live_tv
Livestream Starting Soon
00
Hours
:
00
Minutes
:
00
Seconds
Up next in 10
Learn how to identify, analyze, and respond to risks in predictive projects.
🎥 Watch PMP Exam Prep video series: https://www.youtube.com/playlist?list=PLaZjaTadwi1sDBAXtUd6JI5_FUsIJjpAT
How do predictive projects proactively manage uncertainty before it turns into costly issues? In this video, we focus on Waterfall Project Risk Management, covering how risks are planned, identified, analyzed, responded to, and monitored throughout the project lifecycle.
This is the ninth video in our 15-part Waterfall Review & Question series. You’ll learn how the risk management plan, risk register, and risk report are used, how qualitative and quantitative analysis differ, and how to select the right response strategies for both threats and opportunities. You’ll then test your understanding with 10 scenario-based practice questions (Questions 81–90) and detailed explanations.
✅ You’ll learn how to:
• Plan risk management by defining methodology, roles, and governance
• Identify risks using techniques such as brainstorming, checklists, SWOT, and prompt lists
• Prioritize risks using qualitative analysis and probability-impact matrices
• Quantify risk exposure using EMV, decision trees, and simulations
• Select appropriate response strategies for threats and opportunities
• Implement risk responses and ensure risk owners take action
• Monitor risks, reassess effectiveness, and communicate through risk reports
• Distinguish between contingency reserves and management reserves
By practicing these questions, you’ll strengthen your ability to manage uncertainty proactively — a core PMP® exam topic and a critical skill in predictive project management.
Chapters:
0:00 Project Risk Management Overview
Show More Show Less View Video Transcript
0:00
The topic we'll cover is waterfall risk
0:02
management. The process is used to
0:04
identify, analyze, and respond to risks
0:06
so that uncertainty is managed
0:08
throughout the project. In predictive
0:10
projects, risk management begins with
0:12
plan risk management. This process
0:15
defines the methodology, roles,
0:17
categories, and timing for risk
0:19
activities. The output is the
0:21
riskmanagement plan, which sets the
0:22
framework for how risks will be
0:24
addressed during the project. Next, you
0:27
identify risks. This involves using
0:29
tools such as brainstorming, checklists,
0:31
SWAT analysis, and prompt list to
0:33
uncover potential threats and
0:35
opportunities. The main output is the
0:37
risk register, which lists identified
0:40
risks, potential responses, and risk
0:42
owners. After identifying risks, you
0:45
move to qualitative risk analysis. This
0:48
is where you assess each risk based on
0:50
its probability and impact, often using
0:52
a risk matrix to prioritize which risks
0:55
deserve the most attention. For some
0:57
projects, you may also perform
0:59
quantitative risk analysis. This
1:01
analysis uses numerical techniques such
1:04
as Monte Carlo simulations, decision
1:06
tree analysis, expected monetary value
1:09
or EMV, and sensitivity analysis to
1:12
estimate the potential effect of risks
1:15
on project objectives. With risks
1:18
analyzed, you then plan risk responses
1:20
for negative risks or threats.
1:23
Strategies include avoid which
1:25
eliminates the threat entirely,
1:27
transfer, which shifts the impact to a
1:29
third party, often through insurance or
1:31
contracts, mitigate, which reduces the
1:34
probability or impact, and accept, which
1:37
acknowledges the risk without proactive
1:40
action. For positive risks or
1:42
opportunities, the strategies are
1:44
exploit, which ensures the opportunity
1:46
is realized, share, which allocates
1:49
ownership to a partner best able to
1:51
capture it, enhance, which increases
1:54
probability or impact, and accept which
1:57
simply takes advantage of the
1:58
opportunity if it occurs. The next
2:01
process is implement risk responses
2:03
where the project team carries out the
2:05
agreed upon actions. Then comes monitor
2:08
risks which involves tracking risk
2:10
triggers, residual risks and any new
2:12
risks that arise during the project.
