PMI PMI-RMP PMI Risk Management Professional (PMI-RMP) Exam Exam Practice Test

The expected monetary value (EMV) for this project can be calculated as follows: (0.6 x US$100,000) - (0.4 x US$100,000) = US$60,000 - US$40,000 = US$20,000 profit.

The EMV of a project is the weighted average of the possible outcomes, which are a US$100,000 profit or a US$100,000 loss in this case. To calculate the EMV, we multiply the probability of each outcome by its monetary value, and then add them together. The formula is:

EMV = (Probability of profit x Value of profit) + (Probability of loss x Value of loss)

In this case, the probability of profit is 60%, and the value of profit is US$100,000. The probability of loss is 40%, and the value of loss is -US$100,000 (negative because it is a loss). Therefore, the EMV is:

EMV = (0.6 x 100,000) + (0.4 x -100,000) EMV = 60,000 - 40,000 EMV = US$20,000

This means that the project has an expected monetary value of US$20,000 profit, which is the answer option B. The other options are incorrect because they do not match the EMV calculation.

The EMV is a useful tool for comparing different projects or alternatives based on their expected values. However, it does not account for the variability or uncertainty of the outcomes, which may also affect the project decision making. For example, a project with a higher EMV but a higher risk may not be preferable to a project with a lower EMV but a lower risk. Therefore, the EMV should be used with caution and in conjunction with other risk analysis techniques.

For more information on the EMV and other risk analysis methods, you can refer to the PMI Risk Management Professional (PMI-RMP) Examination Content Outline and Specifications, the A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, and the Expected Monetary Value (EMV): A Guide With Examples. I hope this helps you understand the concept of EMV and how to apply it to project risk management

Since the project manager cannot avoid, transfer, or mitigate the risk, the only remaining option is to accept the risk and develop a contingency plan to handle it if it occurs.

According to the PMI-RMP Exam Content Outline1, one of the tools and techniques for risk response planning is risk response strategies. These are the actions that the project manager and the project team take to address the identified risks, either positive or negative. For negative risks or threats, the PMI-RMP Exam Content Outline1 lists four possible strategies: avoid, transfer, mitigate, and accept.

• Avoid risk means changing the project plan to eliminate the threat or its impact2. For example, changing the scope, schedule, or budget to avoid a risk.
• Transfer risk means shifting the impact of a threat to a third party, such as a contractor, vendor, or insurer2. For example, buying insurance, outsourcing, or using performance bonds to transfer a risk.
• Mitigate risk means reducing the probability and/or impact of a threat2. For example, conducting more tests, adopting best practices, or providing training to mitigate a risk.
• Accept risk means acknowledging the existence of a threat and being willing to deal with its consequences2. For example, doing nothing, establishing a contingency reserve, or developing a contingency plan to accept a risk.

In this question, the project manager has determined that they cannot outsource work (transfer) nor eliminate the scope (avoid). They also discover that they cannot buy insurance (transfer) or mitigate the risk. Therefore, the only remaining option is to accept the risk. Accepting the risk does not mean ignoring the risk, but rather recognizing it and preparing for its potential occurrence and impact. Therefore, the best answer is D.

References: 1: PMI-RMP Exam Content Outline, page 9. 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 443.

 A SWOT analysis is a risk identification technique that helps to identify high-level and strategic project risks by examining the internal and external factors that may affect the project objectives. A SWOT analysis involves listing the strengths, weaknesses, opportunities, and threats of the project, and then analyzing how they may impact the project positively or negatively. A SWOT analysis can help to uncover potential risks that may not be obvious from other techniques, such as prompt lists, interviews, or brainstorming12

References: 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1

Legal and regulatory requirements and constraints when assessing a project environment for threats and opportunities may include ensuring the confidentiality of project information, as this is often governed by laws and regulations.

Legal and regulatory requirements and/or constraints are external factors that can affect the project environment and influence the risk management process. They may include laws, regulations, standards, codes, permits, licenses, contracts, or agreements that the project must comply with or adhere to. Confidentiality of project information is an example of such a requirement or constraint, as it may limit the disclosure, sharing, or access of project data, documents, or reports to authorized parties only. Violating confidentiality may result in legal actions, penalties, or reputational damage for the project and the organization. Therefore, the project manager and the risk management team must identify and comply with the confidentiality requirements and/or constraints when assessing the project environment for threats and opportunities. References: PMI, 2019. Practice Standard for Project Risk Management. Newtown Square, PA: Project Management Institute, Inc., p. 181

sensitivity analysis is a technique that helps to determine which risks have the most potential impact on the project. It examines the extent to which the uncertainty of each project element affects the objective being examined when all other uncertain elements are held at their baseline values. Sensitivity analysis is often used to assess the risk exposure of the project schedule and cost, and to identify the critical risks that need to be managed. In this case, the risk manager needs to understand how the new risk resulting from the delay will affect the project deadline, which is the objective being examined. By performing sensitivity analysis, the risk manager can compare the relative importance and interaction of the new risk with other existing risks, and determine the worst-case scenarios for the project completion date. Sensitivity analysis can also help to prioritize risks for response planning and to develop contingency reserves. This is part of the Perform Quantitative Risk Analysis process in the PMBOK® Guide2. References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition

The overall goal of selecting strategies during the Plan Risk Response activity is to choose those strategies that have the greatest overall positive influence on the project, considering factors such as cost, schedule, and resources.

