nerdexam
PMI

PMI-RMP · Question #546

An external vendor needs to be contracted to provide additional capacity and expertise to a project team to reduce the probability of delays in a project. The contracts department is raising a concern

The correct answer is A. Assess the identified secondary risk.. The confidentiality risk raised by the contracts department is a secondary risk-a risk that arises as a direct result of implementing a risk response (contracting a vendor to reduce delay risk). Before taking any action, the risk manager must first assess this secondary risk: ana

Perform Targeted Risk Analysis

Question

An external vendor needs to be contracted to provide additional capacity and expertise to a project team to reduce the probability of delays in a project. The contracts department is raising a concern about confidentiality risks not addressed in the proposed contract and missing from the risk register. What should the risk manager do next?

Options

  • AAssess the identified secondary risk.
  • BImplement the risk response plan.
  • CImplement the risk contingency plan.
  • DCommunicate the identified residual risk.

How the community answered

(34 responses)
  • A
    71% (24)
  • B
    18% (6)
  • C
    3% (1)
  • D
    9% (3)

Explanation

The confidentiality risk raised by the contracts department is a secondary risk-a risk that arises as a direct result of implementing a risk response (contracting a vendor to reduce delay risk). Before taking any action, the risk manager must first assess this secondary risk: analyze its probability, impact, and characteristics. Only after assessment can appropriate responses be planned. Implementing the risk response plan (B) or contingency plan (C) is premature before the risk is assessed and understood. Communicating a residual risk (D) is incorrect terminology here-this is a secondary risk, not a residual risk. Proper assessment also determines whether it should be added to the risk register.

Topics

#Secondary risk#Risk assessment#Risk identification#Risk management process

Community Discussion

No community discussion yet for this question.

Full PMI-RMP Practice