Risk Strategy and Planning - 22%
|
|
Task 1 |
Perform a preliminary document analysis
-
Gather and review documents
- Give examples of preliminary documents to review prior to risk identification includes industry benchmarks (if available), previous lessons learned, historical data, and the sources of the above information.
-
Determine and assign who is responsible for the preliminary document analysis (e.g., project manager, risk manager, financial controller)
-
Establish documents relevant to the risk process
|
|
Task 2 |
Assess project environment for threats and opportunities
-
Determine which OPA / EEF / project methodology is needed (e.g., agile, waterfall, hybrid, etc.)
-
Analyze the different environmental factors to be considered in the planning phase (e.g., PESTLE, SWOT analysis)
-
Determine the organizational and cultural risk appetite
- Analyze environment for risk culture maturity
-
Evaluate the project management information system process and data
-
Conduct a stakeholder analysis
-
Analyze constraints to risk management
- Government, market laws/rules, organizational, environmental, and technical risks
-
Focus stakeholders on creating a culture of risk awareness
-
Determine business driver of project, including key assumptions, benefits, and materialization of project.
|
|
Task 3 |
Confirm risk thresholds based on risk appetites
-
Align project risk thresholds to organizational risk appetite
-
Calculate the risk the organization can absorb (e.g., financial, scope, environmental, technical, legal, schedule, quality, contract, etc.)
-
Discuss risk thresholds
-
Lead conflict resolutions between stakeholders in agreeing on risk appetite
|
|
Task 4 |
Establish risk management strategy
-
Establish risk processes and tools
-
Provide risk management templates/forms
-
Determine risk metrics
-
Identify risk categories
-
Coach/mentor team on risk management best practices (servant leadership)
-
Lead stakeholders to adopt the risk strategy
|
|
Task 5 |
Document the risk management plan
-
Define organizational risk roles and responsibilities
- Align roles and responsibilities with a project RAM (e.g., RACI) chart
-
Prepare a list of the key artifacts/resources that will be used to compile a risk management plan
-
Outline the list of key risk management activities (e.g., who, what, when, where, how)
-
Explain how the Risk Breakdown Structure (RBS) can be used to support the risk management plan
-
Define a risk communication plan
-
Define risk prioritization criteria
-
Define stakeholder empowerment and education strategy
|
|
Task 6 |
Plan and lead risk management activities with stakeholders
-
Collaborate with the team that would conduct the risk planning on the project
-
Leverage stakeholder analysis done by the project manager
-
Manage stakeholder risk appetite and attitudes
-
Engage stakeholders in the risk prioritization process
-
Set appropriate expectations with stakeholders on the rules of engagement
-
Tailor risk communication for stakeholders
-
Lead stakeholder empowerment for risk strategies in the risk management plan
-
Train, coach, and educate stakeholders in risk principles and processes in order to create shared understanding of principles and processes, and foster engagement in risk management
|
Risk Identification - 23%
|
|
Task 1 |
Conduct risk identification exercises
-
Conduct meetings, interviews, focus groups, and other SME support activities
-
Perform detailed analyses of risk identification exercise results
-
Analyze documents, audio transcripts, telemetry data, etc. and understand business context of information
-
Indicate risks as threats or opportunities
|
|
Task 2 |
Examine assumption and constraint analyses
-
Leverage the results of the assumption and constraint analysis
-
Categorize assumptions and constraints
-
Assess the risk associated with each assumption and/or constraint
-
Recognize the relationship between assumptions and/or constraints, and project objectives (e.g., predict the cascade effect of project stakeholder holiday schedules on project timelines)
-
Encourage stakeholders to challenge assumptions and constraints
|
|
Task 3 |
Document risk triggers and thresholds based on context/environment
-
Assess, confirm, and document risk compliance thresholds, and categories against updated risk data
-
Assess and document risk triggers, causes and timing
-
Assess and document risk consequences and/or impact
-
Empower stakeholders to challenge existing thresholds
|
|
Task 4 |
Develop risk register
-
Analyze the validity of identified risks and triggers
-
Examine the risk attributes like probability, impact, urgency
-
Establish risk origin and ownership e.g., internal/external
-
Classify risks as threats or opportunities
|
Risk Analysis - 23%
|
|
Task 1 |
Perform qualitative analysis
-
Perform a nominal classification or risks in the RBS using classifications from the risk management plan (e.g., environment, organizational, project management, technical, etc.)
-
Estimate the impact of risk on project schedule, budget, resources, and scope
-
Prioritize the risk based on impact, and urgency
-
Apply the risk matrices
- Agreed-upon assessment approach, Historical information, Definitions of probability and impact, Risk categories, Pre-established criteria
-
Perform an ordinal classification
-
Coach stakeholders on risk categorization strategies
|
|
Task 2 |
Perform quantitative analysis
-
Analyze risk data and process performance information against established metrics
-
Analyze a project's general risks
-
Perform a forecast and trend analysis on new and historical information
-
Perform sensitivity analysis
- Monte Carlo, decision trees, critical path, expected monetary value, etc.
-
Perform risk weighting and calculate risk priority
|
|
Task 3 |
Identify threats and opportunities
-
Assess project risk complexity
- SWOT analysis, Ishikawa, Tree Diagram
-
Perform an impact analysis on project objectives
- project scopes, schedule cost, and resources, quality, and stakeholders
-
Assess project compliance objectives against organizational strategic objectives
- procedures, project plans, corporate, and project governance, regulatory governance
-
Empower stakeholders to independently identify threats and opportunities
|
Risk Response - 13%
|
|
Task 1 |
Plan risk response
-
Determine appropriate risk response strategy
- avoid, accept, mitigate, enhance, contingency planning etc.
-
Decide the risk response actions (time bound) based on the risk response strategies and identify action owners
-
Assess the effectiveness of the risk response actions against the identified strategy and the project objectives impact
- cost/schedule/environment etc., effect of the action on the probability or the risk impact
-
Illustrate and communicate effectiveness of the risk response strategies
- risk burndown chart, dot plots
-
Determine the work around
-
Allocate responsibilities
-
Outline an appropriate responsibility matrix for a metricized project environment
-
Re-evaluate organizational risks
|
|
Task 2 |
Implement risk response
-
Execute the risk response plan(s)
-
Execute the contingency plan(s)
-
Encourage stakeholders to provide feedback on the risk response
-
Evaluate and react to secondary and residual risks from the response implementation
- Improvise as needed
|
Monitor and Close Risks - 19%
|
|
Task 1 |
Gather and analyze performance data
-
Reconcile performance data & reports from risk relevant work packages
-
Analyze data to determine the completion status against the baseline
-
Perform a variance analysis
-
Monitor impact against overall project risk exposure to enterprise
|
|
Task 2 |
Monitor residual & secondary risks
-
Monitor risk response and document residual risk
-
Monitor risk response for secondary risks
-
Assess impact of residual and secondary risks on project objectives
-
Update and communicate impact of residual and secondary risks
|
|
Task 3 |
Provide information required to update relevant project documents
-
Aggregate and summarize risk data, and update project documents
- risk register, lessons learned, project management plan, change logs etc.
-
Monitor and close out expired risks
|
|
Task 4 |
Monitor project risk levels
-
Assess project risk level
-
Prepare reports for different stakeholders
-
Communicate risk levels to key stakeholders
|
To achieve the professional designation of PMI Risk Management Professional from the PMI, candidates must clear the PMI-RMP Exam with the minimum cut-off score. For those who wish to pass the PMI-RMP certification exam with good percentage, please take a look at the following reference document detailing what should be included in PMI Risk Management Professional Exam preparation.