In the context of PRINCE2 7, Risk Planning and Analysis are critical activities embedded within the risk management procedure, primarily spanning the 'Assess' and 'Plan' steps to manage uncertainty regarding project objectives.
Analysis occurs during the 'Assess' step, which is subdivided into 'Esβ¦In the context of PRINCE2 7, Risk Planning and Analysis are critical activities embedded within the risk management procedure, primarily spanning the 'Assess' and 'Plan' steps to manage uncertainty regarding project objectives.
Analysis occurs during the 'Assess' step, which is subdivided into 'Estimate' and 'Evaluate'. Estimation involves characterizing individual risks by determining their probability, impact, and proximity. Evaluation aggregates these individual risks to calculate the total risk exposure, often using summary risk profiles. This net exposure is compared against the project's risk appetite and tolerance levels defined in the Risk Management Approach to determine if the project remains viable.
Risk Planning follows analysis and involves selecting specific response strategies. PRINCE2 7 emphasizes managing both threats (negative impacts) and opportunities (positive impacts). Standard responses for threats include avoid, reduce, transfer, share, accept, or prepare contingent plans. Conversely, responses for opportunities include exploit, enhance, transfer, share, reject, or prepare contingent plans.
Effective planning requires a cost-benefit analysis to ensure the cost of the response is proportional to the risk's significance. During this phase, specific roles are assigned: a 'Risk Owner' is held accountable for managing the risk, while a 'Risk Actionee' is responsible for executing the response actions. The outcomes of planning are recorded in the Risk Register and may necessitate updates to the Project Plan and Business Case.
Risk Planning and Analysis in PRINCE2 Practitioner (7th Edition)
What is Risk Planning and Analysis? In PRINCE2 7th Edition, Risk Planning and Analysis constitutes the core engine of the Risk Practice. It is the phase within the risk management procedure where identified uncertainties are examined to understand their magnitude and where strategies are formulated to handle them. It bridges the gap between simply finding a risk and taking action on it.
Why is it Important? Without proper analysis and planning, a project manager cannot prioritize resources. Not all risks are created equal; some require immediate executive attention, while others are trivial. This process ensures that the project remains viable by calculating the Risk Exposure and ensuring it stays within the risk appetite set by the Project Board.
How it Works: The Process The PRINCE2 risk management procedure generally flows through: Identify → Assess → Plan → Implement → Communicate. The 'Planning and Analysis' segment focuses heavily on the Assess and Plan steps:
1. Assess (Estimate and Evaluate) Before planning a response, you must understand the risk. Estimate: You look at individual risks to determine their Probability (likelihood), Impact (severity), and Proximity (when it will happen). Techniques like Probability Impact Grids are used here. Evaluate: You look at the aggregate effect of all risks (net effect) on the project. This is often summarized in a risk profile to see if the overall risk exposure exceeds the risk tolerance.
2. Plan (Risk Responses) Once analyzed, you must select a response type. In PRINCE2, these differ for Threats (negative) and Opportunities (positive).
Responses to Threats: Avoid: Eliminating the risk by changing scope or approach. Reduce: Taking action to lower the probability or impact. Transfer: Passing the financial impact to a third party (e.g., insurance). Share: Using a pain/gain formula with a partner. Accept: Doing nothing (conscious decision). Prepare: Creating a contingency plan (Plan B) that only activates if the risk occurs.
Responses to Opportunities: Exploit: Making sure the opportunity happens. Enhance: Increasing the probability or impact. Transfer: Passing responsibility to a third party who can manage it better. Share: Partnering to realize the opportunity. Ignore: Doing nothing. Prepare: Having a plan ready if the opportunity arises.
Exam Tips: Answering Questions on Risk Planning and Analysis When facing Practitioner scenarios, follow these guidelines:
1. Distinguish Inherent vs. Residual Risk Exam questions often trick you with the timeline. Inherent risk is the risk before any action is taken. Residual risk is what remains after the response is implemented. Ensure you know which one the question is asking for.
2. Match the Response to the Scenario This is the most common question type. You will be given a scenario and asked to identify the response used, or recommend one. Keywords to watch: If the scope is changed to remove the uncertainty completely → Avoid. If an insurance policy or penalty clause is bought → Transfer. If actions are taken now to make the risk less likely → Reduce. If a plan is created but will only be used after the risk strikes → Prepare (Contingency).
3. Check the Risk Budget Questions regarding 'Planning' may ask how to fund the response. Remember: The Risk Budget is used to fund responses (like buying insurance or implementing safety measures), not just to cover the cost of the impact.
4. Identify the Owner vs. Actionee In your analysis, you must assign roles. The Risk Owner is accountable for managing the risk. The Risk Actionee is the person actually doing the work (the action) to respond to the risk. In exam questions, ensure the right person is assigned based on their authority and proximity to the risk.