According to the PMI Risk Management Professional (PMI-RMP)® Examination Content Outline1, one of the tasks in the domain of Risk Response is to select risk response strategies based on the risk appetite and tolerance of the organization and stakeholders1. The overall goal of selecting risk response strategies is to select the strategies with the greatest overall positive influence on the project objectives, such as scope, schedule, cost, quality, etc. The risk response strategies should aim to enhance the opportunities and reduce the threats to the project, while considering the cost-benefit analysis, the feasibility, and the alignment with the project goals and stakeholder expectations2. The risk response strategies should not be selected based on the least overall impact to resources, because that may not be the most effective or efficient way to address the risks, and it may ignore the potential benefits of some strategies that may require more resources but also deliver more value3. The risk response strategies should not be selected based on the least financial impact, because that may not be the most relevant or comprehensive criterion to evaluate the risks, and it may overlook other aspects of the project, such as quality, customer satisfaction, reputation, etc. that may also be affected by the risks4. The risk response strategies should not be selected based on the greatest benefit to stakeholders, because that may not be the most realistic or achievable goal, and it may create conflicts or trade-offs among different stakeholder groups that may have different or competing interests, needs, and expectations5. References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, page 102: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4403: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4414: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4425: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 518.

The project manager should have updated the project schedule by adding risk owner implementation tasks. This would have ensured that the planned risk responses were implemented in a timely manner and tracked as part of the project schedule. This would also have allowed the project manager to monitor the progress of risk response implementation and take corrective action if necessary.

According to the PMI-RMP Exam Content Outline and Specifications1, one of the tasks under Domain 4: Risk Monitoring and Reporting is to “update project schedule, budget, and risk register with risk response outcomes”. This implies that the project manager should have added the risk owner implementation tasks to the project schedule, so that they can be tracked and monitored. By doing so, the project manager could have ensured that the planned risk responses were executed as intended, and that the opportunities were not missed. References: PMI-RMP Exam Content Outline and Specifications, page 10.

The project charter is the first resource the project manager should reference to determine the risk tolerance and risk attitudes of the project’s key stakeholders, as it contains information such as the project purpose, objectives, success criteria, high-level risks, and key stakeholder list. The project charter is an output of the Develop Project Charter process, which is part of the Initiating process group. The project charter provides the project manager with the authority to apply organizational resources to project activities and establishes a partnership between the performing organization and the requesting organization. References: PMBOK Guide, 6th edition, page 81-82.

Enterprise environmental factors (EEFs) provide information about the organization's culture, risk tolerance, and risk attitudes, which can help the project manager determine the risk tolerance and risk attitudes of the project's key stakeholders. (Reference: PMBOK Guide, 6th Edition, p. 39)

According to the PMBOK® Guide1, the risk management plan is a component of the project management plan that describes how risk management activities will be structured and performed. It provides guidance on how the project team will identify, analyze, respond, monitor, and control risks throughout the project life cycle. The risk management plan should be reviewed and updated whenever there are changes in the project scope, schedule, budget, or objectives, as these changes may introduce new risks or affect the existing ones. In this case, the organization’s decision to accelerate a key project is a significant change that may alter the risk profile of the project. Therefore, the first action for the project risk manager to take is to revise the risk management plan to reflect the new situation and ensure that the risk management processes are aligned with the project objectives and constraints. This is part of the Plan Risk Management process in the PMBOK® Guide1. References: 1: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition

The risk manager should conduct a risk planning workshop with senior management and other key stakeholders to review the risk management plan, the risk register, and the contingency reserves. The risk manager should explain the purpose and benefits of contingency reserves, and how they are calculated and allocated based on the risk exposure of the project. The risk manager should also discuss the potential impact of removing or reducing the contingency reserves on the project objectives, scope, schedule, cost, and quality. The risk manager should facilitate a collaborative decision-making process to reach a consensus on the best course of action for the project. References: PMI, The Standard for Risk Management in Portfolios, Programs, and Projects, 2019, p. 77-78, 92-93.

When closing risks as part of the closing process, it is important to update the lessons learned document. This document captures the knowledge and experience gained during the project and can be valuable for future projects.

