PMI Risk Management Professional (PMI-RMP) Exam Questions and Answers
A project is evaluating a new software to streamline the current purchase order process. The current process is labor-intensive and involves printing, ink signatures, scanning, and emailing. Several team members gathered cycle time data to gauge the current process and evaluate the new process.
What should the risk manager do next with the data set?
A new company initiates a project to incorporate a cybersecurity team. Which three documents should the risk manager analyze first? (Choose 3)
A project is at the final development stage. The test lead informs the risk manager that a key feature may not be testable due to changes in the environment
What should the risk manager do?
A project manager has just been assigned to a new project. The project manager has been tasked by the project sponsor to ensure the project risks are closely managed. The project manager starts with developing the risk management plan.
What is the expected outcome of developing the risk management plan?
The stakeholders of a building construction project are not comfortable with the project manager ' s handling of the project as they believe there is a financial risk. The project manager asks the risk manager to assist in demonstrating to the stakeholders that the project risks are under a tolerable threshold.
What should the risk manager do first to demonstrate this to the stakeholders?
A stakeholder is asking a project team to hire an external vendor with more expertise and capacity to accelerate a delivery plan. The team has some concerns about this request. What should the risk manager do first?
During the planning phase of a construction project, the project manager is assessing the project environment for potential threats and opportunities, including market conditions, regulatory requirements, and technological changes. The risk manager is asked to support this assessment to ensure risks are consistently identified and analyzed.
What should the risk manager do?
The project risk manager on a large firm fixed priced (FFP) contract has an up-to-date risk register with accurate and detailed information. What should the project risk manager do next?
A project has suffered a big schedule delay and there are still some risks that are close to materializing. The project manager is concerned about communicating this risk level, because the stakeholders might suspend project funding and cancel the project.
How should the risk manager manage the risk level?
A risk manager for a large project has completed documenting the risk management plan. The project is moving from planning to execution.
Which three actions should the risk manager take to ensure the risk management plan remains effective during the project timeframe? (Choose 3)
A company manages confidential customer information, and a data breach exposing sensitive information was discovered. What should the risk manager do?
A large, land-based infrastructure project has begun. The project makes assumptions about the site conditions and has economic, technical, and environmental constraints
What should the project manager do next to determine risk impact of assumptions and constraints?
A risk manager for a cross-functional project is initiating the risk identification process. The risk manager conducted some meetings for stakeholders to express their concerns, but some stakeholders are complaining that their opinions were not considered.
How should the risk manager address these concerns?
A project team does not understand why a very low probability risk occurred during project execution. The team was especially vigilant about planning for this type of risk during the risk planning phase. The project has been delayed by 2 months, and the stakeholders are considering canceling the project. The risk manager needs to demonstrate that the project can be concluded.
Which analysis should the risk manager perform to demonstrate this to the stakeholders ' ?
A risk manager has been assigned to a new project and learns that stakeholders and project team members are spread across multiple time zones. Furthermore, many project team members have not worked together in the past. These items are identified as potential risks and added to the risk register.
How should the risk manager improve collaboration during risk planning?
A core project team is working on unrelated tasks in advance to reduce the risk of delay due to an external team not completing its tasks on time. The core project team has completed all possible unrelated tasks but cannot move forward, because the external team ' s tasks have yet to be completed.
What should the risk manager do next?
A budget change request was initiated by a functional manager in an organization due to a shortage in the functional manager ' s department budget. The functional manager asks the CEO to approve utilization of a contingency budget reserved for one of the projects in its closing phase.
What should the risk manager of the related project have done to prevent this situation from happening?
The major investor in a road construction project is constantly asking project team members for information about the project ' s execution. This has resulted in the project team working 20% of their day preparing project reports for the stakeholders.
What should the risk manager do to enhance the project team ' s approach to risk reports?
During a risk identification session, the risk manager notices that subject matter experts (SMEs) are reluctant to participate because some risks could expose the poor maturity of processes in other business units. Which risk analysis technique should the risk manager use?
A new project to develop a custom software solution for a high-profile client is being initiated. The project sponsor emphasizes the importance of delivering the solution on time and within budget, as this project could lead to significant future opportunities. The risk manager recognizes that the team lacks a standardized approach to managing risks and that some team members are unfamiliar with risk management practices.
What should the risk manager do?
A project manager managing a high-risk rating project was just informed that one of the key project resources has decided to leave the organization. The project manager asks the risk manager for their recommendations. The risk manager previously identified this as a risk and had created a transition plan to enable another resource to carry out the same duties. The risk manager was informed that by transitioning the responsibilities to the new resource, new risks to the completion dates of other project-related tasks appear.
