Term
| Inputs to risk management |
|
Definition
| Things that must be done or information that must be collected beforeyou can adequately complete risk management |
|
|
Term
| Project management Process |
|
Definition
Initiating, Planning, executing, monitoring and controling, closing
|
|
|
Term
| Project background information |
|
Definition
| Information from before the project was approved, articles written about similar projects, and other such information. |
|
|
Term
| What went right, wrong, or would have been done differently by past projects teams if they could execute their projects again |
|
Definition
|
|
Term
| High-level directive from the sponsor outlining the overall objectives of the project; it authorizes the existence of a project |
|
Definition
|
|
Term
| A document that describes the approved product and project requirements |
|
Definition
|
|
Term
| A diagram that shows the decomposition of the project into smaller, more manageable pieces |
|
Definition
|
|
Term
| A dependency-sequenced organization of the projec's activities |
|
Definition
|
|
Term
| Anticipated time or cost of project activities |
|
Definition
| Estimates for time and cost |
|
|
Term
| A formal plan for when and how resources will be involved in the project, and what roles they will perform |
|
Definition
|
|
Term
| A formal plan documenting how and in what form communications will be handled on a project |
|
Definition
| Communications management plan |
|
|
Term
| A formal or informal plan that describes what part(s) of the project will be purchased under contract or purchase order; it includes a plan for managing the sellers |
|
Definition
| Procurement management plan |
|
|
Term
| Information about individuals and organizations who are actively involved in the project or who may affect or be affected by the project |
|
Definition
|
|
Term
| The individual or group who authorizes the project and provides the financial resources |
|
Definition
|
|
Term
| Those who will be excuting the project management plan |
|
Definition
|
|
Term
| The individual or organization who will use the product of the project |
|
Definition
|
|
Term
| Stakeholders' needs or intents that may be unstated, but are motivators or non-motivators for working on the project |
|
Definition
|
|
Term
| Company policies, procedures, templates, and historical information |
|
Definition
| Organizational process assets |
|
|
Term
| Anything that limits the team's options, e.g., scope, time, cost, quality, risk, resources, and customer satisfaction |
|
Definition
|
|
Term
| Things that are accepted as true, but may not be true |
|
Definition
|
|
Term
| Areas in which the company and key stakeholders are willing to accept risk |
|
Definition
|
|
Term
|
Definition
|
|
Term
| Amounts of risk the company and key stakeholders are willing to accept |
|
Definition
|
|
Term
| What is the objectives of the "Plan Risk Management process |
|
Definition
- Create a plan for handling risk management for the project
- Adapt any policies and prcedures for risk to the needs of the project
- Tailor risk management activities to the needs of the project to make sure the level, type, and visibility of the activities commensurate with the project
|
|
|
Term
| What are the inputs to the Plan Risk Management process? |
|
Definition
- Project scope statement
- Schedule, cost, and communications plan
- Company historical records, policies, and risk templates for risk management
|
|
|
Term
| The Risk Management Plan may include: |
|
Definition
- Methodology - how you will perform risk management
- Roles and Responsibilities - Who will do what
- Budget - realize the cost of doing risk management
- Timing - When to do risk management
- Risk Categories
- Definitions of probability and impact - standardize
- Stakeholder Tolerances - should not be implied
- Reporting Formats - any reports related to risks
- Tracking - how the risk process will be audited
|
|
|
Term
|
Definition
| A risk rating is a number between 1 and 10 chosen to evaluate the probability or impact of a risk |
|
|
Term
|
Definition
| To calculate the risk score, you multiply probability times impact. This gives you a numerical value for each risk. That value is then compared to other risks in the project to determine the risk ranking for each risk within the project. |
|
|
Term
| Risk score for the project |
|
Definition
| To obtain the project risk score, you add up the risk scores for each risk in the project |
|
|
Term
| Risk ranking within the project |
|
Definition
| To rank risks, you compare the risk scores for all the risks. The risk wiht the highest risk score becomes the highest ranking risk, the next hightest becomes second, etc. |
|
|
Term
| Risk ranking compared to other projects |
|
Definition
| The total risk score for each project can be compared to the risk score of other projects to rank projects by risk. Sometimes the total risk score is used, and sometimes the total risk score is divided by the number of risks and the number is compared to other projects |
|
|
Term
| What is the output of the Plan Risk Management process |
|
