PMI-RMP Latest Exam from 2022 – Top 11 Changes to Know

As informed with multiple posts in this site, the Risk Management Professional Exam (RMP) exam has changed this year (2022). The change happened a couple of months before. This is primarily due to the introduction of the new ECO, new standards and guides and other references.

It's also worth noting that the new RMP ECO will be valid for the next three to five years.

As noted in earlier posts, the NEW RMP exam related content has been reflected in all of the followings:

• Course: RMP Live Lessons, Guaranteed Pass

• Course: RMP 30 Contact Hours Online

• Book: I Want To Be A RMP, Second Edition

 

You can read the above posts to know about the changes with respect to the respective courses and book.

Now, at a high-level, the following are the top changes considering the entire RMP exam.

Top 11 Changes – New PMI-RMP Exam

Change – 1: Introduction of a NEW ECO

The new ECO comes with a new set of domains. The domains are:

• Domain I: Risk Strategy and Planning

• Domain II: Risk Identification

• Domain III: Risk Analysis

• Domain IV: Risk Response

• Domain V: Monitor and Close Risks

The ECO sets the blueprint of the exam and informs the percentage of questions coming from each domain.

However, to understand the ECO, you need to study it thoroughly with all the tasks and enablers. Every domain has a number of tasks and every task has a number of enablers. You need to understand them to know what kind of questions are expected in the RMP exam.

Change – 2: Introduction of NEW Exam Pattern

The exam pattern is now changed. Earlier the RMP exam had 170 questions. Now, the RMP exam will have:

• 115 Questions (mostly situational questions).  

• 100 Questions will be scored.

• 15 Questions will be unscored.

Change – 3: Change in Exam Duration

This is actually part of the Change – 2, but considering the drastic reduction in questions and duration, the exam is actually less physically demanding. Earlier it was 3.5 hours (210 minutes) for 170 questions, which translate to 74 seconds for every question.

Now:

• The exam duration is of 2.5 hours (or 150 minutes).

• For every question, you will get more time (78 seconds approx.).

With 78 seconds for every question, the new exam is actually giving you more time to answer the questions compared to the previous exam. Hence, you have a better chance to score.

Change – 4: Introduction of the Foundational Standard for Risk Management in Portfolios, Programs and Projects.

The Standard for Risk Management in Portfolios, Programs and Projects was released in 2019, but was not explicitly listed for the RMP exam. Now it’s listed as one of the references. This is also called the Foundational Standard for Risk Management in my book and courses.

In fact, this standard is the first in the list of references and in my view, it’s the MAIN source of reference.

Change – 5: Introduction of NEW PMBOK Guide, 7th edition.

The PMBOK7 is now a reference source for preparing the RMP Exam. The latest edition of the PMBOK guide was released in 2021 and listed as the second reference. This edition comes with 12 new project management principles (includes a dedicated risk principle), 8 performance domains and a large number of models, methods and artifacts (MMAs). It also has tailoring considerations. 

For the RMP exam, of course the main focus will be Risk Management and how to understand and apply Risk Management in the context of this new guide.

Change – 6: PMBOK Guide, 6th edition, what happens to it?

This is a very important aspect as the PMBOK Guide, 6th edition is not listed as one of RMP exam references! However, it will still be a reference, primarily for two reasons:

• The first reference source for the new RMP Exam is the (Foundational) Standard for Risk Management in Portfolios, Programs and Projects. It directly and explicitly refers to the PMBOK Guide 6th edition. The reference is quite detailed considering the 5 process groups (PG), 10 knowledge areas (KA).
  In the Foundational Standard for Risk Management, there is also a dedicated mapping table to the 49 processes of PMBOK6 across the PGs and KAs. 

• There are seven processes for Risk Management Framework in the Foundational Risk Management Standard - the main reference source. And exactly seven of those risk management processes are elaborated in the PMBOK6, with details on the inputs, tools and techniques and outputs.

The link between the Foundational Standard for Risk Management and the PMBOK guide 6th edition is so strong that you can’t read the foundational standard properly at all, without understanding what PMBOK6 contains!

Hence, in my view, though not listed as a reference, the PMBOK Guide 6th edition is a must-read for your new RMP Exam. However, your reading should be specific to Risk Management and generic to a few other important knowledge areas.

Change – 7: Practice Standard for Project Risk Management, what happens to it?

It’ll still be a reference, though not explicitly listed! Do note that this standard is specifically for projects and hence, directly applies to the RMP exam, though not listed. You have a large amount of information available in this guide, which is not available in either of the PMBOK guides or the Foundational Standard.