 Lessons learned is a document that captures the knowledge gained from the project and can help improve the performance of future projects. It is one of the outputs of the project closure process and should include information on the project risks, issues, and responses. Lessons learned can help identify the best practices and lessons to be applied or avoided in similar projects. Updating the lessons learned document is an important part of closing the risks as it can provide valuable insights for risk management. References: PMI, Project Risk Management, 2nd edition, 2019, p. 97-981

The action that the risk manager should propose is to ask the team to prepare a Monte Carlo analysis. This is a statistical technique that can be used to model the probability of different outcomes in a project. By performing a Monte Carlo analysis, the project manager can objectively evaluate key project risks and develop response plans based on this analysis.

 A Monte Carlo analysis is a simulation technique that uses probability distributions and random sampling to model the possible outcomes of a project risk event. It can help the project manager to evaluate the key project risks and develop response plans based on the expected value, standard deviation, and confidence intervals of the results. A Monte Carlo analysis can also provide information on the probability of achieving the project objectives, such as cost, schedule, and quality. A Monte Carlo analysis is an objective method because it does not rely on subjective judgments or opinions, but on mathematical calculations and statistical data. References: PMBOK Guide, 6th edition, Section 11.5.2.3, Monte Carlo Analysis1

The project manager should apply an iterative approach to risk identification, which involves continuous risk identification throughout the project lifecycle. This will help to identify and address new risks that may arise during the project.

According to the PMBOK® Guide, risk identification is the process of determining which risks may affect the project and documenting their characteristics. It is an iterative process because new risks may evolve or become known only as the project progresses through its life cycle. There are many techniques available for risk identification and assessment, such as brainstorming, interviews, checklists, SWOT analysis, cause and effect diagrams, etc. The project manager should apply an iterative approach to risk identification to ensure that all relevant risks are captured and updated throughout the project. The project manager should also involve the project team and other stakeholders in the risk identification process to obtain their input and perspectives.

The other options are not valid for the next step after explaining the importance of risk management to the team:

• Review assumptions and constraints around risks: This is a technique for risk identification, but it is not the only one. The project manager should use a combination of techniques to identify risks, not just focus on one aspect. Also, reviewing assumptions and constraints is not the same as applying an iterative approach, which implies repeating the risk identification process at regular intervals or when changes occur.
• Develop the risk response plans for identified risks: This is a step in the Plan Risk Responses process, which comes after the Perform Qualitative Risk Analysis and Perform Quantitative Risk Analysis processes. The project manager should not develop the risk response plans before identifying and analyzing the risks.
• Determine the likelihood and impact of the risks: This is a step in the Perform Qualitative Risk Analysis process, which comes after the Identify Risks process. The project manager should not determine the likelihood and impact of the risks before identifying them.

References: PMBOK® Guide1, Risk Management Professional (PMI-RMP)® Cert Guide

According to the PMBOK® Guide, a scope change request is a formal proposal to modify any project document, deliverable, or baseline. It is an output of the Perform Integrated Change Control process, which is the process of reviewing all change requests, approving changes, and managing changes to the deliverables, organizational process assets, project documents, and the project management plan. A scope change request may introduce new risks or affect existing risks on the project, which may impact the project objectives, such as scope, schedule, cost, and quality.

The risk manager should support the project manager with the scope change request by evaluating any new risks that are introduced due to the change in scope. This is because the risk manager is responsible for planning, implementing, and monitoring the risk management activities on the project, as well as communicating and reporting the risk information to the project manager and other stakeholders. The risk manager should use the appropriate risk identification and analysis techniques, such as brainstorming, interviews, checklists, SWOT analysis, cause and effect diagrams, probability and impact assessment, etc., to identify and evaluate the new risks that may arise from the scope change. The risk manager should also document the new risks in the risk register, which is a project document that contains the details of all identified individual project risks and other relevant information.

The other options are not valid for what the risk manager should do to support the project manager with the scope change request:

• Update the risk management plan to reflect the scope change: This is not a valid option because the risk management plan is a component of the project management plan, which describes how risk management activities will be structured and performed on the project. It is an output of the Plan Risk Management process, which is the process of defining how to conduct risk management activities for a project. The risk management plan should not be updated to reflect the scope change, but rather to reflect any changes in the risk management approach, methodology, roles and responsibilities, budget, timing, risk categories, definitions, reporting formats, etc. The risk management plan should be updated only when there is a change in the risk management process, not in the project scope.
• Reassess the identified risks that impact the project scope: This is not a valid option because reassessing the identified risks that impact the project scope is part of the Monitor Risks process, which is the process of implementing risk response plans, tracking identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout the project. The risk manager should not reassess the identified risks that impact the project scope before evaluating any new risks that are introduced due to the change in scope. The risk manager should first identify and analyze the new risks, and then reassess the existing risks to determine if they are still valid, relevant, and prioritized.
• Update the risk register to identify, analyze, and plan a response for any new risk: This is not a valid option because updating the risk register to identify, analyze, and plan a response for any new risk is a combination of several risk management processes, such as Identify Risks, Perform Qualitative Risk Analysis, Perform Quantitative Risk Analysis, and Plan Risk Responses. The risk manager should not update the risk register to identify, analyze, and plan a response for any new risk in one step, but rather follow the sequential and iterative risk management processes to ensure a comprehensive and consistent risk management approach. The risk manager should also coordinate and communicate with the project manager and other stakeholders when updating the risk register, as well as obtain their approval and input.

