Risk Strategy & Planning
20-24%of exam
Stakeholder Engagement
18-22%of exam
Risk AttitudeRisk CommunicationOwner vs Action OwnerReconcile Thresholds
Risk Process Facilitation
23-27%of exam
Risk Monitoring & Reporting
17-21%of exam
Audit vs ReviewReserve AnalysisKRI vs TriggerRisk Closure
Specialized Risk Analyses
12-16%of exam
Quick Facts
- Exam
- PMI-RMP
- Credential
- Risk Mgmt Professional
- Questions
- 115 (100 scored)
- Time
- 150 min
- Pass
- Pass/Fail scaled
- Eligibility
- 24-36 mo + 30-40 hrs
- Validity
- 3 yr / 60 PDU
- Provider
- PMI / Pearson VUE
Reserve Types
Contingency=known | Management=unknown
Contingency: in baselineManagement: outside baselinePM vs sponsor
Contingency vs Management Reserve
Contingency
- Known risks
- Inside baseline
- PM controls
Management
- Unknown risks
- Outside baseline
- Mgmt approval
Known-unknowns vs unknown-unknowns
Core Risk Terms
- Risk
- Uncertain event/condition
- Threat
- Negative-effect risk
- Opportunity
- Positive-effect risk
- Individual risk
- Single uncertain event
- Overall risk
- Cumulative project exposure
- Residual risk
- Leftover after response
- Secondary risk
- New risk from response
- Risk trigger
- Warning sign/symptom
Risk Register vs Risk Report
Register
- Individual risks
- Owner/response/status
- Detail
Report
- Overall risk
- Big-picture exposure
- Summary
Detail vs summary
Appetite & Thresholds
- Risk appetite
- Strategic uncertainty accepted
- Risk tolerance
- Acceptable variation band
- Risk threshold
- Specific action trigger point
- Risk attitude
- Stakeholder uncertainty stance
- Risk capacity
- Risk org can absorb
- Risk culture
- Shared risk behaviors
Planning Artifacts
- Risk Mgmt Plan
- How risk is managed
- Risk Register
- Individual risk detail
- Risk Report
- Overall risk summary
- RBS
- Risk sources hierarchy
- Risk owner
- Accountable for monitoring
- Action owner
- Executes response action
- P-I definitions
- Rating scales agreed
Reserves & Baseline
- Contingency reserve
- Known risks, in baseline
- Management reserve
- Unknown risks, outside baseline
- Cost baseline
- Estimates + contingency
- Total budget
- Baseline + management reserve
- Reserve sizing
- From EMV / simulation
- PM authority
- Spends contingency only
Stakeholder Engagement
- Risk attitude
- Appetite + tolerance + perception
- Engage stakeholders
- Surface and own risks
- Risk communication
- Timely exposure updates
- Reconcile thresholds
- Align differing attitudes
- Risk Report use
- Overall-risk communication vehicle
- Buy-in
- Secure response support
Threat Responses
Every Angry Tiger Must Accept
EscalateAvoidTransferMitigateAccept
Residual vs Secondary Risk
Residual
- Leftover risk
- After response
- What remains
Secondary
- New risk
- From the response
- Side effect
Still left vs newly created
Which Response Strategy?
- Threat outside authority→Escalate(Program/portfolio)
- Eliminate threat cause→Avoid(Remove uncertainty)
- Shift threat impact→Transfer(Insurance/contract)
- Reduce threat→Mitigate(Lower prob/impact)
- Accept minor threat→Accept(Active reserve)
- Opp outside authority→Escalate(Program/portfolio)
- Make opp certain→Exploit(Guarantee upside)
- Allocate opp to partner→Share(Joint venture)
- Boost opp→Enhance(Raise prob/impact)
Identification Tools
- Delphi
- Anonymous expert consensus
- SWOT
- Strengths/weaknesses/opps/threats
- Ishikawa
- Cause-and-effect fishbone
- Assumption analysis
- Tests assumption validity
- Prompt lists
- PESTLE/TECOP/VUCA categories
- Brainstorming
- Group idea generation
- Interviews
- Expert elicitation
- Checklists
- Past-project risk lists
Opportunity Responses
Every Eager Shark Eats Anything
EscalateExploitShareEnhanceAccept
Threat vs Opportunity Response
Threat
- Avoid
- Transfer
- Mitigate
Opportunity
- Exploit
- Share
- Enhance
Both: Escalate + Accept
Threat Responses
- Escalate
- Hand outside project authority
- Avoid
- Eliminate the cause
- Transfer
- Shift impact to third-party
- Mitigate
- Reduce probability/impact
- Accept
- No proactive action
- Active accept
- Set contingency reserve
- Passive accept
- Document, review only
Risk Process Flow
Plan -> ID -> Analyze -> Respond -> Monitor
Plan: methodologyID: find risksAnalyze: prioritizeRespond: strategiesMonitor: track
Contingency vs Fallback Plan
Contingency
- Plan A
- On trigger
- Pre-planned
Fallback
- Plan B
- If A fails
- Held in reserve
First response vs backup
Opportunity Responses
- Escalate
- Hand outside project authority
- Exploit
- Make opportunity certain
- Share
- Allocate to best partner
- Enhance
- Increase probability/impact
- Accept
- Take if it arises
Response Plans
- Contingency plan
- Plan A on trigger
- Fallback plan
- Plan B if A fails
- Workaround
- Unplanned response, improvised
- Secondary risk
- Created by response
- Residual risk
- Remains after response
Risk Audit vs Risk Review
Audit
- Process effectiveness
- Responses working?
