its potential impacts on the
project. This will help in identifying new risks, reassessing existing risks, and updating risk responses.
A risk management professional is currently facilitating the risk planning process with the project
team. To increase the breadth of considered risks, the team wants to include high-level and strategic
project risks.
What should the risk management professional do next?
C
Explanation:
A SWOT analysis is a risk identification technique that helps to identify high-level and strategic
project risks by examining the internal and external factors that may affect the project objectives. A
SWOT analysis involves listing the strengths, weaknesses, opportunities, and threats of the project,
and then analyzing how they may impact the project positively or negatively. A SWOT analysis can
help to uncover potential risks that may not be obvious from other techniques, such as prompt lists,
interviews, or brainstorming12
: 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project
Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1
A project is at the final development stage. The test lead informs the risk manager that a key feature
may not be testable due to changes in the environment
What should the risk manager do?
C
Explanation:
The risk manager should review the feature with the project team to determine the cause and
impact of the untestability, and to identify possible solutions or alternatives. The risk manager
should also update the risk register and the risk response plan accordingly. This is the best option
among the given choices, as it involves the relevant stakeholders and follows the risk management
process. Confirming the risk triggers are still valid is not sufficient, as it does not address the problem
or its consequences. Asking the architect to develop acceptance criteria is not appropriate, as it may
not be feasible or effective to test the feature with new criteria. Escalating the issue to the project
board is premature, as it may not be necessary or desirable to involve the senior management
without first analyzing the situation and proposing a course of action. Reference: PMI. (2017). A
Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition. Chapter 11:
Project Risk Management, pp. 414-415. 5
When a key feature may not be testable due to changes in the environment, the risk manager should
review the feature with the project team to understand the issue, assess its impact, and determine
the appropriate risk response. This collaborative approach ensures that the team has a clear
understanding of the situation and can work together to address the risk.
A risk manager is managing risks of a mission critical application. A subject matter expert (SME) asks
the risk manager to treat every single risk identified as an extremely high priority.
What should the risk manager do?
D
Explanation:
According to the PMBOK Guide, 6th edition, Section 11.6.2.1, Sensitivity Analysis, a sensitivity
analysis is a technique that helps to determine which individual project risks or other sources of
uncertainty have the most potential impact on project outcomes. A sensitivity analysis can be used to
prioritize risks based on their relative effect on the project objectives, such as cost, schedule, quality,
or scope. A sensitivity analysis can also help to identify areas where risk response efforts may be
most effective. Therefore, the risk manager should perform a sensitivity analysis and determine the
correct priority of every identified risk, rather than agreeing with the SME or the project sponsor, or
marking every risk with the same or different priority without proper analysis. Reference: PMBOK
Guide, 6th edition, Section 11.6.2.1, Sensitivity Analysis1
The risk manager should perform a sensitivity analysis to assess the impact of each risk on the
project objectives. This will help in determining the correct priority of every identified risk, ensuring
that resources are allocated effectively and that the most critical risks are addressed first.
The risk manager notices that in their workshops, most of the risks identified are threats. What
should the risk manager do to increase the number of opportunities identified?
C
Explanation:
The risk management plan is a document that describes how risk management activities will be
structured and performed on a project. It defines the roles and responsibilities, risk categories, risk
appetite and thresholds, risk identification and analysis methods, risk response strategies, risk
monitoring and reporting mechanisms, and risk governance mechanisms1. The risk management
plan should be aligned with the project management plan, which defines the project scope,
schedule, cost, quality, and other aspects2. When an organization decides to accelerate a key project,
it means that the project objectives, assumptions, constraints, and environment have changed. This
will affect the risk exposure and profile of the project, as well as the risk management approach and
resources. Therefore, the first action for the project risk manager to take is to revise the risk
management plan to reflect the new situation and ensure that the risk management process is still
effective and efficient. Revising the risk management plan may involve updating the risk categories,
risk appetite and thresholds, risk identification and analysis methods, risk response strategies, risk
monitoring and reporting mechanisms, and risk governance mechanisms to suit the accelerated
project. The project risk manager should also communicate the revised risk management plan to the
relevant stakeholders and obtain their approval and support1. Ensuring sufficient resources are
available, updating the risk register, and meeting with the project’s stakeholders are all important
actions to take when accelerating a project, but they are not the first action. These actions should be
done after revising the risk management plan, as they depend on the updated risk management
approach and process. For example, the project risk manager may need to allocate more resources to
risk management activities, identify and analyze new or changed risks, implement new or modified
risk responses, and report the risk status and performance to the stakeholders based on the revised
risk management plan1. Reference: 2, 1.
