You work as a project manager for TechSoft Inc. You are working with the project stakeholders on the qualitative risk analysis process in your project. You have used all the tools to the qualitative risk analysis process in your project. Which of the following techniques is NOT used as a tool in qualitative risk analysis process? A. Risk Urgency Assessment B. Risk Reassessment C. Risk Data Quality Assessment D. Risk Categorization
Correct Answer: B
Explanation:
Explanation:
You will not need the Risk Reassessment technique to perform qualitative risk analysis. It is one of the techniques used to monitor and control risks.
Incorrect Answers: A, C, D: The tools and techniques for Qualitative Risk Analysis process are as follows:
Risk Probability and Impact Assessment: Risk probability assessment investigates the chances of a particular risk to occur.
Risk Impact Assessment investigates the possible effects on the project objectives such as cost, quality, schedule, or performance, including positive opportunities and negative threats.
Probability and Impact Matrix: Estimation of risk’s consequence and priority for awareness is conducted by using a look-up table or the probability and impact matrix. This matrix specifies the mixture of probability and impact that directs to rating the risks as low, moderate, or high priority.
Risk Data Quality Assessment: Investigation of quality of risk data is a technique to calculate the degree to which the data about risks are useful for risk management.
Risk Categorization: Risks to the projects can be categorized by sources of risk, the area of project affected and other valuable types to decide the areas of the project most exposed to the effects of uncertainty.
Risk Urgency Assessment: Risks that requires near-term responses are considered more urgent to address.
Expert Judgment: It is required to categorize the probability and impact of each risk to determine its location in the matrix.
You work as a project manager for BlueWell Inc. You are preparing for the risk identification process. You will need to involve several of the project's key stakeholders to help you identify and communicate the identified risk events. You will also need several documents to help you and the stakeholders identify the risk events. Which one of the following is NOT a document that will help you identify and communicate risks within the project? A. Stakeholder registers B. Activity duration estimates C. Activity cost estimates D. Risk register
Correct Answer: D
Explanation:
Explanation:
Risk register is not an input to risk identification, but it is an output of risk identification.
Incorrect Answers: A, B, C: These are an input to risk identification.
Identify Risks is the process of determining which risks may affect the project. It also documents risks’ characteristics. The Identify Risks process is part of the Project Risk Management knowledge area. As new risks may evolve or become known as the project progresses through its life cycle, Identify Risks is an iterative process. The process should involve the project team so that they can develop and maintain a sense of ownership and responsibility for the risks and associated risk response actions. Risk Register is the only output of this process.
John is the project manager of the HGH Project for her company. He and his project team have agreed that if the vendor is late by more than ten days they will cancel the order and hire the NBG Company to fulfill the order. The NBG Company can guarantee orders within three days, but the costs of their products are significantly more expensive than the current vendor. What type of response does John adopt here? A. Contingent response strategy B. Risk avoidance C. Risk mitigation D. Expert judgment
Correct Answer: A
Explanation:
Explanation:
As in this case John and his team mates have pre-planned the alternative if the vendor would late in placing the order. Therefore, it is contingent response strategy.
Contingent response strategy, also known as contingency planning, involves adopting alternatives to deal with the risks in case of their occurrence. Unlike the mitigation planning in which mitigation looks to reduce the probability of the risk and its impact, contingency planning doesn’t necessarily attempt to reduce the probability of a risk event or its impacts. Contingency comes into action when the risk event actually occurs.
Incorrect Answers:
B: Risk avoidance is the method which involves creating solutions that ensure a specific risk in not realized.
C: Risk mitigation attempts to eliminate or significantly decrease the level of risk present. Here no alternatives are pre-planned.
D: Expert judgment is utilized in developing risk responses, including feedback and guidance from risk management experts and those internal to the project qualified to provide assistance in this process.
You are the project manager of your enterprise. You have identified several risks. Which of the following responses to risk is considered the MOST appropriate? A. Any of the above B. Insuring C. Avoiding D. Accepting
Correct Answer: A
Explanation:
Explanation: The appropriate response to the risk is decided by the risk itself, the company’s attitude and appetite of risk, and the threat and opportunity combination of the risk.
