[Chapter 11] Project Risk Management
1 chapter related
1.1 Exam related
Risk management generally takes about 3 points in the morning exam
Case analysis is just taken on 21st and 22nd
Thesis writing is just taken on 18th and 19th
1.2 ITO translation
2 Chapter Overview
2.1 The meaning of risk
1. The meaning of risk can be examined from various angles:
◆ First, risk is related to people’s purpose 活动;
◆ Second, risk is related to 将来purpose ; ◆ Third, if the activity or project is not ideal, or even fails活动事件后果
2.2 Three Necessary Conditions for Risk Definition
2. ① 当事件、活动或项目有损失或收益与之相联系、② 涉及到某种或然性或不确定性、③ 涉及到某种选择时,is called risky. Each of the above three items is a necessary condition for the definition of risk , but not a sufficient condition. 具有不确定性的事件不一定是风险.
[ Expanded understanding : Definition of sufficient condition: If A can deduce B, then A is the sufficient condition of B Definition of necessary condition: If there is no A, there must be no B; if there is A but not necessarily B, then A is necessary for B condition. 正推成立是充分,反推成立是必要。能互推就是充分必要条件】
2.3 Project Risks
3. Project risks include both project goals 威胁and promotion of project goals 机会.
◆ Known risks are those that have already been identified and analyzed. Yes 已知风险,进行相应计划是可能, but 未知风险是无法管理yes.
◆ Risk 不是零和游戏. In many cases, losses are incurred by all parties involved in the risk and no one is spared.
◆ different phases of the project will 有不同的风险.
◆ Most of the risks change with the progress of the project, and the uncertainties will increase 随之逐渐减少. The greatest uncertainty exists in the project 早期.
2.4 Randomness and relativity of risk
4. Risk events have 随机性、相对性
(1) risk 随机性: the occurrence and consequences of risk events are accidental.
(2) Risky 相对性: Risks are always relative to the subject of project activities.
For project risks, people's tolerance is mainly affected by the following factors:
(1) 收益的大小: Profit is always accompanied by the possibility of loss.
◆ The possibility and amount of loss 越大, and the gain that people hope to make up for the loss 越大.
◆ Conversely, the benefits 越大, the risks that people are willing to take are also the same 越大.
(2) 投入的大小:
◆ Those who invest in project activities have 越多only the hope of success 越大and the risks they are willing to take 越小.
(3) 项目活动主体的地位和拥有的资源:
◆ Compared with the low-ranking managers, the high-ranking ones are able to bear greater risks.
◆ For the same risk, different individuals or organizations have different bearing capacity.
◆ Owned by individuals or organizations 资源越多, their risks 承受能力也越大.
2.5 Classification of risks
5. Classification of risks:
(1) According to different consequences, risks can be divided into 纯粹risks [only bad, such as fire] and 投机risks [good and bad, such as stocks]. 纯粹风险和投机风险在一定条件下可以相互转化. Project managers must avoid the conversion of speculative risk into pure risk.
★(2) Divided according to the predictability of risk 已知风险、可预测风险和不可预测风险.
①Risks
已知: those risks that occur often and whose consequences can be foreseen can be identified after careful and strict analysis of the project and its plan. Example:项目目标不明确,过分乐 观的进度计划,设计或施工变更,材料价格波动。
②Risk可预测: According to experience, the occurrence can be foreseen, but the risk whose consequences cannot be foreseen. For example:业主不能及时审查批准,分包商不能及时交工,施工机械出现故 障,不可预见的地质条件。
③Risk不可预测: a risk that may occur, but the possibility of its occurrence cannot be foreseen even by the most experienced person. eg地震、百年不遇的暴雨、通货膨胀、政策变化.
2.6 Risk cost
6. Risk cost includes 有形成本、无形成本以及预防与控制风险的成本.
2.7.1 Tangible cost of risk loss
7. Risk loss Tangible cost: direct loss and indirect loss
(1) 直接Loss: replacement cost of the air compressor, loss of injured personnel 医疗费、休养费、工资.
(2) 间接Loss: 灭火扑救、停工costs incurred due to etc.
