Blog Post Image

Practice Question On Risk Management (Topic 2.5)

Paul Naybour Paul Naybour

Published: 28th June 2012

I did three practice questions last night, handwritten as per exam conditions and I’ve typed them up today (word for word) to get some feedback. Here’s the first:


This question is in THREE parts:

a) Draw a risk management process

b) Explain four of those processes

c) Explain five risk identification techniques


b) “Plan” means to draw up, during the definition phase, what procedures for risk management we will use or follow, and will identify who should be involved, what templates shall be used for risk logs, and how often these risk logs should be reviewed. This information forms the Risk Management Plan, and is a part of the overall Project Management Plan.

“Identify” is where we think about our particular project and list all those risks we think are relevant.

“Assess” means the prioritising of the list of risks to allow us to identify what particular areas of the project are risky (by comparison wih the Product Breakdown Structure/Work Breakdown Structure) or what subcontractor has the riskiest work package (if done by Organisational Breakdown Structure). We look at the impact of the risk occurring, and likelihood of it occurring. Given numerical scales for probability and impact, we can prioritise the risks (the riskiest has the highest product of probablity x impact).

“Monitor and Control” is where we regularly review the risk log to see if any can be removed, as maybe that activity has passed. This frees up any monetary “risk reserve” for other uses. Monitoring and control is also where we check that responses formulated are being adhered to. This is very important, as rational plans are more effective responses than panicky, knee-jerk reactions!

c) “Brainstorming” – where a project team consider their areas and shout up risks as they come to them.
“Stakeholder interviews” – may throw up risks that the project team were unaware of, by virtue of local knowledge etc. (Note – a negative stakeholder is a risk in itself).
“Previous project information” – similar projects may have similar risks. The post project review process should have identified any risks that were originally missed.
“Expert interviews” – Similar to stakeholder interviews but may interview technical specialists, for example, especially in innovative / creative projects.
“Checklists” – Probably part of Project Methodology.


This doesn’t look very long typed up but it took the full 15mins! Just wanted to check whether I need to say more or whether I’m on the right lines. Thanks, Paula