References: PMBOK® Guide1, Risk Management Professional (PMI-RMP)® Cert Guide1

Quantitative risk analysis helps determine the minimum acceptable level of exposure and impact for each risk. It also helps to understand if the maximum level of exposure has been reached before escalating the risk. (Reference: PMBOK Guide, 6th Edition, p. 423)

The team should perform quantitative risk analysis, which is the process of numerically analyzing the effect of identified risks on overall project objectives. Quantitative risk analysis can help the team to establish the minimum acceptable level of exposure and impact for each risk, as well as the maximum level of exposure before escalation. Quantitative risk analysis can also provide probabilistic estimates of project outcomes, such as cost and schedule, and support risk prioritization and decision making. References: PMI, A Guide to the Project Management Body of Knowledge (PMBOK® Guide), Sixth Edition, 2017, p. 399; PMI, The Standard for Risk Management in Portfolios, Programs, and Projects, 2019, p. 69.

The project risk manager should generate reports to assess and communicate the project risk level to stakeholders. This helps in making informed decisions and taking appropriate actions to manage risks effectively.

 The project risk manager should quantify the risk exposure that exceeds project contingency, as this will help to determine the amount of management reserve needed to cover the potential cost overruns or schedule delays. The project risk manager should also communicate this information to the project manager and other relevant stakeholders, and update the risk management plan accordingly. References: The Standard for Risk Management in Portfolios, Programs, and Projects, page 80; PMBOK Guide, 6th edition, page 407.

A risk checklist is a tool for identifying risks based on historical information and knowledge from similar projects. It is a list of potential risk sources or categories that can be used to prompt the project team to consider possible risks that may affect the project. A risk checklist should include information that is relevant and useful for identifying risks, such as lessons learned from similar completed projects and previous project risks that may be relevant to this project. These two pieces of information can help the project manager to learn from past experiences and avoid repeating the same mistakes or overlooking the same threats or opportunities. A risk checklist should not include information that is not directly related to risk identification, such as budget variance data from previously completed projects, project scope and cost management plans from previous projects, or stakeholder analysis metrics from projects with similar risk profiles. These pieces of information may be useful for other aspects of project management, such as planning, monitoring, or controlling, but they are not helpful for identifying risks on a project. References: PMI. (2017). A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition. Chapter 11: Project Risk Management, p. 397. 5

Lessons learned and previous project risks are valuable sources of information for creating a risk checklist. They provide insights into potential risks that may impact the current project and help the project manager develop appropriate risk responses. Budget variance data, project scope and cost management plans, and stakeholder analysis metrics, although useful, are not directly related to risk identification. (Reference: Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, Section 11.2)

According to the PMI Risk Management Professional (PMI-RMP)® Examination Content Outline1, one of the tasks in the domain of Risk Response is to call for a project team meeting to review risk strategies and make required adjustments, as needed, based on risk monitoring and reporting1. In this scenario, the risk manager should do this to address the situation of the availability of experts, which is a key risk for the project. The project team meeting will help the risk manager and the project team to evaluate the effectiveness of the current risk response plan, identify any new risks or changes in existing risks, and develop alternative risk strategies and actions to deal with the staffing issue. The project team meeting will also facilitate the communication and collaboration among the project team members and other stakeholders, and ensure that the project objectives and expectations are aligned. The risk manager should not implement a disciplined tracking method and report to stakeholders accordingly, because that is not a proactive risk response strategy, but rather a passive risk monitoring and reporting technique2. The risk manager should not escalate the staffing topic to the sponsor and request more budget for contingencies, because that is not a feasible or appropriate risk response strategy, as it does not address the root cause of the risk or provide a solution to the problem3. The risk manager should not revisit the project charter for scope adjustments and sign them off with the customer, because that is not a risk response strategy, but rather a scope management process that may have negative impacts on the project quality, cost, and schedule, and may violate the contractual agreement with the customer4. References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, page 102: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4563: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4364: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 133.

Regression analysis is a data analysis tool that helps identify variables that impact the schedule and determine how these factors interact. It is used to forecast future performance based on historical data and the relationship between variables. (Reference: PMBOK Guide, 6th Edition, p. 248)

According to the PMI Risk Management Professional (PMI-RMP) Reference Materials, regression analysis is a data analysis tool that examines the relationship between one or more independent variables and a dependent variable1. Regression analysis can be used to forecast future performance based on historical data and trends2. In this case, the risk manager wants to identify which variables will impact the schedule (the dependent variable) and determine how these factors interact (the independent variables). Therefore, the risk manager should use regression analysis to create a mathematical model that can predict the schedule performance based on the values of the variables. Regression analysis can also help the risk manager to assess the significance and strength of the relationship between the variables and the schedule3.