However, this guide has outdated processes such as Control Risks, and also other outdated concepts. These have to be changed as you refer to any preparatory course or material.

My suggestion would be that you browse through this guide quickly to have mastery over your preparation. This guide noted a number of import items for the processes of Risk Management such as:

• Critical Success Factors are clearly explained, not just bullet line items!

• A number of risk related terms such as Risk Meta Language, Non-Risk items are explained.

• Informs how to document the artifacts and communicate which form a large part of the ECO

• A number of tools and techniques with advantages, disadvantages are noted.

• Change request management for risk response actions such as conditional and unconditional ones are clearly noted. These are not available anywhere.

Change – 8: Online Proctored Testing now available for the RMP Exam.

The new RMP exam is now offered in the online proctored mode, like other exams such as Project Management Professional (PMP), Certified Associate in Project Management (CAPM), Agile Certified Practitioners (ACP) etc.

This is a good change and may help a number of exam takers. Do note that you are allowed one break in the new RMP exam for the online proctored mode.

Change – 9: Introduction of Agile (and Hybrid) for all the Domains.

Now you have to know the Agile concepts in Risk Management. There are a large number of Agile concepts to be used in Risk Management. Many are not aware of this. The ECO informs that Agile concepts will permeate throughout the domains of risk management.

Change – 10: Introduction of other new areas such as Servant Leadership, Governance, Enterprise Risk Management.

These new areas you need to know as well. These are informed in the new ECO. Servant Leadership has overlapping areas with Agile Management. 

Change – 11: NEW questions styles in the exam.

Earlier the exam had only multi-choice questions, i.e., out of multiple choices, only one choice will be correct.

Now the exam also has multi-response questions, i.e., out of many choices, more than one choice will be correct. 

---

That’s it! The above top 11 changes are the most important ones that you need to know. 

When you prepare for your RMP exam, keep these new changes in mind. It'll help you better prepare for the exam. The ECO has nuances, which is only understandable with the right material and content. Otherwise, you may find it to be confusing. In addition, I’ve noted the other new references.

Also, there are additional suggested books (not published by PMI), which you have to read for your exam. 

The fully updated book of I Want To Be A RMP, the fully updated courses of RMP Live Lessons – Guaranteed Pass and RMP 30 Contact Hours Online have all the needed changes to prepare and enable you for the RMP exam.

 

RMP Live Lessons - Guaranteed Pass:

• RMP Live Lessons – Guaranteed Pass or Your Money Back

RMP 30 Contact Hours Course:

• RMP 30 Contact Hours Online Course - Full Money Back Guarantee

RMP 30 Contact Hours Vs. RMP Live Lessons

• Course Comparison: RMP 30 Contact Hours Vs. RMP Live Lessons 

Book for RMP Exam:

• Book for RMP Exam Prep: I Want To Be A RMP, Secon Edition

 

Updated New Course: RMP Live Lessons – Guaranteed Pass or Your Money Back

I am pleased to announce to completely updated  course for Risk Management Professional (RMP):

RMP Live Lessons – Guaranteed Pass or Your Money Back 

This is an in-depth video course and comes with a full money-back guarantee directly linked to you passing the PMI-RMP exam. It also comes packaged with the RMP 30 (or 40) Contact Hours. 

This video course’s first version was made available in April, 2021. Since then, it has enabled many successful PMI-RMPs. This course is based on the new Exam Content Outline (ECO 2022) for the RMP exam, the Foundational Standard for Risk Management in Portfolios, Programs and Projects (2019), the PMBOK Guide, 7th edition (2021) and PMBOK Guide 6th edition (2017), Risk Management in Agile/Hybrid environment and other needed references. It also refers to the Practice Standard for Risk Management, as needed. 

The RMP exam is a difficult exam and some say it’s more difficult than the PMP exam considering its scope, contents and understanding of Risk Management. You can read one such review here: RMP Exam is Tougher Than the PMP Exam. A number of RMPs have referred the earlier version of this course to clear the RMP exam.

         RMP Success Stories

The updates have happened after months of preparation and understanding on the latest exam. In fact, the updates are frequent in nature. The RMP Live Lessons Course is now fully compliant with the latest RMP Exam. 

For existing customers of this course all the below updates will be FREE of cost.

 

What’s New in the Course – RMP Live Lessons?

Below are the top highlights for the updates to this course. 

