PMBOK 7 - Risk Management - Free Practice Quiz

Question 1 of 150

Your project involves developing a new software product for a highly competitive market. You want to identify all potential project risks systematically. Which technique would be MOST appropriate to use first to identify both internal weaknesses and external threats?

A Monte Carlo simulation B SWOT analysis C Expert interviews D Risk probability-impact analysis

1 / 150

Question 2 of 150

During risk identification for a construction project, your team is having difficulty reaching consensus on all potential risks. Which technique would allow anonymous input to prevent dominant personalities from influencing risk identification results?

A Risk checklist review B Stakeholder interviews conducted one-on-one C Brainstorming session with all team members present D Delphi technique

2 / 150

Question 3 of 150

Your organization has completed several similar projects in the past. You want to leverage lessons learned and industry best practices to identify risks systematically. What is the BEST approach?

A Conduct SWOT analysis with external stakeholders only B Schedule multiple Delphi technique rounds C Perform Monte Carlo simulation using historical project data D Create a risk prompt list based on organization historical data and industry standards

3 / 150

Question 4 of 150

You are developing a Risk Breakdown Structure (RBS) for a large infrastructure project. What is the primary purpose of the RBS?

A To organize and categorize identified risks hierarchically B To determine the probability and impact of each risk C To quantify the financial impact of each identified risk D To allocate contingency reserves to risk categories

4 / 150

Question 5 of 150

During the Identify Risks process, your team discovers that a key assumption about vendor availability may not be valid. Where should this assumption be documented and analyzed?

A Assumptions log and cross-referenced in the risk register B Project scope statement C Stakeholder communication plan D Risk register only

5 / 150

Question 6 of 150

Your project team is identifying risks through document review. Which document would be MOST valuable for identifying schedule-related risks?

A Resource management plan B Quality management plan C Schedule baseline D Project charter

6 / 150

Question 7 of 150

In a brainstorming session for risk identification, one team member suggests that the project sponsor might withdraw funding if project delays occur. This is an example of which type of risk?

A External risk B Organizational risk C Technical risk D Schedule risk

7 / 150

Question 8 of 150

Your project is being executed in a country with unstable political conditions. Which risk identification technique would be MOST effective for identifying external geopolitical risks?

A Expert interviews with stakeholders familiar with the local environment B Delphi technique with senior management C Risk checklist based on historical organizational projects D SWOT analysis focusing on external threats

8 / 150

Question 9 of 150

During risk identification, your team identifies 47 potential risks. Before proceeding to qualitative analysis, the team wants to consolidate similar risks and ensure the risk register is manageable. Which action is appropriate?

A Discard risks with unknown probability B Perform immediate quantitative analysis on all risks C Combine similar risks and document relationships in the risk register D Accept all risks and document in the contingency plan

9 / 150

Question 10 of 150

In the context of PMBOK 7 Risk Management, which of the following BEST describes the relationship between individual project risks and overall project risk?

A Overall project risk is determined solely by the highest-impact individual risk B Individual risks and overall project risk are independent concepts C Overall project risk is the sum of all individual risks D Individual risks contribute to overall project risk, but overall project risk is not just their arithmetic sum

10 / 150

Question 11 of 150

A team member suggests including "project team members work efficiently" as a risk. Why should this be classified as an assumption rather than a risk?

A Because it is something the team plans to rely upon rather than something that might adversely affect the project B Because it represents a positive outcome rather than an uncertain event C Because team efficiency is always within project management control D Because efficiency cannot be measured objectively

11 / 150

Question 12 of 150

During risk identification for a product development project, your team uses both top-down and bottom-up approaches. Which statement BEST describes this integrated approach?

A Top-down approach captures all risks; bottom-up is unnecessary B Bottom-up approach is always more comprehensive than top-down C Top-down and bottom-up approaches produce duplicate risks that should be eliminated D Top-down identifies strategic risks while bottom-up identifies detailed execution risks

12 / 150

Question 13 of 150

In the Identify Risks process, your team discovers that a required technology platform is untested for your specific use case. Which artifact would primarily capture this finding?

A Quality management plan B Assumptions log entry only C Risk register entry D Project scope statement

13 / 150

Question 14 of 150

Your organization uses a standard Risk Breakdown Structure (RBS) for all projects. This year, your innovative project has risk sources that do not fit the standard RBS categories. What should you do?

A Tailor the RBS to include additional categories relevant to this project B Exclude risks that do not fit the standard RBS C Abandon the RBS and use unstructured risk identification D Force-fit all risks into existing RBS categories

14 / 150

Question 15 of 150

During risk identification interviews with subject matter experts, you notice that experienced team members identify significantly different risks than inexperienced team members. What does this suggest?

A Inexperienced team members should not participate in risk identification B Different perspectives and experience levels provide valuable and complementary risk insights C The risk identification process is flawed D Only expert opinions should be documented in the risk register

15 / 150

Question 16 of 150

Your project involves integrating systems from multiple vendors. During risk identification, a team member states, "We assume vendors will deliver on schedule." Why is this statement important?

A Because all vendor risks must be immediately escalated B Because on-time vendor delivery is within your direct control C Because vendor performance is not relevant to project risk D Because it identifies an assumption that, if invalid, represents a schedule risk

16 / 150

Question 17 of 150

A stakeholder asks why the project team spends time on risk identification when most identified risks will not occur. What is the BEST response?

A Identifying risks enables proactive planning, resource allocation, and communication - reducing surprise and enabling better decision-making B Only small projects benefit from formal risk identification C Risk identification primarily documents which team members are responsible for failures D Risk identification is required by PMI and must be done regardless of its value

17 / 150

Question 18 of 150

During brainstorming for risk identification, a junior team member suggests a risk that seems unlikely. The team leader dismisses it immediately. Why is this approach problematic?

A Low-probability risks should never be documented B Brainstorming should only include risks the team leader approves C Junior team members should not participate in brainstorming D Dismissing ideas prematurely can miss valid risks and discourages participation

18 / 150

Question 19 of 150

Your project is to implement a new business process across 50 locations. Which risk identification approach would MOST effectively capture location-specific execution risks?

