Prévia do material em texto

Question 1 
In your project, you are creating a diagram that describes the decision under consideration and 
implications of choosing one or another of the available alternatives. This will help to: 
 
Get a qualitative analysis of the risk 
 
Determine which risks may have the most impact on the project 
 
Translate the uncertainties at a detailed level into potential impact on objectives expressed at 
the level of the total project 
 
Determine which decision yields the greatest expected value 
 
Justification: D Decision Tree Analysis is a diagramming and calculation technique for evaluating the 
implications of a chain of multiple options in the presence of uncertainty. 
 
Reference: PMBOK® Guide - Fifth Edition, page 536 
 
Solving the decision tree indicates which decision yields the greatest expected value to the decision-maker 
when all the uncertain implications, costs, rewards, and subsequent decisions are quantified. 
 
 
 
 
 
 
 
Question 2 
As a project manager, you are concerned with determining which risks may affect the project. 
What is the process by which such risks are determined? 
 
Plan Risk Management 
 
Identify Risks 
 
Perform Qualitative Risk Analysis 
 
Plan Risk Responses 
 
Justification:B Identify Risks is the process of determining which risks may affect the project and 
documenting their characteristics. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
 
 
1
Question 3 
In your project, you have identified important risks and planned appropriate responses to the 
risks. Some risks, such as the possibility of natural disasters impacting the project, have been 
documented and accepted in the risk register. What are the remaining risks called? 
 
Unidentifiable Risks 
 
Residual Risks 
 
Secondary Risks 
 
Accepted Risks 
 
Justification:B Residual risks are those risks that remain after risk responses have been implemented. 
Residual risks are expected to remain after planned responses have been taken, as well as those that have 
been deliberately accepted. 
 
Reference: PMBOK® Guide - Fifth Edition, pages 305 and 558 
 
 
 
 
Question 4 
Workarounds differ from contingency plans in that: 
 
Contingency plans are planned in advance and workarounds are not planned in advance. 
 
Workarounds are planned in advance and contingency plans are not planned in advance. 
 
Contingency plans include plans for force majeure events, e.g. natural calamities, but 
workarounds are the residual risks in the project. 
 
Workarounds only include plans for force majeure events, e.g. natural calamities 
 
Justification:A Workaround: A response to a threat that has occurred, for which a prior response had 
not been planned or was not effective. Contingency plan or Fallback plan includes an alternate set of actions 
and tasks available in the event that the primary plan needs to be abandoned because of issues, risks, or 
other causes. 
 
Reference: PMBOK® Guide - Fifth Edition, pages 540 and 567 
 
Workaround is distinguished from contingency plan in that a workaround is not planned in advance of the 
occurrence of the risk event. 
 
 
 
 
2
Question 5 
You are the project manager of a project which involves off-shore oil exploration. Since you 
cannot plan for all eventualities, you establish a contingency reserve, including amounts of time, 
money, or resources to handle the risks. This is an example of: 
 
Risk avoidance 
 
Risk transfer 
 
Active risk acceptance 
 
Improper risk planning since all risks should be identified and accounted 
 
Justification:C The most common active acceptance strategy is to establish a contingency reserve, 
including amounts of time, money, or resources to handle the risks. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
 
 
3
Question 6 
Please refer to the Decision Tree diagram given below. It shows the analysis of profit/loss for the 
two alternatives (i.e., to build or buy). 
 
 
 
What is the opportunity cost if the project manager decides to build instead of buy? 
 
- $1,500 
 
$3,500 
 
$1,500 
 
$5,000 
 
Justification:B Please refer to the diagram below : 
 
 
 
Profit of build: $5,000 
 
Profit of buy: $3,500 
 
Opportunity cost of build = Profit you give up if you do not buy = $3,500 
 
 
 
4
Question 7 
As part of the risk management process, you have just created an overall risk ranking of the 
project and a list of prioritized identified risks which need additional analysis and determined 
trends in risk analysis results. What should you do next? 
 
Analyze the effect of identified risks on overall project objectives 
 
Create a list of identified risks 
 
Maintain a risk register 
 
Make a list of potential responses to the risks 
 
Justification:A Tasks like creating an overall risk ranking of the project, which includes a list of 
prioritized risks, identifying which risks need additional analysis and determining trends in risk analysis 
results are all outputs of Perform Qualitative Risk Analysis (PMBOK® Guide - Fifth Edition, page 333). So, the 
next step is Perform Quantitative Risk Analysis (i.e. analyze the effect of identified risks on overall project 
objectives) -PMBOK® Guide - Fifth Edition, page 333. Please note that options 2, 3, and 4 refer to outputs 
from Identify Risks process which has already been completed - PMBOK® Guide - Fifth Edition, page 327. 
 
 
 
 
 
 
 
Question 8 
In your project, probabilities are estimated and the alternatives are expected to be as follows: 
25% probability for $ 25,000 profit 
50% probability for $ 40,000 profit 
25% probability for $ 100,000 profit 
 
What is the expected profit in your project? 
 
$ 40,000 
 
$ 50,000 
 
$ 51,250 
 
$ 53,750 
 
Justification:C Expected Profit = Sum of the products of Probability and Profit for all alternatives i.e. 
[Sum of (Probability X Profit)] for all the three alternatives 
=(0.25 x $ 25,000) + (0.50 x $ 40,000) + (0.25 x $ 100,000) 
= $ 6250 + $ 20,000 + $ 25,000 
= $ 51,250 
 
 
 
5
Question 9 
Project Risk Management includes all the processes concerned with conducting risk management 
planning, identification, analysis, response planning, and controlling risk on a project. In this 
context, which of the following statements about risk is not accurate? 
 
Risk is an uncertain event or condition. 
 
Risks have to be identified and properly managed. 
 
Risk management should be done throughout the project. 
 
Risk have a negative impact on the project objective. 
 
 
Justification:D The objectives of Project Risk Management are to increase the likelihood and impact of 
positive events, and decrease the likelihood and impact of negative events in the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
 
 
 
 
 
 
Question 10 
You have completed the process of developing options and actions to enhance opportunities and 
to reduce threats to project objectives. What is your NEXT step? 
 
Determine which risks may affect the project and document their characteristics. 
 
Implement risk response plans, track identified risks, monitor residual risks, identify new risks, 
and evaluate risk process effectiveness throughout the project. 
 
Define how to conduct risk management activities for a project. 
 
Assess the priority of identified risks using their probability of occurrence. 
 
Justification:B Plan Risk Responses is the process of developing options and actions to enhance 
opportunities and to reduce threats to project objectives. 
 
Control Risks is the process of implementing. risk response plans, tracking identified risks, monitoring 
residual risks, identifying new risks, and evaluating risk process effectiveness throughout the project. 
 
The other options take place prior to the Plan Risk Responses process: 
 
Option 1: This refers to the Identify Risks process. 
Option 3: This refers to the Plan Risk Management process. 
Option 4:This refers to the Perform Qualitative Risk Analysis process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
Please note that the Control Risks process should follow the Plan Risk Responses process. So, option 2 is 
the correct answer. 
 
 
6
Question 11 
In your project, the project architect met with an accident and will not be available for the next 3 
months. You had not planned for this in risk planning - what should you do NEXT? 
 