2:14
This step ensures that the risk register
2:16
is kept current and that the risk report
2:19
is updated to provide a high-level
2:20
summary for stakeholders. You should
2:23
also understand the concept of reserves.
2:25
Contingency reserves are for known
2:27
unknowns and are built into the costs
2:28
and schedule baselines. Management
2:31
reserves are for unknown unknowns sit
2:33
outside the baseline and are controlled
2:35
by the sponsor. In predictive projects,
2:38
risk management has a strong emphasis on
2:40
formal detailed upfront risk planning
2:43
along with ongoing monitoring through
2:46
structured governance reviews. So
2:48
predictive risk management is about
2:50
proactively planning, identifying,
2:52
analyzing, and responding to risks while
2:54
continuously updating the risk register
2:57
and ensuring stakeholders remain
2:58
informed through risk reports. Now,
3:01
we'll go through 10 practice questions
3:03
that test your knowledge of risk
3:04
planning, analysis techniques, risk
3:07
response strategies, reserves, and the
3:09
differences between managing threats and
3:11
opportunities in predictive projects.
3:14
Let's get into our first question on
3:16
this topic. Question 81. A project
3:19
manager is leading a large predictive
3:21
project with multiple vendors and
3:23
regulatory constraints. Before
3:25
identifying risks, the PM wants to
3:27
ensure consistency in how risk related
3:29
activities will be conducted across all
3:31
stakeholders. What is the most
3:33
appropriate action? A. Review past risk
3:37
registers and lessons learned from
3:38
similar project. B. Facilitate a
3:41
brainstorming session to uncover early
3:43
stage threats and opportunities. C.
3:46
Establish the framework for identifying,
3:48
analyzing, and responding to project
3:50
risks. D. Prioritize risks based on
3:54
their probability and potential impact
3:56
to the project objectives. You can pause
3:58
the video here if you need more time to
4:00
work on the question. The correct answer
4:03
is C. This question tests your
4:06
understanding of the plan risk
4:07
management process in predictive
4:09
environments. Before diving into risk
4:11
identification or analysis, the project
4:13
manager must define the riskmanagement
4:15
approach for the entire project. Choice
4:18
C is the best option because it reflects
4:20
the purpose of plan risk management to
4:23
establish a structured framework that
4:25
outlines how risks will be identified,
4:27
assessed, monitored, and responded to.
4:30
The result is a riskmanagement plan.
4:32
Choice A is incorrect. While historical
4:35
data is useful, reviewing lessons
4:37
learned is a supporting activity, not
4:40
the primary objective at this point in
4:42
the risk process. Choice B is incorrect.
4:45
Brainstorming is part of the identify
4:47
risks process, which comes after the
4:49
risk management framework is defined.
4:52
Choice D is incorrect. Prioritization is
4:55
part of qualitative risk analysis, which
4:57
also follows the planning step. Let's
5:00
move on to the next question if you're
5:01
ready. Question 82. In a predictive
5:05
project, the project manager is
5:07
preparing to create the initial risk
5:09
register to ensure a thorough and
5:11
structured approach. The PM plans to
5:13
involve subject matter experts and team
5:15
leads. What is the most appropriate next
5:18
step? A. Facilitate workshops using
5:21
prompt lists and checklists to uncover
5:23
potential project risks. B. Prioritize
5:27
identified risks based on likelihood and
5:29
severity using a probability impact
5:31
matrix. C. Consider using simulation
5:35
techniques like Monte Carlo analysis to
5:37
support early risk understanding. D.
5:40
Update the risk report with trends and
5:42
effectiveness of past response
5:43
strategies. You can pause the video here
5:46
if you need more time to work on the
5:48
question. The correct answer is A. This
5:52
question tests your understanding of the
5:55
identify risks process in predictive
5:57
projects. PMI expects project managers
6:00
to use a structured collaborative
6:02
approach, especially early in the
6:04
project to uncover both threats and
6:07
opportunities.
6:08
Choice A is the best option because it
6:10
directly reflects recommended tools in
6:12
the identify risks process, prompt list,
6:14
checklist, and expert workshops. The
6:17
result of this step is the initial risk
6:19
register. Voice B is incorrect.
