PMI PMI-RMP - PMI Risk Management Professional (PMI-RMP) Exam

A risk checklist is a tool for identifying risks based on historical information and knowledge from similar projects. It is a list of potential risk sources or categories that can be used to prompt the project team to consider possible risks that may affect the project. A risk checklist should include information that is relevant and useful for identifying risks, such as lessons learned from similar completed projects and previous project risks that may be relevant to this project. These two pieces of information can help the project manager to learn from past experiences and avoid repeating the same mistakes or overlooking the same threats or opportunities. A risk checklist should not include information that is not directly related to risk identification, such as budget variance data from previously completed projects, project scope and cost management plans from previous projects, or stakeholder analysis metrics from projects with similar risk profiles. These pieces of information may be useful for other aspects of project management, such as planning, monitoring, or controlling, but they are not helpful for identifying risks on a project. References: PMI. (2017). A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition. Chapter 11: Project Risk Management, p. 397. 5

Lessons learned and previous project risks are valuable sources of information for creating a risk checklist. They provide insights into potential risks that may impact the current project and help the project manager develop appropriate risk responses. Budget variance data, project scope and cost management plans, and stakeholder analysis metrics, although useful, are not directly related to risk identification. (Reference: Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, Section 11.2)

In the early stages of a project, the risk management team leader should conduct qualitative risk analysis to prioritize potential risks. This will help the team to focus on the most significant risks and develop appropriate risk response strategies.

 According to the PMI-RMP Handbook, the early stages of the project are the best time to establish the risk management plan, which is a document that describes how risk management activities will be structured and performed on the project. It is one of the main outputs of the Plan Risk Management process. The risk management plan should be developed with the involvement and input of key stakeholders, such as the project sponsor, customer, team members, subject matter experts, and other relevant parties. The risk management plan should also define the roles and responsibilities of the stakeholders in risk management, as well as the reporting and escalation mechanisms.

The risk management team leader, who is a risk management certified candidate in their domain, should educate stakeholders on best practices to perform risk management in the early stages of the project. This is because the stakeholders may have different levels of knowledge, experience, and expectations regarding risk management, especially in an organization that spans across different countries. The risk management team leader should provide training, coaching, and guidance to the stakeholders on how to apply the risk management processes, tools, and techniques, as well as how to use the risk management plan. The risk management team leader should also promote a positive risk culture and encourage stakeholder participation and collaboration in risk management activities.

The other options are not valid for what the risk management team leader should do in the early stages of the project:

Conduct qualitative risk analysis to prioritize potential risks: This is not a valid option because the qualitative risk analysis is part of the Perform Qualitative Risk Analysis process, which comes after the Identify Risks process and before the Perform Quantitative Risk Analysis process. The risk management team leader should not conduct the qualitative risk analysis before developing the risk management plan and identifying the risks.

Plan a solid risk response plan and secure the necessary funding: This is not a valid option because the risk response plan is part of the Plan Risk Responses process, which comes after the Perform Qualitative Risk Analysis and Perform Quantitative Risk Analysis processes. The risk management team leader should not plan the risk response plan and secure the necessary funding before developing the risk management plan, identifying, and analyzing the risks.

Benchmark to an organization which has executed a similar project: This is not a valid option because benchmarking is a technique for risk identification, but it is not the only one. The risk management team leader should use a combination of techniques to identify risks, not just focus on one aspect. Also, benchmarking is not the same as educating stakeholders, which implies providing training, coaching, and guidance on risk management best practices.

PMI-RMP Handbook1, PMBOK® Guide2, Practice Standard for Project Risk Management2

 

When preparing risk reports for inclusion in the monthly status report for project executives, the risk manager should adhere to the format established in the risk management plan. This ensures consistency, clarity, and alignment with the overall project management framework, making it easier for executives to understand and assess the information. PMI emphasizes the importance of following established communication protocols and formats in risk reporting to maintain effective stakeholder engagement​.

 

 

 

Qualitative risk analysis requires consideration of both the likelihood and the impact of each risk to properly prioritize them, rather than focusing only on probability or only on impact. The PMBOK® Guide states:

"During qualitative risk analysis, risks are prioritized for further analysis or action by assessing and combining their probability of occurrence and impact on project objectives."

— PMBOK® Guide, 6th Edition, Section 11.3

Therefore, the risk manager should evaluate all identified risks, considering both likelihood and impact.

According to the PMI Risk Management Professional (PMI-RMP) Reference Materials, the project management plan is the document that describes how the project will be executed, monitored, and controlled. It integrates and consolidates all the subsidiary plans and baselines from the project management processes1. The project management plan should be updated whenever there are changes in the project scope, schedule, cost, quality, resources, communications, risks, procurements, or stakeholder engagement2. In this case, the project team has decided to log the opportunities in the current project’s risk register, which is a component of the project management plan. Opportunities are positive risks that may have a beneficial effect on the project objectives, such as cost savings, schedule acceleration, or quality improvement3. Therefore, the project team should update the project management plan to ensure the results of the opportunities are captured and reflected in the relevant subsidiary plans and baselines. For example, if an opportunity leads to a cost saving, the project team should update the cost management plan and the cost baseline accordingly.