1. Completely NEW Set of Welcome Videos and NEW Content for RMP Exam under Introduction Lesson

The RMP exam has completely changed considering the educational requirements (one more has been added), number of questions (total questions, scored and unscored), question types, new exam content outline (ECO) released in March/April 2022, new references such as Foundational Standard for Risk Management, PMBOK Guide 7th edition, among others.

2. Videos with COMPLETE Mapping of Risk Management Processes to ECO’s domains.

The exam content outline of the RMP exam has completely changed and it comes with a new set of five exam domains. Each domain consists of a number of tasks and enablers. 

Considering this new video content has been added for all the processes of Risk Management and how it maps to the new ECO. Remember, the exam follows the ECO to set the questions.

3. NEW in-depth videos for Twelve Project Management Principles (PR).

The PMBOK guide, 7th edition has a principle-based approach with twelve principles. New (and exhaustive) sets of videos are added to understand the principles with focus on risk management. For example, the Risk Management PR (Principle 10: Optimize Risk Responses) has a number of overlapping with other PRs.

4. NEW in-depth videos for Eight Performance Domains (PD).

The PMBOK guide, 7th edition has eight performance domains, which are a group of related activities and functions critical to effective deliveries of project outcomes. The PMBOK guide, 7th edition is outcome (not output) focused. A new set of videos have been added with a number of diagrams, differences and convergence points between PMBOK7 and PMBOK6. 

5. NEW Full-Length Question Set covering Foundational Risk Standard and PMBOK Guide, 7th edition and the new RMP ECO. 

A new full-length question set (115 questions and detailed answers) has been added. This question set purely references two:

• PMBOK Guide, 7th edition which is applicable from March/April 2022 onward
• The Standard for Risk Management in Portfolios, Programs and Projects (Foundational Standard)
• The new RMP exam content outline (ECO)

6. NEW in-depth videos on Probability, Distribution and Probability Distributions in Risk Management. 

A detailed set of videos are added for probability, distributions (a large number of distributions with advanced ones) and probability distributions. Additional explanations given for Monte Carlo and Latin Hypercube simulations.

7. NEW set of videos for Project Life Cycle and Development Approach.

The new RMP ECO clearly informs about a number of possible life cycles – predictive, adaptive or hybrid. Hence, a new set of exhaustive videos on how to select a life cycle has been added. One complexity model addresses how to select the life cycle based on uncertainties and complexities. This is explained in-depth.

8. NEW in-depth videos on Uncertainty Performance Domain.

A new set of exhaustive videos has been added for the Uncertainty performance domain (PD), the 8th PD of the PMBOK guide, 7th edition. This PD is very important considering uncertainties, ambiguities, complexities, volatilities and risks.

9. NEW in-depth videos for the interactions of Principles, Performance Domains and Models, Method and Artifacts (MMAs).

For your exam, you need to understand how the twelve management principles, eight PDs and MMAs interact. The first explanation is in a generic way. Next, considering Uncertainty PD, it’s explained more specifically how they interact.

10. NEW set of videos for Complexity and Other Models.

In the PMBOK guide, 7th edition comes with a number of models, one of them being the complexity models. These complexity models will be associated with Uncertainties and Risks. For example, a completely new model of Cynefin Framework has been explained in-depth. Explanations are also there for other models, e.g., Process Group Model.

11. NEW set of videos for Foundational Risk Standard, PMBOK7 and PMBOK6 working together.

The Foundational Risk Standard has seven risk management principles, risk management life cycle and seven risk management processes. PMBOK7, as noted before, is not a process-based standard, but principle-based. PMBOK6, on the other hand, is a process-based standard. This creates big confusion. A set of videos are there to explain how to proceed with the RMP Exam with consideration for the Process Group model.

12. NEW in-depth videos for Risk Management in Agile.

Agile and Hybrid approaches are now part of the RMP exam (as per ECO). Hence, detailed videos are now available for Agile artifacts, Agile roles, and Agile events. All these are explained from a Risk Management context.  It also includes detailed explanation on Servant Leadership, a favored leadership style and referenced in PMBOK7 and the new ECO.

13. NEW video for Risk Management Process Interactions in Agile.

The 7 processes for risk management per the Foundational Standard for Risk Management can also be applied in an Agile environment. It’s explained in detail and how various Agile artifacts, events and role interplay. 

Agile content is also available in the Foundational Standard for Risk Management and explanations consider this standard.

14. NEW in-depth videos for Agile (and Hybrid when needed) in every Risk Management Process.

For all the risk management processes, from Plan Risk Management to Monitor Risks, a separate and dedicated section on Agile is added. This section informs how the related activities are conducted in an Agile environment. For example, considering Risk Monitoring, how does one monitor the risks in an Agile/Adaptive environment?