A SWOT analysis at corporate headquarters B Risk checklist based on previous single-location implementations C Interviews with site managers and field teams at each location D Single Delphi technique session with senior executives

19 / 150

Question 20 of 150

In the Identify Risks process, you discover that project funding may be reduced by 20% if corporate results decline in Q3. This should be documented as:

A A specific risk in the risk register with triggers and response strategies B An assumption in the assumptions log only C A constraint in the project scope statement D A budget variance in project financial records

20 / 150

Question 21 of 150

Your team uses a risk prompt list to identify risks. The list includes categories such as Technical, Organizational, External, and Schedule. What is the advantage of using a structured prompt list?

A It guarantees that all risks will be identified B It eliminates the need for qualitative risk analysis C It replaces the need for expert input D It systematically ensures consideration of major risk categories and reduces the likelihood of missing important risk areas

21 / 150

Question 22 of 150

During risk identification for a software development project, the team identifies the risk: "Development team may lack expertise in the required technology stack." This is an example of:

A An external risk B A budget risk C An organizational/resource-related risk D A schedule risk

22 / 150

Question 23 of 150

A project sponsor asks why risk identification cannot be completed in a single two-hour meeting. What is the BEST explanation?

A Comprehensive risk identification requires multiple techniques, diverse perspectives, and adequate time for thorough exploration B Risk identification should only be done after project planning is complete C Two hours is sufficient but most teams are inefficient D Risk identification is primarily an administrative process requiring minimal discussion

23 / 150

Question 24 of 150

Your organization has experienced problems with vendor performance in past projects. How should this organizational history inform the current project's risk identification?

A Vendor selection is determined by senior management and should not be included in risk planning B Only risks not experienced before should be identified C Vendor performance risks should be excluded as they are external to the project D This history should prompt identification of similar vendor-related risks and more stringent vendor management strategies

24 / 150

Question 25 of 150

The Identify Risks process is described as ongoing throughout the project. Which statement BEST explains why risk identification continues after the project has started?

A To justify the project manager's continued employment B To find risks that were overlooked during initial planning C New risks emerge as project work progresses, assumptions are validated or invalidated, and the project environment changes D Risk identification is only retrospectively useful after problems occur

25 / 150

Question 26 of 150

You are conducting qualitative risk analysis using a probability-impact matrix. A risk has a 30% probability of occurring and would result in a $200,000 cost increase if it occurs. How would this risk typically be classified?

A Medium risk (yellow zone) B Cannot be determined without knowing the project budget C High risk (red zone) D Low risk (green zone)

26 / 150

Question 27 of 150

During qualitative risk analysis, you are assessing risk probability and impact. What is the PRIMARY advantage of using a standardized probability-impact matrix?

A It automatically distributes risks among team members B It calculates the Expected Monetary Value for all risks C It provides consistent, transparent criteria for evaluating and prioritizing risks D It eliminates the need for risk response planning

27 / 150

Question 28 of 150

Your organization uses a 5x5 probability-impact matrix with these definitions: Probability 0.1=1, 0.3=2, 0.5=3, 0.7=4, 0.9=5. A risk assessed as P=0.5, I=5 would have what risk score?

A 3 B 15 C 0.5 D 8

28 / 150

Question 29 of 150

Risk urgency assessment is performed during qualitative risk analysis. Which of the following is an appropriate consideration for assessing urgency?

A The number of team members assigned to the project B The time available before the risk event may occur and response actions would be needed C Whether the risk has occurred on previous similar projects D The total project budget

29 / 150

Question 30 of 150

You are assessing the quality of data available for qualitative risk analysis. One risk is based on a single expert's opinion with limited historical precedent. How should this affect your risk assessment?

A Exclude this risk from further analysis B Document the lower data quality and apply appropriate caution in interpreting results C Accept the expert opinion as definitive without question D Immediately implement risk response strategies

30 / 150

Question 31 of 150

In qualitative risk analysis, you identify that three similar individual risks could be grouped and managed together. This is an example of:

A Quantitative risk analysis B Risk response planning C Risk monitoring and control D Risk categorization and consolidation

31 / 150

Question 32 of 150

Your qualitative risk analysis identifies five risks in the "high" priority category. What is the MOST appropriate next step?

A Implement immediate risk response for all five risks B Wait until the risks occur before planning responses C Exclude the high-priority risks from further consideration as they are too severe D Perform quantitative analysis on high-priority risks to better understand their financial impact

32 / 150

Question 33 of 150

A risk is assessed as having high probability but very low impact on the project. According to a probability-impact matrix, how should this risk be prioritized?

A As a high-priority risk requiring immediate response B As a low-priority risk, as the overall risk priority is determined by multiplying probability and impact C As a medium-priority risk regardless of the impact assessment D High probability risks are always managed first regardless of impact

33 / 150

Question 34 of 150

During qualitative risk analysis, you use a probability-impact matrix to categorize risks. A risk lands in the medium zone (borderline between medium and high). What is the BEST action?

A Automatically downgrade to low-priority to reduce management overhead B Proceed directly to quantitative analysis without further qualitative evaluation C Automatically escalate to high-priority regardless of other factors D Use additional qualitative factors such as urgency, stakeholder impact, and risk triggers for further assessment

34 / 150

Question 35 of 150

What is the relationship between individual risk probability/impact assessment and overall project risk in qualitative analysis?

A Individual risks are summed to calculate overall project risk B Individual risk assessments inform understanding of overall project risk, but interactions and correlations must also be considered C They are independent - overall project risk is not based on individual risks D Only the highest-impact individual risk determines overall project risk

35 / 150

Question 36 of 150

A stakeholder questions why a risk with low probability is being managed when it is "unlikely" to occur. What is the BEST response?

A Explain that while probability is low, the impact if it occurs justifies response planning B Agree to remove the risk from the risk register C Explain that all risks must be managed equally regardless of probability D Acknowledge that unlikely risks should be ignored to focus resources on likely risks

36 / 150

Question 37 of 150

In qualitative risk analysis, you are prioritizing risks across a large portfolio of projects. Which statement BEST describes appropriate prioritization criteria?

A Prioritization should be based on probability-impact assessment, urgency, and alignment with organizational strategic goals B All risks should be prioritized equally across all projects C Risks should be prioritized based solely on historical frequency D Senior management should assign all priorities without team input

37 / 150

Question 38 of 150

You are assessing whether a risk's probability-impact assessment is reliable for decision-making. What factors should be evaluated in risk data quality assessment?