6:21
Prioritizing risks comes after they've
6:24
been identified during qualitative risk
6:26
analysis. Choice C is incorrect. Monte
6:30
Carlo is a tool for quantitative risk
6:32
analysis. It's a powerful technique but
6:34
not appropriate or efficient at this
6:36
stage. Choice D is incorrect. The risk
6:39
report is a monitoring artifact. It's
6:41
updated later in the project, not during
6:44
risk identification. Let's move on to
6:46
the next question if you're ready.
6:48
Question 83. A predictive project has
6:51
just completed risk identification and
6:53
the team now has a lengthy list of
6:55
documented risks. The project manager
6:57
wants to focus the team's efforts on the
6:59
risks most likely to affect project
7:01
success. What should the project manager
7:03
do next? A. Estimate the potential cost
7:06
impact of each risk based on financial
7:08
modeling. B. Group risks into categories
7:11
using a prompt list to identify root
7:13
causes. C. Document detailed response
7:16
strategies for each risk in the
7:18
register. D. Use a probability impact
7:21
matrix to prioritize risks requiring
7:24
further attention. You can pause the
7:26
video here if you need more time to work
7:28
on the question. The correct answer is
7:30
D. This question tests your
7:33
understanding of the qualitative risk
7:35
analysis process in predictive projects.
7:38
Once risks have been identified, the
7:40
next step is to prioritize them based on
7:42
likelihood and impact using tools like
7:44
the probability impact matrix. Choice D
7:48
is the best option because it aligns
7:49
with the goal of qualitative risk
7:51
analysis to determine which risks need
7:53
further analysis or action. It helps the
7:56
team focus their efforts where it
7:57
matters most. Choice A is incorrect.
8:00
Estimating financial impact falls under
8:02
quantitative risk analysis which occurs
8:04
after qualitative prioritization.
8:07
Choice B is incorrect. Grouping risks by
8:10
category is useful for analysis, but
8:12
doesn't help with prioritization. Choice
8:15
C is incorrect. Documenting responses is
8:18
part of risk response planning, which
8:20
happens only after risks are
8:21
prioritized. Let's move on to the next
8:24
question if you're ready. Question 84. A
8:28
predictive project involves high budget
8:30
procurement activities and has several
8:32
high impact risks already identified and
8:34
prioritized. The project sponsor asks
8:36
for a financial estimate of potential
8:38
downside exposure if certain risks
8:41
materialize. What should the project
8:43
manager do next? A. Use a risk matrix to
8:47
rank risks based on likelihood and
8:49
severity. B. Facilitate a workshop to
8:52
define response strategies and assign
8:55
risk owners. C. Use expected monetary
8:59
value and decision tree analysis to
9:01
quantify cost related risk exposure. D.
9:04
Update the risk report with summaries of
9:07
recent issues and control effectiveness.
9:10
You can pause the video here if you need
9:12
more time to work on the question. The
9:14
correct answer is C. This question tests
9:17
your understanding of the perform
9:19
quantitative risk analysis process in
9:21
predictive waterfall projects. Once
9:23
risks are prioritized through
9:24
qualitative analysis, the next step when
9:27
needed is to apply quantitative
9:28
techniques to determine the financial or
9:30
schedule impact of risk exposure. Choice
9:33
C is the best option because performing
9:35
quantitative risk analysis involves
9:38
tools like expected monetary value EMV
9:41
and decision tree analysis which allow
9:43
the project manager to model different
9:45
outcomes based on probability and cost
9:48
impact. These techniques are especially
9:50
important when high stakes decisions are
9:53
involved. Choice A is incorrect. The
9:55
risk matrix is a qualitative tool used
9:58
to prioritize risks based on subjective
10:00
ratings of probability and impact. It
10:03
does not provide a financial estimate or
10:05
quantify risk exposure. Choice B is
10:08
incorrect. Facilitating a workshop to
10:11
define response strategies is part of
10:13
plan risk responses which comes after
10:15
quantitative analysis not before it.