During the monthly executive review meeting, the project sponsor would like to understand how the
project team has planned to manage risks that were identified in the last meeting. What should the
project manager do?
C
Explanation:
The The project manager should include secondary and residual risks as part of the risk response
plan. Secondary risks are those risks that arise as a direct result of implementing a risk response to a
specific risk. Residual risks are those risks that are expected to remain after the planned responses of
risks have been taken, as well as those that have been deliberately accepted. Both secondary and
residual risks should be identified, analyzed, and monitored throughout the project life cycle. The
project manager should communicate the risk response plan to the project sponsor and other
stakeholders, and explain how the project team has planned to manage the secondary and residual
risks12
: 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project
Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1
project manager should include secondary and residual risks in the risk response plan, as they may
still impact the project. Proactively addressing these risks will help the project team to be prepared
and manage them effectively if they occur.
A project manager is trying to realize benefits from new material on an adaptive project. This is the
first time the project team is using the material so the team does not have information to identify
and analyze risks. A team member informs the project manager that a local university has recently
published a research journal on the same material.
Where should the project manager find this information?
D
Explanation:
Enterprise environmental factors (EEFs) are conditions or circumstances that are not under the
control of the project team, but may influence, constrain, or direct the project. EEFs include internal
and external factors, such as organizational culture, market conditions, industry standards,
government regulations, and academic research. In this case, the project manager should find the
information about the new material from the research journal published by the local university,
which is an example of an external EEF. This information may help the project manager to identify
and analyze the risks associated with the new material and plan appropriate risk responses.
Industrial studies, commercial risk databases, and organizational process assets (OPAs) are not the
correct choices, as they are not relevant to the question. Industrial studies are systematic
investigations of a specific industry or sector, which may provide general information about the
market trends, opportunities, and challenges, but not specific information about the new material.
Commercial risk databases are sources of information about historical or potential risks that may
affect projects in different domains or regions, which may help the project manager to identify
common or emerging risks, but not the risks related to the new material. OPAs are the plans,
processes, policies, procedures, and knowledge bases specific to and used by the performing
organization, which may help the project manager to follow the established guidelines and practices
for risk management, but not to obtain new information about the new material. Reference: PMI.
(2017). A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition.
Chapter 2: The Environment in Which Projects Operate, pp. 38-39. 5
Enterprise environmental factors (EEFs) include information from external sources, such as academic
research, industry studies, and market conditions. this case, the project manager should refer to the
research journal published by the local university as an EEF to gather information about the new
material and its associated risks.
A risk manager is confident that they have identified and quantified the risks and opportunities for a
project. When presenting their work to management, on what areas should the risk manager focus?
(Choose two.)
A,B
Explanation:
According to the PMBOK Guide, 6th edition, Section 11.1.3.1, Enterprise Environmental Factors, one
of the factors that can influence the Plan Risk Management process is the organization’s risk attitude,
appetite, tolerance, and thresholds. These terms describe the degree of uncertainty that an
organization is willing to accept in pursuit of its goals, and how it approaches, operates, and responds
to risk. Therefore, when presenting their work to management, the risk manager should focus on the
risks that are tied to the success of the organization, and the risks as they apply to the organization’s
overall risk management philosophy and strategic ambition. These aspects can help the
management to understand the alignment of the project risks with the organizational objectives and
values, and to make informed decisions about risk responses. The other options are less relevant or
too specific for a management presentation, and may not reflect the organization’s risk attitude or
priorities. Reference: PMBOK Guide, 6th edition, Section 11.1.3.1, Enterprise Environmental Factors1
The risk manager should focus on risks that are directly tied to the success of the organization and
those that align with the organization's risk management philosophy and strategic ambition. This will
ensure that management is informed about the most relevant risks and opportunities for the project.
A mega facility development project is evaluating some options to achieve the project schedule and
budget. Each option's success is driven by multiple quantifiable factors.
What should the project manager do to evaluate and select the best option based on costs and
probabilities?