A Only the source of probability data (expert opinion, historical data, simulation) B The relevance of available data, expertise of assessment participants, and reliability of underlying assumptions C Only the magnitude of potential impact D Only the most recent risk data available

38 / 150

Question 39 of 150

During qualitative risk analysis, you identify that two risks are correlated - if one occurs, the other is more likely to occur as well. How should this affect their prioritization?

A They should be considered together with higher overall priority due to their potential combined impact B They should be deprioritized as they represent redundant concerns C Correlated risks should be analyzed separately without considering their relationship D Only the higher-impact risk should be managed

39 / 150

Question 40 of 150

A risk is assessed as having "Medium" probability and "Critical" impact. However, the project timeline is such that there would be no time to implement response strategies if the risk were to occur. How should this affect the risk categorization?

A The project should be delayed to ensure sufficient time for risk response B This risk should be elevated to higher priority due to urgency - there is insufficient time for response C Urgency is only considered in quantitative analysis, not qualitative D The probability-impact classification cannot be changed; urgency is not a factor

40 / 150

Question 41 of 150

Your qualitative risk analysis uses a 3x3 probability-impact matrix. How would you distinguish between a risk in the middle cell (medium probability, medium impact) and a risk in a corner cell (high probability, high impact)?

A The middle cell risk should be monitored while the corner cell risk should be ignored B The corner cell risk is higher priority based on the matrix classification alone, though middle cell risks may be elevated due to urgency or other factors C The middle cell risk is more important and requires more detailed analysis D They should be managed identically as they are in the same risk category

41 / 150

Question 42 of 150

In PMBOK 7, the Perform Qualitative Risk Analysis process includes assessing risk characteristics. Which of the following is NOT typically assessed in qualitative analysis?

A Expected Monetary Value calculation B Impact on project objectives C Probability of occurrence D Urgency of the risk

42 / 150

Question 43 of 150

You are presenting qualitative risk analysis results to executive sponsors. A sponsor questions why a risk with only 10% probability is being discussed. What is the BEST response?

A Move the risk to the "future consideration" category indefinitely B Explain that this 10% probability risk has a critical impact that justifies risk management attention C Agree to remove the risk from further management planning D Ignore the sponsor's question and focus on high-probability risks only

43 / 150

Question 44 of 150

During qualitative risk analysis, you are refining probability and impact definitions to ensure consistency across the project team. Why is this definition refinement important?

A It ensures that all risks will be prevented from occurring B It ensures that all team members assign probabilities and impacts based on the same criteria, improving consistency and comparability C It eliminates the need for risk response planning D It reduces the total number of identified risks

44 / 150

Question 45 of 150

What is the PRIMARY difference between qualitative and quantitative risk analysis in terms of their approach?

A Qualitative analysis is more accurate than quantitative analysis B Qualitative analysis uses descriptions and scales; quantitative analysis uses numerical probabilities and financial calculations C Qualitative analysis cannot consider financial impacts D Quantitative analysis must be performed before qualitative analysis

45 / 150

Question 46 of 150

You are performing quantitative risk analysis using Expected Monetary Value (EMV). A risk has a 40% probability and would result in a $100,000 loss if it occurs. What is the EMV of this risk?

A $140,000 B $40,000 C $60,000 D $100,000

46 / 150

Question 47 of 150

In a decision tree analysis for quantitative risk analysis, you have two paths: Path A (70% probability, $50,000 positive outcome) and Path B (30% probability, $80,000 positive outcome). What is the expected value of the better option?

A $59,000 B $35,000 C $24,000 D $49,000

47 / 150

Question 48 of 150

Your project has identified three independent risks with EMVs of $15,000, $22,000, and $8,000 respectively. What is the total contingency reserve that should be established?

A $22,000 (highest single EMV) B $45,000 (sum of all EMVs) C $15,000 (highest individual risk) D $67,000 (sum plus a management reserve)

48 / 150

Question 49 of 150

In quantitative risk analysis, you are constructing a decision tree to evaluate whether to perform additional testing (Cost: $30,000) before product launch. With testing: 90% chance of success with $500,000 profit. Without testing: 60% chance of success with $500,000 profit. What is the net benefit of performing testing?

A $45,000 B $105,000 C $75,000 D $120,000

49 / 150

Question 50 of 150

You are using Monte Carlo simulation for quantitative risk analysis of project schedule. What does the simulation output provide that single-point estimation cannot?

A A probability distribution showing the range of possible project completion dates and their likelihoods B Elimination of all schedule uncertainty C The optimal project schedule D A single predicted project completion date

50 / 150

Question 51 of 150

In a sensitivity analysis, Task A has a sensitivity index of 0.85 while Task B has an index of 0.42. What does this indicate?

A Task B is more risky than Task A B Task A's duration has more impact on the overall project schedule C Task B should be eliminated from the project D Task A is more critical to the project

51 / 150

Question 52 of 150

A tornado diagram from sensitivity analysis shows "Resource Availability" as the widest bar. What does this indicate in the context of schedule risk analysis?

A Resource availability is the most critical schedule variable - uncertainty in resource availability creates the widest range of schedule outcomes B A tornado event will impact the project schedule C Resources are not available for the project D Resource availability has the least impact on the schedule

52 / 150

Question 53 of 150

When using probability distributions in quantitative risk analysis (e.g., for cost or schedule estimation), what does a narrow distribution indicate?

A High uncertainty - the outcome could vary widely B The estimate should be increased C The estimate is guaranteed to be accurate D Low uncertainty - the outcome is likely to be close to the mean value

53 / 150

Question 54 of 150

Your quantitative risk analysis uses a triangular probability distribution with optimistic=$80K, most likely=$100K, and pessimistic=$150K for a project cost. Which statement is TRUE?

A The triangular distribution assumes all values between optimistic and pessimistic are equally likely B The triangular distribution peaks at the most likely value, with decreasing probability toward both optimistic and pessimistic values C The pessimistic value is twice as likely as the optimistic value D The most likely value ($100K) will definitely occur

54 / 150

Question 55 of 150

In quantitative risk analysis, you calculate a 95% confidence level for the project schedule. What does this mean?

A A and B are both correct B There is a 95% probability that the project will be completed by the calculated date C The project completion date is 95% accurate D There is a 5% probability that the project will exceed the calculated date

55 / 150

Question 56 of 150

You are performing quantitative analysis on three correlated cost risks. How would correlation between risks affect your contingency reserve calculation?

