TOPIC: Clarification on a question - Risk Management

The question below is taken from: PM Study Circle questions by M Fahad Usmani


You make a contingency plan for a negative risk, and assign it to a risk owner. What kind of risk response strategy is this?
(a) Transfer
(b) Avoid
(c) Mitigation
(d) Accept

The answer provided doesn't match as per my logic.
I chose D - Accept. However answer provided was C.
Please drop in your views.

Praveen Chandra wrote: The question below is taken from: PM Study Circle questions by M Fahad Usmani


You make a contingency plan for a negative risk, and assign it to a risk owner. What kind of risk response strategy is this?
(a) Transfer
(b) Avoid
(c) Mitigation
(d) Accept

The answer provided doesn't match as per my logic.
I chose D - Accept. However answer provided was C.
Please drop in your views.

Hi Praveen,

Risk mitigation is a risk response strategy whereby the project team acts to reduce the probability of occurrence or impact of a risk, whereas, risk acceptance is a risk response strategy whereby the project team decides to acknowledge the risk and not take any action unless the risk occurs.

Here we are taking action by creating a contingency plan and hence the answer is C.

Accepting a risk can either be passive or active. Passive acceptance requires no action except to document the strategy, leaving the project team to deal with the risks as they occur, and to periodically review the threat to ensure that it does not change significantly. The most common active acceptance strategy is to establish a contingency reserve, including amounts of time, money, or resources to handle the risks. So if instead of creating a contingency plan and assigning it to a risk owner, we only created a contingency reserve, the answer in that case would have been D.

Hope this helps.

Hi Praveen:

I agree with Rahul. His answer is spot on.

When you can't avoid, mitigate or transfer a risk, then you accept it. You let it happen. The fact that there is a plan in place, means you have taken some sort of action to minimize the impact of the risk. This is mitigation.

Tracey

Thank you Rahul and Tracey,
Appreciate your responses.
I agree that this is "mitigation" and not "accept".
Probably because i read "contigency plan" and started thinking "contigency reserve" only.
I would like to elaborate on the question to expand my knowledge on this:
If the contigency plan is created but not assigned to anyone. What would be that situation? Or is it an incomplete question?

Another gap i would like to bridge is, if the team is working on a project and they have chances to get another project based on current performance. In order to get new project they do fast tracking and crashing to finish the project before time. Is this "exploit" or "enhance" kind of situation to address positive risk management?

When approaching any risk, positive or negative, your approach should be the same - identify risks, assess impact (+ or -) and ongoing monitoring.

With respect to fast tracking and crashing, you must ensure that the opportunity outweighs the potential negative risk. The positive outcome of crashing or fast tracking a schedule would increase the chances to get another project (positive risk). In my opinion, this would be classified as 'enhance'. Your are working to increase the probability that the positive risk will occur. It is not guaranteed you will get the job - based on how your question is worded. With exploiting, you work to ensure a risk becomes an opportunity.

This link may help: www.pmi.org/learning/PM-Network/2014/pla...-positive-risks.aspx

Tracey

Thank you Tracey.
Your explanation and the link was helpful.
It sums up in one sentence that - "enhancing is raising probability while exploiting is making sure it happens".

Regards,
Praveen Chandra

This questions pretty much sums up few concepts.

If any identified risk occurs you will implement the contingency plan. So both Options C and D are valid as of now.

Lets check Accept: Risk acceptance is a risk response strategy whereby the project team decides to acknowledge the risk and not take any action unless the risk occurs.

Active acceptance strategy is to establish a contingency reserve, including amounts of
time, money, or resources to handle the risks -- We have taken action by defining contingency plan before risk will happen. This is not active acceptance.

Passive acceptance requires no action except to document the strategy, leaving the project team to deal with the risks as they occur. Eg: Workarounds(Corrective Action) -- This is out of picture since strategy is documented,risk is identified.

Mitigate: This option is correct because we have taken early action to reduce the probability and/or impact of a risk occurring on the project.

Do you notice here that we are not waiting for risk to happen to create a contingency plan , that explains the correct answer without detailed explanation.