Create a Workaround 
 
Create a Fallback Plan 
 
Do additional risk response planning 
 
Create a new risk register for this risk 
 
Justification:A Workaround. A response to a threat that has occurred, for which a prior response has 
not been planned or was not effective. 
 
Reference: PMBOK® Guide - Fifth Edition, page 567 
 
 
 
 
 
 
 
Question 12 
You are in the process of creating a risk management plan for your project. This plan will describe 
how risk management will be structured and performed on the project. Your risk management 
plan may include: 
 
Avoid, transfer, mitigate, and accept risks 
 
Risk audits, reserve analysis, and technical performance measurement 
 
Risk audits, triggers, and inputs to other processes 
 
Budgeting, timing, and risk categories 
 
Justification:D The risk management plan includes the following: methodology, roles and 
responsibilities, budgeting, timing, and risk categories. 
 
Reference: PMBOK® Guide - Fifth Edition, pages 316 and 317 
 
Option 1: This is done during the Plan Risk Responses process 
Option 2: This is done during the Control Risks process 
Option 3: This is done during the Identify Risks process 
 
 
7
Question 13 
Which of the following tools and techniques would you NOT use in your project during the Plan 
Risk Responses process? 
 
Strategies for negative risks or threats 
 
Contingent response strategies 
 
Expert judgment 
 
Simulation 
 
Justification:D Simulation is not a tool or technique for the Plan Risk Responses process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 312 (figure 11-1) 
Modeling and Simulation is used during the Perform Quantitative Risk Analysis process. 
 
 
 
 
 
 
 
 
Question 14 
You have geographically dispersed team members, from whom you would like to anonymously 
obtain expert opinion on the project you are managing. Which information gathering technique 
should you use? 
 
Brainstorming 
 
Delphi technique 
 
SWOT analysis 
 
Checklists 
 
Justification:B The Delphi technique is a way to reach a consensus of experts. Project risk experts 
participate in this technique anonymously. 
 
Reference: PMBOK® Guide - Fifth Edition, page 324 
Brainstorming and SWOT analysis are not done anonymously. Checklists are an output of the Plan Quality 
process. 
 
 
8
Question 15 
Graphical representations of situations showing causal influences, time ordering of events, and 
other relationships among variables and outcomes are also referred to as: 
 
Cause-and-effect diagrams 
 
System flow charts 
 
Influence diagrams 
 
Simulation diagrams 
 
Justification:C Influence diagrams. These are graphical representations of situations showing causal 
influences, time ordering of events, and other relationships among variables and outcomes. 
 
Reference: PMBOK® Guide - Fifth Edition, page 325 
 
 
 
 
 
Question 16 
You are in the build phase of a Build-Operate-Transfer (BOT) project, which has run into several 
unanticipated problems. Several risks have surfaced which you had not anticipated earlier. The 
project is over-budget and significantly behind schedule. What should you do? 
 
Create updates to risk response plan 
 
Create a revised project plan 
 
Perform risk audits 
 
Perform updated risk identification and analysis 
 
Justification:D Results from earned value analysis may indicate potential deviation of the project at 
completion from cost and schedule targets. When a project deviates significantly from the baseline, updated 
risk identification and analysis should be performed. 
 
 
 
9
Question 17 
While managing a project, you decide to create a prototype of your product first to ensure that it is 
acceptable to stakeholders before creating your product. This is an example of: 
 
Risk mitigation 
 
Risk avoidance 
 
Simulation 
 
Project assumptions testing 
 
Justification: A Mitigation may require prototype development to reduce the risk of scaling up from a 
bench-scale model of a process or product. 
 
 
Question 18 
You are the project manager for XYZ company. The Quality Control team recently identified a 
large number of defects in the project deliverables which the team had to repair. You have been 
working for a few weeks with the Quality Assurance team to adjust some quality procedures and 
address some training issues for your project which the team believes is the reason for the 
defects. The project is now behind schedule due to the problems encountered. The CPI is 
currently 1.12 and the SPI 0.82. While discussing the quality issues in a status meeting, a key 
stakeholder comments that she is alarmed at the potential cost impact of one particular risk and is 
wondering why it is of little concern to the project team. You are confident that her concern for that 
particular cost risk is unwarranted at the moment; in fact, you believe there is another risk that is 
of bigger concern. The following table displays the current risks for your project. Considering that 
schedule is a concern right now, which risk are you going to tell the stakeholder and other 
meeting participants is the greatest and is therefore the biggest concern of the team right now? 
Risk Probability Cost Impact Schedule Impact 
A 0.4 2 8 
B 0.4 6 3 
C 0.3 2 3 
D 0.2 4 9 
 
 
A 
 
B 
 
A & B 
 
D 
 
Justification:A For each risk identified, multiply the probability by the cost and schedule impact. Once 
you have each P & I score, you can prioritize the risks. Risk A currently is the biggest threat to your schedule 
and overall objectives. 
Risk Probability Cost Impact Schedule Impact PI (Cost) PI (Schedule) Total 
A 0.4 2 8 0.8 3.2 4 
B 0.4 6 3 2.4 1.2 3.6 
C 0.3 2 3 0.6 0.9 1.5 
D 0.2 4 9 0.8 1.8 2.6 
 
10
Question 19 
You are the project manager in an automobile manufacturing company. Machine parts required in 
your manufacturing process supplied by a vendor did not reach in time because of heavy rains. 
You had anticipated this risk and planned for it in your risk response plan. So, as per your risk 
response plan, you started using unutilized machine parts supplied one year ago. However, this 
has subjected your project to a new risk - the machine parts which were not used for one year 
suffer from higher level of defects. 
 
This new risk can also be called: 
 
Unidentifiable risks 
 
Unmanageable risks 
 
Secondary risks 
 
Residual risks 
 
Justification:C Secondary risk. A risk that arises as a direct result of implementing a risk response. 
 
 
 
 
 
 
 
 
 
 
Question 20 
Based on past estimates, there is a 25% probability for a particular event to occur every year. If a 
project lasts for three years, what is the probability of the event happening in the third year? 
 
15.625 % 
 
6.25 % 
 
25% 
 
75% 
 
 
Justification:C The probability of the event happening every year is 25%. So, the probability of the event 
happening in the third year is also 25%. 
 
 
 
11
Question 21 
As a project manager, you estimate that, in your project, there is: 
 
50% probability of earning $40,000 profit 
50% probability of incurring $25,000 loss 
 
What is the expected value for the project considering profit and loss possibilities? 
 
$32,500 
 
$25,000 
 
$7,500 
 
- $7,500 
 
Justification:C Expected Profit = Sum of (Probability X Profit) (for each alternative) 
= (0.50 x $40,000) + (0.50 x - $25,000) 
= $20,000 - $12,500 
= $7,500 
 
 
 
 
 
 
Question 22In your project, you have been sub-contracting your IT development work to four consultancy 
firms. Which of the following statements about transferring risk to a contractor is not true? 
 
Risk transference nearly always involves payment of a risk premium. 
 
Fixed price contract always transfers the risk to the seller. 
 
Cost-plus contracts may transfer the cost risks to the buyer. 
 