Incorrect Answers:
B, C, D: Depending upon the condition, that is, the risk itself, the company’s attitude and appetite of risk, and the threat and opportunity combination of the risk, these response options can be chosen.
You are the project manager of the NNN Project. Stakeholders in the two-year project have requested to send status reports to them via. email every week. You have agreed and send reports every Thursday. After six months of the project, the stakeholders are pleased with the project progress and they would like you to reduce the status reports to every two weeks. What process will examine the change to this project process and implement it in the project? A. Configuration management B. Communications management C. Perform integrated change control process D. Project change control process
Correct Answer: C
Explanation:
Explanation: Although this appears to be a simple change the project manager must still follow the rules of the project’s change control system. Integrated change control is a way to manage the changes incurred during a project. It is a method that manages reviewing the suggestions for changes and utilizing the tools and techniques to evaluate whether the change should be approved or rejected.
Integrated change control is a primary component of the project’s change control system that examines the affect of a proposed change on the entire project.
Incorrect Answers:
A: Configuration management is the documentation and control of the product’s features and functions.
B: Communications management is the execution of the communications management plan.
D: The project change control process not valid as it’s the parent of the integrated change control process, which is more accurate for this question.
You are working in an enterprise. Your enterprise is willing to accept a certain amount of risk. What is this risk called? A. Hedging B. Aversion C. Appetite D. Tolerance
Correct Answer: C
Explanation:
Explanation:
Risk appetite considers the qualitative and quantitative aspects of accepting risks in an organization. The term refers to the type of risks the organization is willing to pursue, as well as amount of risk and the level of risk.
Risk appetite is the amount of risk a company or other entity is willing to accept in pursuit of its mission. This is the responsibility of the board to decide risk appetite of an enterprise. When considering the risk appetite levels for the enterprise, the following two major factors should be taken into account:
The enterprise’s objective capacity to absorb loss, e.g., financial loss, reputation damage, etc.
The culture towards risk taking-cautious or aggressive. In other words, the amount of loss the enterprise wants to accept in pursue of its objective fulfillment.
Incorrect Answers: A, B: Aversion and hedging are related to each other and represents the avoidance of risk within the organization.
D: The acceptable variation relative to the achievement of an objective is termed as risk tolerance. In other words, risk tolerance is the acceptable deviation from the level set by the risk appetite and business objectives. Risk tolerance is defined at the enterprise level by the board and clearly communicated to all stakeholders. A process should be in place to review and approve any exceptions to such standards.
Qualitative risk assessment uses which of the following terms for evaluating risk level? Each correct answer represents a part of the solution. Choose two. A. Impact B. Annual rate of occurrence C. Probability D. Single loss expectancy
Correct Answer: AC
Explanation:
Explanation:
Unlike the quantitative risk assessment, qualitative risk assessment does not assign dollar values. Rather, it determines risk’s level based on the probability and impact of a risk. These values are determined by gathering the opinions of experts.
Probability- establishing the likelihood of occurrence and reoccurrence of specific risks, independently, and combined. The risk occurs when a threat exploits vulnerability. Scaling is done to define the probability that a risk will occur. The scale can be based on word values such as Low, Medium, or High. Percentage can also be assigned to these words, like 10% to low and 90% to high.
Impact- Impact is used to identify the magnitude of identified risks. The risk leads to some type of loss. However, instead of quantifying the loss as a dollar value, an impact assessment could use words such as Low, Medium, or High. Impact is expressed as a relative value. For example, low could be 10, medium could be 50, and high could be 100.
Risk level = Probability * Impact
Incorrect Answers: B, D: These are used for calculating Annual loss expectancy (ALE) in quantitative risk assessment. Formula is given as follows: ALE= SLE * ARO
You are the risk professional of your enterprise. Your enterprise has introduced new systems in many departments. The business requirements that were to be addressed by the new system are still unfulfilled, and the process has been a waste of resources. Even if the system is implemented, it will most likely be underutilized and not maintained making it obsolete in a short period of time. What kind of risk is it? A. Inherent risk B. Business risk C. Project risk D. Residual risk
Correct Answer: B
Explanation:
Explanation:
Business risk relates to the likelihood that the new system may not meet the user business needs, requirements and expectations. Here in this stem it is said that the business requirements that were to be addressed by the new system are still unfulfilled, therefore it is a business risk.