Definition
|
|
Term
| What is the key concept of Plan Risk Management |
|
Definition
| The objective of this step or the risk management process is to decide how to approach risk management on the project. The level, type, and visibility of what is done must be commensurate with the complexity and size of the project, experience of the project team, preceived amount of project risk, and importance of the project to the organization. |
|
|
Term
| Determining how risk management will be done on the project, who will be involved, and procedures to be followed |
|
Definition
| Plan Risk Management Process |
|
|
Term
| A department that supports project management within an organization |
|
Definition
| Project Management Office (PMO) |
|
|
Term
| A department that supplies policies and assistance with project risk management efforts |
|
Definition
| Risk management department |
|
|
Term
| A plan for how risk management will be done on a project; who should be involved, when risk management activitites should be done, and how frequently they should be done. |
|
Definition
|
|
Term
| Those helping manage the risk management process |
|
Definition
|
|
Term
| How risk will be handled on the project and what data and tools will be used |
|
Definition
|
|
Term
| Who will do what on the project |
|
Definition
| Roles and Responsibilities |
|
|
Term
| Amount of resources allocated to be spent on the project |
|
Definition
|
|
Term
| When/how often risk management activities will be performed throughout the project |
|
Definition
|
|
Term
| A standardized interpretation of the numbering system used to evaluate risks |
|
Definition
| Definitions of probability and impact |
|
|
Term
| How the results of risk management will be documented and communicated |
|
Definition
|
|
Term
| How records of risks will be documented for the benefit of the current project and future projects |
|
Definition
|
|
Term
| What is the objective of the Identify Risks process |
|
Definition
- Identify and record a long list of threats and opportunities for the project and by work packages; for many projects, the word "long" means hundreds of risks
- Make sure all risks are in the cause-risk-effect format
- Understand Risk
|
|
|
Term
| What are the inputs to the Identify Risks process |
|
Definition
- Project Charter
- Risk management plan
- Outputs from proejct planning - such as the work breakdown structure, estimates and management plans
- List of common risk categories
- Historical records and project documents
- Stakeholder register
|
|
|
Term
| When a cause has an probability of greater than 80% how should you handle it. |
|
Definition
| Anyting with a probability of greater than 80% is a certainty (fact) and should not be considered a risk but be handled within the project scope or project plan |
|
|
Term
| What method should you use to differentiate risks from facts and to adequately define risks? |
|
Definition
|
|
Term
What are the benefits of using forms to identify risks? |
|
Definition
- They are fast
- They are commonly used for other work activities, so many people feel comfortable with them.
- They help accumulate the input of many people in a relatively short time period.
- They are a convent way to gain the contribution of those who do not want to spend much time on the project.
|
|
|
Term
| What are the disadvantages of using forms |
|
Definition
- They do not allow fror group thought or opinion
- They do not encourage people to think "outside the box". People will just fill out the form.
- They do not allow discussion. Some people are more verbal and require a verbal method to come up with the best list of risks.
- They do not allow for unlimited ideas. People will come up with a few risks and stop.
- They are not always taken seriously. People will not view risk identification as seriously as they would if other methods are used.
- They limit responses
|
|
|
Term
| List the methods to identifying Risks |
|
Definition
- Use a prompt list
- Review the list of risks provided in this book
- Review your own company's historical records and other documentation
- Brainstorming
- Conduct a "pre-mortem"
- Affinity diagrams
- Expert interviews
- Nominal group technique
- Delphi technique
- Cause and effect diagram
- Failure modes and effects analysis
- Strengths, weaknesses, opportunities, and threats (SWOT) analysis
|
|
|
Term
|
Definition
| A prompt list is a generic list of risk categories. This can be used as a starting point to customize a list of risk categories most relevant to projects within your organization. |
|
|
Term
| In this type of structure you may have many categories and sub-categories |
|
Definition
|
|
Term
| What should the project manager look at from previous projects to assist in identifying risk on the current project |
|
Definition
Historical Records (Data)
- List of Risk categories
- Lists of risks
- Probability and impact of risks
- Risk response plans
- Lessons Learned
|
|
|
Term
|
Definition
Brainstorming is a meeting to come up with ideas or solve problems.
The output of Brainstorming are the group's thoughts, not individuals' throughts.