A Correlation has no effect on contingency reserve; simply sum the individual EMVs B Contingency cannot be calculated when risks are correlated C Positive correlation reduces the total contingency needed because risks partially offset each other D Positive correlation may increase the total contingency because risks amplify each other

56 / 150

Question 57 of 150

A Monte Carlo simulation for project cost produces a probability distribution with a mean of $500,000 and a standard deviation of $50,000. What does the standard deviation represent?

A The most likely project cost B A measure of uncertainty or variability in the cost estimate C The minimum possible project cost D The management reserve required

57 / 150

Question 58 of 150

In quantitative risk analysis using decision trees, what is the purpose of folding back the tree from right to left?

A To calculate expected values at each decision node by working backward from final outcomes B To eliminate risks from further consideration C To reduce the overall project risk D To display the tree more neatly in presentations

58 / 150

Question 59 of 150

You have performed quantitative analysis on schedule and cost risks, producing a confidence level for both. How should these be integrated into project planning?

A Use only the cost confidence level as schedule is secondary B Ignore confidence levels and use deterministic estimates C Create separate contingency reserves for schedule (schedule buffer) and cost (contingency reserve) D Use the higher confidence level for both schedule and cost

59 / 150

Question 60 of 150

In sensitivity analysis, if Cost Risk has a correlation coefficient of -0.72 with project profit, what does this indicate?

A Profit will increase as cost increases B Cost risk has no meaningful relationship with profit C This correlation is too weak to consider in decision-making D Cost risk has a strong negative relationship - as cost risk increases, project profit decreases significantly

60 / 150

Question 61 of 150

You are reviewing a Monte Carlo simulation report showing 10,000 iterations of project schedule outcomes. The P50 (50th percentile) is 15 months and P95 (95th percentile) is 18 months. How should you interpret this?

A The project will definitely be completed between 15 and 18 months B There is a 50% probability of 15 months or less and a 95% probability of 18 months or less C You should plan for exactly 15 months D There is a 50% chance of completing in 15 months and a 95% chance of completing in 18 months

61 / 150

Question 62 of 150

During quantitative risk analysis, you discover that Activity X's duration uncertainty has the highest sensitivity index. What should be your FIRST response?

A Ignore it as it's already been identified B Conduct detailed risk response planning for activities that impact Activity X or depend on it C Immediately crash Activity X to reduce its duration D Eliminate Activity X from the project

62 / 150

Question 63 of 150

A quantitative risk analysis using Expected Monetary Value (EMV) for multiple independent risks totals $120,000. Is this amount necessarily your contingency reserve?

A Not necessarily - EMV is the expected value, but management reserve should be added for unknown unknowns B Only if the project budget exceeds $500,000 C Yes, EMV directly equals contingency reserve D No, EMV cannot be used for contingency reserve calculation

63 / 150

Question 64 of 150

In a sensitivity analysis tornado diagram, which variable should receive the MOST attention for risk management?

A The variable at the top of the diagram (highest impact/sensitivity) B The variable at the bottom of the diagram (lowest impact/sensitivity) C The variable with the widest range regardless of position D All variables should receive equal attention

64 / 150

Question 65 of 150

You are comparing two quantitative risk analysis scenarios. Scenario A has EMV = $50,000 with standard deviation = $10,000. Scenario B has EMV = $50,000 with standard deviation = $25,000. Which scenario is preferred?

A The decision requires additional strategic considerations B Scenario A - same expected value but lower uncertainty (more predictable outcome) C They are equivalent because EMV is identical D Scenario B - higher standard deviation provides more buffer

65 / 150

Question 66 of 150

In quantitative risk analysis, a uniform probability distribution for a cost estimate would indicate:

A The estimate is certain with no variation B The mean value is most likely, with decreasing probability toward the extremes C All values between the minimum and maximum are equally likely D The maximum value is most likely

66 / 150

Question 67 of 150

Your quantitative risk analysis indicates that project cost has a 15% chance of exceeding the budget by $80,000 or more. Which statement is appropriate?

A A contingency reserve of at least $80,000 should be established to address this tail risk B The project should be cancelled due to this risk C No action is needed because 15% is a low probability D The budget should be increased by only $12,000 (15% × $80,000)

67 / 150

Question 68 of 150

In decision tree analysis, you have a choice between Option A (certain $150,000 cost) and Option B (50% chance of $100,000, 50% chance of $200,000). Which is the better decision based on Expected Monetary Value?

A Option A because certainty is always preferred B Option B because the maximum value is higher C Both options have equal EMV ($150,000), so choice depends on risk tolerance D Option A because it is certain

68 / 150

Question 69 of 150

A Monte Carlo simulation produces results showing that the 80th percentile (P80) for project schedule is 16 weeks. What does this mean for planning?

A There is an 80% probability of completing within 16 weeks B A and C are both correct C There is a 20% probability of completing within 16 weeks D There is a 20% probability of exceeding 16 weeks

69 / 150

Question 70 of 150

You have completed quantitative risk analysis using Monte Carlo simulation with 50,000 iterations. The cost probability distribution is normal with mean=$500,000 and standard deviation=$60,000. Approximately what percentage of outcomes fall within $380,000 to $620,000?

A 95% B 68% C 99.7% D Cannot be determined without seeing the distribution

70 / 150

Question 71 of 150

In quantitative risk analysis, why might you choose to analyze only the high-priority risks identified in qualitative analysis rather than all identified risks?

A All risks must be quantitatively analyzed B Quantitative analysis is very time-intensive; focusing on high-priority risks provides the best return on analysis effort C Quantitative analysis cannot be performed on low-priority risks D Low-priority risks are unimportant and can be ignored

71 / 150

Question 72 of 150

Your sensitivity analysis identifies that the project schedule is highly sensitive to "Resource Availability." How should this finding influence risk response planning?

A It indicates the project should be abandoned if resources might be unavailable B It suggests all resources should be hired immediately C It confirms that response planning should focus on ensuring resource availability and reducing uncertainty in resource allocation D It has no impact on response planning

72 / 150

Question 73 of 150

In quantitative risk analysis using probability distributions, what is the difference between the mean and the mode of a distribution?

