Free Practice Questions for PMI PMI-RMP Exam

Qualitative risk analysis requires consideration of both the likelihood and the impact of each risk to properly prioritize them, rather than focusing only on probability or only on impact. The PMBOK® Guide states:

"During qualitative risk analysis, risks are prioritized for further analysis or action by assessing and combining their probability of occurrence and impact on project objectives."

— PMBOK® Guide, 6th Edition, Section 11.3

Therefore, the risk manager should evaluate all identified risks, considering both likelihood and impact.

When a project requires detailed and exhaustive planning to ensure the product's characteristics and quality, a predictive approach (also known as a waterfall approach) is the most appropriate. This approach involves planning out the project in detail upfront, including the scope, schedule, and costs, which aligns with the need for thorough planning mentioned in the scenario. The predictive approach is best suited for projects where requirements are well-understood and unlikely to change, allowing for careful management of risks through detailed plans​.

To ensure an effective risk management plan, the risk manager needs to consider aligning the plan to project constraints and priorities and obtaining stakeholder acceptance, as these factors will help ensure that the plan is relevant and supported by the project team and stakeholders.

 According to the PMI-RMP Handbook, the risk management plan is a document that describes how risk management activities will be structured and performed on the project. It is one of the main outputs of the Plan Risk Management process. The risk management plan should consider the following factors to ensure its effectiveness:

Aligning to project constraints and priorities: The risk management plan should be aligned with the project objectives, scope, schedule, cost, quality, resources, and stakeholder expectations. It should also reflect the project’s risk appetite, tolerance, and threshold levels, which indicate the degree of uncertainty that the project can accept. The risk management plan should prioritize the risk management activities based on the project’s critical success factors and key performance indicators.

Obtaining stakeholder acceptance: The risk management plan should be developed with the involvement and input of key stakeholders, such as the project sponsor, customer, team members, subject matter experts, and other relevant parties. The risk management plan should be communicated and approved by the stakeholders to ensure their commitment and support for the risk management process. The risk management plan should also define the roles and responsibilities of the stakeholders in risk management, as well as the reporting and escalation mechanisms.

The other options are not valid factors for ensuring an effective risk management plan:

Applying modern risk management techniques: The risk management plan should apply the appropriate risk management techniques that suit the project’s context, complexity, and characteristics. The techniques should be based on the best practices and standards of the profession, such as the PMBOK® Guide and the Practice Standard for Project Risk Management. The techniques do not have to be modern or innovative, as long as they are effective and efficient.

Ensuring risk response strategies mitigate all risks: The risk management plan should define the risk response strategies that will be used to address the identified risks. However, the risk response strategies do not have to mitigate all risks, as some risks may be accepted, transferred, or avoided. The risk response strategies should be based on the risk analysis and evaluation, which consider the probability and impact of the risks, as well as the cost and benefits of the responses.

Minimizing implementation costs: The risk management plan should consider the budget and resources available for the risk management activities. However, the risk management plan should not aim to minimize the implementation costs at the expense of the quality and effectiveness of the risk management process. The risk management plan should balance the costs and benefits of the risk management activities, and ensure that they provide value to the project.

PMI-RMP Handbook1, PMBOK® Guide2, Practice Standard for Project Risk Management2

Including both internal and external stakeholders ensures diverse perspectives and comprehensive risk identification. PMBOK® Guide states:

"Stakeholder participation, including both internal and external stakeholders, is essential during risk identification to ensure a broad and complete identification of risks."

— PMBOK® Guide, 6th Edition, Section 11.2

The The project manager should include secondary and residual risks as part of the risk response plan. Secondary risks are those risks that arise as a direct result of implementing a risk response to a specific risk. Residual risks are those risks that are expected to remain after the planned responses of risks have been taken, as well as those that have been deliberately accepted. Both secondary and residual risks should be identified, analyzed, and monitored throughout the project life cycle. The project manager should communicate the risk response plan to the project sponsor and other stakeholders, and explain how the project team has planned to manage the secondary and residual risks12

 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1

project manager should include secondary and residual risks in the risk response plan, as they may still impact the project. Proactively addressing these risks will help the project team to be prepared and manage them effectively if they occur.

Effective communication with sponsors and stakeholders about both primary and secondary risks is crucial. PMBOK® Guide states:

"Secondary risks... should be communicated to stakeholders and sponsors to ensure transparency and allow for appropriate responses."

— PMBOK® Guide, 6th Edition, Section 11.5

When a team member is struggling to ensure the coverage of all risks in a complex project, the risk manager should develop a risk breakdown structure (RBS). An RBS helps in systematically identifying risks by categorizing them into different levels and areas, making it easier to ensure that all potential risks are considered. This structured approach is particularly useful in complex projects where risks may arise from multiple sources.

PMI advocates the use of an RBS as a best practice for comprehensive risk identification, particularly in large or complex projects where the range of potential risks can be extensive​​.

Mitigation involves taking proactive steps to reduce the probability or impact of a risk event. In this scenario, the facilitator anticipates the risk of attendees not receiving the product brochure due to spam filters. By advising participants to check their spam folders, the facilitator addresses the issue before it escalates, thereby reducing the likelihood of miscommunication or information loss. This preemptive action exemplifies a mitigation strategy, aiming to lessen the potential negative impact on the workshop's effectiveness.

PMI Risk Management Study Guide References:

The PMI-RMP Exam Preparation Study Guide defines risk mitigation as "the process of implementing actions to reduce the likelihood or impact of a risk to acceptable levels," highlighting the importance of proactive measures in risk management.

When a risk has materialized and become an issue despite preventive actions, the next logical step is to implement the pre-established risk response plan. This plan is designed specifically to address the risk if it occurs, ensuring that the project can quickly and effectively manage the issue. According to PMI's risk management guidelines, implementing the risk response plan is a critical step once a risk has been triggered, as it provides a structured approach to resolving the issue with minimal impact on the project​.

Best practice in risk management is to immediately assess the impact of identified risks and develop appropriate response plans. The PMBOK® Guide confirms:

"When a risk is identified, its impact and likelihood should be assessed as soon as possible, and risk response strategies developed and agreed upon."

— PMBOK® Guide, 6th Edition, Section 11.5

This is especially important for critical dependencies such as vendor deliverables.