Brainstorming is not necessarily the best choice, nor should it be the only choice for identifying risks. |
|
|
Term
| What is it called when an assembled group is asked to imagine that the project is completed or has been terminated. It has failed to meet one or more of its objectives. The group is then ask to describe why the project failed. |
|
Definition
|
|
Term
| In this technique, the ideas generated from any other risk gathering techniques are sorted into groups by similarities. Each group of risk is then given a title. This sorting makes it easier to see additional risks that have not been identified. |
|
Definition
|
|
Term
In this type of risk identification method the project manager does interviews in the form of meetings,
e-mails, telephone calls, and letters. They are not informal discussions. They need to be planned, organized, and controlled during delivery in order to be most effective. |
|
Definition
|
|
Term
| This technique is used when you you need a technique to gain a group's opinion (groupthink), rather than individual opinions. |
|
Definition
|
|
Term
| What are the results of the Nominal group technique? |
|
Definition
| Group's buy-in to the total group opinion on specific risks of the project. |
|
|
Term
| What technique should be used to obtain an consensus of expert opinion on what work should be performed, what risks exist in the project, or the quantitative analysis of identified risks |
|
Definition
|
|
Term
| What is the cause and effect diagram used for? |
|
Definition
| Cause and effect diagrams can be used to evaluate the causes of any events, such as quality problems or risks. |
|
|
Term
| What is the Failure Modes and Effects Analysis (FMEA) used for? |
|
Definition
| Also known as fault tree analysis, is a technique that can be used to assess the potential reliability of products. |
|
|
Term
|
Definition
| Risk Priority Number - used in the Failure Modes and Effects Analysis is found by multiplying the severity times the occurrence rating time the detection rating |
|
|
Term
|
Definition
| Strengths, Weaknesses, Opportunities, and Threats - This analysis looks at the project to identify its strengths and weaknesses and thereby identify risks (opportunities and threats) |
|
|
Term
| What is the Risk Register used for? |
|
Definition
| The risk register is the place where most of the risk information is kept. |
|
|
Term
| How often is the Risk Register updated? |
|
Definition
| The information is added to this document throughout the project. Think of it as one document for the whole risk management process that will be constantly updated with information as the Identify Risk process and later risk management processes are completed. |
|
|
Term
| Early warning signs that a risk has occurred or is about to occur. |
|
Definition
|
|
Term
| A person whom the project manager assigns to watch for triggers, and manage the risk response if the risk occurs |
|
Definition
| Risk Owner - a stakeholder who could also be a project team member who has particular knowledge about a risk, or expertise in handling the risk (or the activity to which the risk relates) |
|
|
Term
| What are the outputs for the Identify Risks Process |
|
Definition
| The output of the Identify Risks process is the Risk Register |
|
|
Term
| As a result of (X), (Y) may occur, which would/could/may lead to (Z) |
|
Definition
|
|
Term
| A tool to identify potential failure modes, determine their effects, and identify actions to mitigate the failures |
|
Definition
| FMEA - Failure Modes and Effects Analysis |
|
|
Term
| A process of seeking consensus of expert opinion |
|
Definition
|
|
Term
| Common areas or sources of risk on similar projects |
|
Definition
|
|
Term
| Theoretical "evaluation" of a project before it has actually been done |
|
Definition
|
|
Term
| A method to identify additional risks and risk categories on a project |
|
Definition
|
|
Term
| A process for obtaining opinions or other input on the project from experts |
|
Definition
|
|
Term
| A generic list of risk categories |
|
Definition
|
|
Term
| A process of collecting and ranking risks contributed by a select group of participants |
|
Definition
|
|
Term
| A meeting to come up with ideas or solve problems |
|
Definition
|
|
Term
| A tool to evaluate the causes of risks |
|
Definition
|
|
Term
| Determining specific risks by project and by activity |
|
Definition
|
|
Term
| List of identified risks (threats and opportunities) for the project and other information added throughout the risk management process |
|
Definition
|
|
Term
|
Definition
|
|
Term
| What is the overall objective of the Perform Qualitative and Quantitative Risk Analysis process? |
|
Definition
| To determine which risks warrant response. |
|
|
Term
| What are the specific objectives of Perform Qualitative Risk Analysis |
|
Definition
* Subjectively evaluate the probability and impact of each risk
* Create a shorter list of risks by determining the top or critical risks that you will quantify further and/or address in the Plan Risk Responses process
* Make a go/no-go decision (Having evaluated all the risks, do we still want to do this project?) |
|
|
Term
| What are the inputs to Perform Qualitative Risk Analysis |
|
Definition
* Risk Management Plan
* Risk register (list of potential risk)
* Project scope statement
* Project type and an understanding of the work needed to complete the project
* Data about risks to be used during this step to measure their precision
* Assumptions to test
* Scales for probability and impact (if they are standardized for your department or company)
* Historical records: How were similar risks qualified in the past? |
|
|
Term
| Assumptions Testing (Qualitative Risk Analysis) |
|
Definition
A project manager should look at the stability of each assumption (how realistic or valid is it?) and the consequences if the assumption is false.
In assumptions testing, the stability and consequences are rated from 1 to 10. A stability rating of 5 to 10 means the assumption is valid. A consequences rating of 5 to 10 means the assumption could have a large impact on the project. |
|
|
Term
| Data Quality Assessment (Qualitative Risk Analysis) |
|
Definition
Before we start qualitative risk analysis, we need to ask ourselves, "How well understood is the risk?" This should include an analysis of the following to rate the precisions of each risk:
* Extent of the understanding of the risk
* Amount of data available about the risk
* Reliability and integrity of the data |
|
|
Term
| Define Probability & Impact (Qualitative Risk Analysis) |
|
Definition
* Probability is the likelihood that a risk will occur.
* Impact is the effect the risk will have on the project if it occurs.
