2.4 Reserves & Risk in the Delivery Approach

Contingency vs management reserve

Reserve type is one of the most reliable PMI-RMP exam points. The two reserves differ in what they cover, where they sit, and who controls them.

The memory hook: contingency = known, inside baseline, PM; management = unknown, outside baseline, sponsor.

What each reserve covers

Contingency reserve funds the responses to identified risks — the contingency and fallback plans already in the register. Because these risks are known and analyzed, the project manager has authority to draw on this reserve when a trigger fires. These are the known-unknowns: you know the risk exists, you just do not know if it will occur.

Management reserve funds unforeseen work — risks no one identified, the genuine unknown-unknowns. Because nothing specific was planned, the project manager cannot tap it alone; using it requires management approval and, by definition, changes the cost baseline because the work was never in it.

A practical example: a software project sets aside $40,000 of contingency for identified integration and vendor risks (the PM can release this as triggers fire) and the sponsor holds $25,000 of management reserve for entirely unexpected scope shocks.

Reserves and the baseline

The relationship between reserves and the project budget is exam-critical:

• Cost baseline = work estimates + contingency reserve
• Total budget = cost baseline + management reserve

Because contingency reserve is inside the cost baseline, spending it does not change the baseline — it was planned. Because management reserve is outside the baseline, consuming it does change the cost baseline, since previously unbudgeted work is added.

Reserve sizing for contingency typically comes from the Expected Monetary Value (EMV) of known risks or from Monte Carlo results at a chosen confidence level (for example, the P80 cost), giving a defensible, analysis-based number rather than a guess. Management reserve, by contrast, cannot be derived from specific risks (there are none to model), so organizations often set it as a percentage of project value based on policy and past experience.

Risk planning in predictive delivery

In a predictive (waterfall) approach, risk planning is heavily front-loaded. The team identifies risks, runs qualitative and quantitative analysis, plans responses, and sizes reserves early, then monitors against that plan. Reserves are calculated up front and drawn down as the project progresses.

This works because predictive projects assume relatively stable scope, so a one-time, thorough analysis remains valid for much of the life cycle, supplemented by periodic reassessment at stage gates and milestones. The trade-off is rigidity: if conditions shift dramatically, an up-front estimate can go stale, which is exactly why monitoring and reserve analysis (Domain V) remain essential even on predictive work.

Risk planning in agile and hybrid

Agile and hybrid approaches manage risk iteratively because scope and conditions change continually. Key mechanisms:

• Risk-adjusted backlog — high-risk or high-uncertainty items are prioritized earlier so dangerous unknowns are tackled while there is time to respond.
• Spikes — short, time-boxed investigations to reduce technical or requirement uncertainty before committing to delivery.
• Frequent reassessment — risk is revisited every iteration, not once.
• Iteration-level risk reviews — retrospectives and reviews surface new risks and close obsolete ones each cycle.

The short feedback loops mean exposure is reduced incrementally as work proceeds, rather than betting everything on an up-front estimate. Hybrid projects blend both: predictive reserves and gates for stable components, iterative handling for uncertain ones.

Agile risk practices in detail

Several agile artifacts double as risk tools. The Definition of Done and acceptance criteria reduce quality risk by making completeness explicit. Daily stand-ups surface impediments — effectively emerging risks — every day. Burndown and burnup charts act as leading indicators: a flattening burndown signals schedule risk early. Because the team replans every iteration, a risk identified in iteration three can reshape the backlog for iteration four, something a predictive plan cannot do mid-stream.

The risk professional on an agile team focuses less on a heavy reserve calculation and more on keeping uncertainty visible and front-loaded. On the exam, if a scenario stresses changing requirements, frequent reassessment, or prioritizing risky work early, the answer favors the iterative, agile handling of risk rather than a single up-front quantitative pass.

Choosing the planning rhythm

The delivery approach does not change what risk management does — it changes how often and how formally. Predictive work concentrates effort early and revisits at gates; agile spreads effort evenly across iterations; hybrid does both for different parts of the same project.

• Predictive — thorough up-front analysis, formal reserves, gate reassessment.
• Agile — continuous identification, risk-adjusted backlog, spikes, iteration reviews.
• Hybrid — gated reserves for stable scope, iterative handling for volatile scope.

Match the rhythm to volatility: the more uncertain and changeable the work, the more frequent the reassessment must be to keep exposure under control.