Contracts may be used for the transference of liability for specified risks to another party. 
 
 
Justification:B A fixed-price contract may transfer risk to the seller. 
 
Reference: PMBOK® Guide - Fifth Edition, page 344 
A fixed-price contract transfers risk to the seller if requirements are well defined and seller has the capacity to 
handle the risk. 
 
 
12
Question 23 
Your project is now in the executing stage. You are continuously monitoring and controlling risks 
to minimize negative risks and to take timely action. Risk audits are helpful in this context 
because they: 
 
Examine and document the effectiveness of risk responses. 
 
Help in reassessment of risks. 
 
Provide trends in the execution of the project, which can be reviewed using performance 
data. 
 
Provide inputs required for the project planning stage. 
 
 
Justification:A Risk audits examine and document the effectiveness of risk responses in dealing with 
identified risks and their root causes, as well as the effectiveness of the risk management process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 351 
 
 
 
 
 
 
Question 24 
You had budgeted $200,000 in your project as contingency reserve. Now, when you are 75% 
through in project execution, you notice that the funds in your contingency reserves are down to 
$20,000. To compare the amount of contingency reserves remaining in your project to the amount 
of risk remaining, you should conduct a: 
 
Variance analysis 
 
Trend analysis 
 
Risk assessment 
 
Reserve analysis 
 
 
Justification:D Reserve analysis compares the amount of the contingency reserves remaining to the 
amount of risk remaining at any time in the project in order to determine if the remaining reserve is adequate. 
 
Reference: PMBOK® Guide - Fifth Edition, page 352 
 
 
 
13
Question 25 
Since you know the importance of risk management, you always include it as an agenda item in 
your weekly status meetings and spend ten minutes discussing the risks. Some of your project 
team members complain that since none of the risks are actually happening, discussing risk 
management issues in status meetings is a waste of time. What should you do? 
 
Talk to your team members about the importance of risk management and why the project 
team needs to be aware of all risks at all points of time. 
 
Agree with your team members and mention to them that henceforth, no more time would be 
spent on discussing risks in the project status meetings unless required in the future. 
 
Call a meeting with your project sponsor and project management team to discuss potential 
training requirements for your project team members so that they can appreciate the benefits 
of risk management. 
 
Escalate to your management that some of your team members do not agree with your risk 
management practices. 
 
Justification:B Project Risk Management should be an agenda item at periodic status meetings. The 
amount of time required for that item will vary, depending upon the risks that have been identified, their 
priority, and difficulty of response. 
 
Reference: PMBOK® Guide - Fifth Edition, page 352 
 
There is no need to spend a fixed amount of time in all the status meetings to discuss risk management 
issues. 
 
Option 1: This states that the team should be aware of `all` risks at `all` times. This may not be possible 
because some risks are not identified or may be prioritized lower (hence, place them in a watchlist). 
 
Option 3: This assumes that the team does not know about importance of risk management which is not 
accurate. 
 
Option 4: This talks about escalating a project issue to senior management, which is not advisable in this 
context. 
 
 
 
 
Question 26 
You are in the Identify Risks process of your project where you determine which risks may affect 
the project and document their characteristics. Who would you want to be a part of the Identify 
Risks process? 
 
The project manager, project team members, subject matter experts, and customers 
 
The risk management team, end users, and risk management experts 
 
All relevant stakeholders 
 
Positively impacted stakeholders 
 
Justification:C Participants in risk identification activities may include the following: project manager, 
project team members, risk management team (if assigned), customers, subject matter experts from outside 
the project team, end users, other project managers, stakeholders, and risk management experts. While 
these personnel are often key participants for risk identification, all project personnel should be encouraged 
to identify potential risks. 
 
Reference: PMBOK® Guide - Fifth Edition, page 321 
 14
 
Question 27 
In your project, which of the following facilitates the Control Risks process? 
 
Reserve analysis 
 
Analytical techniques 
 
SWOT analysis 
 
Assumptions analysis 
 
Justification:A Reserve analysis is a tool used during the Control Risks process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 349 (figure 11-20) 
 
Option 2: Analytical techniques is used in the Plan Risk Management process 
Option 3: SWOT analysis is used in the Identify Risks process 
Option 4: Assumptions analysis is also used in the Identify Risks process. 
 
 
 
 
Question 28 
In the Identify Risks phase, you are working with your team to determine which risks may affect 
project performance. Which of the following information gathering techniques can you use to 
facilitate the process? 
 
Brainstorming, cause and effect diagrams, and P&I Matrix 
 
Delphi technique, SWOT analysis, and risk audits 
 
SWOT analysis, Decision tree, and influence diagrams 
 
Brainstorming, Delphi technique, and root cause analysis 
 
Justification:D Brainstorming, Delphi technique, interviewing, and root cause analysis are the 
information gathering techniques used in the Identify Risks process. 
 
Reference: PMBOK® Guide - Fifth Edition, pages 324 and 325 
 
Option 1: Cause and effect diagrams are a type of diagramming technique (not information gathering). The P 
& I Matrix is used in the Perform Qualitative Risk Analysis process. 
Option 2: SWOT is not an Information Gathering technique. Risk audits are used to control risks. 
Option 3: Decision Trees are used in the Perform Quantitative Risk Analysis process. Influence diagrams are 
a type of diagramming technique 
 
 
 
 
15
Question 29 
You are the project manager of a software company developing a new banking software product. 
You would like to obtain information from various experts about the risks associated with your 
project. You decide to use the Delphi technique because this keeps any one person from having 
undue influence on the outcome of the Identify Risks process. The Delphi technique also has the 
added advantage that it: 
 
Finds out a problem, discovers the reasons that led to it, and develops preventive actions. 
 
Helps reduce bias in the data. 
 
Examines the project from each of the SWOT perspectives to increase the breadth of the 
identified risks. 
 
Provides a qualitative assessment of risk. 
 
Justification: BThe Delphi technique helps reduce bias in the data and keeps any one person from 
having undue influence on the outcome. 
 
Reference: PMBOK® Guide - Fifth Edition, page 324 
 
Option 1: This is an advantage of "Root cause analysis" technique. 
Option 3: This is an advantage of "SWOT analysis". 
Option 4: This is not valid in the Identify Risks process (where the Delphi technique is used). It happens in 
the Perform Qualitative Risk Analysis process.Question 30 
As part of Perform Quantitative Risk Analysis process, you, as a project manager, have already 
done a sensitivity analysis, created decision trees and done a project simulation using Monte 
Carlo technique. However, when you show your results to your manager, she is not happy. She 
thinks that your analysis is not acceptable because: 
 
Monte Carlo simulations are not a standard methodology used in the company for risk 
quantification. 
 
The quantitative value of identified risks is too high. 
 
You have not performed risk audits as part of your project. 
 
You have not conducted an interview with the project stakeholders and subject matter 
experts. 
 
Justification:D Interviewing techniques draw on experience and historical data to quantify the 
probability and impact of risks on project objectives. The information needed depends upon the type of 
probability distributions that will be used... Documenting the rationale of the risk ranges and the assumptions 
behind them are important components of the risk interview because they can provide insight on the reliability 
and credibility of the analysis. 
 