Probability and impact will be estimated subjectively, with the work "impact" encompassing all possible impacts. |
|
|
Term
|
Definition
It is important that all those who are evaluating the risk use a standard interpretation for their assessment of probability and impact, in order to achieve consistent evaluation of risk across multiple projects.
Having a description for 1 to 10 in the matrix will help eliminate some biases. |
|
|
Term
| Warning: High, Medium, and Low Scales |
|
Definition
| Fore even 30 risks, a high, medium, low range does not provide enough spread between each risk to sort the risks. A broader range will decrease the ambiguity that can arise from differing interpretations of the terms, "high", "medium", and "low". |
|
|
Term
| Which Risk should move forward in the Qualitative Risk Analysis process? |
|
Definition
| Move risks forward depending on their ranking among all the risks. |
|
|
Term
| How do you determine risks ranking scores |
|
Definition
| multiply Probability times Impact for each risks |
|
|
Term
| What is the project Risk Threshold |
|
Definition
A project risk threshold is the total amount of risk acceptable on the project and usually takes the form of a maximum project risk score.
e.g., a risk score of no more than 50 on a scale of 1 to 80; a probability of no more than 5 times an impact of no more than 10. |
|
|
Term
| How do you find a Project Risk Score |
|
Definition
| To find a project's risk score, add the risk score for the individual risks on the project (risk score = probability times impact) and then divide that sum by the number of risks. |
|
|
Term
| What is the purpose of the Project Risk Score |
|
Definition
| The project risk score is the standard by which the risk efforts are measured. There is a risk score for the project before risk response planning and another, lower score after risk response planning. The difference in scores shows the success of the risk response planning effort. |
|
|
Term
| Determining Risk Ranking Between Projects |
|
Definition
The project that has the highest risk ranking as compared to other projects should have the best project manager assigned.
The risk ranking of a project is based on its risk score, as compared to the risk scores of other projects. |
|
|
Term
| What do you do with the non-top risks? |
|
Definition
| Non-top risks are documented and revisited later in the Monitor and Control Risks process to confirm the risk ratings and risk scores. |
|
|
Term
| When should you proceed to the Perform Quantitative Risk Analysis process? |
|
Definition
If:
You believe that you have identified "all" the project risk
It is worth the time and money on your project
You have a very high-priority or visible project
There is very little tolerance for cost or schedule overruns |
|
|
Term
| When should you proceed from the Qualitative Risk Analysis directly to the Plan Risk Responses, skipping the Quantitative Risk Analysis process? |
|
Definition
You have a small budget or short length project
You are new to risk management and have not perfected quantitative risk analysis |
|
|
Term
| What is the output of the Perform Qualitative Risk Analysis process? |
|
Definition
| Updates to the risk register |
|
|
Term
| Instances where on activity, person, event, etc., is causing more than one risk |
|
Definition
|
|
Term
| Method of determining probability and impact of identified risks |
|
Definition
| Probability and impact scales |
|
|
Term
| A chart showing activity information; in risk management it is modified to include the risk score and risk owner |
|
Definition
|
|
Term
| "Is the project to risky to continue compared to the potential benefits?" |
|
Definition
|
|
Term
| Looking at the stability (validity) of each assumption and the consequences if each assumption is false |
|
Definition
|
|
Term
| Risks that will be addressed in the Perform Quantitative Risk Analysis or Plan Risk Responses processes |
|
Definition
| List of Risk to move forward |
|
|
Term
| Subjectively analyzing the risks obtained in the Identify Risks process and deciding which risks warrant a response; creating a "short list" of risks |
|
Definition
| Perform Qualitative Risk Analysis process |
|
|
Term
| Prioritization of risks based on risk scores |
|
Definition
|
|
Term
| A numerical value of a risk calculated by multiplying probability times impact |
|
Definition
|
|
Term
| Determining "How well understood is the risk?" |
|
Definition
|
|
Term
| As illustrated on a network diagram, many activities leading into a central activity |
|
Definition
|
|
Term
| Bias due to a difference in preception |
|
Definition
|
|
Term
| Intentionally biasing results in one direction or another |
|
Definition
|
|
Term
| What is Quantitative Risk Analysis |
|
Definition
| Quantitative risk analysis is an attempt to determine how much risk the project has, and where, so that you can spend your limited time and effort in the areas of greatest risk, to decrease the risk on the project. |
|
|
Term
| If you are calculating cost or time (or customer satisfaction, quality, or other) impact and percentage for probability what type of analysis are you performing |
|
Definition
|
|
Term
| During the Quantitative Risk Analysis what are some of the best ways to come up with probabilities and impacts? |
|
Definition
Guess at percentage of probability, or a dollar or time impact using subjective judgment.
Calculate the actual cost and/or time impact (Note that there is not such thing as an exact probability)
Use historical records (What were the time, cost and probability single value estimates or distributions on other projects?)