10:18
Choice D is incorrect. Updating the risk
10:21
report is part of monitor risks, a
10:23
process that occurs later in the risk
10:25
management life cycle and focuses on
10:27
tracking existing risks, not analyzing
10:30
new risk exposure. Let's move on to the
10:32
next question if you're ready. Question
10:35
85.
10:37
During risk response planning, a
10:38
predictive project team identifies a
10:40
high probability risk. A third-party
10:43
software component has an unstable
10:45
release cycle and has caused delays in
10:48
similar past projects. The component is
10:51
optional but currently included in the
10:53
system architecture. What is the most
10:56
appropriate response? A. Add a
10:59
contingency buffer to the schedule in
11:00
case delays occur again. B. Modify the
11:04
design to eliminate the dependency on
11:06
the unstable third-party component. C.
11:09
Transfer the risk by requiring the
11:10
vendor to guarantee timely releases in
11:13
the contract. D. Accept the risk and
11:16
monitor the vendor's release schedule
11:17
throughout the project. You can pause
11:20
the video here if you need more time to
11:22
work on the question. The correct answer
11:24
is B. This question tests your
11:26
understanding of plan risk responses,
11:29
specifically how to address negative
11:30
risks, threats. Predictive projects rely
11:34
on proactive strategies to minimize
11:35
disruptions and when a risk can be
11:38
entirely eliminated. PMI recommends
11:41
using the avoid strategy. Choice B is
11:44
the best option because redesigning the
11:46
system to remove the dependency
11:48
eliminates the risk altogether. This is
11:50
the textbook example of the avoid
11:53
strategy. One of the most effective ways
11:55
to manage a known threat. Choice A is
11:58
incorrect. Adding buffer time is part of
12:01
the mitigate strategy which reduces the
12:04
impact but does not eliminate the risk
12:06
entirely. Choice C is incorrect.
12:09
Contractual protections can transfer
12:11
some liability but they don't guarantee
12:14
the vendor's performance or eliminate
12:16
the risk from the project. Choice D is
12:19
incorrect. Accepting the risk without
12:22
taking any preventative action is only
12:24
appropriate when the impact is minimal
12:26
or mitigation is infeasible. Neither of
12:29
which applies here. Let's move on to the
12:32
next question if you're ready. Question
12:34
86.
12:36
A predictive project enters execution
12:38
and several high priority risks from the
12:40
risk register have approved mitigation
12:42
actions. The risk owner for a critical
12:45
technical risk has not yet reported
12:47
progress on the assigned mitigation
12:48
work. What should the project manager
12:50
do? A. Send a projectwide reminder to
12:53
all team members about upcoming risk
12:55
tasks. B. Document the delay in the risk
12:59
register and revisit it during the next
13:01
risk review meeting. C. Revise the risk
13:04
response strategy to reassign ownership
13:06
of the mitigation task. D. Ensure that
13:09
the team member assigned to the
13:11
mitigation action is executing it as
13:13
planned. You can pause the video here if
13:16
you need more time to work on the
13:18
question. The correct answer is D. This
13:21
question tests your understanding of the
13:23
implement risk responses process in
13:26
predictive projects. Once risk response
13:28
strategies are approved during planning,
13:30
they must be executed and monitored
13:32
during project execution. The project
13:35
manager is responsible for ensuring risk
13:37
owners carry out their assigned
13:39
mitigation or contingency actions as
13:41
planned. Choice D is the best option
13:44
because it reflects a direct
13:45
actionoriented follow-up aligned with
13:47
PMI's expectations. Implementing risk
13:50
responses means confirming that the work
13:52
is happening as planned, not just
13:54
waiting for updates. Choice A is
13:57
incorrect. A general reminder may help
14:00
raise awareness, but it doesn't
14:02
specifically address the assigned action
14:04
or hold the responsible person
14:06
accountable. Choice B is incorrect.
14:09
Waiting for a future meeting delays
14:10
action and allows the risk to escalate.