2.7.2 Intangible cost of risk loss
8. The intangible cost of risk loss refers to the price paid by the project subject before or after the risk event occurs due to the uncertainty of the risk. Mainly manifested in the following aspects: (1) risk loss reduces opportunity, (2) risk hinders productivity improvement, (3) risk causes resource misallocation
2.8 Project Risk Management Process
★9. The project risk management process includes: [1-5 belong to the planning process group, 6 belongs to the monitoring process group]
①风险管理规划—决定如何进行规划和实施项目风险管理活动。
②风险识别—判断哪些风险会影响项目,并以书面形式记录其特点。
③定性风险分析—对风险概率和影响进行评估和汇总,进而对风险进行排序,以便随后进一步分析或行动。
④定量风险分析—就识别的风险对项目总体目标的影响进行定量分析。
⑤风险应对规划—针对项目目标制订提高机会、降低威胁的方案和行动。
⑥风险监控—在整个项目生命周期中,跟踪已识别的风险、监测残余风险、识别新风险和实施风险应对 计划,并对其有效性进行评估。
Supplementary knowledge points: - Understand
(1) risk并不能完全消除
(2) The core of engineering project management methodology is风险管理and目标管理.
(3) With the thought全员参与of , as many stakeholders as possible should be involved;
3 Planning risk management
风险管理规划Refers to the process of deciding how to conduct project risk management activities, which ensures that
sufficient resources and time are allocated for risk management activities, and establishes the basis for consensus on risk assessment. The risk management planning process should be done early in the project planning process
★Contents of risk management plan: ①方法论、②角色与职责、③预算、④时间安排、⑤风险类别、⑥风险概率和影响的定义、⑦概率和影响矩阵、⑧修改的项目干系人承受度、⑨报告格式、⑩跟踪
(1) Methodology. Identify the methods, tools and data available to implement risk management in the project.
(2) Roles and responsibilities. Define leaders, champions, and members of the risk management team for each type of activity in the risk management plan, and assign specific individuals to these roles.
(3) Risk category. A structured method is provided to make the process of risk identification systematic and comprehensive, so that the organization can carry out risk identification under a unified framework, with the purpose of improving the quality and effectiveness of risk identification.
(4) Probability and impact matrix. Risks are prioritized based on their potential impact on the achievement of project objectives.
4 Identify risks
The WBS is a key input to the risk identification process because it facilitates the recognition of potential risks at both the micro and macro levels. Risks can be 总体、控制账户和/或工作包层级identified and subsequently tracked on
★ 识别风险Refers to identifying which risks will affect the project and documenting their characteristics. Personnel involved in identifying risks may typically include: 项目经理、项目团队成员、风险管理团队(如有)、项目团队之外的相关领域专家、顾客、最终用户、其他项目经理、利害关系者和风险管理专家. While the above persons are key participants in the risk identification process, they should鼓励所有项目人员参与风险的识别。
★ Identifying risks is one 反复过程. As the project lifecycle is performed, new risks may emerge.
The process of identifying risks often leads directly to the next process, the qualitative risk analysis process. Sometimes, 如果识别风险过程是由经验丰富的风险经理完成的;则可直接进入定量分析过程. In some cases, risk responses can be identified through the risk identification process alone and documented for further analysis and implementation during the risk response planning process.
4.1 Tools and techniques for risk identification
★Tools and techniques for risk identification: ①文档审查、②信息收集技术(头脑风暴、德尔菲技术、访谈、根本原因识别)、③核对表分析、④假设分析、⑤图解技术(因果图、系统或过程流程图、影响图)、⑥SWOT分析技术、⑦专家判断
Document review Review of project documents (plans, assumptions, previous project documents and other information) 系统和结构性.
The purpose of the brainstorming is to obtain a comprehensive list of risks. Promoted by a moderator, the participants brainstormed on the risks of the project【There is no need to have a conclusion, the focus is to listen to opinions】
Delphi technology is a method for experts to reach a consensus on a topic. Experts participate in this activity anonymously. After several rounds, it is not difficult to come to a consensus on the main project risks. 有助于减少数据中的偏倚,并防止任何个人对结果不适当地产生过大的影响[ Be sure to draw conclusions, make predictions, be anonymous, seek truth ]
Interview : By interviewing experienced project participants, stakeholders or experts on a certain issue, risks can be identified .