Use the Delphi technique
Conduct interviews |
|
|
Term
| In the Quantitative Risk Analysis the concept of expected monetary value is used to determine what? |
|
Definition
| The overall probable circumstance will be as a result of the events. |
|
|
Term
| Expected monetary value is the probability weighted average of all possible outcomes and is calculated as? |
|
Definition
EMV = P x I
Expected Monetary Value = Probability (P) x Impact (I) |
|
|
Term
| How do you come up with the total expected monetary values of the risks for the project? |
|
Definition
| Since opportunities are benefits or savings, they are subtracted from the expected monetary value of the threats to come up with the total expected monetary value of the risks. |
|
|
Term
| Do not forget to identify and consider high-risk work packages and activities as well. |
|
Definition
| Each activity or work package can have it's own calculation to determine if it is moved forward into the Plan Risk Management phase |
|
|
Term
| What should be done with the Non-Top Risks that are not moved on to the Plan Risk Management phase? |
|
Definition
| Document the risks that do not move forward in the risk process so that these risks can be revisited later during risk reviews. |
|
|
Term
You are planning the manufacture of a new product. Your project estimate results in a projcet cost of US $600,000. In addition, your analysis has come up with the following:
A. A 5% probability of a delay in receiving parts with a cost to the project of $75,000
B. A 55% probability that parts will be $60,000 cheaper than expected
C. A 75% probability that two parts will not fit together when installed, resulting in and extra $100,000 cost
D. A 5% probability that the manufacture may be simpler than expected, resulting in a $25,000 savings
E A 15% probability of a design defect causing $8,000 of rework
What is the expected monetary value of the cost of these threats and opportunitites. |
|
Definition
Risk Calculatioin Expected Monetarty Value fo the Cost
A 0.05 times $75,0000 $3750
B 0.55 times $60,0000 ($33,000)
C 0.75 times $100,000 $75,000
D 0.05 times $25,000 ($1,250)
E 0.15 times $8,000 $1,200
Total $45,700 |
|
|
Term
| What do probabilistic methods determine? |
|
Definition
| Instead of a fixed, certain estimate, probabilistic methods determine distributions, or ranges, to give a comprehensive picture of the possible uncertainties. |
|
|
Term
| When using the triangular distribution method what range should you use to create the graph? |
|
Definition
| Ask for the pessimistic, optimistic, and most likely estimates of the duration. The wider the range (or its standard deviation), the more uncertainty exists in the estimate. |
|
|
Term
| When would the Monte Carlo simulation be used? |
|
Definition
| The Monte Carlo simulation is used when there are continuous probability distribution iterations performed to calculate the possible impact on project objectives. NOTE: The Monte Carlo does not help you identify specific risks for which responses can be planned, or that can be eliminated. It does, however, translate uncertainties into impacts to the total project. |
|
|
Term
| What are some of the outputs of the Monte Carlo simulations? |
|
Definition
* The probability of completing the project on any specific day, or for any specific amount of cost.
* The probability of any activity actually being on the critical path. |
|
|
Term
| What are Decision Tree models and how are the used |
|
Definition
| Decision trees are models of real situations and are used to see the potential impacts of decisions by taking into account the associated risks, probabilities, and impacts. |
|
|
Term
| How does a decision tree work? |
|
Definition
A decision tree takes into account future events in trying to make a decision today.
It calculates the expected monetary value (probability times impact) in more complex situations than the expected monetary value examples previously presented.
It involves mutual exclusivity (two events are said to be mutually exclusive if they cannot both occur in a single trial). |
|
|
Term
| How often should the Perform Quantitative Risk Analysis process be done? |
|
Definition
| Since risk is an iterative process the Perform Quantitative Risk Analysis process should be done whenever there is a change in the project to determine the risk impact of the change on the project as a whole. |
|
|
Term
| What are the outputs from the perform Quantitative Risk Analysis? |
|
Definition
|
|
Term
| Define Expected Monetary Value |
|
Definition
| Expected monetary value of an individual risk is probability times impact, and expected monetary value (the risk exposure) of a project is the sum off all those probabilities and impacts. |
|
|
Term
| The probability weighted average of all possible outcomes, calculated by summing all the quantitative probabilities times impact for risks on the project. |
|
Definition
|
|
Term
| Computerized method of estimating that simulates the project to determine time or cost estimates based on probability distributions |
|
Definition
|
|
Term
| Numerically analyzing the probability and impact of risks obtained in the Identify Risks process and analyzing the extent of overall project risk |
|
Definition
| Perform Quantitative Risk Analysis process |
|
|
Term
| The level of the risk on the project |
|
Definition
|
|
Term
| A model of a situation used to see the potential impacts of decisions by taking into account associated risks, probabilities, and impacts |
|
Definition
|
|
Term
| What is the objective of the Plan Risk Responses process? |
|
Definition
| The objective of the Plan Risk Responses is to determine what can be done to reduce the overall risk of the project by decreasing the probability and impact of threats and increasing the probability and impact of opportunities |
|
|
Term
| What are the inputs to the Plan Risk Responses process? |
|
Definition
Risk management plan
Risk register
*List of prioritized risks
*Ranking of the project risks
*Risk scores and expected monetary values of top risks
*Potential risk owners
*Watchlist
Forecast of potential schedule and costs for the project
Monte Carlo Analysis probability of achieving the project objectives
Historical records about risk responses form past projects and common risk causes
Risk Thresholds |
|
|
Term
| When should the approach used for the Plan Risk Responses be identified? |
|
Definition
| The approach used for the Plan Risk Responses process should be part of the risk management plan your created in the Plan Risk Management Process |
|
|
Term
| What are the Risk Response strategies for threats? |
|
Definition
Avoid - Eliminate the threat of teh risk be eliminating the cause
Mitigate (control) - Reduce the expected monetary value of a risk by reducing its impact or probability of occurrence.
