Education Edge PMP PMBOK Week 7 Office Read – Risk Knowledge Area

Project Risk Management includes the processes of conducting risk management planning, identification, analysis, response planning, and controlling risk on a project.
The objectives of project risk management are to increase the likelihood and impact of positive events, and decrease the likelihood and impact of negative events in the project.
Project risk is an uncertain event or condition that, if it occurs, has a positive or negative effect on one or more project objectives such as scope, schedule, cost, and quality.
The risk attitudes of both the organization and the stakeholders may be influenced by a number of factors, which are broadly classified into three themes:
·       Risk appetite
·       Risk tolerance
·       Risk threshold
Positive and negative risks are commonly referred to as opportunities and threats.
Risk responses reflect an organization’s perceived balance between risk taking and risk avoidance.
Known risks are those that have been identified and analyzed, making it possible to plan responses for those risks.
Known risks that cannot be managed proactively, should be assigned a contingency reserve.
Unknown risks cannot be managed proactively and therefore may be assigned a management reserve.
A negative project risk that has occurred is considered an issue.
The knowledge area of Project Risk Management consists of the following six processes:
Process Name
Project Management Process Group
Key Deliverables
Plan Risk Management
Risk Management Plan
Identify Risks
Risk Register
Perform Qualitative Risk Analysis
Project Documents Update (Risk Register)
Perform Quantitative Risk Analysis
Project Documents Update (Risk Register)
Plan Risk Responses
Control Risks
Monitoring and Controlling
Change Requests
Plan Risk Managementis the process of defining how to conduct risk management activities for a project.
The risk management plan is vital to communicate with and obtain agreement and support from all stakeholders to ensure the risk management process is supported and performed effectively over the project life cycle.
The risk management plan is a component of the project management plan and describes how risk management activities will be structured and performed.
The Risk Management Plan includes: Methodology, Roles & responsibilities, Budgeting, Timing.
Risk categories provide a means for grouping potential causes of risk.
A risk breakdown structure (RBS) helps the project team to look at many sources from which project risk may arise in a risk identification exercise.
The RBS is a hierarchical representation of risks according to their risk categories.
A probability and impact matrix is a grid for mapping the probability of each risk occurrence and its impact on project objectives if that risk occurs.
Types of Risks:
·       Business Risk – Risk of gain or loss
·       Pure (insurable risk) – Only a risk of loss (e.g. fire, theft, personal injury, etc.)
The Inputs, Tools and Techniques and Output of Plan Risk Management process are given below:
Project Management Plan
Analytical Techniques
Risk Management Plan
Project Charter
Expert Judgment
Stakeholder Register
Enterprise Environmental Factors
Organizational Process Assets
Identify Risksis the process of determining which risks may affect the project and documenting their characteristics.
Identify risks is an iterative process.
The WBS is a critical input to identifying risks.
Risks can be identified and subsequently tracked at:
·        Summary
·        Control account
·        Work package levels
Information about the stakeholders is useful for soliciting inputs to identify risks.
Identification of risk by impact – Scope risk, Quality risk, Schedule risk, Cost risk.
Cause-and-effect diagrams (also called Ishikawa or fishbone diagrams) is a technique used to identify risks.
SWOT technique examines the project from each of the strengths, weaknesses, opportunities, and threats (SWOT) perspectives to increase the breadth of identified risks by including internally generated risks.
Delphi technique – experts take part in an anonymous questionnaire so as not to influence each other, then their ideas are shared for more input.
The risk register contains the outcomes of the other risks management processes as they are conducted.
The preparation of risk register begins with
·        List of identified risks
·        List of potential responses 
The Inputs, Tools and Techniques and Output of Identify Risk process are given below:
Risk Management Plan
Documentation Reviews
Risk Register
Cost Management Plan
Information Gathering Techniques
Schedule Management Plan
Checklist Analysis
Quality Management Plan
Assumptions Analysis
Human Resource Management Plan
Diagramming Techniques
Scope Baseline
SWOT Analysis
Activity Cost Estimates
Expert Judgment
Activity Duration Estimates
Stakeholder Register
Project Documents
Procurement Documents
Enterprise Environmental Factors
Organizational Process Assets
Perform Qualitative Risk Analysis is the process of prioritizing risks for further analysis or action by assessing and combining their probability of occurrence and impact.
Perform Qualitative Risk Analysis assesses the priority of identified risks using their relative probability or likelihood of occurrence.
Perform Qualitative Risk Analysis is a rapid and cost-effective means of establishing priorities for Plan Risk Responses.
Perform Qualitative Risk Analysis lay foundation for Perform Quantitative Risk Analysis.
Risk probability assessment investigates the likelihood that each specific risk will occur.