A Mode is the average; mean is the most likely value B The difference is negligible for risk analysis purposes C Mean is the average value; mode is the most frequently occurring value D They are identical concepts

73 / 150

Question 74 of 150

You have performed quantitative analysis producing a confidence level schedule and confidence level cost estimate. What is the appropriate baseline for project planning?

A Use the confidence-level estimates (e.g., P80 or P85) as the baseline and add management reserve B Use the most optimistic estimates as the baseline C Use the mean values from the probability distributions D Use the most pessimistic estimates as the baseline

74 / 150

Question 75 of 150

A Monte Carlo simulation for your project shows a cost distribution that is highly skewed to the right (tail extends to high costs). What does this distribution shape suggest?

A All outcomes are equally likely B The project is very likely to come in under budget C There is potential for significant cost overruns, with some scenarios producing much higher costs than the most likely value D The cost estimate is very reliable

75 / 150

Question 76 of 150

Your project faces a risk that the primary vendor may not deliver components on time, causing schedule delays. Which response strategy would BEST address this threat?

A Transfer the risk through contractual penalties for late delivery B Escalate the risk to the sponsor C Mitigate by establishing a second source vendor and expedited delivery agreements D Accept the risk and plan for delays

76 / 150

Question 77 of 150

A significant organizational risk has been identified: the project sponsor may be reassigned to another priority. Which response strategy would BEST manage this threat?

A Avoid by postponing the project B Accept and document contingency plans C Escalate to senior management for reassignment prevention D Mitigate by developing a detailed project charter and establishing regular stakeholder communication

77 / 150

Question 78 of 150

Your agile project has identified a technical risk: the development team lacks experience with a required framework. What would be an appropriate MITIGATION strategy?

A Accept the risk and proceed with development despite inexperience B Include spike stories early in the backlog to explore the framework, schedule technical training, or bring in a contractor with expertise C Transfer the development responsibility to a different team D Avoid using the framework entirely

78 / 150

Question 79 of 150

Your project can purchase insurance to cover potential liability claims. This is an example of which risk response strategy?

A Mitigate B Avoid C Transfer D Accept

79 / 150

Question 80 of 150

Your manufacturing project has identified a risk that equipment may become obsolete due to rapid technological change. Which response strategy would BEST address this threat?

A Avoid the project to prevent obsolescence risk B Mitigate through phased equipment procurement to align with technology evolution C Accept the obsolescence and budget for replacement D Transfer through leasing instead of purchasing equipment

80 / 150

Question 81 of 150

Your project has identified an opportunity: a strategic partnership might accelerate product adoption in the market. Which response strategy would BEST capitalize on this opportunity?

A Enhance the opportunity by building partnerships and co-marketing arrangements B Ignore the opportunity and proceed with planned marketing C Share the opportunity with competitors D Exploit the opportunity by actively pursuing the partnership

81 / 150

Question 82 of 150

Your project has identified an opportunity that could reduce development time by 20%. However, exploiting it would require investing an additional $50,000 and introduces some technical uncertainty. What should the project manager do?

A Automatically exploit because reducing time is always beneficial B Analyze the opportunity using expected value: Is the time saving and other benefits worth the $50,000 investment and technical uncertainty? C Avoid the opportunity due to additional cost D Share the opportunity with all stakeholders and let them decide

82 / 150

Question 83 of 150

A residual risk is BEST described as:

A A risk that was identified but rejected during risk analysis B A new risk that emerges during project execution C The remaining risk after risk response strategies have been implemented D A risk that is transferred to a third party

83 / 150

Question 84 of 150

You implement a risk response strategy to mitigate a schedule risk. As a result, the probability decreases from 40% to 15%, and the impact (schedule delay) decreases from 6 weeks to 3 weeks. What is the residual risk in terms of days of schedule impact?

A 6.3 days B Cannot be determined from given information C 2.4 days D 3.6 days

84 / 150

Question 85 of 150

A secondary risk is BEST defined as:

A A risk that occurs if another risk materializes B A risk that only affects secondary stakeholders C A risk that is less important than primary risks D A new risk that is created as a result of implementing a risk response strategy

85 / 150

Question 86 of 150

Your team implements a risk mitigation strategy, but it becomes clear the risk probability cannot be reduced below 25%. The mitigation cost is $80,000. How should the project manager proceed?

A Continue mitigation anyway regardless of cost B Immediately escalate the risk to the sponsor C Abandon the mitigation as it has failed D Establish contingency reserves for residual risk and ensure residual risk (25% probability) is monitored and responded to if it occurs

86 / 150

Question 87 of 150

In PMBOK 7 terminology, what is a CONTINGENT RESPONSE?

A A pre-planned response that is implemented if a specific trigger occurs B A risk response strategy for threats C An opportunity response that shares benefits with stakeholders D A response that is always implemented regardless of circumstances

87 / 150

Question 88 of 150

Which of the following is an appropriate contingent response to a schedule risk?

A Immediately compress the schedule regardless of task progress B Hire additional staff for all tasks C Accept any schedule delay and adjust deadlines accordingly D If the critical path task has not completed by day 15 when day 20 was planned, implement the compression plan

88 / 150

Question 89 of 150

Your project has identified a risk for which no viable response strategy exists - the project cannot avoid it, mitigate it sufficiently, or transfer it. What should be done?

A Ignore the risk and hope it does not occur B Accept the risk, establish contingency reserves, and implement monitoring and triggering responses C Cancel the project immediately D Escalate the risk to the sponsor or portfolio management

89 / 150

Question 90 of 150

Which of the following is an example of an OPPORTUNITY response for the strategy "Share"?

A Training team members to better exploit their skill development opportunities B Purchasing equipment to capture a market opportunity C Escalating a positive market trend to senior management D Forming a partnership with another organization to jointly exploit a market expansion opportunity

90 / 150

Question 91 of 150

Your project faces a constraint: budget is fixed and cannot be increased. A risk response strategy would cost $30,000. What response approach is most appropriate?

A Escalate to the sponsor to request additional budget B Implement the response regardless of budget constraints C Reallocate budget from lower-priority activities to fund the response, or accept the residual risk D Avoid spending on risk response to preserve budget

91 / 150

Question 92 of 150

A "workaround" in the context of risk management is:

A A contingent response that is triggered by a specific event B A risk response strategy that transfers risk to another party C An unplanned response to a risk that has already materialized D A proactive mitigation strategy implemented before the risk occurs

92 / 150

Question 93 of 150

Your project has implemented a mitigation strategy for technical risk (additional training and a knowledge base). Who should be assigned as the RISK OWNER to monitor this mitigation?