References: 1: PMI, A Guide to the Project Management Body of Knowledge (PMBOK® Guide), Sixth Edition, 2017, p. 720 2: PMI, Practice Standard for Project Risk Management, 2009, p. 95 3: Tips and Tricks for Passing the Risk Management Professional (PMI-RMP …

The project manager should first gather more information about the previous project's issues by interviewing the other project manager. This will help in understanding the root causes of the delay and how to prevent similar issues in the current project before taking further action.

 The project manager should first include the risk of delay in delivery of the GTG in the risk register and communicate with the stakeholders about the potential impact and response strategies. This is part of the risk identification process, which is the first step in risk management. The risk register is a document that records the identified risks, their causes, effects, probabilities, impacts, and response plans. The project manager should communicate with the stakeholders to ensure that they are aware of the risk and its implications, and to obtain their feedback and support. The project manager should also update the risk register as new information becomes available or as the risk status changes. The other options are not the first actions that the project manager should take. Communicating with the client to provide the previous shutdown plan is part of the risk response process, which comes after the risk identification and analysis processes. Reviewing and updating the project schedule is part of the schedule management process, which is not directly related to risk management. Interviewing the other project manager to learn more details is a technique that can be used to identify risks, but it is not the first action that the project manager should take. The project manager should first document the risk in the risk register and communicate with the stakeholders before seeking more information from other sources. References: 3, 4, 5

The main output of the stakeholder meeting in the initiation phase is to identify threats and opportunities that may impact the project in a positive or negative way. This information will be used to develop the risk management plan.

The meeting that the project stakeholders are invited to in the initiation phase is part of the Identify Risks process. The purpose of this process is to identify the risks that may affect the project objectives in a positive or negative way, and to document their characteristics. The main output of this process is the risk register, which is a document that contains the list of identified risks, their causes, potential responses, and other relevant information. The risk register is an essential input for the subsequent risk management processes, such as Perform Qualitative Risk Analysis, Perform Quantitative Risk Analysis, Plan Risk Responses, and Monitor Risks. Therefore, the correct answer is B. Identifying threats and opportunities. References: PMI, The Standard for Risk Management in Portfolios, Programs, and Projects, 2019, p. 79-80, 86-87.

The Delphi technique allows the project risk manager to gather opinions from all stakeholders anonymously. This method would enable stakeholders to express their concerns without feeling uncomfortable in front of the influential stakeholder.

 The Delphi technique is a tool used to make quick decisions with consensus. This technique consists of sending several sets of anonymous questions to each expert. This is followed by a group discussion after every round. The Delphi technique can help the project risk manager to identify risks by soliciting the opinions of all stakeholders without revealing their identities. This way, the stakeholders can express their views freely and honestly, without being influenced or intimidated by the influential stakeholder. The Delphi technique can also reduce personal bias, ego, or emotional conflict among the participants. The project risk manager can use the results of the Delphi technique to create a list of potential risks and their causes, effects, and probabilities. References: 3, 2, 5

An Ishikawa diagram (also known as a fishbone or cause-and-effect diagram) is a tool used to identify and analyze the root causes and sources of a risk. It helps the risk manager gain a deeper understanding of the risk source and likelihood. (Reference: PMBOK Guide, 6th Edition, p. 139)

 An Ishikawa diagram, also known as a fishbone diagram or a cause-and-effect diagram, is a tool that can help the risk manager to analyze the root causes of a risk and to identify the factors that influence its occurrence and impact. An Ishikawa diagram can also help to visualize the relationships among different causes and to prioritize the most significant ones. By developing and employing an Ishikawa diagram, the risk manager can gain a deeper understanding of the source and likelihood of the risk and plan appropriate responses accordingly. References: The Standard for Risk Management in Portfolios, Programs, and Projects, page 72; PMBOK Guide, 6th edition, page 398.

The project manager should monitor and control secondary and residual risks in the risk register. This will ensure that any new risks identified during the implementation of the risk response plan are captured and managed effectively. Monitoring and controlling risks is a continuous process that helps in identifying, analyzing, and planning for new risks as well as updating the risk register as needed.

 According to the PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, one of the tasks under the domain of Risk Response Planning is to “identify and assess the effectiveness of alternative strategies to reduce threats or enhance opportunities, such as mitigation, transference, avoidance, and acceptance” 1. This implies that the project manager should also consider the potential secondary or residual risks that may arise from implementing the chosen risk response strategy. Secondary risks are new risks that are created as a direct result of implementing a risk response, while residual risks are those that remain after the risk response has been executed 2. Both types of risks should be identified and assessed for their impact and probability, and added to the risk register for further monitoring and control. Therefore, the correct answer is A.

