Pass the PMI PMI Certification PMI-RMP Questions and answers with CertsForce

To mitigate the chance of the same issues reoccurring, the risk manager should document the known risk triggers as identified cost and schedule risks in the risk register. By doing so, these risks are formally recognized, and appropriate responses can be planned and monitored. This approach ensures that the lessons learned from the previous project are incorporated into the risk management plan for the upcoming project, reducing the likelihood of similar issues occurring.

The project manager should discuss the identified risks with the project team to ensure that everyone is aware of the potential risks and can provide input on the likelihood and impact of each risk. This collaborative approach will help in developing a comprehensive risk management plan.

The project manager should discuss and evaluate the identified risks with the project team, as this is part of the risk identification process. The project manager can use their experience from previous projects to identify potential risks that may occur again on the new project, but they should also involve the project team to obtain their input and perspectives. The project team can help the project manager to validate, refine, and prioritize the identified risks, as well as to suggest possible risk responses. The project manager should document the identified risks and their characteristics in the risk register, which is a tool for risk management. The other options are not appropriate actions for the project manager to take. Implementing the risk response strategies into the risk plan is premature, as the project manager should first analyze and evaluate the risks before deciding on the best response strategies. Informing the sponsor that these risks should be added according to experience is not sufficient, as the project manager should also consult the project team and other stakeholders to ensure that all relevant risks are identified and assessed. Adding the risks to the risk register and determining a contingency is part of the risk analysis and response planning processes, which come after the risk identification process. The project manager should first discuss and evaluate the identified risks with the project team before moving to the next steps of risk management. References: 2, 3, [5]

The correct answer is B. Conduct a retrospective meeting with stakeholders and inquire about what went well and what could be improved on future projects.

The question focuses on a completed project and asks what the risk manager should do after the executive sponsor requests a deep review of what went wrong for the benefit of future projects. This is a classic lessons learned and risk closure activity. A retrospective with stakeholders is the most complete and effective approach because it captures multiple perspectives on what happened, what worked, what failed, and what should be improved in future similar initiatives.

A retrospective goes beyond reviewing documents. It helps uncover root causes, process gaps, missed warning signs, ineffective responses, communication failures, and organizational learning opportunities. Because the company plans to develop more web applications, the objective is not only to analyze the past but also to improve future risk management and delivery performance.

Why the other options are incorrect:

A. Gather the project ' s status reports and meeting minutes to determine when issues occurred and how quickly the issues were addressed. These documents may support the review, but they are not enough by themselves for a full deep-dive. They provide historical evidence but not the richer insight gained from stakeholder reflection.

C. Work with the project manager to determine if additional resources could have prevented or mitigated the issues that arose on the project. This is too narrow. The project may have suffered from many causes beyond resource limitations, including planning weaknesses, requirements issues, inadequate risk responses, vendor problems, or governance gaps.

D. Review the project ' s risk register and determine how comprehensive and effective each risk and issue response was. Reviewing the risk register is useful, but it is still narrower than a full retrospective. Some realized issues may never have been captured properly in the register, and the sponsor requested a broader deep-dive into what went wrong overall.

Best-practice reasoning:

At project closure, organizations should capture lessons learned through structured review with relevant stakeholders. This supports continuous improvement, improves future risk identification and response planning, and strengthens organizational process assets.

Reference-aligned basis:

This answer is consistent with standard risk management guidance that emphasizes:

lessons learned and retrospective reviews at project or phase closure,

stakeholder participation in evaluating what worked and what did not,

updating organizational knowledge for future projects.

Mitigation involves taking proactive steps to reduce the probability or impact of a risk event. In this scenario, the facilitator anticipates the risk of attendees not receiving the product brochure due to spam filters. By advising participants to check their spam folders, the facilitator addresses the issue before it escalates, thereby reducing the likelihood of miscommunication or information loss. This preemptive action exemplifies a mitigation strategy, aiming to lessen the potential negative impact on the workshop ' s effectiveness.

PMI Risk Management Study Guide References:

The PMI-RMP Exam Preparation Study Guide defines risk mitigation as " the process of implementing actions to reduce the likelihood or impact of a risk to acceptable levels, " highlighting the importance of proactive measures in risk management.

Variance analysis is a technique used to compare actual project performance against planned performance. In this scenario, the risk manager is comparing planned enablement sessions with actual sessions to identify discrepancies that could indicate potential risks. This approach allows the project team to monitor performance closely and take corrective actions as needed to keep the project on track, which is crucial for projects with strict timelines​.

The risk owner should implement the secondary risk response, as it is now being tolerated, and update the project documents accordingly. They should also update and communicate the assessments of the secondary risk ' s impact to ensure everyone is aware of the situation.

According to the PMI-RMP Handbook1, the risk owner is responsible for implementing the risk response plan and monitoring the risk and its secondary risks. Therefore, the risk owner should take the following two actions when the secondary risk emerges:

Implement the secondary risk response and update the project documents. This action is consistent with the risk response strategy of tolerance, which means accepting the risk and its consequences. The risk owner should execute the planned response for the secondary risk, such as contingency plans or fallback plans, and update the relevant project documents, such as the risk register, the risk report, and the lessons learned register, to reflect the current status and impact of the risk.

Update and communicate assessments of the secondary risk’s impact. This action is consistent with the risk monitoring and control process, which involves tracking the identified risks, evaluating their impact and probability, and reporting the risk information to the appropriate stakeholders. The risk owner should reassess the secondary risk’s impact on the project objectives, such as scope, schedule, cost, and quality, and communicate the results to the project manager and other relevant stakeholders, such as the sponsor, the customer, and the team members.

PMI-RMP Handbook1

PMBOK Guide, 6th edition, Chapter 11: Project Risk Management2

When a project experiences consistent deviations in cost performance index (CPI) and schedule performance index (SPI), it indicates underlying issues with the project ' s assumptions regarding schedule and resources. Analyzing these assumptions helps identify discrepancies between planned and actual performance, such as underestimated task durations or insufficient resource allocation. By revisiting and adjusting these assumptions, the risk manager can develop strategies to mitigate further overruns and align the project with its objectives.

PMI Risk Management Study Guide References:

The PMI-RMP Exam Content Outline emphasizes the importance of examining assumption and constraint analyses to identify risks arising from inaccurate or incomplete project assumptions, which can lead to performance issues.

The risk manager is responsible for ensuring that all risks, including secondary risks, are identified and addressed during the risk response planning process. If key secondary risks were missed, the risk manager should be held accountable. (Reference: Project Management Institute. A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Sixth Edition, Section 11.5)

The risk manager is responsible for identifying and analyzing risks, as well as planning and implementing risk responses. Secondary risks are those risks that arise as a direct result of implementing a risk response to a specific risk. The risk manager should have considered the potential secondary risks during the risk response planning and updated the risk register accordingly. The project manager should hold the risk manager accountable for missing the secondary risks and ensure that they are properly addressed12

 1: PMI Risk Management Professional (PMI-RMP)® Handbook, page 10 2: A Guide to the Project Management Body of Knowledge (PMBOK® Guide) – Seventh Edition, page 11.2.2.1

The project risk manager should generate reports to assess and communicate the project risk level to stakeholders. This helps in making informed decisions and taking appropriate actions to manage risks effectively.

 The project risk manager should quantify the risk exposure that exceeds project contingency, as this will help to determine the amount of management reserve needed to cover the potential cost overruns or schedule delays. The project risk manager should also communicate this information to the project manager and other relevant stakeholders, and update the risk management plan accordingly. References: The Standard for Risk Management in Portfolios, Programs, and Projects, page 80; PMBOK Guide, 6th edition, page 407.