What is risk management and why is it important quizlet?

Tools
Risk response strategies (or risk mitigation strategies)
1) (key) Strategies for negative risks or threats:
a) Avoid - a very appropriate tool for working with undesirable risk in many circumstances (REMOVE THE CAUSE OF THE RISK SO THAT IT CANNOT HAPPEN). It involves eliminating the threat or risk by eliminating the cause (i.e. avoiding the risk associated with using cutting edge technology in favor of using a slower or more reliable technology, or removing the work package or person). It might also mean expanding the scope of the project (i.e there is a 75% chance of a threat occurring however additional testing is likely to prevent this threat which will expand the scope of the project
b) Transfer (Deflect, Allocate) - makes another party responsible for the risk by purchasing insurance performance bonds, warranties, or guarantees or by outsourcing the work. This is where the connection between risks and contracts begin. In PM Land, you complete risk analysis before a contract is signed and transference of the risk is included in the T&C of the contract. (i.e. if there is a 75% risk of having to cover damages to fix a car defect, getting warranty is a form of transfer...the car shop has to pay for it

NOTE: Transferring a risk does not take all the risk away, there might be some residual risks (i.e. purchasing insurance for risk of fire may have some residual risks such as schedule delays due to the impact caused by the fire or if you outsourced work to a 3rd party, you now have a risk that if the 3rd party is not good or they have troubles, that can cause schedule delays so you will still need to decide what to do with secondary risks. also, purchasing insurance exchanges an unknown cost impact of a known risk to a known cost impact. For example, cost impact of a risk of fire is unknown but when you buy insurance, the cost impact becomes known as it is the cost of the insurance
c) Mitigate - simply means to make it less, reduce the probability and/or impact of a threat thereby making it a smaller risk and removing it from the list of top risks on the project (THE CAUSE COULD STILL HAPPEN). Options for reducing the probability and the impact are looked for separately and any reduction will make a difference however, the option with the most probability and/or impact reduction is often the option selected (i.e. if you were concerned about the weather damage to a construction project, then you construct the building outside of rainy season)
d) Accept - Acceptance is often perfectly reasonable strategy for dealing with risk whether positive or negative. You are simply acknowledging that the best strategy may not be to avoid, transfer, mitigate, share or enhance it, instead the best strategy may be to accept it and continue with the project. If the cost or impact of the other strategies are too great, then acceptance is the best strategy (i.e. getting out of bed every day carries risks but these are risks that most people readily accept). You basically do none of the other strategies and say if it happens, it happens. Active acceptance may involve the creation of contingency plans to be implemented if the risk occurs and the allocation of time and cost reserves to the project. Passive acceptance leaves actions to be determined as needed (workarounds) if (after) the risk occurs. Note: workaround is something you do after the risk occurs

NOTE: Avoid and Mitigate would generally be used for high priority, high impact risks and Transfer and accept are appropriate for low priority low impact risks

2) Strategies for positive risks or opportunities - The PM wants to take steps to make positive risks more likely (capitalize on it)
a) Exploit - you try to remove any uncertainty (i.e. if positive risk of finishing the project is identified, then adding additional people to ensure the project is completed early would exploit the risk. Involves adding work or changing the project to make sure the opportunity occurs (opposite of Avoid)
b) Share - seeking to improve the chances of the risk occurring by working with another 3rd party (i.e. if a defense contract identifies a positive risk of getting a large order, they may determine that sharing that risk by partnering with another defense firm or competitor would be an acceptable strategy. Allocating ownership or partial ownership of the opportunity to a 3rd party (forming a partnership, team or joint venture) that is best able to achieve the opportunity
c) Enhance - You must first understand the cause of the risk. By working to influence the underlying risk triggers, you can increase the likelihood (probability) of the risk occurring. It is the reverse of mitigate. For example, an airline might add flights to a popular route during holidays in order to enhance traffic and profitability during heavy time

d) Accept - see definition above

Key - When we plan risks, we identify secondary risks (i.e. by replacing resource A with resource B, you run the a secondary risk if resource B is sick). Not to be confused with residual risk which is what risk remains even after you have transferred a risk (i.e. in a fire, insurance will not pay for it, so you will have a residual risk that more $ due to this)

NOTE:
-Your possible risk response strategies must be communicated to management, stakeholders and sponsors
-A risk is either positive (opportunity) or negative (threat)
-avoid spending more money preventing a risk than the impact of the risk would have cost if it occurred
- more than one response can be used to address the same risk
- a response may address a root cause of risk and thereby address more than one risk
-the team, other stakeholders, and experts should be involved in selecting a strategy

3) Contingent Response strategies - generally only activated once a milestone is missed or some key measurement is triggered. The project team may make one decision related to risk but make that decision contingent upon certain conditions (i.e. deciding to mitigate a new technology risk by hiring a firm with expertise in that technology, but that decision might be contingent upon the outside firm meeting intermediate milestones related to that risk

Risk trigger - something that activates a risk. Someone should always be looking out for triggers

Output
1) Project document updates - updating the risk register with the specific plan on how to respond to the risks (or mitigate the risks). Documents and agreements that reflect risk related contract decisions may also be updated.

What is it risk management and why it is important?

What is risk management quizlet?

What is risk management easy definition?