References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, page 91 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4362

Categorizing risks by their impact on project objectives ensures that risk response plans are aligned with project priorities. This helps in focusing on the most critical risks and their potential impact on the project's success.

 Categorizing risks by their impact to the project objectives is a way of aligning the risk management process with the project goals and stakeholder expectations. By doing so, the risk management professional can ensure that the risk response plans are focused on the most critical aspects of the project and that the project priorities are being considered in the decision making. This approach can also help to communicate the value of risk management to the project team and the stakeholders, as they can see how the risk management activities are contributing to the project success. Categorizing risks by their impact to the project objectives does not necessarily help to identify the specific causes of risks, determine the level of project leadership and organizational involvement, or assign risks and risk severities to functional disciplines and departments. These are other possible ways of categorizing risks, but they are not the main purpose of using the impact to the project objectives approach. References: PMI-RMP® Certification Handbook1, page 9; PMBOK® Guide, page 415.

The project manager should reassess risks by conducting a new assumptions and constraints analysis. This will help identify any previously overlooked risks and ensure that the risk register is comprehensive and up-to-date.

 According to the PMI Risk Management Professional (PMI-RMP)® Examination Content Outline1, one of the tasks in the domain of Risk Identification is to use the information from project documents, lessons learned, and other sources to facilitate the risk identification process1. A risk workshop is a tool and technique for risk identification that involves bringing together the project team, stakeholders, subject matter experts, and risk management experts to identify and analyze the project risks in a structured and collaborative manner2. In this scenario, the risk manager should use the information from the issues and unexpected results found in the first phase of the project for a risk workshop, to avoid the previous issues in the next phase. The risk workshop will help the risk manager and the project team to identify the root causes of the issues, assess their probability and impact, and develop appropriate risk responses. The risk workshop will also enable the risk manager to update the risk register and the risk report with the new information and communicate the risk status to the relevant stakeholders. The risk manager should not improve monitoring and controlling of activities, because that is not a specific action to avoid the previous issues, but rather a general practice that should be done throughout the project life cycle3. The risk manager should not document the issues in the lessons learned, because that is not enough to avoid the previous issues, but rather a way to capture and share the knowledge gained from the project for future reference4. The risk manager should not create an issue log to share with the team, because that is not a proactive risk management technique, but rather a reactive way to track and resolve the issues that have already occurred5. References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, page 82: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4003: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 4564: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 1005: What Is an Issue Log? Templates & Tips6.

In the early stages of a project, the risk management team leader should conduct qualitative risk analysis to prioritize potential risks. This will help the team to focus on the most significant risks and develop appropriate risk response strategies.

 According to the PMI-RMP Handbook, the early stages of the project are the best time to establish the risk management plan, which is a document that describes how risk management activities will be structured and performed on the project. It is one of the main outputs of the Plan Risk Management process. The risk management plan should be developed with the involvement and input of key stakeholders, such as the project sponsor, customer, team members, subject matter experts, and other relevant parties. The risk management plan should also define the roles and responsibilities of the stakeholders in risk management, as well as the reporting and escalation mechanisms.

The risk management team leader, who is a risk management certified candidate in their domain, should educate stakeholders on best practices to perform risk management in the early stages of the project. This is because the stakeholders may have different levels of knowledge, experience, and expectations regarding risk management, especially in an organization that spans across different countries. The risk management team leader should provide training, coaching, and guidance to the stakeholders on how to apply the risk management processes, tools, and techniques, as well as how to use the risk management plan. The risk management team leader should also promote a positive risk culture and encourage stakeholder participation and collaboration in risk management activities.

The other options are not valid for what the risk management team leader should do in the early stages of the project:

• Conduct qualitative risk analysis to prioritize potential risks: This is not a valid option because the qualitative risk analysis is part of the Perform Qualitative Risk Analysis process, which comes after the Identify Risks process and before the Perform Quantitative Risk Analysis process. The risk management team leader should not conduct the qualitative risk analysis before developing the risk management plan and identifying the risks.
• Plan a solid risk response plan and secure the necessary funding: This is not a valid option because the risk response plan is part of the Plan Risk Responses process, which comes after the Perform Qualitative Risk Analysis and Perform Quantitative Risk Analysis processes. The risk management team leader should not plan the risk response plan and secure the necessary funding before developing the risk management plan, identifying, and analyzing the risks.
• Benchmark to an organization which has executed a similar project: This is not a valid option because benchmarking is a technique for risk identification, but it is not the only one. The risk management team leader should use a combination of techniques to identify risks, not just focus on one aspect. Also, benchmarking is not the same as educating stakeholders, which implies providing training, coaching, and guidance on risk management best practices.