15. NEW videos for Risk-Adjusted Backlog, Risk-Adjusted ROI, Exception Plan, Story Points, Relative Estimations, among others.

A number of the above concepts are now available both in the Foundational Risk Standard and PMBOK7. Hence, new videos have been made available for them. They are put in respective processes, where they will be used most.

16. NEW videos for Risk Map, Risk Board, Risk Census Chart, Risk Burndown Chart, Risk Reviews etc.

All the above concepts are newly added to the RMP Live Lessons. For example, Risk Reviews is a key topic in Uncertainty PD (PMBOK7) and how you have to know how Risk Reviews happen in both predictive and adaptive approaches. 

17. NEW videos specifically for new concepts from PMBOK7 such as Risk Threat Profile, Leading and Lagging indicators, among others.

The PMBOK7 has a number of new risk related concepts as mentioned above. New videos are now available for all of them. 

18. NEW videos on-line RMP proctor exam.

The RMP exam can now be taken online via a proctor (and also traditional center-based mode). A dedicated set of videos are available on how to take the exam in both modes.

19. UPDATED with a number of tips and tricks and UPDATED Course Index File.

A number of new tips and tricks have been added to the course. In addition, as I frequently write on Risk Management topics, new contents made available via it are now part of the course.

The index file is important to know the latest content of the course. The new ones are highlighted for the NEW, as well as the UPDATED content. 

20. NEW XLS Sheet with the processes with ITTOs.

For your RMP exam, you still have to refer to the PMBOK 6th edition. This is because the Foundational Risk Standard is mainly process-based and it aligns 100% with PMBOK6! Hence, an XLS sheet is available for the processes and ITTOs. 

Note: The XLS sheet can be downloaded.

Top Features – Updated RMP Live Lessons

• Total Video Duration: 34 hours (approx.) [34h 09m 22s]
• Number of Videos: 522
• Number of Lessons: 14 (+2)
• Number of Questions: 1287 (+1, added January, 2024)
• Number of Full-Length Question Sets: 8 (total = 920 Questions) 
• One NEW question set added in January, 2024
• Lesson-end Questions: 35 to 40 questions (average)
• Lesson-end Smart Cards: 115
• Process and ITTO Video Exercises: 65
• Tips: 100s of them

More details on it are available available at:

https://www.managementyogi.com/p/rmp-live-lessons.html

It informs on the access, duration, price, FAQs, among others.

Applicability, Validity and Payment

• RMP Latest Exam with latest ECO (2024): Foundational Standard for Risk Management in Portfolios, Programs and Projects, PMBOK Guide 7th Edition, PMBOK Guide 6th Edition, Practice Standard for Project Risk Management Standard as needed, and other mandated references by PMI [Updated January, 2024]
• Valid Date for the Guarantee: 6 months or 1 year from date of purchase
• Price:
  $US 709/ Rs 56,719. Now $US 379/ Rs 30,449 (6 months access)
  $US 949/ Rs 75,949. Now $US 439/ Rs 35,949 (1 year access)
• Payment Link: paypal.me/managementyogi
  (Login, Send your payment to paypal account of ndsatya@gmail.com, Enter the amount; Invoice will be generated after payment)
  OR, you can pay via Bank Transfer or Payment. For this, please send a mail to managementyogi@gmail.com to get account the details.
• Number of attempts: 2 
• Available since: May, 2022 [Updated January, 2024]
• Primary Format: Video, Accessible
• Status: Available
  (accessible via laptop/desktop)

Updated Course Breakdown and Course Index

The complete course breakdown for the Guaranteed RMP course is shown below, with the new updates highlighted in green. It details on the hours of learning, number of videos and practice questions, along with various exercise details. You can scroll to see the full content.

Conclusion

With all the updates the RMP Live Lessons course completely includes the needed content from the Foundational Risk Standard, PMBOK7, PMBO6, Practice Standard for Risk Management and many other references. As noted earlier, all the new/updated content will be FREE of cost for the existing customers of the course.

As far as I am aware, this is the only RMP Exam Prep Course in the world, which comes with a full money-back guarantee linked to you passing the RMP exam.  There are no tricks involved. With it you can prepare strongly and have a high chance of being a RMP.

If you want to buy or have any other questions, please send an email to managementyogi@gmail.com.