Root cause identification : investigate the root causes of project risks, improve risk definitions and classify risks according to their causes. Develop effective risk responses by considering the root causes of risks.
Checklist Analysis : Developed based on historical data, knowledge gained from previous similar projects, and other sources of information. Pros : Quick and easy. Cons : The checklist cannot be all-encompassing.
What -if analysis: Every project is conceived and developed based on a set of assumptions, assumptions, or hypotheses. It is a technique for testing the validity of a hypothesis (that is, whether the hypothesis holds). It identifies risks to the project from imprecise, inconsistent, and incomplete assumptions.
Illustration techniques may include:
(1) Cause-and-effect diagram: Ishikawa diagram or fishbone diagram, used to identify the cause of risk.
(2) System or process flow chart: 显示系统各要素之间如何相互联系,以及因果传导机制.
(3) Influence Diagram: A graphical representation showing causal effects, events in chronological order, and other relationships between variables and outcomes.
SWOT:优势(Strength)、劣势(Weakness)、机会(Opportunity)和威胁(Threat),可用于考察组织优势能够抵消威胁的程度,以及机会可以克服劣势的程度
4.1 Risk Register
| risk management process | Contents of the Risk Register |
|---|---|
| Risk Identification | ① List of identified risks, ② list of potential countermeasures, ③ risk root cause, ④ risk category update |
| Qualitative Risk Analysis | ①Relative ranking or priority list of project risks, ②Risks classified by category, ③Risk list that needs to take countermeasures in the near future, ④Risk list that needs further analysis and response, ⑤Low priority risk observation list, ⑥Qualitative risk Trends in Analysis Results |
| Quantitative Risk Analysis | ①Probability analysis of the project, ②Probability of achieving cost and time goals, ③Quantitative risk priority list, ④Trend of quantitative risk analysis results |
5 Conducting qualitative risk analysis
1. Qualitative risk analysis includes methods for prioritizing identified risks for further action; evaluating the priority of identified risks by considering the probability of risk occurrence, the impact on project objectives after risk occurrence and other factors .
2. Probability and impact level definitions and expert interviews can help correct bias in the data used in the process.
★3. Risk probability assessment refers to investigating the possibility of occurrence of each specific risk.
A risk impact assessment investigates the potential impact of risks on project objectives such as time, cost, scope, or quality, both negative impacts or threats and positive impacts or opportunities.
4. Risk probability and impact matrix: Prioritize risks. Divide risk into low, medium and high risk. Dark gray areas represent high risk, medium gray areas represent medium risk, and light gray areas represent low risk.
处于高风险(深灰色)区域,可能就需要采取重点措施,并采取积极的应对策略。
处于低风险区域(中度灰色)的威胁,只需将之放入待观察风险清单或分配应急储备额外,不 需采取任何其他积极管理措施;
风险数据质量评估: Qualitative risk analysis to be credible requires the use of accurate and unbiased data. Risk data quality analysis is a technique for assessing the usefulness of risk-related data for risk management. It includes examining how well people understand risk, and the accuracy, quality, reliability and completeness of risk data.
风险紧迫性评估: Risks that require a near-term response can be considered urgent. The time required to implement risk response measures, risk symptoms, warnings, and risk levels can all be used as indicators to determine risk priority or urgency.
6 Perform quantitative risk analysis
排序1. Quantitative risk analysis refers to the analysis of the prior risks in the process of qualitative risk analysis as potential significant impact on project requirements . The process of quantitative risk analysis is to analyze the impact of these risk events and make an analysis 风险分配一个数值.
Quantitative risk analysis is a quantitative method for making decisions under uncertain conditions
Quantitative analysis is generally aimed at: 1.重大影响的风险、2.可以量化的风险。
★2. Tools and techniques of quantitative risk analysis: ①数据收集和表示技术(访谈、概率分布)、②定量风险分析和模型技术(敏感性分析、预期货币价值分析、决策树分析、模型和模拟-蒙特卡洛技术)、③专家判断
data collection and presentation techniques (P407)
1. Interviews – used to evaluate risks Quantification of probabilities and their consequences for project objectives can help provide 可靠information on whether the analysis is credible ( 三点估算)
2. Probability distributions – widely used in modeling and simulation 连续概率分布, representing数值的不确定性,不连续分布用于表示不确定性事件,早期的概念设计阶段,就可以使用均匀分布
6.1 Tornado graph
3. Sensitivity analysis helps 确定哪些风险对项目具有最大的潜在影响. It keeps all other uncertain factors at the baseline value and examines how much the uncertainty of each element of the project affects the target. The most common display for sensitivity analysis is 龙卷风图. A tornado graph helps 比较具有较高不确定性的变量与相对稳定的变量之间的相对重要程度.
