Plan Risk Responses

This article contains most of the important information you need to know about Plan Risk response process in order to answer questions related to this topic in the PMI-RMP Exam, I recommend you review this type of articles 1 week before your exam date, all information mentioned are based on PPMBOK Guide 5th edition , Practice Standard for Risk Management and  Risk Management Tricks of the trade for Project Managers and PMI-RMP Exam Prep Guide , 2nd Edition by Rita Mulcahy ., ITTO refers to Inputs, Tools & Techniques and outputs.

This process is a part of Planning Process group and Risk Management Knowledge Area with the following ITTO’s


  1. Risk management Plan
  2. Risk Register

Tools & Techniques:

  1. Risk Response Strategies
  2. Contingent Response Strategies
  3. Expert Judgment


  1. Project management Plan updates
  2. Project Document Updates


  • It determines effective response actions that are appropriate to the individual risks and to overall project risk, it considers key stakeholders risk attitudes.
  • Determine what can be done to reduce the overall risk of the project by decreasing the probability and impact of threats and increasing the probability and impact of opportunities
  • Performing this process in planning phase entails agreeing upon the actions to be taken and the potential changes to budget, schedule, resources and scope which actions might cause change.
  • Each Individual risk response description should include the following details :
  1. To make sure each response to be executed in optimum time, the description should include a description of any corresponding trigger conditions.
  2. Risk Owner, responsible for ensuring that the risk response is effective and for planning additional responses if required, he should watch out for the risk during project life cycle, identification of potential risk owners was recommended in identify risks process, assigned and documented in plan risk response, effectiveness of risk owners is monitored and reported through risk audits in monitor and control risk process.
  3. Risk Action Owner, responsible for ensuring that the agreed upon risk responses are carried out as planned.
  • Secondary Risk, Responses when implemented, can have potential effects on project objectives and can generate additional risks which called secondary risks, a secondary risk should not have an impact greater than the initial risk, it is the responsibility of risk owner to watch for the secondary risks.
  • The secondary risks should be included in risk response planning , for those risks that remain, contingency plans, fallback plans and triggers should be identified.
  • Residual Risks, Risks which remains after the plan responses have been implemented, they should be clearly identified, analyzed , documented and communicated to all relevant stakeholders , each of them should have a contingency plan and fallback plan.
  • Contingency planning, planned actions to be taken if the threat or opportunity happens .
  • Fall Back plans, Plans created in case contingency plans fails, it is the answer of question of “What happens if the contingency plan does not work “ .
  • Risk Triggers, early warning sign that tells risk owners and project managers that an accepted risk occurred or about to occur , potential triggers are identified in identify risk process , but they are documented as part of plan risk response process, they are listed in the risk response plan,
  • Critical success factors to plan risk responses includes but not limited to :
  1. Communicate, Communication with key and various stakeholders should be maintained in an open and appropriate manner, it may involve high levels of the organization’s management and other stakeholders.
  2. Clearly Define risk roles and responsibilities, It needs the team support , a single risk owner should be assigned to every identified risk, and each agreed upon risk response plan should have a single action owner. Risks related to politics and organizational causes might be taken over by management.
  3. Specify timing of risk responses.
  4. Provide resources, budget and schedule for each agreed upon responses, obtain management approval and obtain risk owners and action owners commitment.
  5. Address the interaction of risks and responses, interaction effect that may occur is when one risk, if it occurs, may affect the probability or impact of other risks.
  6. Ensure appropriate, timely, effective and agreed-upon responses, all responses should be feasible, applicable and well-studied.
  7. Address both threats and opportunities, not to focus only on threats.
  8. Develop strategies before tactical responses, responses should be planned into strategic level then should be expanded into actions at the tactical level and integrated into the project management plan.
  • Major tools and techniques used in the process :
  1. Plan risk responses strategies , responses should be listed for both threats and opportunities , for threats you can use on of the following :
  2. Avoid , eliminate the cause of the risk by eliminating the cause
  3. Mitigate (Control) , Reduce the expected monetary value of the risk by reducing its impact or probability of occurrence or impact .
  4. Transfer (Allocate) , Assign the risk to a third party , outsourcing or subcontracting or buying insurance.
  5. Accept, it can be passive or active, Active acceptance requires a contingency plan or passive which requires a workaround once it happens.
  • For Opportunities you can use one of the following :
  1. Exploit, Increase the opportunity by making the cause more probable.
  2. Enhance Increase the expected time, quality or monetary value of risk by increasing its probability or impact of occurrence.
  3. Share, Retain appropriate opportunities of parts of opportunities instead of transferring them to others.
  4. Accept, it can be passive or active, Active acceptance requires a contingency plan or passive which requires a workaround once it happens.
  • Make sure to involve the team, stakeholders and experts in selecting the suitable strategy.
  • As a result of this tool the project cost or schedule should be decreasing by eliminating threats and increasing opportunities.
  1. Contingency reserve analysis, A reserve is an amount of time/or cost added to the project to account for risks, mainly there is 2 types , contingency reserves ( To deal with the known unknowns which were identified earlier ) , Management reserves ( To deal with unknown unknowns , risks were not identified earlier ) , a reserve is not a pad , pad is hidden , reserve is not .
  • Here are the main methods you can use to determine project contingency reserves, Management reserve is usually a percentage of the total project cost and usually falls between 2 and 15 percent.
  1. Method 1 : 10 Percent , add a percent of the project time and cost as a reserve for both contingency reserve and management reserve
  2. Method 2 : Guess, you can guess the appropriate amount of time and cost contingency reserve based on the number and severity of the risks.
  3. Method 3 : Expected Monetary value, Find the expected monetary value of risks to create a contingency reserve , add 5% to 10% for management reserve , the value of contingency reserve can be the expected monetary value of the project overall , it can be also the value while considering having all threats occur in their entirety.
  4. Method 4 : Monte Carlo simulation , it is preferred to be used for sanity check after you are done with calculations in method 3 , the results of monte Carlo analysis depends on how accurate the WBs , network diagram and estimates based on are .
  • The process of plan risk responses should results in revised project management plan as work packages will be changed , added to , or removed from work breakdown structure
  • The risk register will be used for meetings with management, get reserves accepted and make go/ no go decisions, new risks can be added and tracked during project life cycle.
  • Contracts, it refers to any legal agreement for the purchase or sale of goods and services, it may include purchase orders , service agreements or contracts , risk management helps team determine that it would be less risky to transfer one or many risks to another company through contracting , it also helps determine what terms and conditions to put into contracts to decrease project threats and to increase opportunities , never create a contract without risk analysis .
  • Insurance Purchased, used for risks like fire, theft, risk response maybe to purchase insurance , it’s a mitigation choice because complete impact is not removed.
  • Note that non top risks “Watch list “ do not have risk owners, the project manager is responsible to monitor these risks.
  • This process mainly results project management plan updates , Project document updates and in Risk Register updates :
  1. Residual Risks, Risks remains after plan risk response, contingency plan and fall back plan should be created for each , especially ones which was accepted actively.
  2. Contingency Plans, plans describing specific actions that will be taken if opportunity or threat occurs.
  3. Risk Owners, someone who will help develop the risk response and who will be responsible to carry out response plan.
  4. Secondary Risks, Risks created due to performing another risk response plan.
  5. Risk Triggers, Early warning signs for risks.
  6. Contracts, contract terms and conditions should be created after risk analysis.
  7. Fallback plans, plans executed when contingency plan fails .
  8. Reserves, Schedule and cost reserves are created and documented here.

Leave a Reply

Logged in as shadi alsha3er. Log out?