RMP Exam Latest Changes (2022):

• PMI-RMP Latest Exam from 2022 – Top 11 Changes to Know

RMP Live Lessons - Guaranteed Pass:

• RMP Live Lessons – Guaranteed Pass or Your Money Back

RMP 30 Contact Hours Course:

• RMP 30 Contact Hours Online Course - Full Money Back Guarantee

RMP 30 Contact Hours Vs. RMP Live Lessons

• Course Comparison: RMP 30 Contact Hours Vs. RMP Live Lessons 

Book for RMP Exam:

• Book for RMP Exam Prep: I Want To Be A RMP, Secon Edition

End to End Risk Management with MS Project and Primavera Risk Analysis

Imagine you are managing a large project, which is strategically important and complex. At the outset, you realize there will be a number of risks, which if not managed well, could paralyze the outcome and have negative impacts on the project objectives. You want to proactively identify, analyze, respond, track, and monitor your project’s risks. And, it would be great to have a dedicated risk management tool to use alongside your project management software.

What are your options? Will software tools like Excel help? Will a software tool for only project management meet your needs?

If you have ever managed risks, you know a spreadsheet is not the answer. A spreadsheet is not at all designed for project management–let alone risk management. It’s likely that a project management software tool only meets your need half-way.

One of the most frustrating experiences faced by management practitioners with respect to software tools and one response was related to risk management and tracking, specifically in a scenario where spreadsheets were being used. Another aspect that came to light was the need for an integrated and risk-adjusted schedule-cost management system, which brings up questions like: what are the duration estimates and cost estimates associated with the risks? How can a PM manage risks in with a single, centralized tool?

In this piece, I’d like to present an integrated approach to project management with strong end-to-end risk management capabilities. For this purpose, I’ll be using two software tools:

• Microsoft Project (MSP) 2019 for project management, and
• Primavera Risk Analysis (PRA) 8.7.5 for risk management.

The practical examples and samples for this article have been taken from Practical RMP with Primavera Risk Analysis, whereas the theoretical explanations are from RMP Live Lessons.

Let’s start with creating a project plan with MS Project. 

Create the Project Plan

While you can directly use PRA to create your project plan, most project managers use MSP frequently for planning because of its simplicity, ease of use, and user friendliness.  For this reason, we will create the plan first in MS Project. The plan depicted in the below figure.

The statistics of the project are these:

• Duration: 38 days
• Cost: $67,680 USD
• Finish Date: June 30, 2021 (06/30/21)

The project is the creation of a Smart Site and involves multiple resources.

Do note that if you have modified the calendars for the project and/or have added custom calendars, you’ll need to ensure you have the corresponding calendars in PRA.

Set-up PRA for Risk Management

Before importing the plan, ensure that the settings for MS Project in PRA are correct. This can be opened by going to PRA tool’s File à Microsoft Project à Edit Default Import Mapping… menu.

Keep the “Show this dialog…” checkbox enabled so that when you open the MSP Plan in PRA, you can have a quick look at the settings before actual import happens.

Import the MSP Plan into PRA

Now that we have set the MSP related settings in PRA, we will import the project plan created in MSP into PRA. It will happen in a few seconds. Post import, in PRA, the plan will be shown as below.

The imported project plan in PRA has the following statistics:

• Remaining Duration: 38 days
• Remaining Cost: $67,680 USD
• Finish Date: June 30, 2021 (06/30/21)

This is perfectly in sync with the statistics of our project plan created earlier in MSP. It’s also a good idea to check a few of the tasks in the project to see that the import has happened properly. In our case, the task/activity “PRD Preparation” has been considered. It matches perfectly with the MSP Plan considering Dates, Resources, and Cost, among other fields.

Important Notes

At this stage, I’ll recommend that you read this Risk Management Framework for Projects article to understand how risks are managed and monitored over various Risk Management processes. Here, I’ll be using only the Risk Register, not the Risk Report.

In addition, I’ll explain some key points with respect to risk management, which will help you to understand why I’ve taken the following steps and performed the associated activities. Take a look at the video [Duration: 4m:12s] below—it’s been taken from RMP Live Lessons. For a better experience, you may want to go full-screen with HD mode and plug-in your earphones.

Risk Identification and Risk Register

Now, we are going to prepare the Risk Register. Preparation of this key project artifact happens during the Risk Identification process.

To create the Risk Register with PRA software, go to Risk à Register… menu, or click on the Risk Register icon on the Risk Toolbar of PRA. The Risk Register creation dialog box will pop up, and we will use the standard risk register option.

 

When the standard Risk Register first opens, of course, it will be empty as shown below.

You can enter new risks easily by adding details for the identified individual project risks.