A A dedicated risk manager (they specialize in risk) B The technical team member most experienced in the knowledge domain C The project sponsor (they have ultimate authority) D The project manager (they coordinate all risk management)

93 / 150

Question 94 of 150

You are assigning risk owners for a portfolio of project risks. Which characteristic is MOST important for a risk owner?

A Senior organizational position B Formal risk management certification C Project management experience D Ability and authority to influence the risk response

94 / 150

Question 95 of 150

Your project is implementing a risk response strategy to escalate an organizational risk. What does escalation mean in this context?

A Increasing the severity level of the risk in the risk register B Communicating the risk to all stakeholders C Implementing an immediate emergency response D Passing the risk or its management to a higher organizational level because the project cannot manage it

95 / 150

Question 96 of 150

Which is the BEST example of an opportunity response for "Enhance"?

A Forming a partnership to jointly exploit a market opportunity B Identifying a technology upgrade that could improve product performance quality C Investing in capabilities to strengthen a competitive advantage opportunity D Choosing to not pursue a risky opportunity

96 / 150

Question 97 of 150

You have identified an opportunity for cost reduction but decide it is not aligned with project strategy. This is an example of which opportunity response strategy?

A Share B Reject (or Ignore) C Enhance D Exploit

97 / 150

Question 98 of 150

Your project has identified multiple medium-priority risks with mitigation strategies that collectively cost $200,000 to implement. The project budget is $5,000,000. Should all mitigation strategies be implemented?

A No, because the cost is too high relative to the risk value B Only implement mitigations for the highest-priority risk C Evaluate the risk-return trade-off: What is the expected value of risks if NOT mitigated? Compare to mitigation cost ($200,000). If risk impact is greater, implement mitigations D Yes, because mitigation is always beneficial regardless of cost

98 / 150

Question 99 of 150

During execution, a risk that was mitigated shows signs the mitigation is not as effective as expected. The risk probability is increasing. What is the BEST action?

A Implement a different mitigation strategy without analyzing the issue B Investigate why mitigation is underperforming, adjust the mitigation strategy, and potentially escalate if necessary C Accept the increased risk and do nothing D Implement the contingent response immediately

99 / 150

Question 100 of 150

A contingent response has been triggered because a risk trigger has occurred. However, the contingent response is estimated to cost $120,000, while the original risk contingency reserve was only $80,000. What should be done?

A Request additional budget, adjust the project, or escalate the decision to the sponsor B Do not implement the contingent response since it exceeds the reserve C Implement the full response and adjust other budgets to compensate D Implement only a partial contingent response to stay within budget

100 / 150

Question 101 of 150

An "avoid" response strategy for a threat typically involves:

A Accepting the risk and planning for it B Reducing the impact if the threat occurs C Reducing the probability of the threat D Eliminating the risk by changing the project approach or scope

101 / 150

Question 102 of 150

Your project has a "finish-to-finish" dependency between Task A and Task B, creating schedule risk if Task A is delayed. An "avoid" response might be:

A Add a time buffer to Task B B Monitor Task A completion date closely C Hire additional resources for Task B D Change Task B to start after Task A finishes with a one-day lag, reducing dependency risk

102 / 150

Question 103 of 150

Your organization offers employees retention bonuses to mitigate the risk of key staff departing mid-project. This is an example of which response strategy?

A Mitigate (reducing the probability of staff departures) B Avoid (avoiding staff loss by offering incentives) C Accept (accepting that retention is important) D Transfer (transferring responsibility for retention)

103 / 150

Question 104 of 150

In agile projects, a "risk-based spike" is typically used to address which type of risk?

A Schedule risks B Budget risks C Stakeholder satisfaction risks D Technical or knowledge uncertainty risks

104 / 150

Question 105 of 150

Your project has developed a comprehensive risk response plan, but a completely unexpected risk emerges during execution (an unknown unknown). How should this be handled?

A Develop a workaround and implement immediate response; document as a new risk; use management reserve to fund B Cancel the project C Ignore it and continue with the original plan D It cannot be handled because risk planning did not address it

105 / 150

Question 106 of 150

What is the relationship between risk appetite, risk tolerance, and risk threshold in PMBOK 7 risk management?

A They apply only to portfolio-level risk management B They are identical concepts C Appetite = overall willingness; Tolerance = acceptable ranges; Threshold = the decision point D Only risk appetite matters; the others are less important

106 / 150

Question 107 of 150

A stakeholder says, "We can tolerate up to a 4-week schedule slip but not more." This statement BEST describes:

A Risk trigger B Risk threshold C Risk appetite D Risk tolerance

107 / 150

Question 108 of 150

Your organization's risk appetite is HIGH - they are willing to accept significant risk in pursuit of strategic innovation. How should this affect risk response strategy selection?

A Appetite is irrelevant to response strategy selection B Only accept risks; implement no mitigation or contingency planning C Invest more in opportunities; accept more risks and focus response efforts on high-impact threats D Cancel high-risk projects to protect the organization

108 / 150

Question 109 of 150

During risk response planning, you identify that mitigation for Risk A would have a secondary risk. How should secondary risks be managed?

A They should be automatically accepted B They should be avoided at all costs C They should be documented, assessed, and planned for like any other identified risk D They should be ignored because they result from planned mitigation

109 / 150

Question 110 of 150

A risk response plan must include certain elements. Which is NOT typically included?

A Selected response strategy and specific actions B Name and contact information of all project team members C Description of risk and its triggers D Risk owner assignment and responsibility

110 / 150

Question 111 of 150

During project execution, you notice that a risk trigger for vendor delivery delay has been met. What is the FIRST appropriate action?

A Accept the delay and adjust the schedule B Confirm the risk has actually materialized and assess impact; then implement contingent response if appropriate C Immediately implement the contingent response D Escalate to the sponsor immediately

111 / 150

Question 112 of 150

Your project uses variance and trend analysis for risk monitoring. You notice that work is currently 5% over budget, and the trend shows cost overruns are increasing (3%, 4%, 5% over the last three reporting periods). What does this trend suggest?