Transfer (Allocate) - Assign the risk to someone else by subcontracting or buying insurance
Accept - Acceptance can be passive ("if it happens, it happens) or active (create a contingency plan). This is a response strategy for both threats and opportunities |
|
|
Term
| What are the Risk response strategies for opportunities? |
|
Definition
Exploit (instead of avoidance) - Increase the opportunity by making the cause more probable.
Enhance (instead of mitigation) - Increase the expected time, quality, or monetary value of a risk by increasing its probability or impact of occurrence
Share (instead of transfer or allocate) - Retain appropriate opportunities or parts of opportunities instead of attempting to transfer them to others.
Accept - Acceptance can be passive ("if it happens, it happens) or active (create a contingency plan). This is a response strategy for both threats and opportunities |
|
|
Term
| When selecting risk response strategies, it is important to remember? |
|
Definition
Strategies must be timely
The effort selected must be appropriate to the the severity of the risk - avoid spending more money preventing the risk than the impact the risk would cost if it occurred
One responses can be used to address more than one risk
Involve the team, other stakeholders, and experts in selecting a strategy |
|
|
Term
| How can risk affect the project management plan? |
|
Definition
Risk can affect any of the following components of a project management plan:
Project definition/scope statement
Work breakdown structure
Network diagram
Schedule
Risk analysis
Budget
Assumptions
Management plans (quality, procurement, cost, time, human resource, communications, etc.) |
|
|
Term
|
Definition
| Risks that remain after the Plan Risk Responses process are called residual risks. These are the risks for which contingency plans and fallback plans are created |
|
|
Term
|
Definition
| A risk owner is a stakeholder who could also be a project team or risk team member with particular knowledge about the risk or expertise in handling the risk. |
|
|
Term
| What is a Contingency Plan |
|
Definition
| Planned actions to be taken if the threat or opportunity happens are called contingency plans |
|
|
Term
| What happens if the contingency plan does not work? |
|
Definition
| Risk management involves creating plans in case the contingency plans fail. These are called fallback plans. |
|
|
Term
|
Definition
| A trigger is an early warning sign that tells risk owners and project managers that an accepted risk has occurred or is about to occur and, therefore, when to implement contingency or fallback plans |
|
|
Term
| What is a secondary risk? |
|
Definition
| A secondary risk is a risk that is generated by a response strategy to another risk. In other words, the response to a risk can create another risk. Risk response plans should include addressing secondary risks. Secondary risks should be qualified and/or quantified, and responses should be planned. a secondary risk should not have a greater impact than the risk from which it was derived. |
|
|
Term
|
Definition
| A reserve is an amount of time and/or cost added to the project to account for --- you guessed it --- risks. |
|
|
Term
| What are the two types of reserves and what are they used for? |
|
Definition
| The tow types of reserves: Contingency reserves (to deal with the known unknowns, i.e., the identified residual risks that remain after risk response planning) and management reserves (to deal with unknown unknowns, i.e., risks that have not been identified. |
|
|
Term
| How would you create a contingency reserve using Monte Carlo? |
|
Definition
*Determine the acceptable probability (e.g., 80 percent, 90 percent).
*Refer to the Monte Carlo simulations to see the time and cost associated with that probability
*That amount will be the project budget or schedule length
*Deduct the schedule or cost length from the total activity-based schedule or cost estimate created during the project planning
*The difference is the contingency reserve |
|
|
Term
| Prior to the Plan Risk Responses phase what information is included in the risk register? |
|
Definition
*Description of risks
*The activities they relate to
*Potential risk owners, risk responses, and triggers
*The final probability and impact rating of each risk
*The risk's ranking among the remaining risks on the project |
|
|
Term
| The Plan Risk Response process uses information collected throughout and adds the following information to the risk register: |
|
Definition
*Finalized triggers for each risk
*Response plans for each risk
*Contingency and fallback plans for each risk
*Triggers for contingency plans for each risk
*Finalized risk owners (persons assigned to each risk)
*List of non-top risks for future reference that will be monitored throughout the project.