14:13
Implementation issues should be
14:14
addressed proactively. Choice C is
14:17
incorrect. Reassigning ownership is
14:20
premature unless there's confirmation
14:22
that the original assigne cannot or will
14:24
not complete the task. Let's move on to
14:27
the next question if you're ready.
14:29
Question 87. Midway through a predictive
14:32
project, the project manager notices
14:34
that two previously low priority risks
14:37
are now showing early warning signs of
14:39
materializing. One mitigation strategy
14:42
appears ineffective and a new
14:44
stakeholder has raised concerns about
14:46
emerging technical dependencies. What
14:48
should the project manager do? A consult
14:51
with functional managers to understand
14:53
if additional support is needed to
14:55
reduce risk impact. B begin preparing a
14:59
formal change request in case schedule
15:01
impacts become unavoidable. C. Reassess
15:04
the risk register and review the
15:06
effectiveness of existing response
15:08
strategies. D. Document the concerns in
15:11
the issue log and revisit them during
15:13
the next phase gate review. You can
15:15
pause the video here if you need more
15:17
time to work on the question. The
15:19
correct answer is C. This question tests
15:22
your understanding of the monitor risks
15:24
process. In predictive projects, risks
15:27
must be tracked actively to ensure
15:29
response strategies remain effective and
15:32
evolving risks are addressed
15:33
proactively. Monitoring is not just
15:35
about documenting issues. It involves
15:38
reviewing assumptions, evaluating the
15:40
risk environment, and adapting responses
15:42
as needed. Choice C is the best option
15:46
because it reflects the ongoing risk
15:48
monitoring cycle, reassessing existing
15:51
risks, adjusting response strategies,
15:53
and ensuring the risk register reflects
15:56
current realities. Choice A is
15:59
incorrect. While consulting with
16:00
functional managers may help later, the
16:02
first step is to revisit the risk
16:04
response plan, not immediately seek new
16:07
resources. Choice B is incorrect.
16:09
Preparing a change request is premature.
16:12
A formal change should be pursued only
16:14
after re-evaluation confirms that the
16:17
risk impact cannot be mitigated within
16:19
existing plans. Choice D is incorrect.
16:23
Logging concerns in the issue log and
16:25
waiting for a phase gate is too passive.
16:27
Effective monitoring calls for timely
16:29
analysis and action. Let's move on to
16:32
the next question if you're ready.
16:34
Question 88. During risk planning in a
16:37
predictive project, the team identifies
16:39
an opportunity. If a key software module
16:42
is developed flawlessly on the first
16:44
attempt, it could eliminate a full round
16:46
of testing and shave two weeks off the
16:49
schedule. What is the most appropriate
16:51
response? A. Assign the most skilled
16:54
team to the task to ensure maximum
16:56
performance. B. Accept the opportunity
16:59
and proceed with the current team and
17:01
plan. C. Offer the client a timebased
17:04
incentive if the testing phase can be
17:06
skipped. D. Add the opportunity to the
17:09
risk register and re-evaluate it during
17:11
monitor risks. You can pause the video
17:14
here if you need more time to work on
17:16
the question. The correct answer is A.
17:19
This question tests your understanding
17:21
of positive risk opportunity response
17:23
strategies in waterfall projects. PMI
17:26
distinguishes between four key responses
17:28
to opportunities. Exploit, enhance,
17:31
share, and accept. The goal is to choose
17:34
the approach that best increases the
17:35
chances of realizing the benefit. Choice
17:38
A is the best option because it reflects
17:40
the enhanced strategy, increasing the
17:42
probability or impact of an opportunity.
17:44
By assigning the most capable team to
17:46
the module, the project manager is
17:48
deliberately improving the odds of
17:50
flawless execution. Voice B is
17:53
incorrect. Accepting an opportunity
17:55
means taking no proactive steps to
17:57
increase its likelihood. While valid in
17:59
some cases, it doesn't maximize
18:01
potential benefit. Choice C is
18:04
incorrect. Offering the client an
18:06
incentive would be more aligned with
18:07
sharing an opportunity. But in this
18:09
scenario, the opportunity lies in
18:11
internal execution, not external
18:13
collaboration. Choice D is incorrect.