A No concern; 5% variance is acceptable B The project will come in under budget overall C Budget variance is random and will stabilize D The risk of significant budget overrun is increasing; investigate root causes and implement corrective actions

112 / 150

Question 113 of 150

In risk monitoring, you conduct a risk audit to review implemented risk responses. A risk owner reports that planned mitigation activities have been completed, but the risk probability has not decreased as expected. What should be done?

A Investigate why mitigation is not achieving expected results; adjust strategy or escalate B Accept the mitigation has been completed and move forward C Blame the risk owner for poor execution D Double the mitigation budget

113 / 150

Question 114 of 150

Technical Performance Measurement (TPM) in risk monitoring involves:

A Measuring actual progress against technical performance requirements and specifications B Assigning numerical ratings to team member performance C Evaluating vendor performance against contract terms D Measuring actual project schedule and cost performance

114 / 150

Question 115 of 150

You are performing reserve analysis during project execution. You observe that the contingency reserve is being consumed faster than expected. What does this indicate?

A The project is performing well B Reserve analysis cannot provide this information C Multiple risks are occurring or actual impacts are higher than expected; evaluate remaining reserve sufficiency D The risks were overestimated during planning

115 / 150

Question 116 of 150

During project monitoring, a previously unidentified risk emerges. What is the appropriate action in the Perform Integrated Change Control process?

A Ignore it since it was not in the original risk register B Immediately escalate to executive management C Treat it as a new identified risk; assess, document in risk register, determine if change request is needed D Implement an emergency response without further analysis

116 / 150

Question 117 of 150

A risk reassessment during project execution indicates that a previously HIGH probability risk now has MEDIUM probability due to conditions changing. How should this affect the project?

A Escalate the improvement to the sponsor B Remove the risk from the register immediately C Update the risk register with the new probability; potentially reduce contingency allocation if reserve is still adequate D Continue with the original response plans unchanged

117 / 150

Question 118 of 150

Your project is experiencing a significant issue that was not identified as a risk during planning. This represents:

A An unknown unknown (unidentified risk) B A schedule variance C A known unknown (identified risk that occurred) D A management failure

118 / 150

Question 119 of 150

During risk audits, you find that some identified risks have stale or incomplete information (trigger conditions undefined, owner unclear). What action is appropriate?

A Close the risk register early B Assume stale risks are no longer relevant C Update risk information, clarify triggers and owners, and re-communicate D Remove stale risks from the register

119 / 150

Question 120 of 150

A risk trigger is defined as "Vendor misses milestone delivery by more than 3 days." This trigger is observed. What is the status of this risk?

A The trigger indicates a schedule variance, not a risk B The risk should be escalated immediately C The risk HAS occurred and response must be implemented D The trigger condition is MET but further assessment is needed to confirm risk materialization and impact

120 / 150

Question 121 of 150

In Earned Value Management (EVM), schedule variance indicates project timing issues. How does EVM connect to risk monitoring?

A EVM replaces risk monitoring B EVM schedule variance is unrelated to risk monitoring C EVM is only used for cost management D EVM variance and trends reveal whether risks are materializing and impacting schedule or budget; used to monitor effectiveness

121 / 150

Question 122 of 150

Your project has passed the point where a significant schedule risk could have occurred. The risk trigger has not been met and the risk appears to have passed. What should be done?

A Close the risk immediately B Assume the risk will reoccur later C Continue treating it as an active risk with full contingency reserve D Remove the risk from active management but maintain it in the risk register with "closed/passed" status; document lessons learned

122 / 150

Question 123 of 150

During risk monitoring, you observe that project performance is tracking at exactly the baseline. However, there is HIGH variability (some activities ahead, others behind). What does this pattern suggest?

A While overall performance is at baseline, internal variability indicates risks in some areas are materializing and being offset by other areas performing better B Everything is fine; performance is on baseline C All risks have been successfully mitigated D The project requires no further risk monitoring

123 / 150

Question 124 of 150

A risk monitoring process includes reviewing lessons learned from similar projects in your organization. How does this inform current project risk management?

A Organizational lessons can identify risks that may recur and support reassessment of mitigation effectiveness B They should be used to blame team members C Historical lessons are not relevant to current projects D Lessons learned only apply to post-project closing

124 / 150

Question 125 of 150

During risk monitoring, a risk previously assessed as "Independent" now shows correlation with another risk (if one occurs, the other becomes much more likely). What action is appropriate?

A Keep the risks separate as originally planned B Update the risk register to document the correlation; reassess combined impact and contingency adequacy C No action; independence assessment was correct D Immediately implement both risk responses

125 / 150

Question 126 of 150

Your project has transitioned to the Monitoring and Controlling phase. Should risk identification and analysis cease?

A Only for new risks; previously identified risks are fixed B Only if risks have been fully mitigated C Yes, identification and analysis are planning processes and should not continue D No, risk identification and assessment continue throughout the project as new information emerges

126 / 150

Question 127 of 150

Risk monitoring reveals that contingency reserves are nearly exhausted, but multiple high-priority risks remain active. What is the PRIMARY action?

A Accept all remaining risks without response B Close the risk register and assume remaining risks will not occur C Escalate for additional funding and reassess remaining risks for potential impacts D Implement all remaining risk responses immediately

127 / 150

Question 128 of 150

A risk monitoring report shows that one risk response strategy is more cost-effective than projected. This discovery is valuable because it:

A Has no value since it is already being implemented B Means risk monitoring can cease C Proves the original risk analysis was wrong D Provides organizational learning for future projects and may enable reallocation of reserve to other priorities

128 / 150

Question 129 of 150

During the project, you review risk response effectiveness using both quantitative metrics (is probability/impact decreasing?) and qualitative assessment (team member observations). This is best described as:

A Unnecessary duplication of effort B Qualitative assessment alone is sufficient C Integrated risk monitoring using multiple assessment approaches to gain comprehensive insight into response effectiveness D Only quantitative metrics are valid

129 / 150

Question 130 of 150

At project closure, risk management should include:

A Moving all remaining risks to the next project B Eliminating the risk register C Documenting final risk status, lessons learned about risk management effectiveness, and organizational knowledge transfer D Archiving all risks without further review

130 / 150

Question 131 of 150

In agile projects, how is risk management integrated differently compared to traditional waterfall projects?

