Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
43 Cards in this Set
- Front
- Back
|
Describe the Risk Management Planning process in the Risk Mgmt ka
|
The risk management planning process plans for risks occurring during the project. It is the process of deciding how to approach and plan for activities to handle project risks and documenting these decisions in a risk management plan, which is the primary output of the risk management process. This important document is a subsidiary component of the project management plan.
|
|
|
Describe the Risk Identification process in the Risk Mgmt ka
|
The risk identification process involves identifying and documenting the types of risks that may occur during the project.
The identification of risks is an iterative process that occurs with the help of the project team, stakeholders and even people outside the organization. Information gathering is a tool or technique of this process. Information can be gathered by many means, including brainstorming, the Delphi Technique, interviewing and SWOT analysis. |
|
|
What are 4 activities involved in the Qualitative Risk Analysis process in the Risk Mgmt ka
|
1. Assessing the impact and likelihood of identified risks
2. Prioritizing risks 3. Ranking risk events in order of importance of risks 4. Determining which risks require additional analysis |
|
|
Describe the Quantitative Risk Analysis process (and 3 events) in the Risk Mgmt ka
|
Quantitative risk analysis involves further analyzing each risk event identified by:
1. Analyzing numerically the probability of each risk 2. Determining the consequences of the risks on project objectives, which entails a full probability analysis on costs and schedule 3. Determining the extent of overall project risk, which entails calculating the probability of achieving objectives |
|
|
Describe the Risk Response Planning process in the Risk Mgmt ka and its 6 activities
|
During the risk response planning process, the action plans for how risks should be handled are determined. This process includes the activities of:
1. Developing options 2. Determining actions 3. Enhancing opportunities 4. Reducing threats 5. Assigning responsibility for risks 6. Determining appropriate responses based on the severity of risks After risks have been prioritized as high, medium or low during the qualitative analysis process, allowable responses can be determined for planned responses to these risks. The primary outputs of this process are the updates to the risk register, updates to the project management plan and any risk-related contractual agreements. |
|
|
Describe the Risk Monitoring and Control process in the Risk Mgmt ka
|
The risk monitoring and control process involves the tracking of identified risks that have or have not yet occurred, determining if new risks can be identified and recalculating risk scores for increased or decreased priority.
|
|
|
Describe the 3 structures of Utility Theory
|
1. Risk Averter: when there is more money at stake, the risk averter's pleasure diminishes. He or she prefers a more certain outcome and demands a premium to accept projects of high risk.
2. Risk Neutral: straight line tolerance for risk as the money at stake increases. 3. Risk Seeker: for the risk seeker, the higher the stakes, the better. As risk increases, the risk seeker's pleasure increases; he or she is even willing to pay a penalty to take on projects of high risk. |
|
|
Describe 6 Risk Categories
|
There are many categories of risk, including:
1. External risks that are unpredictable, such as labor disputes or bad weather (Note that Force Majeure risks such as earthquakes, floods, acts of terrorism, etc., should be covered under disaster recovery procedures instead of risk management.) 2. External risks that are predictable but uncertain (For example, you know that snow storms will occur in the northwest but you do not know when and how many snow storms will occur.) 3. Project management risks such as poor estimates of time and resources or the lack of skills and knowledge in project management concepts and discipline 4. Internal risks or organizational risks such as resource conflicts, a delay or lack of funds 5. Technical risk such as complex or new software technology, quality or performance issues or unrealistic project goals 6. Legal risk such as new or modified legal requirements or regulations |
|
|
What are 5 facts about Brainstorming?
|
1. Used extensively in project planning
2. Possibly used to postulate risk scenarios for a particular project 3. A technique that can be improved by the variety of participants' backgrounds 4. Helpful in project team building 5. Effective in finding solutions to potential problems |
|
|
What is The Delphi Technique?
|
The Delphi Technique:
- Derives a consensus using a panel of experts to arrive at a convergent solution to a specific problem - Is useful in arriving at probability assessments relating to future events in which the risk impacts are large and critical |
|
|
Describe Interviewing
|
Experienced project managers or subject matter experts are interviewed to:
- Identify project risks based on their knowledge (Their optimistic, most likely and pessimistic estimates used in three-point estimating for weighted averages.) |
|
|
Describe SWOT Analysis
|
SWOT analysis is a technique that:
- Examines potential risks from the perspectives of strengths, weaknesses, opportunities and threats — or SWOT |
|
|
What is the 3-part anatomy of a risk event?
