Many PMP risk management questions cause candidates to lose marks and valuable time because they do not have a clear definition of the main risk terms and phrases.
I have compiled my top 10 list of key risk management terms and phrases that you must remember:
The definition of a risk is “an uncertain event or condition that, if this occurs, has a positive or negative effect on a project’s objectives.”
Creating a risk response consisting of actions that are either eliminate the risk will protect the project objectives from the risk impact. The severity of any risk is determined by the probability of that happening, and the impact should it occur.
Risk avoidance is carried out by determining the above actions and building them into the project management plan, so that such actions will either reduce the risk probability to zero, and/or protect the project’s objectives such that the risk impact is zero.
Don’t confuse this with risk avoidance above. This is a risk response planning technique (a set of activities), that reduces the probability or impact of a threat so that it is below an acceptable threshold. If you will, this is risk reduction by either reducing the risk impact or its probability, or both.
This is the ‘take no action’ activity! This written response planning technique is as a result of the project in deciding not to change the project management plan in order to do with a particular risk.
Risk acceptance can be the best course of action for example, when no actions can be determined, if such actions would have more impact than the risk itself, or if the risk is estimated to be of low probability and impact, and therefore the best action is to accept a the risk and its impact if and when it should occur.
This is a risk response planning technique but passes the ownership along with the impact of it threat to a third party. Such a third party may be another department in group within your organisation, or a different organization (for example an organization who is supplying products and services to your project).
This is a document (although it could be in the form of a spread sheet or database), that contains all of the results arising from qualitative risk analysis, quantitative risk analysis, and risk response planning.
It contains details of every risk, and includes the description, category, course, probability, impact, responses, owners and current status of all risks.
Since a risk management is an ongoing activity throughout the project, known risks may arise, or existing risks may change in some way (for example their probability may increase or decrease).
This is a provision described in the project management plan to mitigate cost and/or schedule risk. It should describe what types of risk are meant to be mitigated. The reserve is often an amount of money that is intended to be used to fund project management and activities of certain named risks.
Probability and impact matrix.
The severity of a risk is determined by its probability and impact to the project’s objectives. A lower probability and low impact risk would be lower severity, and for example, this will help in terms of determining the best risk actions to take.
This matrix is a method of combining these two dimensions of a risk (probability and impact), to determine its severity.
As an absolute minimum each dimension is calibrated as highly medium or low, which produces a 3 by 3 matrix.
A trigger situation is identified for each risk. This acts as an indicator that a risk has either occurred, or is about to occur.