Tìm hiểu về Risk register trong đề thi PMP
The primary output from Identify Risks is the initial entry into the risk register. The risk register is a document in which the results of risk analysis and risk response planning are recorded. It contains the outcomes of the other risk management processes as they are conducted, resulting in an increase in the level and type of information contained in the risk register over time. The preparation of the risk register begins in the Identify Risks process with the following information, and then becomes available to other project management and risk management processes:
- List of identified risks: The identified risks are described in as much detail as is reasonable. A structure for describing risks using risk statements may be applied, for example, EVENT may occur causing IMPACT, or If CAUSE exists, EVENT may occur leading to EFFECT. In addition to the list of identified risks, the root causes of those risks may become more evident. These are the fundamental conditions or events that may give rise to one or more identified risks. They should be recorded and used to support future risk identification for this and other projects.
- List of potential responses (Preliminary responses): Potential responses to a risk may sometimes be identified during the Identify Risks process. These responses, if identified in this process, should be used as inputs to the Plan Risk Responses process.
- Risk owner
- Cause and effect
- Trigger conditions
- Risk status
Risk Register updates on Perform Qualitative Risk Analysis
- Ranking or a priority list of risks
- Risks grouped by categories
- Causes of risks
- List of risks that require a near-term response
- List of risks that require additional analysis & response
- Watch list of low priority risks
- Trends in qualitative risk analysis results
As you must remember from the previous section on the Risk Management Plan, we will use the Probability & Impact matrix to classify risks and to create a prioritized list of risks. The purpose of categorizing risks is to group related risks and to address them together. Usually this is done because this categorization can help us identify the root cause and addressing one root cause can help us eliminate multiple risks.
In this process, we identify those risks that are urgent (ones with high probability & impact) and try to take care of them immediately. There are also cases where we may need to perform further analysis before we decide on the further course of action on the risk. In those cases, we note them down and analyze them in the next process which is the Perform Quantitative Risk Analysis. During our analysis we may also find out certain risks that are either very low risk or impact or both. In such cases we usually move them to a watch list for the moment and continue with the other risks. We must constantly monitor those watch list items to ensure that their probability or impact hasn’t changed to ensure that we don’t get any unwanted surprises.
The trends identification part may have taken you by surprise. Identifying trends is not easy and requires a lot of experience. Do you remember that I said that Risk Management is an iterative process? We usually do multiple iterations of these processes and during such cases, if we watch closely we may be able to identify trends on those risks that may be due to a totally different or even a bigger problem.
Risk Register updates on Perform Quantitative Risk Analysis
- Probabilistic Analysis of the Project
- Probability of Achieving cost & time objectives
- Prioritized list of quantified risks
- Trends in quantitative risk analysis results
Conducting a probabilistic analysis of the whole project helps us avoid cost and schedule overruns. Here we will be trying to figure out the probability that we will complete the project in time or under budget. This will also give us a fair idea of how much reserves are required.
At the end of this process, we would have further prioritized the risks. The trends part here is similar to the trends we covered under the Qualitative analysis process.
Risk Register updates on Plan Risk Responses
- Agreed upon response strategies
- Risk Owner & Assigned Responsibilities
- Specific actions to implement the chosen response strategy
- Symptoms & warning signs of risk occurrence
- Budget and schedule activities required to implement the chosen responses
- Contingency reserves of time & cost designed to provide for stakeholder risk tolerances
- Contingency plans and triggers that call for their execution
- Fallback plans
- Residual risks expected to remain
- Secondary risks
- Contingency reserves that are calculated based on quantitative analysis
After we have analyzed and prioritized all the risks, the next step is to figure out “What to do in case the risk occurs” and that is what we will be doing in this process. This is the process that makes the most number of updates to the risk register. Also, most of these updates are interrelated.
By this point all risks must have an assigned owner who is in-charge of those risks. If some of the items in the list above seem new to you, don’t get overwhelmed. This is just the introductory phase of our preparation for the RMP Certification. There is still a long way to go and we will be covering all of these in great detail…
Usually our response strategies are based on our organizational policies as well as risk tolerances. Also, the organizational and stakeholder risk tolerance has a direct bearing on the contingency reserves. Usually if the stakeholder risk tolerance is how, the reserves will be low and vice versa. It is our responsibility to gauge the risk tolerance level and arrive at the appropriate contingency reserves.
Fallback plans are those “Plan B” kind of plans that we will implement in case the original response is not fully effective. Residual risks are those risks that remain even after our original responses are implemented. Secondary risks on the other hand are those risks that are caused because of the risk response plan we implemented. These risks must not be ignored and have to be dealt with accordingly.
Risk Register updates on Control risks
- Outcomes of risk assessment, risk audits and periodic risk reviews
- Closing risks that are no longer applicable
- Actual outcomes of Project risks & risk responses
An important point to note here is that, risk reassessments and audits may unearth new risks as well. We need to ensure that those risks are handled appropriately as well. Also, documenting the actual outcomes can help us as well as other projects in future that may encounter similar scenarios as those that just failed for us. So, it is extremely vital that we document all those items accurately and truthfully.
Nếu có bất cứ chia sẻ hay góp ý bạn vui lòng để lại ở dưới phần bình luận. Tôi rất vui lòng về điều đó. Cảm ơn.
- Tổng hợp topic học luyện thi PMP
- Tổng hợp khái niệm cần luyện thi PMP
- Tổng hợp bài thi trắc nghiệm online PMP từ dễ đến khó
- Tổng hợp dạng toán trong đề thi PMP
- 600+ ITTO maps