7 Perform quantitative risk analysis
7.1 Expected monetary value analysis, decision tree analysis—会计算
平均结果• Expected Monetary Value Analysis (EMV) – A method of calculating when something is likely to happen or not happen in the future 统计.
• The EMV of an opportunity is usually denoted as 正值, while the EMV of a threat is denoted as 负值.
• EMV is based on the assumption of risk neutrality, both 不避险, and 不冒险
• Calculate the profit of each path: opportunity profit - input cost. For example: $80 = opportunity profit of $200 - input cost of $120.
• Calculation: EMV for building a new plant: 0.65%*80+0.35*(-30)= 41.5
• Formula for EVM Expected Monetary Value: Select Project Decision (Quantitative Risk Analysis)
• EMV=盈利百分比*影响值-风险百分比*影响值
• Note the meaning of impact value!
7.2 Monte Carlo technique
• Modeling and simulation (is univariate iterative simulation) – simulations are usually performed 蒙特卡洛技术(modeling and simulation techniques, stochastic simulation methods)
• Monte Carlo simulation 不需要专家参与.
• 模型和模拟: In the simulation, the project model is computed multiple times (stacked) with random basis values derived from the probability distribution function chosen for each stacking process based on the probability distribution of each variable (for example, the cost or schedule of a project element duration of the event). Calculate the probability distribution from this.
8 Planning Risk Responses
◆ Planning Risk Responses – The process of formulating plans and measures to improve opportunities and reduce threats against project objectives.
◆ What this process does: Prioritize risks to develop responses and add resources and activities required for risk response to the project. 预算、进度计划和项目管理计划中
◆ Several risk response strategies are available. The strategy or combination of strategies most likely to be effective should be selected for each risk. Developing a backup strategy is in 被选策略被证明无效或接受的风险发生时实施. To allocate a contingency reserve for time or cost
8.1 Tools and techniques for planning risk responses
★Tools and techniques for planning risk response: ①消极风险或威胁的应对策略、②积极风险或机会的应对策略、③应急应对策略、④专家判断
(1) Coping strategies for negative risks or threats: ①avoidance; ②transfer; ③mitigation; ④acceptance.
Avoidance: Like 延长进度、改变策略或缩小范围etc., the most extreme avoidance strategy is to shut down the entire project.
Transfer: including 保险、履约保函、担保书、保证书、合同或协议etc. The cost compensation contract can transfer the cost risk to the buyer and 总价合同可transfer the risk to the seller.
Mitigation: If incorporated in a system 冗余部件, it can mitigate the impact of failure of main components.
Acceptance: If established 应急储备, allocate time, money or resources to address the risk.
(2) Positive coping strategies for risks or opportunities: ①Explore; ②Improve; ③Share; ④Accept.
Pioneering: Remove the uncertainty associated with a specific positive risk to ensure that opportunities will definitely arise. Allocate the most capable resources in the organization to projects to shorten completion time, or 采用全新或改进的技术to save costs.
Enhance: Improve the probability of occurrence and positive impact of an opportunity, eg 为尽早完成活动而增加资源.
Sharing: Included 建立风险共担的合作关系和团队.
Acceptance: It is beneficial to take advantage of, but does not actively pursue opportunities.