As you can enter the risks, provide all the needed information such as Risk ID, Threat or Opportunity, Risk Title, the Pre-mitigation information such as Probability scales, Impact Scales, etc. You can also add the Risk Details such as Cause, Effect, and Risk Category, among others.

As shown, we have four identified risks (threats) for this project with their respective details entered. The cause, effect, description, owner, RBS type, and status values have been entered for each of the risks.

Do not worry about the risk responses now. We will address them in the step for risk response planning as I explained in the earlier video. The risk score is calculated by taking the risk parameter values from the Risk Probability and Impact (PI) Matrix. For the sake of this example, I’ve used the following matrix.

The probability and impact scales notations in the Risk Register are these:

• Very Low (VL)
• Low (L)
• Medium (M)
• High (H)
• Very High (VH)

As you multiply the probability and impact values, you will get the Risk Score. For more depth, refer to this detailed article on Risk Matrix Reporting.

Risk Qualification

Our next step is to qualify these individual risks. We will determine the probability and impact values of these risks. You can have other risk assessment parameters, as well, such as Risk Manageability or Risk Proximity, among many others.

Considering the probability and impact values of these risks, as we qualify them, the Risk Register will be updated as shown below.

As you can see, the current Risk Register has seen a number of updates. Considering Risk ID – 001, some of the key updates are:

• Risk Score is now 21. (change from 72 to 21)
• Risk Owner is confirmed. (John R is the confirmed owner)
• Risk Status has been modified. (Status is “open” now; earlier “proposed”)

Similarly, we have also qualified other individual project risks: Risk 002, Risk 003, and Risk 004.

Risk Quantification

This step of risk quantification is optional, as we have seen in the RMP video. Though our project is a simple one, let’s do risk quantification for one individual risk (Risk 001: Poor understanding of design specification). After quantification of this risk, the pre-mitigated Quantified Risk Register will show as follows:

Note that Risk 001 has now been quantified from a schedule perspective by associating it with two tasks in the Project Plan, i.e. Task ID 000009 and Task ID 000010, from “Phase – 1” under the WBS element of “Design and Development Phase” at Level – 2 of the work breakdown structure (WBS).

I’ve used BetaPert probability distribution for the tasks mentioned and have entered the minimum, mostly likely, and maximum duration estimates. Similarly, you can also quantify with respect to cost estimates.

Post quantification, you can do a variety of analyzing such as:

• Monte Carlo Analysis,
• Criticality Analysis,
• Probabilistic Branching and Analysis, and
• Sensitivity Analysis, among many others.

Risk Response Planning and Response Integration

Next, we will do the risk response planning for the individual risks to bring down the probability and/or impact values of these risks. With this, we can keep the risk score within the risk threshold.

For this purpose, we again have to go to the Risk Register and modify the risk response strategies along with the associated risk response actions. The modified risk register is shown below.

 

Considering “Risk 004: Key resources unavailable,” the Risk Score has been reduced from 56 to 1, and similarly for certain other risks.

For Risk 004, the associated actions are noted under the highlighted “Mitigation” tab. There are two mitigation response actions:

• Risk Response Action – 1: Get the resources from other functional departments.
• Risk Response Action – 2: Prioritize project resources.

The assigned risk response owners and associated cost are noted. The associated cost also reflects on the top panel for Risk 004.

Risk Monitoring and Tracking

Our final step relates to risk monitoring and tracking. During risk monitoring, new risks may be identified, an existing risk status can change, an existing risk can become obsolete, or an existing risk may not occur.

Let’s say a new positive risk (opportunity) is identified, and we need to add this risk into the register. As we have seen earlier, risk management is both iterative and integrative in nature. 

As shown, we now have a new risk—“Risk 008: Reuse of previous design module.” As this risk is freshly detected, default values have been populated. The blue letter “O” represents an opportunity.

Subsequently, we have to determine the initial characteristics of this risk, followed by qualification and quantification (optional), and have the needed risk response strategies with associated risk response actions. Finally, we have to monitor this new adjusted risk with response and associated actions.

As we reach the end of this article, some of you may be thinking can this risk register be exported to MS Excel? After all, not all stakeholders will have MS Project 2019 and Primavera Risk Analysis software installed.

The answer is yes! You can export the Risk Register to MS Excel by going to Risk Register’s File à Export Risk Register As… menu. From there, while saving, choose “Microsoft Office Excel (.xls)” option to save.

With this process in mind, I believe you will have a sound understanding of end-to-end risk identification, analysis, response planning, and implementation, followed with risk monitoring and tracking.