Reference: PMBOK® Guide - Fifth Edition, page 336 
 
Option 1: This may or may not be true. There is nothing in the question which suggests that Monte Carlo 
Analysis should not be used and this is a standard tool for the Perform Quantitative Risk Analysis process. 
Option 2: A high quantitative value of risks does not render the Perform Quantitative Risk Analysis process 
unacceptable. 
Option 3: This refers to a tool and technique in the Control Risks (not the Perform Quantitative Risk Analysis) 
process. 
16
Option 4: This is the correct answer. Since a risk interview was not conducted, the results of the Perform 
Quantitative Risk Analysis process will not be dependable. 
 
 
 
Question 31 
Please refer to the Decision Tree given below which shows the analysis of profit/loss for the two 
alternatives (i.e., build or buy). 
 Which, out of the two alternatives of 
build or buy, should the project manager recommend? 
 
Build 
 
Buy 
 
Either build or buy 
 
Sensitivity analysis before making a build/buy decision 
 
Justification:A The project manager should recommend build because the expected value is higher for 
this alternative. 
 
 
 
 
17
Question 32 
In Plan Risk Responses process, you are developing options and actions to reduce threats to 
your project`s objectives. When you show the results to your project sponsor, she is not 
comfortable with the risks in the project and suggests that the project scope should be decreased. 
This is an example of: 
 
Risk acceptance 
 
Risk avoidance 
 
Risk mitigation 
 
Risk transfer 
 
Justification:B Risk avoidance involves changing the project management plan to eliminate the threat 
entirely. The project manager may also isolate the project objectives from the risk`s impact or change the 
objective that is in jeopardy. Examples of this include extending the schedule, changing the strategy, or 
reducing scope. 
 
Reference: PMBOK® Guide - Fifth Edition, page 344 
 
 
 
 
 
 
 
Question 33 
Even after carefully performing risk management for the project, you realize that possibility of new 
risks occurring in the future still exists. You will be able to handle such risks if you perform: 
 
Plan Risk Management 
 
Identify Risks 
 
Control Risks 
 
Plan Risk Responses 
 
Justification:C Control Risks is the process of implementing risk response plans, tracking identified 
risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout 
the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 349 
 
 
 
 
18
Question 34 
In managing risks for your project, you examine the extent to which the uncertainty of each project 
element affects the objective being examined when all other uncertain elements are held at 
baseline values. This helps to: 
 
Get a qualitative analysis of the risk. 
 
Determine which risks may have impact on the project. 
 
Translate the uncertainties at a detailed level into potential impact on objectives expressed at 
the level of the total project. 
 
Determine the implication of choosing one alternative over the other. 
 
Justification:B Sensitivity analysis helps to determine which risks have the most potential impact on 
the project. It helps to understand how the variations in project`s objectives correlate with variations in 
different uncertainties. Conversely, it examines the extent to which the uncertainty of each project element 
affects the objective being studied when all other uncertain elements are held at their baseline values. 
 
Reference: PMBOK® Guide - Fifth Edition, page 338 
 
 
 
 
 
Question 35 
Plan Risk Responses is the process of developing options and actions to enhance opportunities 
and to reduce threats to project objectives. The output of Plan Risk Responses process may be: 
 
Expert judgment 
 
Project management plan updates 
 
Risk management plan 
 
Risk register 
 
 
Justification:B Project documents updates and project management plan updates are outputs of Plan Risk 
Responses process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 342 (figure 11-18) 
 
Option 1: This is a technique used in the Identify Risks, Perform Quantitative Risk Analysis, Perform Qualitative 
Risk Analysis, and Plan Risk Responses processes. 
Option 3: This is an output of the Plan Risk Management process. 
Option 4: This is an output of the Identify Risks process. 
 
 
19
Question 36 
In your new project the objective is to develop a new drug. After doing financial analysis, your 
finance manager provided you with these statistics: 
 
30% probability of success with benefits of $700,000 
70% probability of failure with loss of $300,000 
 
Based on this information, you: 
 
Suggest that the project should proceed. 
 
Suggest that the project should be stopped. 
 
Communicate to your senior management that you cannot take a decision whether to 
proceed with the project or not. 
 
Start working on the project and ask your finance manager for additional information. 
 
 
Justification:C Expected Value of the project 
= Expected Value of success (0.30 x $700,000) + Expected value of Failure [0.70 x (- $300,000)] 
= $210,000 - $210,000 
= 0 
 
Since the Expected Value is "0", you cannot take a decision whether to continue with the project or not. 
 
 
 
 
 
Question 37 
In your project, you have just conducted a risk data quality assessment to evaluate the degree to 
which the data about risks is useful for risk management. What is your next step? 
 
Perform a structured review of project plans and assumptions, both at the total project and 
detailed scope levels. 
 
Develop checklists to identify risks based on historical information and knowledge that has 
been accumulated from previous similar projects. 
 
Conduct planning meetings to develop the risk management plan. 
 
Conduct interviews to quantify the probability and impact of risks on project activities. 
 
Justification: D Risk data quality assessment is a tool for Perform Qualitative Risk Analysis. 
 
Option 4: This is the correct answer. It refers to "Interviewing" which is a tool and technique for Perform 
Quantitative Risk Analysis. Perform Quantitative Risk Analysis is conducted after Perform Qualitative Risk 
Analysis. 
Option 1: This refers to Documentation Reviews which is a tool for Identify Risks. Identify Risks is conducted 
before Perform Qualitative Risk Analysis. 
Option 2: This refers to Checklist Analysis which is a tool for Identify Risks. Identify Risks is conducted before 
Perform Qualitative Risk Analysis. 
Option 3: This refers to "Meetings" which is a tool for Plan Risk Management process. Plan Risk 
Management process is conducted before Perform Qualitative Risk Analysis process. 
 
 
20
Question 38 
You are evaluatingthe probabilities of risks and costs or rewards for each logical path of events 
and future decisions. You create a diagram that describes a decision under consideration and the 
implications of choosing one or another of the available alternatives. The diagram you have 
created can be referred to as: 
 
Simulation diagram 
 
Fishbone diagram 
 
Decision tree 
 
Influence diagram 
 
Justification:C Decision tree analysis. A diagramming and calculation technique for evaluating the 
implications of a chain of multiple options in the presence of uncertainty. 
 
Reference: PMBOK® Guide - Fifth Edition, page 536 
 
 
 
 
 
Question 39 
In your project, you have created a list of identified risks and potential responses. You should 
document this information in the: 
 
Risk management plan 
 
Risk database 
 
Project plan 
 
Risk register 
 
Justification:D The risk register is a document in which the results of risk analysis and risk response 
planning are recorded. 
 
Reference: PMBOK® Guide - Fifth Edition, page 327 
 
 
 
 
 
21
Question 40 
In your project, the risk calculations show that there is a risk of overrunning the project scope and 
schedule targets to levels that are beyond the threshold limits determined in the project. To bring 
the level of risk to a level acceptable to your organization, you should: 
 
Consider using contingency reserves 
 
Decrease the project scope and increase the project schedule 
 
Talk with your sponsor about cancelling the project 
 
Do additional risk response planning 
 
Justification:A Contingency reserves are needed to bring the risk of overrunning stated project 
objectives to a level acceptable to the organization. 
 
