PMI Risk Management Professional (PMI-RMP)

Domain 1 – Risk Strategy and Planning:

Task 5: Document the risk management plan

• Define organizational risk roles and responsibilities
  • Align roles and responsibilities with a project RAM (e.g., RACI) chart
• Prepare a list of the key artifacts/resources that will be used to compile a risk management plan
• Outline the list of key risk management activities (e.g., who, what, when, where, how)
• Explain how the Risk Breakdown Structure (RBS) can be used to support the risk management plan
• Define a risk communication plan
• Define risk prioritization criteria
• Define stakeholder empowerment and education strategy

Task 6: Plan and lead risk management activities with stakeholders

• Collaborate with the team that would conduct the risk planning on the project
• Leverage stakeholder analysis done by the project manager
• Manage stakeholder risk appetite and attitudes
• Engage stakeholders in the risk prioritization process
• Set appropriate expectations with stakeholders on the rules of engagement
• Tailor risk communication for stakeholders
• Lead stakeholder empowerment for risk strategies in the risk management plan
• Train, coach, and educate stakeholders in risk principles and processes in order to create shared understanding of principles and processes, and foster engagement in risk management

Domain 2 – Risk Identification:

Task 1: Conduct risk identification exercises

• Conduct meetings, interviews, focus groups, and other SME support activities
• Perform detailed analyses of risk identification exercise results
• Analyze documents, audio transcripts, telemetry data, etc. and understand business context of information
• Indicate risks as threats or opportunities

Task 2: Examine assumption and constraint analyses

• Leverage the results of the assumption and constraint analysis
• Categorize assumptions and constraints
• Assess the risk associated with each assumption and/or constraint
• Recognize the relationship between assumptions and/or constraints, and project objectives (e.g., predict the cascade effect of project stakeholder holiday schedules on project timelines)
• Encourage stakeholders to challenge assumptions and constraints

Domain 2 – Risk Identification:

Task 3: Document risk triggers and thresholds based on context/environment

• Assess, confirm, and document risk compliance thresholds, and categories against updated risk data
• Assess and document risk triggers, causes and timing
• Assess and document risk consequences and/or impact
• Empower stakeholders to challenge existing thresholds

Task 4: Develop risk register

• Analyze the validity of identified risks and triggers
• Examine the risk attributes like probability, impact, urgency
• Establish risk origin and ownership e.g., internal/external
• Classify risks as threats or opportunities

Domain 3 – Risk Analysis:

Task 1: Perform qualitative analysis

• Perform a nominal classification or risks in the RBS using classifications from the risk management plan (e.g., environment, organizational, project management, technical, etc.)
• Estimate the impact of risk on project schedule, budget, resources, and scope
• Prioritize the risk based on impact, and urgency
• Apply the risk matrices
  • Agreed-upon assessment approach, Historical information,
• Definitions of probability and impact, Risk categories, Preestablished criteria
• Perform an ordinal classification
• Coach stakeholders on risk categorization strategies

Task 2: Perform quantitative analysis

• Analyze risk data and process performance information against established metrics
• Analyze a project’s general risks
• Perform a forecast and trend analysis on new and historical information
• Perform sensitivity analysis
  • Monte Carlo, decision trees, critical path, expected monetary value, etc.
• Perform risk weighting and calculate risk priority

Domain 3 – Risk Analysis:

Identify threats and opportunities:

• Assess project risk complexity
  • SWOT analysis, Ishikawa, Tree Diagram
• Perform an impact analysis on project objectives
  • project scopes, schedule cost, and resources, quality, and stakeholders
• Assess project compliance objectives against organizational strategic objectives
• procedures, project plans, corporate, and project governance, regulatory governance
• Empower stakeholders to independently identify threats and opportunities

Domain 4 – Risk Response:

Task 1: Plan risk response

• Determine appropriate risk response strategy
  • avoid, accept, mitigate, enhance, contingency planning etc.
• Decide the risk response actions (time bound) based on the risk response strategies and identify action owners
• Assess the effectiveness of the risk response actions against the identified strategy and the project objectives impact
  • cost/schedule/environment etc., effect of the action on the probability or the risk impact
• Illustrate and communicate effectiveness of the risk response strategies
  • risk burndown chart, dot plots
• Determine the work around
• Allocate responsibilities
• Outline an appropriate responsibility matrix for a metricized project environment
• Re-evaluate organizational risks

Task 2: Implement risk response

• Execute the risk response plan(s)
• Execute the contingency plan(s)
• Encourage stakeholders to provide feedback on the risk response
• Evaluate and react to secondary and residual risks from the response implementation
  • Improvise as needed

Domain 5 – Monitor and Close Risks:

Task 1: Gather and analyze performance data

• Reconcile performance data & reports from risk relevant work packages
• Analyze data to determine the completion status against the baseline
• Perform a variance analysis
• Monitor impact against overall project risk exposure to enterprise

Task 2: Monitor residual & secondary risks

• Monitor risk response and document residual risk
• Monitor risk response for secondary risks
• Assess impact of residual and secondary risks on project objectives
• Update and communicate impact of residual and secondary risks

Task 3: Provide information required to update relevant project documents

• Aggregate and summarize risk data, and update project documents
  • risk register, lessons learned, project management plan, change logs etc.
• Monitor and close out expired risks

Task 4: Monitor project risk levels

• Assess project risk level
• Prepare reports for different stakeholders
• Communicate risk levels to key stakeholders