Risk analysis requires accurate & unbiased data.
The Inputs, Tools and Techniques and Output of Perform Qualitative Risk Analysis process are given below:
Risk Management Plan
Risk Probability and Impact Assessment
Project Documents updates
Scope Baseline
Probability and Impact Matrix
Risk Register
Risk Data Quality Assessment
Enterprise Environmental Factors
Risk Categorization
Organizational Process Assets
Risk Urgency Assessment
Expert Judgment
Perform Quantitative Risk Analysis is the process of numerically analyzing the effect of identified risks on overall project objectives.
Perform Quantitative Risk Analysis is performed on risks that have been prioritized by the Perform Qualitative
Risk Analysis process.
Perform Quantitative Risk Analysis generally follows the Perform Qualitative Risk Analysis process.
The project manager should exercise expert judgment to determine the need for and the viability of quantitative risk analysis.
The availability of time and budget should be assessed before performing Quantitative Risk Analysis.
Continuous probability distributions, which are used extensively in modeling and simulation, represent the uncertainty in values such as durations of schedule activities and costs of project components.
Discrete distributions can be used to represent uncertain events, such as the outcome of a test or a possible scenario in a decision tree.
Sensitivity analysis helps to determine which risks have the most potential impact on the project.
One typical display of sensitivity analysis is the tornado diagram.
Expected monetary value (EMV) analysis is a statistical concept that calculates the average outcome when the future includes scenarios that may or may not happen.
The EMV of opportunities are generally expressed as positive values, while those of threats are expressed as negative values.
A common use of EMV analysis is a decision tree analysis.
Simulations are typically performed using the Monte Carlo technique.
Risk Registers gets update after each process of Project Risk Management.
The Inputs, Tools and Techniques and Output of Perform Quantitative Risk Analysis process are given below:
Risk Management Plan
Data Gathering & Representation Techniques
Project Documents updates
Cost Management Plan
Quantitative Risk Analysis & Modeling Techniques
Schedule Management Plan
Expert Judgment
Risk Register
Enterprise Environmental Factors
Organizational Process Assets
Plan Risk Responsesis the process of developing options and actions to enhance opportunities and to reduce threats to project objectives.
Strategies for Negative Risks or Threats:
·       Avoid – Changing the Project Management Plan to eliminate a potential risk.
·       Transfer – To third party generally involves payment to the party taking on the risk
·       Mitigate – Reduce impact of an adverse risk/or reduction in the probability.
·       Accept – Decides to acknowledge the risk and not take any action unless the risk occurs.
Strategies for Positive Risks or Opportunities:
·       Exploit – Eliminates the uncertainty associated with a particular upside risk by making the opportunity will definitely happen.
·       Share – Share responsibility and accountability to get best chance of seizing an opportunity.
·       Enhance – Modify the “size“ of an opportunity by increasing probability and/or positive impacts by identifying & maximizing key drivers.
·       Accept – Accepting an opportunity is being willing to take advantage of it if it comes along, but not actively pursuing it.
Passive acceptance requires no action, leaving the project team to deal with the threats or opportunities as they occur.
Active acceptance establishes a contingency reserve or strategy.
Residual risks that are expected to remain after planned responses have been taken, as well as those that have been deliberately accepted.
A fallback plan can be developed for implementation if the selected strategy turns out not to be fully effective or if an accepted risk occurs.
Secondary risksare risks that arise as a direct result of implementing a risk response.
Contingency reserves account for “known unknowns” or simple “knowns”.
Management reserves account for “unknown unknowns” or simply “unknowns”.
The Inputs, Tools and Techniques and Output of Plan Risk Responses process are given below:
Risk Management Plan
Strategies for Negative Risks or Threats
Project Management Plan Updates
Risk Register
Strategies for Positive Risks or Opportunities
Project Documents updates
Contingent Response Strategies
Expert Judgment
Control Risksis the process of implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout the project.
The Control Risks process applies techniques, such as variance and trend analysis, which require the use of performance information generated during project execution.
Risk Monitoring & Control often requires identification of new risks & reassessment of risks.
Risk audits examine and document the effectiveness of risk responses in dealing with identified risks and their root causes, as well as the effectiveness of the risk management process.
The Inputs, Tools and Techniques and Output of Control Risks process are given below:
Project Management Plan
Risk Reassessment
Work Performance Information
Risk Register
Risk Audits
Change Requests
Work Performance Data
Variance and Trend Analysis
Project Management Plan Updates
Work Performance Reports
Technical Performance Measurements
Project Documents updates
Reserve Analysis
Organizational Process Assets updates
Share your love

Leave a Reply

Your email address will not be published. Required fields are marked *