1. What is the primary objective of risk management in software project management?
a) Increase project cost
b) Eliminate all risks
c) Minimize the impact of risks on the project
d) Speed up the project
Answer: c) Minimize the impact of risks on the project
2. Which of the following is the first step in risk management?
a) Risk identification
b) Risk assessment
c) Risk planning
d) Risk monitoring
Answer: a) Risk identification
3. What is risk avoidance?
a) Accepting risks
b) Changing the project plan to eliminate risks
c) Ignoring the risks
d) Transferring risks to another party
Answer: b) Changing the project plan to eliminate risks
4. What type of risk involves changes in technology during the project lifecycle?
a) Business risk
b) Technical risk
c) Organizational risk
d) Environmental risk
Answer: b) Technical risk
5. Which of the following is an example of a risk mitigation strategy?
a) Accepting the risk
b) Reducing the probability of the risk occurring
c) Ignoring the risk
d) Delaying the project
Answer: b) Reducing the probability of the risk occurring
6. In risk management, what does the term “residual risk” mean?
a) Risks that are ignored
b) Risks that remain after mitigation
c) Risks that occur after project completion
d) Risks that cannot be mitigated
Answer: b) Risks that remain after mitigation
7. What is a contingency plan?
a) A plan that eliminates risks
b) A plan developed in case a risk occurs
c) A plan to transfer risks
d) A plan to avoid risk monitoring
Answer: b) A plan developed in case a risk occurs
8. What is the purpose of a risk assessment matrix?
a) To rank risks based on their impact and probability
b) To eliminate risks
c) To document project requirements
d) To calculate project cost
Answer: a) To rank risks based on their impact and probability
9. Which of the following is NOT a risk response strategy?
a) Risk mitigation
b) Risk transfer
c) Risk acceptance
d) Risk escalation
Answer: d) Risk escalation
10. What is a common technique used for identifying risks in a software project?
a) Risk analysis
b) Brainstorming
c) Risk control
d) Risk matrix
Answer: b) Brainstorming
11. What does “risk transfer” mean in project management?
a) Shifting risk to another party
b) Ignoring the risk
c) Accepting the risk
d) Reducing the risk
Answer: a) Shifting risk to another party
12. Which of the following is a key output of risk management planning?
a) Project charter
b) Risk register
c) Work breakdown structure
d) Project scope statement
Answer: b) Risk register
13. Which of the following risks is categorized as a business risk?
a) Change in customer requirements
b) Network failure
c) Software defects
d) Poor software performance
Answer: a) Change in customer requirements
14. Which of the following is a qualitative risk analysis technique?
a) Monte Carlo simulation
b) Sensitivity analysis
c) Risk probability and impact assessment
d) Decision tree analysis
Answer: c) Risk probability and impact assessment
15. What does the term “risk appetite” refer to?
a) The tolerance level of risk an organization is willing to take
b) The impact of a risk on a project
c) The probability of risk occurrence
d) The plan to mitigate risks
Answer: a) The tolerance level of risk an organization is willing to take
16. Which of the following is a technique used for quantitative risk analysis?
a) SWOT analysis
b) Probability-impact matrix
c) Monte Carlo simulation
d) Fishbone diagram
Answer: c) Monte Carlo simulation
17. What is the primary focus of risk monitoring and control?
a) Creating risk
b) Eliminating risks
c) Tracking identified risks and evaluating risk responses
d) Avoiding risk discussions
Answer: c) Tracking identified risks and evaluating risk responses
18. Which of the following is NOT a tool for risk identification?
a) Risk breakdown structure (RBS)