*If quantitative risk analysis has been done, quantitative probabilities, impacts, and expected monetary values of time and cost can be included
*You may also choose to add other information specific to your project |
|
|
Term
| Which risk response (method) would be used? When risk of fire, theft, or other areas for which insurance is available are identified, the risk response may be to purchase insurance. |
|
Definition
| This is transference, as someone else will be responsible if the risk happens. This is also a mitigation choice because the complete impact in not removed. If a fire occurs, the damage cost would be covered by insurance, but such things as project delays would not. |
|
|
Term
| What are the outputs of the Plan Risk Responses Process? |
|
Definition
Risk Register Updates (to Include)
* Residual risks
*Contingency Plans
*Risk Owners
*Secondary Risks
*Risk triggers
*Contracts
*Fallback plans
*Reserves (contingency) |
|
|
Term
|
Definition
| These are the risks that remain after risk response planning, including those that have been accepted and for which contingency plans and fallback plans can be created. Residual risks should be properly documented and reviewed throughout the project to see if their ranking has changed. |
|
|
Term
|
Definition
| Contingency plans are plans describing the specific actions that will be taken if the opportunity or threat occurs. |
|
|
Term
|
Definition
| Each risk must be assigned to someone who may help develop the risk response and who will be assigned to carry out the risk response or "own" the risk. The risk owner can be a stakeholder other than a team member. |
|
|
Term
|
Definition
| Frequently, what is done to respond to one risk will cause other risks to occur. |
|
|
Term
|
Definition
| The early warning signs (indirect manifestations of actual risk events) for each risk on a project should be identified to know when to take action. |
|
|
Term
|
Definition
| These are specific actions that will be taken if the contingency plan is not effective. |
|
|
Term
| Define Reserves (contingency) |
|
Definition
| Having reserves for schedule and cost is a required part of project management. You cannot come up with a schedule or budget for the project without them. |
|
|
Term
| What is the objective of the Plan Risk Responses process |
|
Definition
| The objective of the Plan Risk Responses is to determine what you can do to reduce the overall risk of the project by decreasing the probability and impact of negative risks (threats) and increasing the probability of positive risks (opportunities). |
|
|
Term
| Risks that are generated by a response to another risk are called? |
|
Definition
|
|
Term
| Eliminate the threat of a risk by eliminating the cause is what type of risk response? |
|
Definition
|
|
Term
| Do nothing _ "if it happens, it happens," or create a contingency plan is what type of risk response? |
|
Definition
|
|
Term
| Retain appropriate opportunities or parts of opportunities instead of attempts to transfer them to others is what type of risk response? |
|
Definition
|
|
Term
| Increase the expected time, quality, or monetary value of a risk by increasing its probability or impact of occurrence is what type of risk response? |
|
Definition
|
|
Term
| Increase the opportunity by making the cause more probable is what type of risk response? |
|
Definition
|
|
Term
| What mitigation response assigns the liability for a risk to someone else? |
|
Definition
|
|
Term
| An amount of time and/or cost added to the project to account for risks. |
|
Definition
|
|
Term
| A legal agreement for the purchase or sale of goods and services |
|
Definition
|
|
Term
| An amount of time and/or cost added to the project to deal with known unknowns, i.e., identified risks |
|
Definition
|
|
Term
| Determining what can be done to reduce the overall risk of the project by decreasing the probability and impact of threats and increasing the probability and impact of opportunities. |
|
Definition
| Plan Risk Responses process |
|
|
Term
| Planned actions to be taken if the risk happens and contingency plans are not effective |
|
Definition
|
|
Term
| Risks that remain after risk response planning ? |
|
Definition
|
|
Term
| Assign the risk to someone else by subcontracting or buying insurance is what type of risk response |
|
Definition
|
|
Term
| Planned actions to be taken if the risk happens? |
|
Definition
|
|
Term
| Reduce the expected monetary value of a risk by reducing its impact or probability of occurrence. |
|
Definition
|
|
Term
| An amount of time and/or cost added to the project to deal with unknown unknowns, i.e., risks that have not been identified |
|
Definition
|
|
Term
| The person assigned by the project manager to watch for triggers and manage the risk response if the risk occurs |
|
Definition
|
|
Term
| Early warning sign that a risk has occurred or is about to occur |
|
Definition
|
|
Term
| The person assigned by the risk owner to implement approved risk responses |
|
Definition
|
|
Term
| The person assigned by the risk owner to implement pre-approved risk responses |
|
Definition
|
|
Term
| During the Monitor and Control process, risk owners will respond to risk triggers by doing what? |
|
Definition
Implementing contingency plans and fallback plans, if needed.