Emergency response strategy: Some response measures can be specially designed for certain specific events. For some risks, the project team can formulate emergency response strategies, that is, response plans that can only be implemented when certain predetermined conditions occur.
| Strategy | definition | example | important point |
|---|---|---|---|
| Avoidance | Risk response strategies for actions taken by the project team to 消除威胁, or protect the project from, the risk |
延长进度、改变策略或缩小范围wait. The most extreme evasion strategy is 关闭整个项目. |
|
| transfer | A risk response strategy in which the project team transfers the impact of threats, together with the responsibility for responding, to a third party. | Insurance, guarantees, letters of guarantee, outsourcing, transfer of lump-sum contracts simply shift responsibility for risk management to the other party, rather than eliminating risk | There is almost always a risk fee paid to the risk taker. risk transfer strategies处理风险的财务后果最有效 |
| A risk response strategy that mitigates the project team's actions to reduce the probability or impact of a risk | 原型法、不太复杂的流程, for more tests, or选用更可靠的供应商,加入冗余部件 |
It means placing the probability of adverse risk and/or impact 降低到to an acceptable临界值范围内 |
|
| accept | A risk response strategy in which the project team decides to accept the existence of a risk without taking any action unless the risk actually occurs | 主动接受: 建立应急储备; 被动接受: 记录策略, no other action required, periodic review required |
at 不可能用其他方法时使用, or other methods不具经济有效性时使用 |
| open up | 确保机会得以实现This strategy can be applied to risks with a positive impact if the organization wants to |
Allocate resources in the organization 最有能力to the project to shorten the completion time; adopt 全新or 改进technology to save costs (beautiful people or technology) |
This strategy is designed 消除to不确定性,确保机会肯定出现 |
| improve | Aim for 提高opportunities to occur 概率and/or be positive 影响. |
为尽早完成活动而增加资源(ordinary people) |
|
| share | Assign some or all responsibility for addressing an opportunity to the third party who can best seize that opportunity for the benefit of the project | Established 风险共担partnerships and teams; for special purposes成立公司或联营体 |
|
| accept | Willing to take advantage of opportunities when they arise, but不主动追求机会 |
9 Control risks
Risk monitoring and control refers to identifying, analyzing and planning emerging risks, tracking identified risks and risks in the "watch list", re-analyzing existing risks, monitoring the trigger conditions of contingency plans, monitoring residual risks, reviewing the implementation of risk response strategies and The process of evaluating its effectiveness. It is a process of continuous implementation during the life of the project.
9.1 Risk reassessment, risk audit, technical performance measurement, reserve analysis
★1. Risk re-evaluation : identify new risks and re-evaluate risks. Periodic project risk reassessments should be scheduled. If risks arise that are not anticipated by the risk register or that are not included in the “watch list”, or that have a different impact on objectives than expected, planned responses may not help. At this time, it needs to be carried out 额外的风险应对规划to control the risk.
★2. Risk audit is to check and verify 记录风险应对措施在处理已识别风险及其根源方面的effectiveness . can be in . Before conducting an audit, the format and objectives of the audit should be clearly defined. 3. Technical performance measurement is to compare the technical achievements achieved during project execution with the plan for achieving technical achievements. 4. Reserve analysis : During project implementation, there may be some risks that may have a positive or negative impact on the budget or schedule contingency reserves. Reserve analysis refers to comparing the remaining reserve amount with the remaining risk amount at any point in the project to determine whether the remaining reserve is still sufficient.以及风险管理过程的日常的项目审查会中进行风险审计,也可单独召开风险审计会议
10 Essay writing
Common risks, causes, and preventive measures in the project [can be used in thesis writing]
Typical risks and their responses are as follows: For details, please refer to the thesis special lecture
1. Technical risk. The cause is usually the adoption of unproven new technology. Countermeasures include: adopting the prototype method for development, strengthening technical review, uninterrupted testing throughout the process, and timely backup.
2. Risk of personnel loss. Reasons for this include: excessive pressure, job changes, lack of incentives, personal reasons, and lengthy project cycles. Countermeasures include: strengthening team building and management, strengthening incentive measures to ensure effective incentives; once it happens, arrange personnel to replace the resigned personnel in time, do a good job in the handover work, and ensure that the progress of the project is not affected.
10.1 real questions
On Risk Management and Security Management of Information System Projects-Real Questions for the First Half of 2019
Project risk is an uncertain event and condition. Once it occurs, it will have a positive or negative impact on the project goal. The information system security strategy refers to the various measures and means adopted, as well as the various management systems and regulations established after the effective identification and assessment of the security risks of the information system.