b) Gantt chart
c) SWOT analysis
d) Brainstorming
Answer: b) Gantt chart
19. When should risks be identified in a software project?
a) During project planning only
b) Throughout the project lifecycle
c) After project completion
d) Only during risk reviews
Answer: b) Throughout the project lifecycle
20. Which of the following describes a risk that has already occurred?
a) Risk event
b) Risk trigger
c) Risk mitigation
d) Contingency plan
Answer: a) Risk event
21. Which type of risk is caused by inadequate documentation in a project?
a) Business risk
b) Technical risk
c) Documentation risk
d) Resource risk
Answer: b) Technical risk
22. Which document typically contains detailed information about project risks?
a) Risk Register
b) Risk Response Plan
c) Project Charter
d) Work Breakdown Structure
Answer: a) Risk Register
23. Which of the following actions reduces the likelihood of a risk event occurring?
a) Risk acceptance
b) Risk monitoring
c) Risk mitigation
d) Risk contingency planning
Answer: c) Risk mitigation
24. Which of the following is a risk that affects the entire project rather than a specific aspect of it?
a) Business risk
b) Systematic risk
c) Technical risk
d) Localized risk
Answer: b) Systematic risk
25. What is the final step in the risk management process?
a) Risk identification
b) Risk monitoring
c) Risk planning
d) Risk assessment
Answer: b) Risk monitoring
26. What does a risk trigger represent?
a) The probability of a risk
b) The cause of a risk event
c) A condition that indicates a risk is about to occur
d) A risk that has no impact
Answer: c) A condition that indicates a risk is about to occur
27. What is the purpose of risk tolerance in a project?
a) To accept all risks
b) To define the acceptable level of risk
c) To avoid risk management
d) To ignore minor risks
Answer: b) To define the acceptable level of risk
28. What is the difference between risk mitigation and risk avoidance?
a) Risk avoidance eliminates risk; risk mitigation reduces its impact or probability
b) Risk mitigation ignores the risk; risk avoidance accepts it
c) Risk avoidance increases the risk; risk mitigation eliminates it
d) Risk mitigation transfers risk; risk avoidance escalates it
Answer: a) Risk avoidance eliminates risk; risk mitigation reduces its impact or probability
29. Which of the following is an external risk to a software project?
a) Change in organizational policy
b) Incorrect code implementation
c) Scope creep
d) Supplier delays
Answer: d) Supplier delays
30. What is a risk owner in project management?
a) The project sponsor
b) The person responsible for managing the risk
c) The entire project team
d) The project manager
Answer: b) The person responsible for managing the risk
31. What is the primary advantage of conducting risk assessments early in the project?
a) To increase project complexity
b) To delay the project start
c) To allow time for developing mitigation strategies
d) To avoid team discussions
Answer: c) To allow time for developing mitigation strategies
32. What is a risk probability and impact matrix used for?
a) To assign responsibility for risks
b) To rank risks based on their likelihood and effect
c) To eliminate risks
d) To avoid discussing risks
Answer: b) To rank risks based on their likelihood and effect
33. What does “risk escalation” refer to in risk management?
a) Reducing the risk impact
b) Transferring the risk to higher management
c) Ignoring the risk
d) Preventing risk occurrence
Answer: b) Transferring the risk to higher management
34. Which of the following is NOT considered a risk response strategy?
a) Risk mitigation
b) Risk acceptance
c) Risk avoidance
d) Risk creation
Answer: d) Risk creation
35. When is risk transfer most appropriate?
a) When the project team has full control over the risk
b) When another party is better able to handle the risk
c) When no risks are identified
d) When all risks have been mitigated
Answer: b) When another party is better able to handle the risk
36. Which of the following techniques helps quantify the impact of risks?
a) Brainstorming
b) Decision tree analysis
c) Monte Carlo simulation
d) SWOT analysis
Answer: c) Monte Carlo simulation
37. What is the goal of risk planning in a project?
a) To eliminate all risks
b) To develop strategies to address identified risks
c) To increase project cost
d) To ignore minor risks
Answer: b) To develop strategies to address identified risks
38. What type of risk is associated with the potential loss of key personnel in a project?
a) Technical risk
b) Organizational risk
c) Resource risk
d) Environmental risk
Answer: c) Resource risk
39. Which of the following actions involves accepting a risk and not taking any further steps to address it?
a) Risk acceptance
b) Risk avoidance
c) Risk transfer
d) Risk mitigation
Answer: a) Risk acceptance
40. What is the purpose of conducting risk reviews during the project lifecycle?
a) To assess the progress of the project
b) To identify new risks and assess current ones
c) To eliminate all risks
d) To assign blame for risks
Answer: b) To identify new risks and assess current ones