Reference: PMBOK® Guide - Fifth Edition, page 341 
 
 
 
 
 
 
Question 41 
As a project manager, you are creating a risk management plan to describe how risk 
management will be structured and performed on the project. Which of the following would the 
risk management plan not include? 
 
Budgeting 
 
Methodology 
 
Trigger condition 
 
Risk categories 
 
 
Justification:C Trigger condition is an event or situation that indicates that a risk is about to occur. 
 
Reference: PMBOK® Guide - Fifth Edition, page 566 
 
Please note that trigger conditions are not discovered in the Plan Risk Management process and are not included 
in the risk management plan. All the other options are included in the risk management plan (PMBOK® Guide - 
Fifth Edition, pages 316 and 317). 
 
 
 
22
Question 42 
Project Risk Management helps in maximizing the likelihood and impact of positive events, and 
minimizing the likelihood and impact of negative events in the project. In this context, Plan Risk 
Responses process: 
 
Helps in defining how to conduct the risk management activities 
 
Develops procedures and techniques to enhance opportunities and to reduce threats to 
project objectives 
 
Determines which risks may affect the project and documents their characteristics 
 
Monitors residual risks, identifies new risks, and evaluates risk process effectiveness 
 
Justification:B Plan Risk Responses is the process of developing options and actions to enhance 
opportunities and to reduce threats to project objectives. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
Option 1: This defines the Plan Risk Management process. 
Option 3: This defines the Identify Risks process. 
Option 4: This defines the Control Risks process. 
 
 
 
Question 43 
If there is a fire, the risk response plan developed is to use a fire extinguisher. If the fire 
extinguisher cannot take care of the fire, you call in a fire engine – calling in the fire engine is an 
example of: 
 
Secondary risk 
 
Residual risk 
 
Fallback Plan 
 
Work around 
 
Justification:C Several risk response strategies are available… A fallback plan can be developed for 
implementation if the selected strategy turns out not to be fully effective or if an accepted risk occurs. 
 
Reference: PMBOK® Guide - Fifth Edition, page 343 
 
 
 
 
23
Question 44 
You have created an Excel spreadsheet that shows cumulative cost at any particular point of time 
in the project duration. Your director wants to review the project costs and you decide to make a 
presentation. Cumulative costs plotted against time is shown in the slide as a: 
 
S-curve 
 
Histogram 
 
Control chart 
 
Pareto diagram 
 
Justification:A S-curve is a graphic display of cumulative costs, labor hours, percentage of work, or 
other quantities, plotted against time. The name derives from the S-like shape of the curve. 
 
 
 
 
 
24
Question 45 
Utility function is a commonly used technique to determine risk tolerance levels. Some project 
managers are more averse to risk than others. Which of the following is NOT a commonly used 
classification for risk tolerance? 
 
Risk averter 
 
Risk seeker 
 
Risk mitigation 
 
Neutral risk taker 
 
 
Justification:C The three commonly used classifications for risk tolerance are risk averter or avoider, risk 
taker or seeker and the neutral risk taker (risk averse, risk seeking, risk neutral). 
 
 
 
 
Reference: Project Management - A Systems Approach to Planning, Scheduling and Controlling, page 746 
 
 
 
25
Question 46 
The Plan Risk Responses process helps the project manager to develop options and actions to 
enhance opportunities and to reduce threats to project objectives. The output from the Plan Risk 
Responses is updates to the risk register, which should be: 
 
At the level of detail of work packages in the WBS 
 
At the level of detail whereby actions can be taken 
 
Able to identify and document residual risks and secondary risks 
 
Used for periodic risk reviews to identify risk ratings and prioritization 
 
Justification:B The risk register should be written to a level of detail that corresponds with the priority 
ranking and the planned response. Often, the high and moderate risks are addressed in detail. 
 
Reference: PMBOK® Guide - Fifth Edition, page 347 
 
 
 
 
 
Question 47 
In your project, you are about to complete the Plan Risk Responses process. Completion of 
certain tasks marks the end of the process. Which one of the following is NOT that task? 
 
People have been identified to take responsibility for each agreed-to and funded risk 
response. 
 
High priority risks are addressed in detail in the risk register. 
 
Low priority risks are included in the risk mitigation plan if they occur. 
 
Negative risks have been considered for avoidance, transference or mitigation. 
 
Justification:C Risks judged to be of low priority are included in a watch list for periodic monitoring. 
 
Reference: PMBOK® Guide - Fifth Edition, page 347 
 
 
 
26
Question 48 
Your company is a pioneer in the construction industry. The government recently floated a tender 
for setting up a new airport. Since you do not have all the requisite skills within the company, you 
enter into a joint venture with a leading airport construction company to bid jointly for the 
government contract. This is an example of: 
 
Risk exploitation 
 
Risk sharing 
 
Risk enhancing 
 
Risk mitigating 
 
 
Justification:B Strategies for positive risks or opportunities (share): Sharing a positive risk involves 
allocating some or all of the ownership of the opportunity to a third party who is best able to capture the 
opportunity for the benefit of the project. Examples of sharing actions include forming risk-sharing partnerships, 
teams, special-purpose companies, or joint ventures, which can be established with the express purpose of taking 
advantage of the opportunity so that all parties gain from their actions. 
 
Reference: PMBOK® Guide - Fifth Edition, page 346 
 
 
 
 
Question 49 
Probability distributions are popular tools of the Perform Quantitative Risk Analysis process. In 
this context, which of the followingstatements on probability distributions is not accurate? 
 
Beta Distribution is a continuous distribution. 
 
Triangular distribution is a discrete distribution. 
 
Discrete distributions can be used to represent uncertain events such as a possible scenario 
in a decision tree. 
 
Uniform distributions can be used only if there is no obvious value that is more likely than any 
other between specified high and low bounds. 
 
 
Justification:B Beta distribution and Triangular distribution are two examples of widely used continuous 
distributions. 
 
Reference: PMBOK® Guide - Fifth Edition, page 337, figure 11-14 
 
 
27
 
Question 50 
In your project, you have completed the Identify Risks process to determine which risks may 
affect the project, and a risk register has been prepared. What should you do NEXT? 
 
Risk probability and impact assessment 
 
Avoid, transfer or mitigate negative risks 
 
Exploit, share or enhance opportunities 
 
Risk audits 
 
Justification:A After the Identify Risks process, the next step is the Perform Qualitative Risk Analysis 
process. Risk probability and impact assessment is one of the tools and techniques for the Perform 
Qualitative Risk Analysis process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 312 (figure 11-1) 
 
Option 2 (Avoiding, transferring or mitigating negative risks) is done during the Plan Risk Responses 
process, which happens after the Perform Qualitative Risk Analysis and the Perform Quantitative Risk 
Analysis processes. 
 
Option 3 (Exploiting, sharing or enhancing opportunities) is done during the Plan Risk Responses process, 
which happens after the Perform Qualitative Risk Analysis and the Perform Quantitative Risk Analysis 
processes. 
 
