nerdexam
(ISC)2

CAP · Question #392

You and your project team are just starting the risk identification activities for a project that is scheduled to last for 18 months. Your project team has already identified a long list of risks that

The correct answer is B. Identify risks is an iterative process.. Risk identification is an iterative process in project management, meaning it must occur continuously throughout the project lifecycle rather than at a fixed frequency or only in certain phases.

Security and Privacy Governance, Risk Management, and Compliance Program

Question

You and your project team are just starting the risk identification activities for a project that is scheduled to last for 18 months. Your project team has already identified a long list of risks that need to be analyzed. How often should you and the project team do risk identification?

Options

  • AAt least once per month
  • BIdentify risks is an iterative process.
  • CIt depends on how many risks are initially identified.
  • DSeveral times until the project moves into execution

How the community answered

(67 responses)
  • A
    6% (4)
  • B
    90% (60)
  • C
    1% (1)
  • D
    3% (2)

Why each option

Risk identification is an iterative process in project management, meaning it must occur continuously throughout the project lifecycle rather than at a fixed frequency or only in certain phases.

AAt least once per month

A fixed monthly cadence is too prescriptive and not defined by PMBOK; risk identification should occur continuously as project conditions change, not on an arbitrary schedule.

BIdentify risks is an iterative process.Correct

According to the PMBOK Guide, Identify Risks is explicitly defined as an iterative process because new risks emerge at any point during a project and existing risks may change in probability or impact as the project progresses, requiring ongoing re-evaluation.

CIt depends on how many risks are initially identified.

The number of initially identified risks has no bearing on identification frequency; PMBOK requires ongoing risk identification regardless of initial risk count.

DSeveral times until the project moves into execution

Stopping risk identification before execution ignores risks that emerge during execution, monitoring, and closing phases, which contradicts PMBOK guidance on iterative risk management.

Concept tested: Iterative risk identification throughout project lifecycle

Source: https://www.pmi.org/pmbok-guide-standards/foundational/pmbok

Topics

#Risk Management Process#Risk Identification#Iterative Process#Project Management

Community Discussion

No community discussion yet for this question.

Full CAP Practice