References: PMI-RMP Handbook1, PMBOK® Guide2, Practice Standard for Project Risk Management2

The risk identification technique that the risk manager should use is the nominal group technique. This technique involves bringing stakeholders together to brainstorm potential risks and then ranking them based on their importance. This allows for interaction and collaboration among stakeholders, which can help ensure that an exhaustive list of risks is created.

The nominal group technique is a risk identification technique that involves the interaction and collaboration of stakeholders to generate an exhaustive list of risks. It is a structured process that allows each participant to share their ideas independently, then rank and prioritize them as a group. This technique ensures that all opinions are considered and reduces the influence of dominant or biased individuals12

References: 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1

Since the design phase is complete and the identified risks did not materialize, the project manager should close the risks and update their status in the risk register.

 The project manager should close the risks that did not materialize during the design phase and update their status in the risk register. Closing risks is part of the monitor and close risks process, which involves tracking the implementation of risk responses, monitoring the residual and secondary risks, and evaluating the effectiveness of risk management throughout the project. Closing risks also involves updating the risk register with the current status of the risks, the outcomes of the risk responses, and any lessons learned from the risk management process. Updating the risk register helps to maintain an accurate and updated record of the project risks and their impacts. References: PMI, Project Risk Management, 2nd edition, 2019, p. 97-981

Residual risks are the risks that remain after the risk response plan has been implemented. They are the risks that are accepted by the project team and stakeholders as part of the project. Residual risks may have low probability or impact, but they still need to be monitored and controlled throughout the project. The first thing that the risk manager should do when a risk owner identifies and reports some residual risks is to analyze, document, and communicate them to the relevant stakeholders. The risk manager should assess the probability and impact of the residual risks, and determine if they require any further response or contingency plan. The risk manager should also update the risk register and the risk report with the information about the residual risks, and share them with the stakeholders who need to be aware of them. This will help the project team and stakeholders to be prepared for any potential occurrence of the residual risks, and to take appropriate actions if needed. References: PMI, The Standard for Risk Management in Portfolios, Programs, and Projects, 2019, p. 94-95, 101.

A risk register should be developed before submitting a formal bid response to help the company understand the project's risk profile and account for potential risks in their proposal. This allows the company to make informed decisions about cost, schedule, and resources. (Reference: Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, Section 11.2)

A risk register is a document that is used as a risk management tool to identify potential setbacks within a project. A risk register is typically created at the start of a project (before it begins), and is regularly referenced and updated throughout the life of a project through deliberate risk monitoring and control1. A risk register is an important component of any successful risk management process and helps mitigate potential project delays that could arise. A risk register is shared with project stakeholders to ensure information is stored in one accessible place2. A risk register also helps to establish a hierarchy of risks, starting with the most impactful. The goal should be to have a path to mitigating those risks, reducing the harm they cause, or eliminating them. The register should also outline what’s considered an acceptable level of risk and how to set up insurance to help offset the impacts3. Therefore, a risk register should be developed before a formal bid response is provided to the client to gain a greater understanding of the project’s risk profile. This will help to estimate the project costs, schedule, and scope more accurately and realistically, as well as to identify the contingency plans and reserves needed to deal with the potential risks. Developing a risk register during the project execution phase, when a client project kick-off meeting is held, or after a project budget is set up with a purchase order are all too late to effectively identify and manage the risks that could affect the project success. References: 2, 3, 1, 4

According to the PMI-RMP Exam Content Outline1, one of the domains of the PMI-RMP certification is risk monitoring and reporting. This domain includes tasks such as “monitor and report on risk metrics and trends”, “monitor the status of risk response activities and update risk register and risk report accordingly”, and “monitor and control project contingency and management reserves”. These tasks imply that the risk manager should regularly check and report on the status of risks identified according to their prioritization (B), monitor the status and oversee execution of the risk response plan for each identified risk ©, and ensure management reserves are sufficient to cover the mitigation plans for all identified risks (D). These actions will help the risk manager to ensure the risk management plan remains effective during the project timeframe. Therefore, the best answers are B, C, and D.

References: 1: PMI-RMP Exam Content Outline, pages 9-10.

The project manager should escalate this initiative to project decision makers and sponsors, as they have the authority to approve changes in budget and scope. They can evaluate the potential benefits and associated with the new technology and make an informed decision on whether to proceed.

 According to the PMBOK® Guide1, an opportunity is a risk that would have a positive effect on one or more project objectives if it occurs. Opportunities are uncertain events or conditions that can enhance or facilitate the achievement of project goals, such as cost savings, schedule acceleration, quality improvement, or scope expansion. A project manager should take advantage of opportunities by implementing risk responses that seek to maximize their probability and/or positive impact. In this case, the project manager wants to introduce a new technology to improve the project’s performance, which is an opportunity for the project. The project manager should take advantage of this opportunity by planning and executing appropriate risk responses, such as exploiting, enhancing, sharing, or accepting the opportunity. This is part of the Plan Risk Responses and Implement Risk Responses processes in the PMBOK® Guide1. References: 1: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition.

