International Institute of Management and Technology
Risk Management
Part A: Attempt all the following 10*2=20 Marks
1. Proactive risk management is sometimes described as fire fighting.
A) True
B) False
2. Software risk always involves two characteristics
A) fire fighting and crisis management
B) known and unknown risks
C) uncertainty and loss
D) staffing and budget
3. Three major categories of risks are
A) business risks, personnel risks, budget risks
B) project risks, technical risks, business risks
C) planning risks, technical risks, personnel risks
D) management risks, technical risks, design risks
4. Generic risks require far more attention than product-specific risks.
A) True
B) False
5. A risk item checklist would contain known and predictable risks from which of these categories?
A) product size
B) development environment
C) staff size
D) process definition
E) all of the above
6. Questions that should be asked to assess the overall project risk include:
A) Have top managers formally committed to support the project?
B) Are end-users committed to the project and proposed system being built?
C) Are requirements fully understood by development team and customers?
D) Does the proposed budget have time allocated for marketing?
E) a, b and c
7. Software risk impact assessment should focus on consequences affecting
A) planning, resources, cost, schedule
B) marketability, cost, personnel
C) business, technology, process
D) performance, support, cost, schedule
8. Risk projection attempts to rate each risk in two ways
A) likelihood and size
B) likelihood and probability
C) likelihood and impact
D) likelihood and mitigation
9. Risk tables are sorted by
A) probability and cost
B) probability and impact
C) probability and size
D) probability and exposure
10. Individual team members can make their own estimate for a risk probability and then develop a
consensus value.
A) True
B) False
Part B: Attempt five of the following 5*10=50 Marks
1. Which type of threats can be lead to emergency, disaster, catastrophe ?
2. Discuss categories of risk.
3. Discus duties and responsibilities of risk manager.
4. Discuss the contribution of risk management to a business.
5. Write down the basis of prioritizing risk.
6. Describe the types of cost of risk.
Part C: 30 marks
State why risk identification is necessary? Discuss one of multiple types of risk identification techniques
with brief explanation of each. How the above steps assist is hazard and risk evaluation process chain
carry out decision of prioritizing of risk in a risk management process.