What should the risk manager advise the project manager?
During a complex infrastructure project, the team successfully mitigated a risk related to equipment failure. However, the mitigation strategy resulted in a secondary issue due to the use of alternative machinery.
What should the risk manager do?
An IT project is 40% complete. During the initial analysis, risks A and B were identified for the project. Risk A has a probability of 0.6 and an impact of US$50.000. Risk B has a probability of 0.7 and an impact of USS60.000. After implementing the planned risk response for risk B. the probability of risk B has been reduced is 0.3.
What is the current project risk exposure?
A project manager has determined that they cannot outsource work nor eliminate the scope. They also discover that they cannot buy insurance or mitigate the risk.
What should the project manager do?
The risk manager also serves as a facilitator for a project and realizes the project team members have biases impacting how they perceive risks. What analysis is currently being used?
Stakeholder deliverable reviews will start soon and additional work is expected to resolve any issues or required adjustments. Budget overruns during execution have put serious constraints on the remainder of the project ' s budget.
What should the project manager do next?
A risk manager administered a pre-workshop risk survey in preparation for the upcoming workshop. The workshop invitees participated in the survey and submitted many risks encompassing all project phases and risk areas. The risk manager sorts risks by similarities and categories for the workshop.
What should the risk manager do next to visually organize the risks?
A project manager has finished the project charter for a project and has now moved into the planning phase. In the first planning meeting, the project manager is trying to determine the risk tolerance and risk attitudes of the project ' s key stakeholders.
What is the first resource the project manager should reference?
A risk manager recently had to take an unexpected leave of absence. An interim risk manager has been tasked with completing risk planning for a new project. The interim risk manager has been provided with a strength, weaknesses, opportunities, and threats (SWOT) analysis that was completed during a project kickoff meeting several weeks ago.
What should the interim risk manager do to derive actionable risk responses from the SWOT analysis?
A project manager is trying to realize benefits from new material on an adaptive project. This is the first time the project team is using the material so the team does not have information to identify and analyze risks. A team member informs the project manager that a local university has recently published a research journal on the same material.
Where should the project manager find this information?
During the risk management planning, key stakeholders recommend adding more factors other than probability and the impact to refine the score of prioritized threats in subsequent iterations of the qualitative risk analysis. The stakeholders ask the risk manager to prepare a list to discuss this further.
Which three valid factors should the risk manager prepare on the list for discussion? (Choose 3)
During a meeting to develop the risk management plan, the risk manager recognizes that risks may be identified that could also impact other projects that the company is pursuing. What should the risk manager do?
A project has consistently been lagging in cost performance index (CPI) and schedule performance index (SPI) over the past few months. The risk manager realizes that some activities are taking longer than expected and more resources are needed.
Which project artifact should the risk manager analyze to mitigate the risk of further project overrun?
A risk manager is managing risks of a mission critical application. A subject matter expert (SME) asks the risk manager to treat every single risk identified as an extremely high priority.
What should the risk manager do?
The project manager and the risk manager of a new project to develop an application to support autonomous driving are meeting with the sponsor and key stakeholders to discuss the project. During the meeting, it is identified that the transport authority is discussing new traffic regulations for the industry that could be in place before the project ends.
How should the project manager and the risk manager handle this situation?
A project team successfully implemented a risk response plan for a major risk event. Residual risks were evaluated and actions were taken to keep them under control. There were no secondary risks after the implementation.
What should the risk manager do?
A two-year project with a budget of US$2 million has completed about 60% of the work at the end of the first year. The actual cost incurred to complete the remaining 40% of work is about USS1.5 million. As a part of performing a specialized risk analysis, the calculated schedule performance index (SPI) is 1.2 and cost performance index (CPI) is 0.53.
How should the risk manager interpret such a low CPI value?
A software company has recently completed a project that delivered a new web application. Throughout the project, several issues were realized that resulted in cost and schedule overruns. The project ' s executive sponsor has requested a deep-dive into what went wrong since the company will be developing additional web applications in the future.
What should the risk manager do?
A risk manager is facilitating a session to define a response to a critical risk. Stakeholders from several business units participate in the brainstorming, leading to a range of ideas for possible responses. However, the risk manager now needs to understand which solutions will be cost effective.
What should the risk manager do?
A risk manager notices that a risk owner is facing challenges implementing their response strategy and the costs are significantly exceeding expectations. What is the first thing the risk manager should do?