|
1. The future event or situation that poses the risk
2. The consequence of that event or situation 3. The source of the risk |
|
|
Describe the Probability and Risk Impact matrix. What is the formula for a risk score?
|
The probability-impact matrix is a tool or technique of qualitative risk analysis. It utilizes a matrix that can be constructed using the risk scores of the identified risks, as seen in PMBOK Guide Figure 11-8. By calculating the risk score, which is the product of the probability times the impact, it can be determined if the risk is considered a low, moderate or high risk
|
|
|
Describe Sensitivity Analysis
|
Sensitivity analysis is one tool for analyzing risk. It:
1. Seeks to place a value on the effect of change of a single variable within a project by analyzing that effect on the project 2. Is the simplest form of risk analysis 3. Reflects uncertainty and risk by defining a likely range of variation for each component of the original base case estimate 4. Analyzes the effect of change on the final cost or time criteria 5. Is a weakness in that variables are treated individually, limiting the extent to which combinations of variables can be assessed |
|
|
What is Probabilistic Analysis?
|
Probabilistic analysis, another tool for analyzing risk:
- Overcomes the limitations of sensitivity analysis by specifying a probability distribution for each variable - May have difficulty defining the probability of occurrence of any specific variable since every project is unique - Has a subjective range of variation because of the optimism or pessimism of the estimator or because the interaction among variables is not clear |
|
|
Describe Decision Tree Analysis
|
Project managers may also use decision tree analysis to analyze risk. Decision tree analysis:
- Depicts, with a diagram, key interactions among decisions and associated chance events - Considers the probability of each outcome - Can be used with expected monetary value since risk events can occur individually or in groups and in parallel or in sequence - Is usually applied to cost and time considerations |
|
|
Describe Expected Monetary Value and its formula.
|
A decision usually can be quantified by an outcome or expected payback. This payback is the expected monetary value (EMV). Thus, each path within a decision tree could lead to the EMV of the combined decisions within the path. Therefore, EMV is:
- A risk quantification tool - The product of the risk event probability and the risk event value - Risk Event Probability: an estimate of the probability that a given risk event will occur - Risk Event Value: an estimate of the gain or loss that will be incurred if the risk event does occur; reflects both tangibles and intangibles in order to compare risks (or else the risks are not equivalent) Exam Tip: EMV of a risk event is the product of probability and risk impact. If the probability of a tool breaking is 50% and the cost of the tool replacement is $1,000, the EMV of this risk event is $500. |
|
|
What is the Monte Carlo Simulation?
|
A Monte Carlo simulation provides, by means of random numbers, a powerful yet simple method of incorporating probabilistic data.
|
|
|
Describe Probability Theory and its 2 formulas.
|
Probability theory is often used in combination with other types of probability analysis. Its basic tenets are:
- (Probability of event 1)X(probability of event 2) = probability of both events - Probability of the event occurring + the probability of the event NOT occurring = 1 always |
|
|
Describe 4 Tools and Techniques of Risk Response Planning
|
The tools and techniques for risk response planning have been divided into:
1. common strategies for threats and opportunities, 2. unique strategies for threats or negative risk 3. unique strategies for opportunities or positive risks 4. contingent response strategies. |
|
|
What is an Insurable Risks? 4 examples?
|
Some risks may be reduced by purchasing insurance as a transference strategy. Examples of insurable risks are:
1. Direct property damage from auto collision, from other auto events or to equipment in transit, handling, etc. 2. Indirect consequential loss that may be the result of costs of removing direct loss debris, equipment replacement, rental income loss, liquidated damages or business interruption 3. Legal liability from public bodily harm, property damage arising from the negligence of others, personal injury arising from negligence of others or damage to the project entity due to design errors, execution errors or the project's failure to perform as specified 4. Personnel related, and may come from employee bodily injury, cost to replace employees and any resulting business loss. |
|
|
Describe the Probability and Impact Curve
|
The probability and impact curve looks much like the influence curve discussed elsewhere in this study guide. It demonstrates that, over the life of a project, the probability of a risk event occurring decreases but the impact of that risk increases.
|
|
|
Define: Business Risks
|
Common risks found in doing business have opportunities for gain or loss.
|
|
|
Define: Decision Theory
|
A technique for assisting in reaching decisions under uncertainty and risk. It points to the best possible course whether or not the forecasts are accurate.
|
|
|
Define: Heuristics
|
Rules of thumb for accomplishing tasks. Heuristics are easy and intuitive ways to deal with uncertain situations; however, they tend to result in probability assessments that are biased.
