Qualitative Risk Analysis Inputs and Outputs You Should Know for the PMP Certification Exam
You will need to know how to perform a qualitative risk analysis for the PMP Certification Exam. If you did a thorough job identifying and documenting risks, you will have quite an intimidating list of things that could go wrong. Many people think, “Why bother? I don’t have time to address all these. If I did, I wouldn’t have time to manage the project.”
And that’s precisely why you should take the next step of conducting a qualitative analysis, which is just fancy terminology for determining the probability and impact of each event and then ranking the risks based on that determination. At that point, about 80 percent of your risks will remain on a watch list. You should take a proactive approach toward the remaining 20 percent.
Perform Qualitative Risk Analysis. Prioritizing risks for further analysis or action by assessing and combining their probability of occurrence and impact.
Perform Qualitative Risk Analysis: Inputs
The main ingredients you need to begin the process are the risk register, scope baseline, risk management plan, and any historical information you can get your hands on. The risk management plan has good information to assist you in this process:
Roles and responsibilities for the analysis process
Risk categories you use to group similar risks
Definitions of probability and impact, which can be inclusive of all objectives or a definition of impact for each objective
A probability and impact (PxI) matrix template
Documentation of the risk tolerance level — overall or for each objective — that can include a prioritization of the objectives and project constraints
Perform Qualitative Risk Analysis: Outputs
Based on your analysis, you update the risk register with the probability, impact, score, and comments. Based on the scores and your urgency assessment, prioritize your risks. Some risks will require further analysis, and those go into the quantitative risk analysis process. Some risks don’t need further analysis, and you can work with your team to develop responses.
However, most risks go on a “watch list,” and you check the probability, impact, and urgency on watch list risks throughout the project. If any of those factors change, you might need to escalate the risk and develop a risk response.
Or, if the event passes without occurring, the probability drops to 0, and the risk is closed. The watch list isn’t a separate list; it just means you are not taking the time to develop a risk response, other than to “watch” the risk.