A project team working on a large software deployment project for a few months has been able to prevent a technical risk from occurring. However, an incident took place and triggered the technical issue.
What should the risk manager do?
A risk manager is facilitating a risk identification workshop on a new product with technical experts. There is no consensus among the technical experts on most of the identified risks and their characteristics. The risk manager decides to resolve this difference using another technique.
Which technique should the risk manager use in this situation?
A subcontractor working on a project may cause delays in the construction schedule. The project manager records this risk in the risk register and issues a change request sponsor rejects the change request.
What should the project manager have done differently?
When should the benefits of quantitative risk analysis be weighed against the effort required to ensure that the additional insights and value justify the extra effort?
A financial service firm adheres to heavily regulated compliance legislation. During the firm ' s latest project, the Chief Financial Officer (CFO) and the Chief Information Officer (CIO) endorsed a risk-based approach. This approach ensured compliance with the legislative requirements for properly storing confidential employee salary information. The risk manager recorded this information in the project ' s risk management plan.
What is the organization ' s risk maturity level?
One project in a program needs to be completed in 6 months because there is a large bonus for early completion. Consequently, the program manager transfers all resources to this project and arranges for employees to receive overtime pay.
Which risk response strategy is the program manager using in this scenario?
The project manager is reviewing the lessons learned from a previous similar project. The previous project was delayed due to the delay in delivery of a gas turbine generator (GTG). Construction of the previous project had to be shut down unexpectedly to wait for the late delivery of the GTG.
What should the project manager do first?
The project manager wants to use an objective method to evaluate the key project risks and develop response plans.
What action should the risk manager propose?
A risk manager is working with a key project stakeholder who is concerned about the likelihood of quality issues such as product defects or process anomalies. The stakeholder has a low tolerance for any defects. The risk manager needs to tailor the risk management strategy to accommodate the stakeholder ' s risk appetite.
What should the risk manager do?
The project sponsor asks the project manager about the accuracy of the project data. The project manager realizes that some risks have not been updated recently.
What should the project manager do regarding those risks?
A project team has completed plan risk response activities and has identified three critical risk response plans to major risk events. The responses have been monitored and implemented, with one of the responses presenting the two secondary risks.
What should the risk manager do next?
A project team is presenting a delivery plan to a client. Some of the client ' s experts do not feel comfortable with some activities at a critical stage. The experts ask to change the plan and present a better alternative.
What should the risk manager do first?
Three months into a program, multiple workstreams are showing issues. At this point, the program manager requires that a risk impact assessment be conducted.
What will help calculate the impact?
A key project is delayed and all contingency reserves have been used even though the project team has implemented all planned risk responses. What should the risk manager do next?
During a risk identification process in a construction project, the lack of space to install air conditioners is raised as a risk with high impact. Which is an example of an early risk trigger?
A project manager is educating the project team on risk management regarding the role of threats and opportunities. The team decides to log the opportunities in the current project ' s risk register to try to maximize their chances of occurrence.
What should the project team do next?
A project manager for a predictive project just received a scope change request where additional development is required. What should the risk manager do to support the project manager with this scope change request?
The project manager has completed four projects all with similar scope. The project manager has recently been assigned to start on a new project and believes some risks may occur again on this project.
What should the project manager do?
A project manager works on a long-term and high visibility project at an organization that has a low risk appetite towards this project due to its impact on the company ' s business. The project sponsors follow up weekly with the project manager, who was just informed by one of the risk owners that the exposure from two high-impact risks are hitting the risk thresholds.
What should the project manager do next?
A project manager for a large product development project assigned a risk manager to perform the risk management. The project sponsor questions why this project requires a risk manager as it is similar to a previous project with a developed risk strategy.
How should the risk manager explain the need for a risk strategy specific to this project?
What should the risk owner use as an effective information-gathering technique during the planning session?
A project manager is working on a complex construction project. During the risk identification process, hundreds of risks were identified. The team seems to be confused regarding on which risks to focus. The project manager advises the team to go ahead and start assessing the likelihood and impact of each risk.
What process is this part of?
A company has been awarded a large government contract to develop a new transportation system. There is uncertainty surrounding the project ' s timeline. The project team is struggling to finalize the project ' s budget due to unclear estimates from vendors. An updated vendor price list detailing the costs of available technologies is an essential component in determining the project ' s final cost. The project team will not be able to finalize the project ' s timeline until the budget is finalized.
What should the risk manager do?