When facing resistance from team members, the risk manager should engage in open communication to address their concerns and clarify the importance of risk management in the project.

According to the PMBOK Guide, 6th edition, Chapter 11: Project Risk Management1, the risk manager should handle this situation by meeting with team members to address their concerns. This is because:

• Resistance to risk management is a common challenge that can hinder the effectiveness and efficiency of the risk management process. Resistance can stem from various factors, such as lack of awareness, understanding, commitment, trust, or support for risk management; fear of negative consequences or blame; competing priorities or interests; or cultural differences or biases.
• Meeting with team members to address their concerns is a proactive and constructive way to overcome resistance and foster a positive risk culture within the project. By meeting with team members, the risk manager can:
• The other options are not effective in handling this situation because:

References:

• PMBOK Guide, 6th edition, Chapter 11: Project Risk Management1
• Risk Management Professional (PMI-RMP)® Exam Cert Guide2

When a new risk manager is assigned to an ongoing project, their first step should be to review the existing risk management plan to understand the current policies, practices, and strategies in place.

 The new risk manager should first review the policies and practices that are outlined in the risk management plan, as this is the document that describes how risk management will be performed on the project. The risk management plan defines the roles and responsibilities, risk categories, risk appetite and thresholds, risk identification and analysis methods, risk response strategies, risk monitoring and reporting mechanisms, and risk governance structure for the project. The new risk manager should familiarize themselves with the risk management plan to understand the project environment and the expectations and requirements for risk management. The other options are not the first actions that the new risk manager should take. Reviewing potential next steps with the project team is a good practice, but it should be done after reviewing the risk management plan to ensure alignment and consistency. Reviewing the scope of work to determine the prescribed project methodology is not directly related to risk management, and it may not provide sufficient information about the project environment and the risk management approach. Reviewing the contract and determining the resources and project funding is part of the project initiation process, and it may not reflect the current status and issues of the project. References: 2, 3, 4

The first thing the risk manager should do is analyze the situation and meet with the risk owner. This will allow the risk manager to understand the challenges faced by the risk owner and work with them to find a solution. Conducting a cost-benefit analysis or changing the risk response strategy may be necessary, but it is important to first understand the situation before taking any action.

According to the PMI-RMP Exam Content Outline, one of the tasks in the domain of Risk Response Planning is to “assist the risk owners in developing and implementing risk response strategies and actions based on the agreed-upon risk response plan”. Therefore, the first thing the risk manager should do is to analyze the situation and meet with the risk owner to understand the root cause of the challenges and the cost overrun, and to discuss possible solutions or alternatives. Highlighting this situation to the project manager, conducting a cost-benefit analysis, or changing the risk response strategy are possible actions that can be taken after the analysis and meeting, but not before. References: PMI-RMP Exam Content Outline, Domain 3: Risk Response Planning, Task 31

The stakeholders should prepare a risk-adjusted backlog when making decisions on how to respond to known and new risks. A risk-adjusted backlog helps prioritize work items based on their risk level and potential impact on the project.

 A risk-adjusted backlog is an artifact that reflects the prioritization of the product backlog items based on their risk exposure. It is used to plan for the execution phase of an agile project, where the stakeholders can decide how to respond to known and new risks by selecting the most valuable and least risky items to deliver. A risk-adjusted backlog can help the stakeholders to optimize the value delivery and reduce the uncertainty of the project outcomes. References: PMI, The Standard for Risk Management in Portfolios, Programs, and Projects, 2019, p. 113; PMI, Agile Practice Guide, 2017, p. 54.

The risk manager should perform a quantitative risk analysis to determine the potential impact of risks on the project's completion date. This will help in providing a more accurate project completion date to the customer, considering the risks and their potential effects on the project schedule.

 According to the PMI Risk Management Professional (PMI-RMP)® Examination Content Outline1, one of the tasks in the domain of Risk Analysis is to perform quantitative risk analysis using techniques such as Monte Carlo simulation, decision tree analysis, sensitivity analysis, etc., to quantify the possible outcomes for the project and their probabilities, and to evaluate the cost and schedule impacts of risks1. In this scenario, the risk manager should perform a quantitative risk analysis and update the results, because the project costs have increased significantly and the customer has imposed a strict deadline for the project completion. A quantitative risk analysis will help the risk manager to estimate the probability of meeting the project objectives, such as cost and schedule, and to determine the appropriate contingency reserves for the project. A quantitative risk analysis will also provide more accurate and reliable information for the customer and the project team, and will support the risk response planning process2. References: 1: PMI Risk Management Professional (PMI-RMP)® Examination Content Outline, page 92: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, pages 431-432.