Please take " 论信息系统项目的风险管理与安全管理" as the topic, and discuss from the following three aspects:
1. Briefly describe the information system projects you have participated in and manage (project background, project scale, initiator, purpose, project content, organizational structure, project cycle , deliverables, etc.) and describe the work you undertake in it.
2. Combining the actual situation of project management and discussing your understanding of information system project risk management and security management around the following points.
(1) 项目风险管理和安全管理的联系区别。
(2) 项目风险管理的主要过程和方法。
(3) 请解释适度安全、木桶效应这两个常见的安全管理中的概念,并说明安全与应用之间的关系。
3. Please combine the information system project mentioned in the paper, 介绍在该项目中是如何进行风险管理和安全管理的(可叙述具体做法),并总结你的心得体会.
11 practice questions
[Example 1-17above] () is not the result of risk management plan preparation.
A. Risk category B. Risk probability C. Definition of risk influence D. Risk record
[Example 2-17 below] Risks can be classified from different angles and according to different standards. The torrential rain that occurs once in a century belongs to ( ).
A. Unpredictable risk B. Predictable risk C. Known risk D. Technical risk
[Example 3-17] In risk identification, various tools and techniques can be used. Among them, () refers to inspecting the project from the advantages, disadvantages, opportunities and threats of the project, so as to consider the risks more comprehensively.
A. Brainstorming method B. Causal diagram C. SWOT analysis method D. Expert judgment method
[Example 4-17 below] A certain project has a 40% probability of making a profit of 100,000 yuan, and a 30% probability of losing 80,000 yuan. 30 % probability of neither profit nor loss, the expected monetary value analysis (EMV) of the project is the main feature of ( ).
A. 0 yuan B. 16,000 yuan C. 20,000 yuan D. 64,000 yuan
[Example 5-18 above] People have a certain tolerance for risk events. When ( ), people are willing to take more risks.
A. The more invested in project activities B. The greater the benefits of the project
C. The fewer resources individuals and organizations have D. There are relatively fewer senior managers in the organization
[Example 6-18 above] () is not a basis for risk identification .
A. Cost Management Plan B. Scope Baseline C. Procurement Documentation D. Risk Category
[Example 7-18 above] Through probability and impact level definitions and expert interviews, it helps to correct bias in the data used by the process belongs to ( ) .
A. Qualitative risk analysis B. Risk identification C. Quantitative risk analysis D. Risk monitoring
[Example 8-18 below] Regarding the description of project risk management, the incorrect one is ().
A. Pure risk and man-made risk can be transformed into each other under certain conditions
B. Project risks include both threats to project goals and opportunities to promote project goals
C. Most risks change as the project progresses, and uncertainties will gradually decrease
D. Risk consequences include the frequency of consequences, The size of the gain or loss
[Example 9-18 below] If you are identifying possible risks for a new information system research and development project, you know that a project team has just had a security incident in which the code was accidentally leaked. At this time, the () method should be used for information collection.
A. Delphi B. Interview C. Root cause identification D. Brainstorm
[Example 10-18] Company A has just won the bid for a large-scale system integration project, and one of the equipment is planned to be purchased from abroad
. Prepare to negotiate with customers to use domestic equipment instead, which is to adopt () risk response strategy.
A. Avoid B. Transfer C. Mitigate D. Accept
[Example 11-19 above] In an information system construction project, in order to prevent the risk of system downtime, the project manager configures redundant power supplies
and redundant fans when constructing procurement servers. The risk response strategy adopted by the project manager is ( ).
A. Mitigate B. Transfer C. Avoid D. Eliminate
[Example 12-19 above] Regarding the description of project risk, the incorrect one is ().
A. Known risks and unknown risks can be managed
B. Risks may have both positive and negative effects on the project
C. The same risk has different effects on different subjects
D. The greater the benefit, The greater the risk people are willing to take,
practice
[Example 13-19 above] The description about risk identification is incorrect ().
A. All project personnel should be encouraged to participate in the identification of risks
B. The development of a risk register begins with the risk identification process
C. In some projects, after identifying risks, you can skip the qualitative analysis process and go directly to quantitative analysis
D. Identifying risks is the work in the project planning stage, and does not involve
[Example 14-19 below] the description of risks in other stages, the correct one is().