C
Explanation:
A decision tree analysis is a tool that helps to evaluate and select the best option among different
alternatives based on costs and probabilities. A decision tree analysis uses a graphical representation
of a decision problem, where each node represents a decision point, a chance event, or an outcome.
The branches of the tree show the possible choices, events, or consequences that can occur at each
node. The end nodes of the tree show the expected value or payoff of each option, which is
calculated by multiplying the probability and the cost or benefit of each outcome. A decision tree
analysis can help to compare the expected values of different options and choose the one that
maximizes the benefit or minimizes the cost1. A decision tree analysis can also help to incorporate
uncertainty and risk into the decision making process, as it shows the range of possible outcomes
and their likelihoods2. Therefore, the project manager should perform a decision tree analysis to
evaluate and select the best option based on costs and probabilities for a mega facility development
project. Performing a FMECA fault tree analysis, conducting a sensitivity analysis, or conducting an
analytic hierarchy process are not the best options to evaluate and select the best option based on
costs and probabilities. A FMECA fault tree analysis is a tool that helps to identify and analyze the
potential causes and effects of failures in a system or process. It uses a graphical representation of a
failure event, where each node represents a basic or intermediate event that contributes to the
failure. The branches of the tree show the logical relationships between the events, using AND or OR
gates. A FMECA fault tree analysis can help to calculate the probability and severity of failures, as
well as to prioritize and mitigate the risks3. However, a FMECA fault tree analysis does not help to
compare different options or alternatives, as it focuses on a single failure scenario. Conducting a
sensitivity analysis is a tool that helps to measure how the uncertainty in the input variables of a
model affects the output or outcome of the model. It uses a graphical or numerical representation of
the relationship between the input and output variables, showing how the output changes when the
input changes. A sensitivity analysis can help to identify the most critical or influential variables, as
well as to test the robustness or reliability of the model4. However, a sensitivity analysis does not
help to compare different options or alternatives, as it focuses on a single model or option.
Conducting an analytic hierarchy process is a tool that helps to evaluate and select the best option
among different alternatives based on multiple criteria. It uses a mathematical method of pairwise
comparison, where each alternative is compared to each other in terms of each criterion. The results
of the comparisons are then aggregated into a matrix, which shows the relative importance or
preference of each alternative. An analytic hierarchy process can help to rank the alternatives and
choose the one that best satisfies the criteria5. However, an analytic hierarchy process does not help
to incorporate costs and probabilities into the decision making process, as it relies on subjective
judgments and preferences. Reference: 1, 2, 3, 4, 5.
A decision tree analysis is a quantitative risk analysis technique that helps evaluate and select the
best option based on costs and probabilities. It visually represents different decision paths and their
associated probabilities, allowing the project manager to compare and select the most appropriate
option for the project.
When processing freight invoices for a project, the project manager notices the shipping costs
exceeded the budget due to increased fuel costs. The risk manager included this risk in the project's
contingency allowance. When reviewing the project budget execution reports, the project manager
notices unused budget remaining in other closed tasks of the project that could cover the additional
shipping costs.
What should the project manager do?
A
Explanation:
The project’s contingency allowance is a provision in the project budget that is intended to cover
known risks that may affect the project costs. The risk of increased fuel costs was identified and
included in the contingency allowance, so the project manager should use it to process the freight
invoices at the actual shipping costs. This is the best way to handle the risk without affecting the
project scope, schedule, or quality. Requesting a formal change order from the customer (option B) is
not necessary, as the project budget already has a provision for this risk. Processing the freight
invoices for the budgeted amount and hoping the shipping company will forgive the difference
(option C) is unethical and unprofessional, as it violates the terms of the contract and the PMI Code
of Ethics and Professional Conduct. Asking the project sponsor to cover the additional shipping costs
on the company’s reserves account (option D) is also not appropriate, as the company’s reserves are
meant for unknown risks that are beyond the project’s control, not for known risks that are already
accounted for in the project budget. Reference: PMI, The Standard for Risk Management in
Portfolios, Programs, and Projects, 2019, p. 72; PMI, A Guide to the Project Management Body of
Knowledge (PMBOK® Guide), 6th ed., 2017, p. 252.
The project manager should use the contingency allowance to cover the additional shipping costs, as
it was specifically included in the project budget for such risks. This approach avoids requesting
unnecessary changes or relying on external sources to cover the cost overrun.