A project team is preparing a project plan for a government-funded project with multiple stakeholders, including government employees. The project sponsor requests the risk manager estimates the potential costs associated with delays that may arise from government employees, due to bureaucratic processes and other administrative factors.
How should the risk manager approach this task?
An organization with a portfolio of unique business functions kicks-off a performance improvement project across the entire organization. There are a large number of stakeholders the project team will need to consider during risk identification.
What three actions should the risk manager ensure the project team performs during risk identification? (Choose 3)
In a project to promote public health and mitigate health risks, the national health authorities intend to take actions to limit the risks of harmful insects by using pesticides; however, it is expected that some residents will have negative health effects due to the use of the pesticides but according to the assessment completed by the health authorities, not moving forward with this plan will have much more serious consequences on public health rather than following through with the original plan.
How should the project manager address this concern with the health authorities?
A risk management professional is currently facilitating the risk planning process with the project team. To increase the breadth of considered risks, the team wants to include high-level and strategic project risks.
What should the risk management professional do next?
A project team has just completed a project plan, which includes extra days for most of the critical activities to cover any possible issues. Stakeholders want to remove these additional days, because the end date is longer than expected.
What should the risk manager do first?
An organization performs an annual strategies and initiatives workshop during which a strengths, weaknesses, opportunities, and threats (SWOT) analysis is being conducted. As part of this process the functional managers identify the opportunities and threats.
What should the risk manager do next?
During project planning, a risk is identified for which the risk manager has defined a mitigation strategy. Later during project execution, this risk still leaves substantial residual risk.
What should the risk manager do to handle this situation?
A project manager wants to work on understanding the project risks. The project manager works with the integrated project team to develop the risk handling strategies for the identified risks.
How should the project manager work with these risk handling strategies?
The trigger for a highly categorized threat has occurred. The risk has a set response plan.
Who is responsible for developing responses to risk and monitoring the implementation status of the risk response?
Multiple new risks have come up on a project that were not included on the risk register. The project manager met with the team to explain that risk management is critical for the success of the project, and risk identification is key.
What should the project manager do next?
The risk manager of a major project needs to ensure the organizational process assets (OPAsj are updated as a result of risk management activities. How will the risk manager accomplish this?
A project manager is working on a high priority and high profile project. The project team had identified three opportunities, and after analysis, risk responses were recorded. Although risk responses were adequate for the identified opportunities, two of those opportunities were not acted upon. During the risk audit, the project manager found out that several of the planned risk responses were not implemented.
What should the project manager have done to avoid this?
A risk manager is assigned to a new system deployment project with a strict contractually agreed-on schedule. One of the key risks identified is the availability of experts because many are shared on other strategic projects in the organization.
What should the risk manager do to address this situation?
Project stakeholders can often be risk averse with little to no knowledge of the risk process. How should a risk manager increase stakeholder risk appetite?
A company has a project whose objective is to extract gold reserves from Field 1. However, another field closest to the company. Field 2, which has a higher probability of having twice as much gold reserves than Field 1. The risk manager requests the board of Directors to include Field 2 under the scope of the current project by management of change because the project ' s profitability will increase by 80%.
What type of request is the risk manager describing?
A project ' s design has been completed and approved on time. The construction subcontractor should be mobilizing to start construction but does not have the necessary materials in place, causing a delaying in the project. The risk register only contains risks for the design phase of the project.
What should the project manager have done differently?
A project team identifies that there is a probability of missing a key milestone in a project. The team wants to move forward with the risk response planning.
What should the risk manager complete first?
In a highly dynamic project environment, the project manager is known to have project risks as a permanent agenda item in their periodic project progress meetings. How will this help improve the project ' s risk management activities? (Choose 3)
During a risk reassessment workshop with the project team and some external stakeholders, two key external stakeholders are overemphasizing the impact of a few project risks. This has led to a conflict.
How should the risk manager handle this situation?
A risk manager is preparing for the first meeting with their project sponsor on a potential project for a large client. The risk manager reviews their newly developed project risk register to identify any risks that should be analyzed further and begins by prioritizing the probability column based on the following criteria:
1 = Very Low
2 = Low
3 = Medium
4 = High
5 = Very High
What type of risk analysis is the risk manager performing?
During the monthly executive review meeting, the project sponsor would like to understand how the project team has planned to manage risks that were identified in the last meeting. What should the project manager do?
A project team has completed the risk response plan for a newly identified major project risk. Some team members argue the plan does not totally eliminate the risk, considering the effort required to implement it, and feel the planned response should be thrown out altogether.
What should the risk manager do in this situation?