 

--

This article was first published by MPUG.com on 18th May, 2021.

References:

[1] Online Course: Practical RMP with Primavera Risk Analysis, by Satya Narayan Dash

[2] Online Course: RMP Live Lessons, Guaranteed Pass, by Satya Narayan Dash

[3] Online Course: MS Project Live Lessons, by Satya Narayan Dash

Enterprise Risk Management (ERM) and Risk Governance

Let’s consider the following scenario based true events which occurred within an organization I worked closely with recently. This company had a long-running project with a number of uncertainties. Risks were identified, then qualified, and risk responses planned. For implementation of these risk responses, a number of actions were needed. Some were taken, but most ignored or overlooked because of other projects and lack of understanding of risk management at an organizational level.

I came to know that there were no consistencies within risk governance parameters, such as risk appetite, or risk threshold, for example. In fact, there was no structured and uniform way to define the probability and impact scales, no standard form of risk reporting, and little to no accountability for addressing risks. Hence, when risks were reported, team members didn’t understand, or if they did, they wouldn’t know how or whether to act.

What happened?

As you may have correctly guessed, this project was in trouble. And, despite, it continued to run for a long time! It was a classic watermelon project, where everything looks green from the outside, but is all red when you open it.

In this article, we will explore how to manage such massive gap at an organizational level considering Enterprise Risk Management and Risk Governance. If you are preparing for the Risk Management Profession (RMP) examination, you need to be aware of both these concepts. In fact, in a recent RMP Success Story, a senior program management professional emphasized it.

What is Enterprise Risk Management?

Projects can exist independently, but usually they exist within a program or a portfolio, which in turn are held within an enterprise or organization. In most cases, such is the case for a program or portfolio. Hence when we talk of risk management, we also need to know how risk management happens in the context of enterprise: It has been found that organizations require risk management practitioners to use the risk management practices in project, program, and portfolio management, which are an integral part of the ERM framework.

In other words, ERM addresses risks at an enterprise or organizational level. ERM also addresses all the risks associated with an enterprise’s portfolios, which internally contains all programs and projects. A “Risk Governance Framework” for an organization is set at the enterprise level. There is a governance board which oversees the ERM and its framework.

On the other hand, portfolio risk management derives its policies, processes, methods etc. from the ERM framework, and program risk management, as well as project risk management, adopt their risk management practices from the portfolio risk management umbrella.

Why Go for Enterprise Risk Management?

Enterprise risks are also known as the business risks, and organization leaders must manage these to stay relevant and stay in the business. Typically, an organization runs many individual departments such as Development and Delivery (or Production and Distribution), Finance, Human Resources, Sales and Marketing, Legal and Compliance, among others.

All these functional departments may have their own risk management as shown in the below figure.

If the risks arising within these departments are managed individually, without a holistic or overall view of the risks from the organization’s perspective, the result is siloed risk management.

PPP Approach to ERM

Alternatively, organizations can take a common approach to risk management across the organization or enterprise, considering all the departments. In a projectized organization, ERM will consider all layers of management – project, program, and portfolio (PPP).

Portfolios of programs, projects, and operations are created to achieve strategic goals and objectives. In other words, portfolios are created to achieve an organization’s strategic goals and objectives. A portfolio internally contains programs and projects.

Considering PPP based management approach, the following should be noted about ERM:

• Enterprise risk functions and management are performed by the Executive Management.
• The ERM process is also determined by the Executive Management.
• Best suited to handle ERM, the Executive Management is accountable for strategic goals and objectives.

Based on this understanding, we follow the below figure:

As shown, ERM supports an organization’s vision, mission, goals, and strategies. In fact, this support is the main objective of the ERM.

ERM Considerations for PPP Based Risk Management

ERM ensures that all organizational risks are properly identified, addressed, managed, and monitored. However, for the best application of ERM, a common approach to risk management is needed. This is because ERM should be considering all of the organization’s risks as an interrelated collection.

A common approach to risk management enables two things:

• Normalization: The risk prioritization schemes, risk probability, and impact scales for the risks are standardized across the board.
• Aggregation: Aggregation results in a combination of a number of risks coming from the portfolios of programs and projects.

With normalization and aggregation, one can state the risk at any level in the organization, making it understandable to everyone. There can be bi-directional movement and management of risks, or a cascading of risks from a higher level to PPP level or escalation from the lower level to the enterprise level.

Hence, modifying our previous figure with respect to layers of risk management, we can consolidate and present as the below figure.

This bidirectional movement of risks, results in integration, as well as alignment of ERM and PPP risk management.