A. Risks that cannot bring about plans and no possibility of profit are called speculative risks.
B. Risks that can be predicted based on experience but whose consequences are unpredictable are called known risks.
C. Earthquakes and rainstorms that do not occur in a century are unpredictable risks.
D .Risk is a zero-sum game, someone loses and someone gains
[Example 15-19 below] Regarding the description of risk identification, the incorrect one is ().
A. All project participants should be encouraged to identify risks
B. The content of the risk register may include a list of potential responses
C. The qualitative risk analysis process can be skipped to quantitative risk analysis
D. Identifying risks is a one-time job
[Example 16- 19 below] ( ) Examine and document the effectiveness of risk responses in addressing identified risks and their root causes, as well as the effectiveness of the risk management process.
A. Risk reassessment B. Risk audit C. Deviation and trend analysis D. Technical performance measurement
[Example 17-20 below] Regarding the description of project risk, the incorrect one is ().
A. Risk has randomness, relativity, and variability
B. The greater the project income, the greater the risk people are willing to take
C. The more project investment, the greater the risk people are willing to bear
D. Risks can be divided into parts according to the scope of influence Risk and overall risk
[Example 18-20 below] ( ) are not the outcome of the risk identification process.
A. List of identified risks B. List of potential responses C. Risk root causes D. Risk description formats and templates
[Example 19-20 below] () is not a technique of qualitative risk analysis.
A. Risk data quality assessment B. Probability and impact matrix C. Risk urgency assessment D. Expected monetary value analysis
[Example 20-21 above] The description of risk is incorrect ().
A. Events with uncertainty are not necessarily risks B. Project risks include both
threats to project goals and opportunities to further project goals
C. Risk is a zero-sum game, and there are risk beneficiaries as well as risk victimsD
.The conversion of speculative risk to pure risk should be avoided in the project
[Example 21-21above] When identifying risks, first use questionnaires to consult projects anonymously, and after summarizing, experts circulate and express opinions. After several rounds, the final result is To develop a consistent view of project risks, which risks are identified ( ).
A. Brainstorming B. Delphi technology C. Root cause identification D. Expert interview
[Example 22-21 above] In project quantitative risk analysis technology, () need to use a model to convert the established uncertainties into Their potential impact on project objectives.
A. Monte Carlo technique B. Probability impact analysis C. Pareto analysis D. Analysis method
[Example 23-21 below] Regarding the description of risk and risk management, the incorrect one is ().
A. The more investment in the project, the less risk you are willing to take
B. Uncertain events are risks
C. Speculative risks can be transformed into pure risks under certain conditions
D. The goal of project risk management is to increase the probability and probability of positive events Impact
[Example 24-21 below] When identifying risks, the project manager needs to analyze the relationship between policy, climate, transportation conditions and other factors and the cost of raw materials required for the activity. The decision tool used at this time is ().
A. Cause and Effect Diagram B. Ishikawa Diagram C. System or Process Flow Diagram D. Influence Diagram
[Example 25-21 below] The decision tree analysis of the two plans for the construction or upgrading of a certain plant is shown in the figure below. It can be seen from the figure that the organization should choose the plan of ( ), because the EMV of this plan is () ten thousand yuan.
A. Upgrading the existing factory building, 42 B. Building a new factory building, 67 C. Upgrading the existing factory building, 60 D. Building a new factory building, 100
[Example 26-22 above] The description about risk is incorrect ().
A. Events or activities with uncertainty are not necessarily risks
B. Risks include threats to goals, but also opportunities to promote goals C.
The greater the investment in the project, the lower the acceptable risk
D. Caused by shutdown caused by fire The cost belongs to the direct risk
[Example 27-22 above] () Risks can be identified and tracked from the overall work and each work level.
A. WBS B. Problem log C. Risk management plan D. Quality checklist
[Example 28-22 above] Regarding the description of risk, the correct one is ().
A. The risk audit can be conducted in the daily project review, or a separate risk audit meeting can be held
B. Monte Carlo analysis helps to determine which risks have the greatest potential impact on the project
C. Developing an effective risk response strategy requires risk quantitative analysis
D. Establishing emergency reserves, arranging funds and resources to deal with risks is a common risk strategy
reference answer
