Back to Risk Response Planning

Managing Residual and Secondary Risks

5 minutes 5 Questions

Managing residual and secondary risks is an essential concept in Risk Response Planning that ensures comprehensive risk management. Residual risks are those that remain after risk responses have been implemented, while secondary risks are new risks that emerge as a direct result of implementing a risk response. Recognizing and planning for these risks is crucial to avoid unexpected setbacks during project execution. Residual risks acknowledge that no risk response can entirely eliminate a risk, especially in complex projects. Thus, it's important to identify what level of risk remains and assess its potential impact. This involves reevaluating the risk in light of the response measures and determining if additional actions are required. For instance, after implementing a mitigation strategy for a technical risk, there may still be a small chance of failure that needs monitoring. Secondary risks arise because actions taken to address one risk may create new risks. For example, outsourcing a component to mitigate cost risks might introduce risks related to quality control or communication challenges. Identifying secondary risks requires careful analysis of the potential side effects of risk responses. It is important to include these risks in the risk register and develop appropriate response plans for them. Effective management of residual and secondary risks involves updating risk management documentation and communicating changes to all stakeholders. It ensures that the risk management plan remains dynamic and responsive to new developments. Regular risk reviews and audits can help in identifying these risks early and adjusting plans accordingly. Allocating resources to monitor and control residual and secondary risks is also vital. This might include setting aside contingency reserves or scheduling periodic risk assessments. By proactively managing these risks, project managers can minimize their impact and avoid compounding issues that could jeopardize project success. In conclusion, managing residual and secondary risks is about acknowledging that risk management is an ongoing process. It requires continuous attention to the evolving risk landscape of a project. By doing so, project teams can maintain control over the project’s direction and outcomes, even in the face of new and persisting challenges.

Test mode:
Start practice test
PMI-RMP - Risk Response Planning Example Questions

Test your knowledge of Amazon Simple Storage Service (S3)

Question 1

When a project team identifies that a risk response has created a new potential threat, this new risk should be classified as:

Correct Answer: A secondary risk that requires additional analysis and response planning

A new risk that emerges as a result of implementing a risk response is classified as a secondary risk. Secondary risks are potential threats or opportunities that arise as a direct result of implementing a risk response strategy. These risks need further analysis and planning to manage their potential impacts on the project. Residual risks are those that remain after risk responses are implemented, not new risks from responses. Triggered risks are those that have actually occurred and require the execution of planned responses, not new risks from response actions. Cascading risks refer to a chain reaction of risks, but this is not the correct term for risks that emerge specifically from implementing risk responses.

Question 2

Which statement best describes the management of residual risks in a project?

Correct Answer: These are risks that remain active after planned responses have been implemented

Residual risks are those that continue to exist after all planned risk responses have been implemented. These risks have been actively identified and assessed, but the organization has decided to accept them, either because the cost of further mitigation would exceed the potential benefits, or because some risks simply cannot be eliminated entirely. Here's why other options are incorrect: The option about secondary risks is incorrect because secondary risks are new risks that arise as a direct result of implementing a risk response. They are different from residual risks. The option about fully mitigated risks is incorrect because residual risks, by definition, are NOT fully mitigated - they still exist after response implementation. The option about unplanned consequences is incorrect because this describes unintended side effects of risk responses, not residual risks. These would be more accurately categorized as secondary risks or emergent risks.

Question 3

In the process of managing secondary and residual risks, what is the recommended approach when a risk response strategy appears to be less effective than initially planned?

Correct Answer: Revise the risk response strategy and update the risk register

The best approach when a risk response strategy is less effective than planned is to revise the strategy and update the risk register. Here's why: A key principle of risk management is continuous monitoring and adaptation. When a strategy isn't working as intended, the proper response is to: 1. Evaluate why it's not effective 2. Develop improvements to the strategy 3. Document the changes in the risk register 4. Implement the revised approach Why other approaches are incorrect: Documenting and proceeding anyway fails to address the underlying problem and could lead to increased project risks. Continuing with an ineffective strategy while only monitoring it is passive and could allow risks to escalate unnecessarily. Escalating to senior management should not be the first response - project managers should first attempt to address issues at their level through strategy revision.

Go Premium

PMI Risk Management Professional Preparation Package (2024)

  • 3223 Superior-grade PMI Risk Management Professional practice questions.
  • Accelerated Mastery: Deep dive into critical topics to fast-track your mastery.
  • Unlock Effortless PMI-RMP preparation: 5 full exams.
  • 100% Satisfaction Guaranteed: Full refund with no questions if unsatisfied.
  • Bonus: If you upgrade now you get upgraded access to all courses
  • Risk-Free Decision: Start with a 7-day free trial - get premium features at no cost!
More Managing Residual and Secondary Risks questions
12 questions (total)
Start 12 question test