The article provides knowledge on the topic of Risk Management to help in better preparation of the exam.
In this part of the article, we shall focus on PMBOK® knowledge of Risk management concepts.
Risk management includes six main processes in
PMBOK® theory. These are:
- Risk management planning
- Risk identification
- Qualitative risk analysis
- Quantitative risk analysis
- Risk response planning
- Risk monitoring and control
Here is an important tip for PMP® exam prep; experienced project managers start looking for risks as soon as a project is discussed. If there is a question on the exam about who should be involved in risk identification, the best answer is everyone.
PMBOK® guide lists high-level risks as output of the process of creating a project charter in Integration management. However, full blown risk identification occurs as part of planning. Hence, majority of risk identification occurs during Integration and planning process groups.
Risk identification helps to avoid risks when possible, as well as control them in case this is necessary. If you don't know where to start, one possibility is to focus on known and predictable risks, for example: product size, business impact, process definition, development environment, technology to be built and staff size and experience.
Risk identification involves all stakeholders, and may even involve literature reviews, research and talking to stakeholders.
- Documentation reviews: Review the project documentation so far including charter, project plan etc., to identify whatever risks that can be identified
- Information gathering techniques: this involves next level of digging deeper, by
- Brainstorming : meeting of stakeholders to voice ideas and thoughts
- Delphi : Anonymous participation from the target group through surveys, used to build consensus
- Interviewing : PM or designated person interviews identified respondents, experts and / stakeholders to identify risks in the project
- Root cause analysis: the identified risks are analyzed and reorganized by their root causes to help identify more risks
- SWOT (Strengths, weaknesses, opportunities, threats) Analysis
- Checklist analysis : A checklist of previously identified risks is used
- Assumptions analysis : project assumptions are critically examined to unearth inherent risk/s
- Diagramming techniques: Cause and effect diagrams, process flow charts etc., are used to examine critical points of failure and risk
Outputs of Identify Risks
The Identify Risks process helps in creation of risk register, in which all of the risk information is kept. This is one document which will constantly be updated as more risks are identified and more risk management processes are completed.
- List of risks
- List of potential responses: though in depth analysis and risk response planning occurs, many times responses are determined just as risks are unearthed. Such responses should be noted alongside the risks for further analysis
- Root causes of risks: The root causes of risks are documented for later reassessment
- Updated risk categories: Updation of records is a continuous process and not just to be done at the time of project closure. This kind of effort can be particularly helpful for management insight and any other similar projects running elsewhere in the organization
Important tip for all exam seekers: An updated risk register is an output of many risk management processes. Hence, read the questions carefully as risk register contains different information depending upon where it is being referred to.
PMP and PMBOK are registered trademarks of the Project Management Institute, Inc.