The project manager should make sure the contingency plans and fallback plans are understood and complied with. Unauthorized changes to these plans have the same impact to the project as other unauthorized project changes and should therefore be avoided. |
|
|
Term
| Beside managing the Critical path what else should the project manager be watching during the Monitor and Control process? |
|
Definition
| Why not also determine the path through the network diagram that has the highest risk score? The path with the highest risk score should be managed as closely a the critical path. |
|
|
Term
| What is the contingency reserve used for? |
|
Definition
| The contingency reserve is to accommodate the known unknowns for the project. This means that it should ONLY be used for identified risks that actually take place. |
|
|
Term
| What is the management reserve used for? |
|
Definition
| The management reserve is used for unknown unknowns - risks that have not be identified. |
|
|
Term
|
Definition
A workaround is an unplanned response to an unidentified risk that occurs.
Work arounds are reactive; project management is supposed to be proactive. Project managers should be spending much more time executing contingency and fallback plans then creating workarounds. |
|
|
Term
| What is the difference between and risk and an issue? |
|
Definition
| An issue is an unforeseen, minor problem that has occurred. It may be handled by listing it on a project action item list and managing it, or by creating a workaround. |
|
|
Term
|
Definition
| A risk review is a way to control risks and manage changes. It can also be the vehicle for identifying new risks and making sure everyone understands the contingency and fallback plans. Risk reviews look forward in time to what should happen for risk. |
|
|
Term
| What is a risk audit and what does it do? |
|
Definition
A risk audit looks backwards in time to what has occurred.
A risk audit includes:
Reviewing if the right risk owners have been assigned to each risk
Determining if the risk owners are effective
Examining and documenting the effectiveness of contingency plans and fallback plans |
|
|
Term
| What is earned value analysis |
|
Definition
| Earned value analysis is used to quantitatively measure and monitor overall project performance against the project baseline. |
|
|
Term
| What is the formula for CPI (cost performance index)? |
|
Definition
CPI (cost performance index) = EV (earned value) divided by AC (actual cost)
CPI = EV/AC |
|
|
Term
| What is the formula for Schedule Performance Index? |
|
Definition
SPI (schedule performance index) = EV (earned value) divided by PV (planned value)
SPI = EV/PV |
|
|
Term
| What does a Cost Performance Index of less then one represent? |
|
Definition
| A CPI of less than one means a bad situation |
|
|
Term
| What does a SPI of greater than one mean? |
|
Definition
| An SPI of greater than one means a good situation |
|
|
Term
| How could the change in the cost of performance potentially impact the project? |
|
Definition
| It could impact quality, customer satisfaction, or schedule of the project. |
|
|
Term
| During the Monitor and Control process what are two major times when a risk reassessment might occur? |
|
Definition
| When new risks are identified and when changes occur on the project. Keep looking for risk when changes are made on the project. |
|
|
Term
| What are the outputs to the Monitor and Control Risk process? |
|
Definition
The risk register updated with the following information as a result of this process:
Outcomes of the risk reassessments and risk audits.
Updates to previous parts of risk management, including the identification of new risks.
Closing of risks that are no longer applicable
Details of what happened when risks occurred
Lessons learned
Change Requests, including recommended corrective and preventative actions.
Project Management Plan Updates
Project Document Updates
Organizational Process Assets Updates. |
|
|
Term
| Analysis of what the project team has planned for risk management to determine whether it is still appropriate |
|
Definition
|
|
Term
| Control the appropriate use of reserves |
|
Definition
|
|
Term
| Analysis of what the project team has done for risk management to determine whether it has worked. |
|
Definition
|
|
Term
| Changes implemented in order to bring performance back in line with the project management plan |
|
Definition
|
|
Term
| A method to quantitatively measure and monitor overall project performance against the project baseline |
|
Definition
|
|
Term
| Making sure policies, procedures, and plans are being followed |
|
Definition
|
|
Term
| Implementing the risk response plans as risks occur, looking for risk triggers, identifying new risks,and evaluating the effectiveness of risk responses |
|
Definition
| Monitor and Control Risk process |
|
|
Term
| Looking for new risks when changes are made on the project |
|
Definition
|
|
Term
| Oversee project performance and activities |
|
Definition
|
|
Term
| Measurement of factors such as strength of concrete, measurable wind resistance of a a building, meeting functionality requirements, strength of the plastic used in a product, etc., to identify deviations from the plan |
|
Definition
| Technical performance measurement |
|
|
Term
| Measure to determine the results of actions taken |
|
Definition
| Evaluate the effectiveness |
|
|
Term
| Unplanned responses to unidentified risks that occur |
|
Definition
|
|
Term
| What is involved in project risk governance? |
|
Definition
| Risk governance involves oversight of the entire risk management process, making sure the risk management activities are consistent, and that they are continuously improved throughout the organization. |
|
|