18:16
While documenting the opportunity is
18:18
important, deferring action until later
18:20
undermines the chance to proactively
18:22
seize the benefit during planning. Let's
18:25
move on to the next question if you're
18:27
ready. Question 89. A predictive project
18:31
is halfway through execution. The
18:33
steering committee requests a summary of
18:34
the top project threats, including how
18:37
risk exposure has evolved and how well
18:39
mitigation strategies are working. Which
18:41
document should the project manager
18:43
provide? A risk register. B issue log. C
18:48
risk report. B risk breakdown structure.
18:53
You can pause the video here if you need
18:55
more time to work on the question. The
18:57
correct answer is C. This question tests
19:00
your understanding of the difference
19:01
between two key risk artifacts in
19:03
predictive project management. The risk
19:06
register and the risk report. The key
19:08
here is understanding the audience and
19:10
the purpose of each document. Choice C
19:13
is the best option because the risk
19:15
report is designed for stakeholder
19:17
communication. It provides a high-level
19:19
summary of key threats, trends, and risk
19:21
exposure and how well mitigation
19:23
strategies are performing. Exactly what
19:25
the steering committee needs in this
19:27
scenario. Choice A is incorrect. The
19:29
risk register contains detailed data on
19:32
all identified risks, their triggers,
19:34
responses, and owners. It's too granular
19:36
and not suited for executive level
19:38
updates. Choice B is incorrect. The
19:41
issue log tracks active problems and
19:44
stakeholder concerns, not potential
19:46
risks or mitigation effectiveness.
19:49
Choice D is incorrect. The risk
19:51
breakdown structure is a hierarchical
19:54
categorization tool used during risk
19:56
identification, not something used for
19:58
reporting or monitoring. Let's move on
20:01
to the next question if you're ready.
20:03
Question 90. During execution of a
20:06
predictive project, the team encounters
20:08
an unexpected technical challenge that
20:11
requires new hardware not included in
20:13
the original cost estimate. The cost
20:15
impact is significant and unrelated to
20:17
any known risk. What should the project
20:20
manager do? A use the contingency
20:23
reserve to absorb the cost overrun. B
20:26
request sponsor approval to access
20:28
management reserves. C. Reallocate funds
20:31
from lower priority deliverables to
20:33
cover the cost. D. Issue a change
20:37
request to update the project budget and
20:39
baseline. You can pause the video here
20:41
if you need more time to work on the
20:43
question. The correct answer is B. This
20:46
question tests your understanding of
20:48
reserve management in waterfall
20:50
projects. Specifically, how to respond
20:52
to unknown unknowns or risks that were
20:54
not previously identified or planned
20:56
for. Choice B is the best option because
20:59
management reserves are set aside for
21:01
unforeseen work that falls outside the
21:03
cost baseline and was not associated
21:05
with identified risks. Accessing these
21:08
reserves typically requires approval
21:09
from the sponsor or governance body.
21:12
Choice A is incorrect. Contingency
21:15
reserves are for known unknowns risks
21:19
identified during planning. Since the
21:21
situation was unplanned and unrelated to
21:23
documented risks, this reserve cannot be
21:26
used. Choice C is incorrect.
21:28
Reallocating funds from other
21:30
deliverables risks scope creep and
21:32
violates proper budget control
21:34
procedures. Choice D is incorrect. While
21:37
a change request may eventually be
21:39
needed to update the budget, the first
21:40
step is obtaining sponsor approval to
21:42
access the appropriate reserve. You've
21:45
now completed all 10 questions for risk
21:47
management and waterfall. That brings
21:49
your running total to 90 questions
21:51
completed. If you're finding this series
21:53
helpful, don't forget to like the video
21:55
and subscribe to PM Aspirant for more
21:58
PMP prep content. Let's keep going.
22:00
You're doing great and I will see you at
22:02
the next topic.