In PRINCE2 7, selecting Risk Response Types occurs during the 'Plan' step of the risk management procedure. Responses are chosen to optimize the project's chances of success by addressing **Threats** (negative risks) and **Opportunities** (positive risks) in a way that balances cost, effort, and ri…In PRINCE2 7, selecting Risk Response Types occurs during the 'Plan' step of the risk management procedure. Responses are chosen to optimize the project's chances of success by addressing **Threats** (negative risks) and **Opportunities** (positive risks) in a way that balances cost, effort, and risk exposure.
For **Threats**, the available response types are:
1. **Avoid**: changing the project scope or approach to eliminate the threat entirely.
2. **Reduce**: taking proactive action to lower the probability or impact of the event.
3. **Transfer**: assigning the financial impact to a third party (e.g., via insurance or penalty clauses), though accountability remains with the project.
4. **Share**: partnering with multiple parties to manage the threat, sharing the pain/gain.
5. **Accept**: consciously deciding to take no action, often because the cost of mitigation exceeds the risk's impact.
6. **Prepare**: creating contingency plans to be executed only if the risk occurs.
For **Opportunities**, the response types are:
1. **Exploit**: taking measures to ensure the opportunity definitely happens (100% probability).
2. **Enhance**: taking action to increase the probability or impact of the benefit.
3. **Transfer**: assigning the opportunity to a third party better placed to realize the benefit.
4. **Share**: partnering to maximize the benefit, often via a shared ownership model.
5. **Reject**: deliberately choosing not to pursue the opportunity.
6. **Prepare**: planning actions to capture the benefit if the opportunity arises naturally.
Practitioners must record these decisions in the Risk Register and ensure the cost of the response is justified by the change in the risk profile.
Risk Response Types
Why is it important? In PRINCE2 V7, identifying risks is meaningless without action. The Risk Response Types provide a standardized framework for selecting how to deal with uncertainties. Applying the correct response ensures that the project team manages risks proactively rather than reactively, balancing the cost of the response against the potential impact of the risk. This is the core of the 'Plan' step in the risk management procedure.
What is it? Risk responses are categorized based on whether the risk is a Threat (negative impact) or an Opportunity (positive impact). There are specific strategies for each, though some terminology is shared.
Responses to Threats These actions aim to protect the project objectives: 1. Avoid: Changing the plan to remove the threat entirely. This reduces the probability of the risk to zero (e.g., using a wired connection instead of wireless to avoid Wi-Fi instability). 2. Reduce: Taking action to lower the probability of the event occurring or the impact if it does occur. 3. Transfer: Passing the financial impact to a third party (e.g., insurance, performance bonds). Note: You can transfer the financial risk, but not the accountability. 4. Share: A mechanism where multiple parties share the pain (loss) or gain, often defined by a contract formula. 5. Accept: A conscious decision to take no action, usually because the cost of mitigation is higher than the risk impact. The risk is monitored. 6. Prepare: Developing a contingency plan that is only enacted if the risk occurs. This often requires a budget set aside for this specific purpose.
Responses to Opportunities These actions aim to maximize benefits: 1. Exploit: Taking action to ensure the opportunity definitely happens. This raises the probability to 100%. 2. Enhance: Taking action to increase the probability or the impact of the opportunity, making it more attractive. 3. Transfer: Assigning ownership of the opportunity to a third party who is better placed to realize it (less common in practice but valid in theory). 4. Share: Partnering (e.g., Joint Ventures) to generate benefits that neither party could achieve alone. 5. Reject: A conscious decision not to pursue the opportunity due to low ROI or high cost. 6. Prepare: Developing a plan to seize the opportunity only if it arises.
Exam Tips: Answering Questions on Risk Response Types Practitioner exams often present a scenario and ask for the specific response type used. Use this logic flow: 1. Determine Polarity: Is the risk good (Opportunity) or bad (Threat)? If it is a threat, eliminate options like Exploit, Enhance, or Reject immediately. 2. The 'Zero/100' Rule: - If the threat is gone completely, it is Avoid. - If the threat remains but is smaller, it is Reduce. - If the opportunity is guaranteed, it is Exploit. - If the opportunity is just more likely, it is Enhance. 3. Transfer vs. Share: - Transfer usually involves insurance, fixed-price contracts, or penalties. It is about shifting financial burden. - Share implies a partnership or a pain/gain sharing formula where parties work together. 4. Prepare: Look for keywords like 'contingency plan,' 'fallback plan,' or actions that are 'conditional' on the risk event happening.