The risk owner should implement the secondary risk response, as it is now being tolerated, and update the project documents accordingly. They should also update and communicate the assessments of the secondary risk's impact to ensure everyone is aware of the situation.

According to the PMI-RMP Handbook1, the risk owner is responsible for implementing the risk response plan and monitoring the risk and its secondary risks. Therefore, the risk owner should take the following two actions when the secondary risk emerges:

Implement the secondary risk response and update the project documents. This action is consistent with the risk response strategy of tolerance, which means accepting the risk and its consequences. The risk owner should execute the planned response for the secondary risk, such as contingency plans or fallback plans, and update the relevant project documents, such as the risk register, the risk report, and the lessons learned register, to reflect the current status and impact of the risk.

Update and communicate assessments of the secondary risk’s impact. This action is consistent with the risk monitoring and control process, which involves tracking the identified risks, evaluating their impact and probability, and reporting the risk information to the appropriate stakeholders. The risk owner should reassess the secondary risk’s impact on the project objectives, such as scope, schedule, cost, and quality, and communicate the results to the project manager and other relevant stakeholders, such as the sponsor, the customer, and the team members.

PMI-RMP Handbook1

PMBOK Guide, 6th edition, Chapter 11: Project Risk Management2

This is a secondary risk because it is a risk that arises as a direct result of implementing a risk response (in this case, procuring material from a different supplier).

A secondary risk is a risk that arises as a direct result of implementing a risk response to a specific risk. In this case, the risk response is to procure the material from a different supplier if the first supplier fails to deliver on time. The secondary risk is that there may be differences in the material provided by the first and second supplier, which could affect the quality, cost, or schedule of the project. A secondary risk is different from a residual risk, which is a risk that remains after a risk response has been implemented. A primary risk is the original risk that triggers a risk response. A normal risk is not a standard term in risk management, but it could refer to a risk that is expected or inherent in a project. References: PMI Risk Management Professional (PMI-RMP) Examination Content Outline and Specifications1, page 9; A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, page 397; Secondary vs Residual Risk | Types of Risks on the PMP Exam.

 The project manager should proceed with the planned risk response to move the equipment, as this is the best way to deal with the weather-related risk that was identified and recorded in the risk register. A risk register is a document that lists all the identified risks, their causes, impacts, probabilities, and responses for a project1. A risk response is a strategy or action that is taken to reduce the negative effects or enhance the positive effects of a risk event2. A risk response should be planned and executed according to the risk management plan, which is a document that describes how risk management activities will be structured and performed on a project3. The risk management plan should also define the roles and responsibilities, risk categories, risk appetite and thresholds, risk identification and analysis methods, risk response strategies, risk monitoring and reporting mechanisms, and risk governance mechanisms3. Therefore, the project manager should follow the risk management plan and the risk register to implement the planned risk response to move the equipment, as this is the most effective and efficient way to manage the risk and meet the project objectives. Waiting until the weather improves before sending the equipment, asking the project sponsor to approve shipping the equipment, or requesting the shipment of the equipment to satisfy the client are not the best options to deal with the weather-related risk. Waiting until the weather improves may cause further delays and increase the cost and scope of the project, as well as damage the relationship with the client. Asking the project sponsor to approve shipping the equipment may not be necessary or feasible, as the project sponsor may not have the authority or the availability to make such a decision. Requesting the shipment of the equipment to satisfy the client may not be realistic or safe, as the bad weather may pose a threat to the quality and integrity of the equipment, as well as the health and safety of the people involved in the transportation. These options may also deviate from the risk management plan and the risk register, which may create confusion and inconsistency in the risk management process. References: 1, 2, 3.

In this scenario, a low-probability risk has occurred, leading to a significant project delay. To demonstrate to stakeholders that the project can still be concluded successfully, it's essential to identify the root cause of this unexpected event. An Ishikawa diagram, also known as a fishbone diagram or cause-and-effect diagram, is a tool that helps in identifying the various potential causes of a specific problem or effect. By systematically exploring all possible causes, the project team can pinpoint the underlying issues that led to the risk event. Understanding these root causes enables the team to implement corrective actions and preventive measures, thereby assuring stakeholders of the project's viability and the team's commitment to addressing unforeseen challenges effectively.

PMI Risk Management Study Guide References:

The PMI-RMP Exam Preparation Study Guide emphasizes the importance of root cause analysis in risk management, stating that tools like the Ishikawa diagram are instrumental in uncovering the fundamental reasons behind unexpected risk events, which is crucial for developing effective mitigation strategies.