A Risk management is eliminated in agile projects B Risk management is performed at the beginning only C Risks are identified in iterations/sprints, and responses are incorporated into backlog prioritization and spike stories D Agile teams do not maintain a risk register

131 / 150

Question 132 of 150

In agile projects, how should the risk-adjusted backlog be prioritized?

A Risks are never considered in backlog prioritization B Business value is adjusted by risk factors - high-risk items may receive priority to address uncertainty early C Only the highest-risk items are included in the backlog D Business value alone determines backlog priority

132 / 150

Question 133 of 150

What is a "technical spike" in the context of agile risk management?

A A spike in project cost B A method to escalate risks C A spike in schedule delays D A time-boxed investigation of a technical risk or uncertainty to reduce knowledge gaps

133 / 150

Question 134 of 150

How does Earned Value Management (EVM) integrate with risk management?

A EVM replaces risk management B EVM metrics (schedule/cost variance, trends) help identify if risks are materializing and if contingency reserves are being consumed appropriately C Risk management provides the basis for EVM calculations D EVM and risk management are completely separate

134 / 150

Question 135 of 150

An organization has high risk appetite for innovation but low risk tolerance for operational disruptions. How should project risk management reflect this difference?

A Ignore risk appetite and tolerance as they are not relevant B Accept more innovation risks (higher appetite) while implementing strict controls on operational/service continuity risks (lower tolerance) C High appetite overrides tolerance requirements D Treat all risks identically regardless of appetite or tolerance

135 / 150

Question 136 of 150

What is the relationship between Enterprise Risk Management (ERM) and project-level risk management in PMBOK 7?

A ERM provides organizational context, risk appetite, and tolerance that inform project risk management strategies B Project risk management is independent of ERM C ERM is only relevant for portfolio-level management D Project managers should ignore ERM

136 / 150

Question 137 of 150

A strategic organizational initiative carries significant risks. How should this impact project portfolio risk management?

A Portfolio risk management aggregates individual project risks and identifies correlations; strategic initiatives may receive additional portfolio-level oversight and resources B Individual project risks are independent of portfolio risk C Strategic initiatives should not have risks D Project-level risk responses are sufficient

137 / 150

Question 138 of 150

How does risk management integrate with Integrated Change Control?

A Risk management and change control are separate processes with no integration B New risks identified during execution may trigger change requests; changes should be evaluated for secondary risks C Risks have no bearing on change requests D Only cost changes require risk assessment

138 / 150

Question 139 of 150

Your project is using a risk-based approach to schedule and budget estimation. This means:

A Using quantitative analysis to establish baselines at a confidence level that accounts for identified risks B Eliminating the need for risk management C Assuming all risks will occur D Avoiding contingency reserves to save costs

139 / 150

Question 140 of 150

In PMBOK 7, how does risk management support evidence-based decision-making?

A Only intuition should guide risk decisions B Risk analysis provides data and quantified impacts that support rational project decisions C Risk management is opinion-based and does not involve evidence D Evidence is not relevant to risk decisions

140 / 150

Question 141 of 150

A project faces multiple dependencies on external vendors and partners. How should this affect risk management?

A External risks are outside project control and should be ignored B External dependencies create risks that should be identified, assessed, and managed through contractual terms, mitigation strategies, and contingency planning C External risks cannot be managed D Only internal risks matter for project management

141 / 150

Question 142 of 150

How should a project manager balance the investment in risk response with the probability and impact of risks?

A Risk response investment is independent of probability and impact B Never invest in risk response to save costs C Invest in response when the expected value of risk (EMV) exceeds response cost and provides risk reduction benefit D Always invest the maximum possible in risk response regardless of cost

142 / 150

Question 143 of 150

In a hybrid project (combining waterfall and agile approaches), how should risk management be structured?

A Only waterfall risk management applies B Only agile risk management applies C Risk management cannot be applied to hybrid projects D Upfront risk analysis (waterfall style) combined with iterative risk monitoring and adaptation (agile style)

143 / 150

Question 144 of 150

A regulatory change during project execution introduces new compliance risks. How should this be handled in risk management?

A Ignore it as an external factor beyond project control B Continue with original plan without adjustment C Identify as a new risk, assess impact on project scope/cost/schedule, determine response and change request needs, escalate if necessary D Cancel the project

144 / 150

Question 145 of 150

How should organizational lessons learned from previous project risks inform current project planning?

A Lessons learned should be used to develop risk prompt lists, refine RBS, and inform risk assessment B Each project should start risk planning from scratch C Lessons from past projects are not relevant to new projects D Past risks should automatically be included in current risk planning with adjusted probability estimates based on lessons learned

145 / 150

Question 146 of 150

A project has very limited time to plan. How should risk management be abbreviated without completely eliminating risk oversight?

A Perform rapid risk identification using expert interviews and prompts lists; conduct quick qualitative assessment; allocate contingency reserves conservatively; plan for monitoring B Eliminate all risk management activities C Risk management cannot be abbreviated D Accept all risks without analysis

146 / 150

Question 147 of 150

How does risk management support stakeholder management and communication?

A Risk communication is the same for all stakeholders B Risk management is internal and should not be communicated to stakeholders C Risk and uncertainty information helps stakeholders understand project exposure and informs stakeholder engagement strategies D Stakeholders have no interest in risks

147 / 150

Question 148 of 150

A project manager discovers that key assumptions about project scope are at risk of being invalid. How should this affect risk management?

A Invalid assumptions only matter at project closure B Assumptions do not relate to risks C Invalid assumptions are identified as root causes of risks; they should be documented in the risk register or assumptions log with corresponding risks D Scope is unaffected by assumptions

148 / 150

Question 149 of 150

In distributed/virtual projects, what unique risk management challenges exist?

A Virtual projects have no unique risk challenges B Communication delays, time zone differences, cultural differences, and difficulty building trust create risks that require adapted risk management approaches C Virtual projects are always higher risk D Risk management does not apply to virtual projects

149 / 150

Question 150 of 150

How should a project manager approach risk management if organizational risk management maturity is low?

A Comprehensive risk management cannot be performed without organizational maturity B Risk management should be skipped to focus on execution C Start with foundational risk processes (identification, basic qualitative analysis); establish risk register; build organizational capability over projects D Wait for organizational maturity before starting risk management

150 / 150