Governance and Its Elements

Governance, as the name indicates, is the way to govern an “entity.” The purpose of governance is to ensure that the “entity” is managed in a proper way.

Governance can exist at the level of enterprise/organization, portfolios, programs, or projects. In such cases, they will be known as respective governance or governance framework. The governance framework is part of governance.

The major elements of an entity’s governance are these:

• The Governing Body is a temporary or permanent group of members with responsibility and authority. This body provides the needed guidance and decision-making for portfolios, programs, and projects. An example is an executive board.
• The Governance Framework contains governing domains with functions, processes, and activities for projects, programs, and portfolios. Examples of domains are governance communications, governance performance, among others.
• The Governance Domain refers to a group of functions carried out by an individual, group, or organization to address a specific area of concern.
  For example, the governance communications domain is about dissemination of information.
• Governance Functions are a group of related processes executed/performed to support the governance of portfolios, programs, and projects.

The elements and interactions among the elements of governance are shown in the below figure.

Types of Governance

There can be various types of governance such as organizational governance, portfolio governance, program governance, etc. at the respective levels.

Organizational governance is a structured way to provide governance at the organizational level. The focus is to meet organizational strategic and operational goals.

Portfolio, program, or project governance refers to the framework, functions, and processes that guide portfolio, program, or project management activities, respectively.

Governance Vs. Management

At this point, you may be wondering:

• What are the differences between governance and management?
• Does not the portfolio, program, and project management exist to guide the respective management activities? If so, why is governance needed?

Yes, portfolio, program, and project management will still exist, but when it comes to governance there are some key distinctions, which can be summarized by this line.

Governance informs the “what” aspects. Management, the “how” aspect. The “what” aspects are about decisions, guidance, and ensuring PPP management. The “how” aspects are about organizing and doing the work.

Beyond the above key difference, I’ve noted some more differences between governance and management in the below table.

Risk Governance

With this background in mind, let’s now consider risk governance and the risk governance framework.

Risk management in the enterprise context is primarily about enterprise risk management (ERM), and it involves an integrated view of portfolio, program, and project management.

In this organizational context of risk management, these are the key points related to risk governance:

• Risk governance is created, and the risk governance framework is also elaborated. Remember that the governance framework is an element of governance.
• Within this framework, risks are identified at each level, i.e., the enterprise/organizational level or PPP.
• Identified risks are analyzed—both qualitatively and quantitatively. Then, the best suitable governance layer is decided. It can be the portfolio governance layer, program governance layer, or project’s governance.
• It’s possible that at each level of PPP governance, one can have a risk governance model, which is part of the corresponding P’s governance. For example, within the project governance, one can have project risk governance.
• The respective governance layer decides on the escalated risks and what to do with them. Enterprise risks can be cascaded down to the respective suitable layer, if they can be managed at that level. As we have seen earlier, there can be bi-directional movement of risks in an organization.
• Risk governance, at the chosen layer, guides in identification and assignment of risk owners. Next, it’s responsibility of risk owner to delegate risk actions to respective risk action owners.
• Risk governance, at the chosen layer, guides on risk response strategies and risk response actions, which are associated with the response strategies.
• Risk governance, at the chosen layer, also decides on the continuance or termination of a portfolio, program, or project.

Video – Risk Governance Vs. Risk Management  

Now, let’s look at the differences between Risk Governance and Risk Management.

For this purpose, I’ve put together a video [duration – 8m:36s], with additional explanations. For a better audio-visual experience, you may want to go full-screen with HD mode and plug-in your earphones. It’s one of many, from my RMP Live Lessons.

Conclusion

Let’s revisit the scenario explained at the beginning of this article, where a project had been running without any proper risk management. If you’ve watched the aforementioned video, you should be able to answer the following questions:

• How did the ‘watermelon’ project exist?
• Why was it running for a such a long time with little or no risk management?
• How come no one was held accountable for it?

More importantly, I hope you have realized the importance of both Enterprise Risk Management and Risk Governance. I welcome your feedback below in the comments section.

--

This article was first published by MPUG.com on 27th April, 2021.

References:

[1] Online Course: RMP Live Lessons – Guaranteed Pass, by Satya Narayan Dash

[2] Online Course: RMP 30 Contact Hours, by Satya Narayan Dash

[3] Book: I Want To Be A RMP, The Plain and Simple Way To Be A PMI-RMP, Second Edition, by Satya Narayan Dash

[4] The Standard for Risk Management in Portfolios, Programs and Projects, First Edition, by Project Management Institute (PMI)