Option 4 (Risk audits) is a tool for the Control Risks process, which happens after the Perform Qualitative 
Risk Analysis, the Perform Quantitative Risk Analysis and the Plan Risk Responses processes. 
 
 
 
 
Question 51 
In your project, you identified disaster situations (e.g. floods, earthquakes, etc.) as potential risks. 
The project sponsor suggested that, at the project level, no steps could be taken to deal with such 
risks and recommended creation of a contingency reserve (with 5% of the project budget) which 
could be used in case of disaster situations. This is an example of: 
 
Risk mitigation 
 
Risk acceptance 
 
Risk avoidance 
 
Bad policy decision 
 
Justification:B Accept: Risk acceptance is a risk response strategy whereby the project team decides 
to acknowledge the risk and not take any action unless the risk occurs. This strategy is adopted where it is 
not possible or cost-effective to address a specific risk in any other way. This strategy indicates that the 
project team has decided not to change the project management plan to deal with a risk, or is unable to 
identify any other suitable response strategy... The most common active acceptance strategy is to establish a 
contingency reserve, including amounts of time, money, or resources to handle the risks. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
 
28
Question 52 
While doing a cost-benefit analysis, you determine that a new project has 60% probability of 
earning a profit of $1,000,000 or 30% probability of incurring a loss of $500,000. What is the 
expected monetary value of the decision? 
 
$400,000 
 
$600,000 
 
$450,000 
 
$200,000 
 
 
Justification:C Expected monetary value (EMV) analysis is a statistical concept that calculates the average 
outcome when the future includes scenarios that may or may not happen (i.e. analysis under uncertainty). The 
EMV of opportunities are generally expressed as positive values, while those of threats are expressed as negative 
values... EMV for a project is calculated by multiplying the value of each possible outcome by its probability of 
occurrence and adding the products together. 
 
Reference: PMBOK® Guide - Fifth Edition, page 339 
 
Expected Monetary Value (EMV) 
= Sum of (Probability x Impact) of individual decisions 
= 0.60 x $1,000,000 – 0.30 x $500,000 
= $600,000 - $150,000 
= $450,000. 
 
 
 
 
 
 
Question 53 
You work for a company which executes heavy engineering contracts. While performing risk 
response planning for your project, you determine a risk that there is a "Possibility of getting new 
orders in the future which are beyond the current capacity of our production facilities." What 
should you do? 
 
Classify this as a threat and create workaround plans. 
 
Classify this as strength and create a fallback plan. 
 
Classify this as a weakness and transfer it to another company. 
 
Classify this as an opportunity and exploit the opportunity. 
 
Justification:D Strategies for positive risks or opportunities are... exploit, share, enhance, and accept. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
“Possibility of getting new orders in the future” refers to a positive event: so, this is a positive risk. This can 
also be called an opportunity because the projects are not internal to the company but got from other 
providers. So, option 4 is the best choice which talks about classifying this as an opportunity and exploiting it. 
 
 
 29
Question 54 
Being a diligent project manager, you understand the importance of identifying all project risks 
which can then be prioritized using the Perform Qualitative and Quantitative Risk Analysis. In this 
context, which of the following tools and techniques can be used for the Identify Risks process? 
 
Documentation reviews, brainstorming, root cause analysis, and checklist analysis 
 
Assumptions analysis, risk probability and impact assessment, interviewing, and Delphi 
technique 
 
Expected monetary value, root cause analysis, influence diagrams, and documentation 
reviews 
 
Contingent response strategies, assumptions analysis, influence diagrams, and Delphi 
technique 
 
Justification:A Option 1: This is the correct answer as it has all the tools and techniques which are 
used for the Identify Risks process. 
 
Option 2: Risk probability and impact assessment – this is used for the Perform Qualitative Risk Analysis 
process. 
 
Option 3: Expected monetary value – this is used for the Perform Quantitative Risk Analysis process. 
 
Option 4: Contingent response strategies – this is used in the Plan Risk Responses process. 
 
Reference: PMBOK® Guide - Fifth Edition, page 312 (figure 11-1) 
 
 
 
 
 
 
Question 55 
Careful and explicit risk management planning ensures possibility of success of the other risk 
management processes. In this context, you use sensitivity analysis to: 
 
Determine which risks may affect the project 
 
Determine which risks have the most potential impact on the project 
 
Define how risk management processes will be performed 
 
Define how to conduct risk management activities for a project 
 
Justification:B Sensitivity analysis helps to determine which risks have the most potential impact on 
the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 338 
 
Sensitivity analysis is a tool and technique for the Perform Quantitative Risk Analysis 
 
 
 
30
 
 
 
Question 56 
In the recent status meeting, you discover that your project has a 65 percent chance of making a 
USD 100,000 profit and a 35 percent chance of incurring a USD 100,000 loss. What is the 
expected monetary value for the project? 
 
USD 100,000 profit 
 
USD 100,000 loss 
 
USD 30,000 profit 
 
USD 30,000 loss 
 
 
Justification:C Expected monetary value is calculated by the formula EMV = Probability x Impact. 
 
0.65 x 100,000 = 65,000 
0.35 x 100,000 = 35,000 
EMV = 65,000 – 35,000 = 30,000 
 
 
 
 
 
Question 57 
As a project manager, you would identify risks in which of the following processes? 
 
Identify Risks 
 
Plan Risk Management and Identify Risks 
 
Identify Risks and Control Risks 
 
Perform Qualitative Risk Analysis and Control RisksJustification:C Identify Risks is the process of determining which risks may affect the project and 
documenting their characteristics. Control Risks is the process of implementing risk response plans, tracking 
identified risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness 
throughout the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
 
31
 
Question 58 
You are the project manager for a new software development project. A previously unidentified 
risk is discovered when the project is nearing completion. You realize that this risk may adversely 
impact the project`s overall ability to deliver. As a project manager, what step do you take FIRST? 
 
Perform Quantitative Risk Analysis 
 
Inform the project sponsor and the stakeholders about the potential impact of the risk on the 
project 
 
Perform Qualitative Risk Analysis 
 
Mitigate the risk to reduce its impact 
 
Justification:C Perform Qualitative Risk Analysis is the process of priortizing risks for further analysis 
or action by assessing and combining their probability of occurrence and impact. The key benefit of this 
process is that it enables project managers to reduce the level of uncertainty and to focus on high-priority 
risks. 
 
Reference: PMBOK® Guide - Fifth Edition, page 328 
 
Since this risk "may" adversely impact the project`s overall ability to deliver, you should perform Project 
Qualitative Risk Analysis to determine the probability and impact of the risk. 
 
 
 
 
 
Question 59 
You are the project manager for the construction of a shopping mall. As the location is prone to 
earthquakes, you plan to construct a building that is resistant to earthquakes. This is an example 
of: 
 
Risk mitigation 
 
Risk transfer 
 
Risk avoidance 
 
Risk acceptance 
 
 
Justification:A Risk mitigation implies a reduction in the probability and/or impact of an adverse risk to be 
within acceptable threshold limits. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
Just as prevention is better than cure, early action is more effective than trying to repair the damage after the risk 
has occurred. 
 
 
 
32
 
Question 60 
You are a project manager and have just discovered a risk in your project that requires an 
immediate corrective action. During which Project Risk Management Process is this action 
performed? 
 
