nerdexam
(ISC)2

CAP · Question #151

Jenny is the project manager for the NBT projects. She is working with the project team and several subject matter experts to perform the quantitative risk analysis process. During this process she an

The correct answer is D. The events should be entered into the risk register.. Newly discovered risk events during any risk analysis process must first be logged in the risk register before any further action is taken.

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Jenny is the project manager for the NBT projects. She is working with the project team and several subject matter experts to perform the quantitative risk analysis process. During this process she and the project team uncover several risks events that were not previously identified. What should Jenny do with these risk events?

Options

  • AThe events should be determined if they need to be accepted or responded to.
  • BThe events should be entered into qualitative risk analysis.
  • CThe events should continue on with quantitative risk analysis.
  • DThe events should be entered into the risk register.

How the community answered

(23 responses)
  • A
    4% (1)
  • B
    13% (3)
  • C
    9% (2)
  • D
    74% (17)

Why each option

Newly discovered risk events during any risk analysis process must first be logged in the risk register before any further action is taken.

AThe events should be determined if they need to be accepted or responded to.

Deciding to accept or respond to a risk is a risk response planning activity that occurs after the risk has been formally identified and documented in the risk register.

BThe events should be entered into qualitative risk analysis.

Entering risks directly into qualitative risk analysis skips the required step of first documenting them in the risk register.

CThe events should continue on with quantitative risk analysis.

Continuing quantitative risk analysis on newly discovered risks bypasses the formal identification and registration step required for all risks.

DThe events should be entered into the risk register.Correct

The risk register is the central repository for all identified risks throughout the project lifecycle. Any new risk event discovered - even during quantitative risk analysis - must be entered into the risk register first so it can be formally tracked, analyzed, and assigned a response. Skipping this step means the risk lacks the documentation needed for subsequent planning or monitoring.

Concept tested: Risk register as repository for newly identified risks

Source: https://www.pmi.org/pmbok-guide-standards/foundational/pmbok

Topics

#Risk Identification#Risk Register#Risk Management Process#Quantitative Risk Analysis

Community Discussion

No community discussion yet for this question.

Full CAP Practice