- Evaluates method
Review
- Reassess risks
- Close outdated
- Find new
Process vs the risks
Which Monitoring Activity?
- Check process works→Risk audit(Effectiveness)
- Reassess open risks→Risk review(Close/find)
- Reserves still enough?→Reserve analysis(Reserve vs risk)
- Trend signals exposure→KRI(Leading metric)
- Risk window passed→Risk closure(Archive)
Monitoring Tools
- Risk audit
- Evaluates process effectiveness
- Risk review
- Reassess and close risks
- Reserve analysis
- Reserve vs risk remaining
- Reassessment
- Find new risks
- Risk closure
- Risk can't occur
- Variance/trend
- EVM forecasts exposure
- KRI
- Leading exposure metric
- Lessons learned
- Feeds future projects
EMV
EMV = Probability x Impact ($)
Threat: negativeOpportunity: positiveSum across branch
Qualitative vs Quantitative
Qualitative
- Subjective
- Prioritize risks
- Fast/always
Quantitative
- Numeric
- Overall outcome
- Optional/heavy
Rank vs model in dollars
Which Analysis Technique?
- Fast prioritization→Qualitative(P-I matrix)
- Rank by prob x impact→P-I matrix(Subjective)
- Numeric cost/schedule→Quantitative(After qualitative)
- Model overall outcome→Monte Carlo(S-curve)
- Compare decisions→Decision tree(EMV branches)
- Single-risk value→EMV(P x impact)
- Find key drivers→Sensitivity(Tornado)
- Estimate duration range→PERT(3-point)
Qualitative Tools
- Qualitative analysis
- Subjective prioritization
- P-I matrix
- Probability x impact grid
- Risk score
- Probability x impact rating
- Data quality
- Assess data reliability
- Urgency
- Time before response
- Proximity
- How soon risk hits
- Detectability
- Ease of early warning
- Categorization
- Group by source/cause
Quantitative Tools
- Quantitative analysis
- Numeric overall outcomes
- EMV
- Probability x impact value
- Decision tree
- EMV across choices
- Monte Carlo
- Iterative random simulation
- S-curve
- Probability of target
- Sensitivity
- Most-influential variables
- Tornado diagram
- Ranks impact bars
- PERT/3-point
- Optimistic-likely-pessimistic estimate
Key Formulas
- EMV
- P x Impact ($)
- Risk score
- Probability x Impact
- Triangular mean
- (O + M + P) / 3
- PERT/Beta mean
- (O + 4M + P) / 6
- Threat EMV
- Negative sign
- Opportunity EMV
- Positive sign
- Cost baseline
- Work + contingency
Common Traps
Reserve type
Contingency = known-unknowns ≠ Management = unknown-unknowns
Residual vs secondary
Residual is leftover ≠ Secondary is new
Tolerance vs threshold
Tolerance is a band ≠ Threshold is a line
Transfer vs share
Transfer a threat ≠ Share an opportunity
Audit vs review
Audit the process ≠ Review the risks
Contingency vs fallback
Contingency on trigger ≠ Fallback if it fails
Register vs report
Register lists risks ≠ Report summarizes overall
Last Minute
- 1.115 questions, 100 scored, 150 minutes
- 2.Threats: Escalate Avoid Transfer Mitigate Accept
- 3.Opportunities: Escalate Exploit Share Enhance Accept
- 4.Escalate + Accept apply to both
- 5.Contingency = known risks, inside baseline
- 6.Management reserve = unknown risks, outside baseline
- 7.Residual = leftover; Secondary = new from response
- 8.Tolerance = band; Threshold = trigger line
- 9.EMV = Probability x Impact; threats negative
- 10.PERT mean = (O + 4M + P) / 6
- 11.Qualitative first, then quantitative
- 12.Register = detail; Report = overall summary
- 13.Contingency plan first; fallback as backup
Buy on Amazon
Practice exams on ExamEdgeSame family resources
Explore More PMI Certifications
Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.
More From This Family
Videos and articles for deeper review.
VideoFREE CAPM Study Guide: 10-Week Plan (2026)VideoHow Hard Is the PMP Exam? 60-70% Pass Rate (2026)VideoHow to Overcome Test Anxiety on Professional Certification Exams: A Science-Backed Guide (2026)VideoHow to Pass the PMP Exam on Your First Try (2026): Complete 12-Week Study GuideArticlePMI-RMP 2026: Risk Judgment, Eligibility, and Practice10 min readArticleHow to Overcome Test Anxiety on Professional Certification Exams: A Science-Backed Guide (2026)12 min readArticleHow to Pass the PMP Exam on Your First Try (2026): Complete 12-Week Study Guide18 min readArticlePMP Exam Changes July 2026: New Domains & Format16 min read