Plan Risk Management 
 
Identify Risks 
 
Perform Qualitative Risk Analysis 
 
Control Risks 
 
Justification:D Control Risks is the process of implementing risk response plans, tracking identified 
risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout 
the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 309 
 
This process helps in meeting the unexpected risks which require immediate corrective action. 
 
 
 
 
Question 61 
You are the project manager in an IT consultancy firm which does projects for other companies. 
Based on your interaction with senior management of other companies, you classify your clients 
into categories like Risk Averse, Risk Neutral and Risk Seeking. You are using: 
 
Risk Management Planning 
 
Utility theory 
 
Risk identification 
 
Risk categorization 
 
Justification:B Utility Function (Utility Theory): This is used to measure stakeholder risk tolerance and 
defines the level or willingness to accept a risk. The three categories of utility theory are Risk Averse, Risk 
Neutral, and Risk Seeking. 
 
 
 
33
Question 62 
In the Plan Risk Management process, you define how to conduct risk management activities for 
a project because careful and explicit planning enhances the probability of success for the 
subsequent risk management processes. In this context, what will you NOT do when you Plan 
Risk Management? 
 
Identify Risks 
 
Establish an agreed-upon basis for evaluating risk 
 
Ensure that the degree, type, and visibility of risk management are commensurate with both 
the risks and the importance of the project 
 
Provide sufficient resources and time for risk management activities 
 
Justification: A The key benefit of the Plan Risk Management process is it ensures that the degree, 
type, and visibility of risk management are commensurate with both the risks and the importance of the 
project to the organization...Planning is also important to provide sufficient resources and time for risk 
management activities, and to establish an agreed-upon basis for evaluating risks. 
 
Reference: PMBOK® Guide - Fifth Edition, pages 313 and 314 
 
Risk identification (the Identify Risk process) is not done during the Plan Risk Management process. 
 
 
 
 
 
Question 63 
When talking to the stakeholders to identify risk, you usually start with general or high level 
questions and then get into specific or particular questions. This is also called: 
 
Risk categorization 
 
Nominal group technique 
 
Delphi technique 
 
Funnel analysis 
 
Justification:D Funnel Analysis: A type of interviewing technique by which we start with general or 
high level questions and then get into specific or particular questions. 
 
 
 
34
Question 64 
In your project, you want to determine which risks have the most potential impact on the project. 
So, you examine the extent to which the uncertainty of each project element affects the objective 
being examined when all other uncertain elements are held at their baseline values. This is an 
example of: 
 
Risk response planning 
 
Expected monetary value analysis 
 
Sensitivity analysis 
 
Simulation 
 
Justification:C Sensitivity analysis helps to determine which risks have the most potential impact on 
the project. It helps to understand how the variations in project`s objectives correlate with variations in 
different uncertainties. Conversely, it examines the extent to which the uncertainty of each project element 
affects the objective being studied when all other uncertain elements are held at their baseline values. 
 
Reference: PMBOK® Guide - Fifth Edition, page 338 
 
 
 
 
 
Question 65 
You are a retail company which routinely buys goods from foreign countries. Since currency 
fluctuation is an important risk, you keep all other factors constant and try to find out how much 
your project will be impacted if the currency rate fluctuates by 5%, 10%, 20% or 25%. This helps 
you determine appropriate risk response. This can also be effectively shown using: 
 
Beta probability distributions 
 
Expected monetary value analysis 
 
Tornado diagram 
 
Simulation 
 
Justification:C Sensitivity analysis helps to determine which risks have the most potential impact on 
the project. It helps to understand how the variations in project`s objectives correlate with variations in 
different uncertainties. Conversely, it examines the extent to which the uncertainty of each project element 
affects the objective being studied when all other uncertain elements are held at their baseline values. One 
typical display of sensitivity analysis is the tornado diagram, which is useful for comparing relative importance 
and impact of variables that have a high degree of uncertainty to those that are more stable. 
 
Reference: PMBOK® Guide - Fifth Edition, page 338 
 
Since all other factors are kept at baseline values and only one element (i.e. currency rate) is changed, we 
are using Sensitivity Analysis. This can be shown using a Tornado diagram. 
 
 
 
35
 
Question 66 
You are the project manager at an aircraft manufacturing company, where you use a wind tunnel 
to test how changes in different parameters like wind speed, temperature, humidity, etc. will 
impact the flight parameters of a prototype aeroplane. So, the project model is computed many 
times (iterated), with the input values chosen at random for each iteration from the probability 
distributions of these variables. The technique usedis: 
 
Monte Carlo simulation 
 
Expected monetary value 
 
Sensitivity analysis 
 
Probability distributions 
 
Justification:A A project simulation uses a model that translates the specified detailed uncertainties of 
the project into their potential impact on project objectives. Simulations are typically performed using the 
Monte Carlo technique. In a simulation, the project model is computed many times (iterated), with the input 
values (e.g., cost estimates or activity durations) chosen at random for each iteration from the probability 
distributions of these variables. 
 
Reference: PMBOK® Guide - Fifth Edition, page 340 
 
 
 
Question 67 
In your project, you want to extend the project schedule to reduce the threat that your project may 
not get the resources in time to complete the project. This is an example of: 
 
Develop Schedule 
 
Avoid risk 
 
Mitigate risk 
 
Secondary risk 
 
 
Justification: B Avoid. Risk avoidance involves changing the project management plan to eliminate the 
threat entirely. The project manager may also isolate the project objectives from the risk’s impact or change the 
objective that is in jeopardy. Examples of this include extending the schedule, changing the strategy, or reducing 
scope. 
 
Reference: PMBOK® Guide - Fifth Edition, page 344 
 
36
Question 68 
When doing risk response planning, you have come to know that the project involves use of new 
technology which is not tested properly. The risk is so high that your sponsor decides to terminate 
the project. This management decision to terminate the project is an example of: 
 
Terminate risk 
 
Avoid risk 
 
Mitigate risk 
 
Close Project 
 
Justification:B Avoid. Risk avoidance involves changing the project management plan to eliminate the 
threat entirely… The most radical avoidance strategy is to shut down the project entirely. 
 
Reference: PMBOK® Guide - Fifth Edition, page 344 
 
 
 
 
 
Question 69 
When your company buys computers from Dell, you also pay extra for a three year warranty 
which ensures that any manufacturing defects will be taken care of by Dell. The risk response 
strategy used is: 
 
Exploit 
 
Avoid 
 
Mitigate 
 
Transfer 
 
 
Justification: D Transfer. Risk transference is a risk response strategy whereby the project team shifts the 
impact of a threat to a third party, together with ownership of the response… Transference tools can be quite 
diverse and include, but are not limited to, the use of insurance, performance bonds, warranties, guarantees, etc. 
 
