What should the risk manager do?

A risk manager is managing risks of a mission critical application. A subject matter expert (SME) asks the risk manager to treat every single risk identified as an extremely high priority .

What should the risk manager do?
A . Ask the project sponsor if every risk in the risk register can have the same priority.
B . Mark every identified risk as an extremely high priority and any future risks as a lower priority.
C . Agree with the SME, treat every risk with equal priority, and inform all stakeholders.
D . Perform a sensitivity analysis and determine the correct priority of every identified risk.

View Answer

Answer: D

Explanation:

According to the PMBOK Guide, 6th edition, Section 1 1. 6.2.1, Sensitivity Analysis, a sensitivity analysis is a technique that helps to determine which individual project risks or other sources of uncertainty have the most potential impact on project outcomes. A sensitivity analysis can be used to prioritize risks based on their relative effect on the project objectives, such as cost, schedule, quality, or scope. A sensitivity analysis can also help to identify areas where risk response efforts may be most effective. Therefore, the risk manager should perform a sensitivity analysis and determine the correct priority of every identified risk, rather than agreeing with the SME or the project sponsor, or marking every risk with the same or different priority without proper analysis.

Reference: PMBOK Guide, 6th edition, Section 1 1. 6.2.1, Sensitivity Analysis1

The risk manager should perform a sensitivity analysis to assess the impact of each risk on the project objectives. This will help in determining the correct priority of every identified risk, ensuring that resources are allocated effectively and that the most critical risks are addressed first.