Incorrect Answers:
A: This is one of the components of risk. Inherent risk is the risk level or exposure without applying controls or other management actions into account. But here in this stem no description of control is given, hence it cannot be concluded whether it is an inherent risk or not.
C: Project risk are related to the delay in project deliverables. The project activities to design and develop the system exceed the limits of the financial resources set aside for the project. As a result, the project completion will be delayed. They are not related to fulfillment of business requirements.
D: This is one of the components of risk. Residual risk is the risk that remains after applying controls. But here in this stem no description of control is given, hence it cannot be concluded whether it is a residual risk or not.
Which of the following risk responses include feedback and guidance from well-qualified risk officials and those internal to the project? A. Contingent response strategy B. Risk Acceptance C. Expert judgment D. Risk transfer
Correct Answer: C
Explanation:
Explanation:
Expert judgment is utilized in developing risk responses, including feedback and guidance from risk management experts and those internal to the project qualified to provide assistance in this process. Expert judgment is a technique based on a set of criteria that has been acquired in a specific knowledge area or product area. It is obtained when the project manager or project team requires specialized knowledge that they do not possess. Expert judgment involves people most familiar with the work of creating estimates. Preferably, the project team member who will be doing the task should complete the estimates. Expert judgment is applied when performing administrative closure activities, and experts should ensure the project or phase closure is performed to the appropriate standards.
Incorrect Answers:
A: Contingent response strategy, also known as contingency planning, involves adopting alternatives to deal with the risks in case of their occurrence. Unlike the mitigation planning in which mitigation looks to reduce the probability of the risk and its impact, contingency planning doesn’t necessarily attempt to reduce the probability of a risk event or its impacts. Contingency comes into action when the risk event actually occurs.
B: Risk acceptance means that no action is taken relative to a particular risk; loss is accepted if it occurs. If an enterprise adopts a risk acceptance, it should carefully consider who can accept the risk. Risk should be accepted only by senior management in relationship with senior management and the board. There are two alternatives to the acceptance strategy, passive and active.
Passive acceptance means that enterprise has made no plan to avoid or mitigate the risk but willing to accept the consequences of the risk.
Active acceptance is the second strategy and might include developing contingency plans and reserves to deal with risks.
D: Risk transfer means that impact of risk is reduced by transferring or otherwise sharing a portion of the risk with an external organization or another internal entity. Transfer of risk can occur in many forms but is most effective when dealing with financial risks. Insurance is one form of risk transfer.
You are the risk official at Bluewell Inc. There are some risks that are posing threat on your enterprise. You are measuring exposure of those risk factors, which has the highest potential, by examining the extent to which the uncertainty of each element affects the object under consideration when all other uncertain elements are held at their baseline values. Which type of analysis you are performing? A. Sensitivity analysis B. Fault tree analysis C. Cause-and-effect analysis D. Scenario analysis
Correct Answer: A
Explanation:
Explanation:
Sensitivity analysis is the quantitative risk analysis technique that:
Assist in determination of risk factors that have the most potential impact
Examines the extent to which the uncertainty of each element affects the object under consideration when all other uncertain elements are held at their baseline values
Incorrect Answers:
B: Fault tree analysis provides a systematic description of the combination of possible undesirable occurrences in a system. It does not measure the extent of uncertainty.
C: Cause-and-effect analysis involves the use of predictive or diagnostic analytical tool for exploring the root causes or factors that contribute to positive or negative effects or outcomes, and not the extent of uncertainty.
D: Scenario analysis provides ability to see a range of values across several scenarios to identify risk in specific situation. It provides ability to identify those inputs which will provide the greatest level of uncertainty. But it plays no role in determining the extent of uncertainty.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.