Reference: PMBOK® Guide - Fifth Edition, page 344 
 
 
 
37
Question 70 
Your project team has decided not to change the project management plan to deal with a risk. 
This is an example of: 
 
Contingent response 
 
Avoid 
 
Fallback plan 
 
Accept 
 
Justification: D Accept. Risk acceptance is a risk response strategy whereby the project team decides 
to acknowledge the risk and not take any action unless the risk occurs...This strategy indicates that the 
project team has decided not to change the project management plan to deal with a risk, or is unable to 
identify any other suitable response strategy. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
 
 
 
 
 
 
Question 71 
If you create a contingency reserve to manage risks in your project, this can be referred to as: 
 
Avoidance 
 
Passive acceptance 
 
Active acceptance 
 
Mitigation 
 
Justification:C Passive acceptance requires no action except to document the strategy, leaving the 
project team to deal with the risks as they occur, and to periodically review the threat to ensure that it does 
not change significantly. The most common active acceptance strategy is to establish a contingency reserve, 
including amounts of time, money, or resources to handle the risks. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
 
38
Question 72 
In your project, which of the following strategies would you not use as a response to 
opportunities? 
 
Exploit 
 
Mitigate 
 
Share 
 
Accept 
 
Justification:B Strategies for positive risks or opportunities: Three of the four responses are suggested 
to deal with risks with potentially positive impacts on project objectives. The fourth strategy, accept, can be 
used for negative risks or threats as well as positive risks or opportunities. These...are exploit, share, 
enhance, and accept. 
 
Reference: PMBOK® Guide - Fifth Edition, page 345 
 
 
 
 
 
Question 73 
In your project, you implemented a risk response and hired an additional skilled technical 
resource that can help in testing your application. However, you are worried that the technical 
resource may leave - this new risk can also be called: 
 
Secondary risk 
 
Acceptance risk 
 
Fallback Plan 
 
Workaround 
 
Justification: A Secondary Risk. A risk that arises as a direct result of implementing a risk response. 
 
Reference: PMBOK® Guide - Fifth Edition, page 562 
 
After implementing your risk response (i.e. hiring an additional resource), a new risk arises (i.e. the hired 
resource may leave). This is an example of Secondary risk. 
 
 
 
 
 
 
39
Question 74 
A risk that remains after risk responses have been implemented is referred to as: 
 
Secondary risk 
 
Residual risk 
 
Fallback Plan 
 
Accepted risk 
 
 
Justification:B Residual Risk. A risk that remains after risk responses have been implemented. 
 
Reference: PMBOK® Guide - Fifth Edition, page 558 
 
 
 
 
 
 
 
 
Question 75 
In your project, you should handle "known unknown" risks through: 
 
Risk Mitigation 
 
Risk Avoidance 
 
Risk Response Planning 
 
Risk Acceptance 
 
 
Justification:C Known risks are called "known unknowns" – handled by risk response plans and 
unknown risks are called "unknown unknowns" – handled by reserves. 
 
 
 
40
 
Question 76 
The process of implementing risk response plans, tracking identified risks, monitoring residual 
risks, identifying new risks, and evaluating risk process effectiveness throughout the project is 
done through: 
 
Identify Risk 
 
Plan Risk Management 
 
Control Risks 
 
Constantly evaluate risk 
 
Justification:C Control Risks is the process of implementing risk response plans, tracking identified 
risks, monitoring residual risks, identifying new risks, and evaluating risk process effectiveness throughout 
the project. 
 
Reference: PMBOK® Guide - Fifth Edition, page 349 
 
 
 
 
 
Question 77 
In your project, you want to examine and document the effectiveness of risk responses in dealing 
with identified risks and their root causes, as well as the effectiveness of the risk management 
process. The tool you should use is: 
 
Risk reassessment 
 
Variance Analysis 
 
Technical performance measurement 
 
Risk Audit 
 
Justification:D Risk audits examine and document the effectiveness of risk responses in dealing with 
identified risks and their root causes, as well as the effectiveness of the risk management process. The 
project manager is responsible for ensuring that risk audits are performed at an appropriate frequency, as 
defined in the project’s risk management plan. 
 
Reference: PMBOK® Guide - Fifth Edition, page 351 
 
 
41
 
Question 78 
During Monitoring and Controlling phase of your project, you conduct regular meetings with your 
team to identify new risks, reassess current risks and close outdated risks. This is done through: 
 
Risk reassessment 
 
Variance Analysis 
 
Technical performance measurement 
 
Risk Audit 
 
 
Justification:A Risk Reassessment. Control Risks often results in identification of new risks, reassessment 
of current risks, and the closing of risks that are outdated. Project risk reassessments should be regularly 
scheduled. The amount and detail of repetition that are appropriate depends on how the project progresses 
relative to its objectives. 
 
Reference: PMBOK® Guide - FifthEdition, page 351 
 
 
 
42
 
Question 79 
You are the project manager for a construction company involved in designing 
and building state-of-the-art bridges. Your current project involves designing a 
new twin-span bridge across a river. In the past 5 years, residents of the area 
have witnessed two hurricanes which have caused some destruction to the area, 
including the current bridge. You and the team have been charged with designing 
a hurricane-resistant bridge that will be able to withstand similar destructive 
storms. After examining the current bridge, some members of the team 
expressed that some of the current structure was actually built very well and it 
may be worthwhile to keep some parts of it, especially since time is a factor in 
completing a new bridge. The rest of the team thinks it is better to start anew as 
residents and others may not feel confident in its safety and may therefore not 
use the bridge due to this. City officials had planned to increase the toll charge 
for drivers crossing the new bridge, but if the old structure can be partially used, 
then they might be able to keep the toll the same as it was before. After some in-
depth cost reviews, the team has come up with the following data to help with 
their decision making: 
Brand new structure: 
 • Investment = $5M 
 • 0.60 probability bridge regularly used; $10M toll income 
 • 0.40 probability bridge not regularly used; $3M toll income for next 20 years 
Existing structure: 
 • Investment = $3M 
 • 0.50 probability bridge regularly used; $8M toll income 
 • 0.50 probability bridge not regularly used; $2M toll income for next 20 years 
Which structure, should the city and team move forward with and what would be 
the decision EMV? 
 
New, $4.8M 
 
Existing, $2.2M 
 
New, $2.2M 
 
Existing, $3M 
 
Justification: C The best decision would be to go with a brand new structure 
per the decision tree below. Keep in mind that the initial investment needs to 
be deducted prior to EMV calculations. 
 
43
 
 
 
 
 
44
Question 80 
You and your team have just finished prioritizing the risks on your project for further review and 
analysis. In this process you calculated Probability and Impact values which you used to do this 
prioritization. You will use this prioritized list of risks to determine the need for further analysis. 
Your sponsor is concerned about the number of risks identified and wants to ensure that all risk-
related assessments are well documented. Which of the following is an output from this process? 
 
Risk register 
 
Risk probability and impact assessment 
 
Risk management plan 
 
Risk Register updates 
 
Justification:D The team is currently in the process of Perform Qualitative Risk Analysis. The output of 
this process is Risk register updates. All of the information gathered during this process, such as probability 
and impact values and risk-related assessment information is documented and added to the existing risk 
register. 
 
Option 1: Risk register is an output of the Identify Risks process. Here the risk register has limited information 
such as the risk itself and some basic characteristics. 
 
Option 2: Risk P & I assessment is a tool of the Perform Qualitative Risk Analysis process; it is not an output. 
 
Option 3: Risk management plan is an output of the Plan Risk Management process. 
 
 
45