|
|
|
Define: Management Reserves. What percentage does PMI recommend?
|
Reserves or contingencies comprise the amount of buffer needed to reduce the risk of overruns of project objectives. They must be controlled throughout the life cycle of the project. PMI recommends a reserve of 10% or more as calculated based on the level of project risks.
|
|
|
Define: Opportunities
|
Events that have a positive outcome, sometimes known as "good" risks.
|
|
|
Define: Pure or Insurable Risks
|
Risks providing only an opportunity for loss.
|
|
|
Define: Residual Risk
|
In implementing a risk response plan, the risk that cannot be eliminated.
|
|
|
Define: Risk
|
An uncertain event or condition that could have a positive or negative impact on the project.
|
|
|
What are the 4 primary elements of risk that must be determined?
|
1. Probability of the risk event or condition occurring
2. Impact of the occurrence, if it does occur 3. Expected time the risk event may occur 4. Anticipated frequency of the risk event occurring |
|
|
Define: Secondary Risk
|
In implementing a risk response, a new risk that is introduced as a result of the response.
|
|
|
Define: Stakeholder Risk Tolerance
|
An enterprise environmental factor that must be considered in the risk management plan. Stakeholders who are more risk averse will require additional planning to minimize variances to the plan.
|
|
|
Define: Workarounds
|
Unplanned responses to risks that were previously unidentified or accepted.
|
|
|
What 8 things does the risk management plan contain?
|
1. Risk approach and methodology
2. Roles and responsibilities of the risk management team 3. Risk management budget 4. Timing of the risk management process 5. Scoring metrics for risk analysis 6. Threshold risk criteria 7. Risk response reporting formats 8. Tracking method of risk activities |
|
|
What is a Risk Register?
|
Contains the identified risks with potential responses, root causes and an updated list of risk categories. This risk register is used to track the status, triggers, and responses to project risks.
|
|
|
What are the 3 steps in a Monte Carlo simulation?
|
Step 1: assess the range for the variables being considered and determine the probability distribution most suited to each.
Step 2: for each variable within its specific range, select a value randomly chosen, taking account of the probability distribution for the occurrence of the variable. Step 3: run a deterministic analysis using the combination of values selected for each one of the variables. Repeat steps 2 and 3 a number of times to obtain the probability distribution of the result. |
|
|
What is the strategy for both threats and opportunities?
|
Acceptance: acceptance means accepting the consequences of the risk. It can be active, such a developing a contingency plan should the risk occur. It can also be passive, such as accepting a lower profit if some activities overrun.
|
|
|
What are the 3 strategies for negative threats or risks?
|
1. Avoidance: avoidance eliminates a specific threat usually by eliminating the cause. Examples of avoidance include not doing the project or doing the project in a different way such that the risk no longer exists.
2. Transference: transference eliminates the direct risk by handing it off to a third party, such as insurance companies, clients or vendors. Transference does not eliminate the overall risk impact to the project if the event occurs. 3. Mitigation: mitigation reduces the EMV of a risk event by reducing the probability of its occurrence or reducing the risk event value (impact of the risk). Examples of mitigation include using proven technology to lessen the probability that a product will not work. Mitigation includes transferring the risk by buying insurance. |
|
|
What are the 3 strategies for positive opportunities or risks?
|
1. Exploitation: exploitation increases chances of making the opportunity happen and it helps eliminate the uncertainty
2. Sharing: sharing an opportunity is done with a third party, and so leverages that party's experiences. 3. Enhancing: enhancing expands the positive opportunity and increases the probability of its occurrence. |
|
|
What are the 4 strategies for contingent response?
|
1. Contingency Plans: action according to plans for specific risk events whose expected value has not been reduced to an acceptable level.
2. Financial Reserves: using previously allocated funds or signature authority to project manager's contingency reserve and sponsor's management reserve. 3. Staffing Reallocation Reserve: reassigning, in an emergency, previously identified individuals with critical knowledge, skill and location availability. 4. Workarounds: acting on an ad hoc basis to minimize loss, repair damage and prevent recurrence of a risk event. |
|
|
What are 8 iterative steps of the risk monitoring and control process?
|
1. Risk responses have been implemented as planned
2. Risk responses are effective 3. Project assumptions are still valid 4. Risk exposure has changed 5. Risk triggers have occurred 6. Policies and procedures have been followed 7. New risks can be identified 8. Any risk events have occurred that were previously not defined |
