According to the PMBOK Guide, risk prioritization is the process of assigning a level of importance to each identified risk based on its probability and impact, as well as other factors such as urgency, stakeholder tolerance, and project objectives. Risk prioritization helps the project team to focus on the most significant risks and allocate resources accordingly. One of the tools and techniques for risk prioritization is stakeholder engagement, which involves involving the key stakeholders in the risk analysis and decision making process. Stakeholder engagement helps to ensure that the risk prioritization reflects the expectations and preferences of the stakeholders, and that they are aware of and agree with the results. By engaging the key stakeholders during the prioritization process, the risk manager could have avoided the board’s request to sort the risks differently, as the board would have been part of the process and would have accepted the outcome. References: = PMBOK Guide, 6th edition, pages 406-407; The Standard for Risk Management in Portfolios, Programs, and Projects, page 67.
A company manages confidential customer information, and a data breach exposing sensitive information was discovered. What should the risk manager do?
A. Execute the security risks contingency plan.
B. Get a report of customers affected by the risk.
C. Identify residual and secondary risks.
D. Coordinate a response with the risk owner.
Answer: D
According to the PMBOK Guide, the risk owner is the person assigned the responsibility of monitoring the risk and implementing the risk response plan. The risk owner should be involved in the risk response execution and evaluation, and should communicate the results and outcomes to the relevant stakeholders. In the case of a data breach, the risk owner should coordinate a response with the risk manager and other parties involved, such as the security team, the legal team, the customer service team, and the senior management. The risk owner should also report the status of the risk and the effectiveness of the response plan to the risk manager. The risk manager should oversee the risk response process and ensure that the risk is handled appropriately and in alignment with the project objectives and stakeholder expectations. References: = PMBOK Guide, 6th edition, pages 452-453; The Standard for Risk Management in Portfolios, Programs, and Projects, page 79.
