Assessment Cover Sheet

Unit Code and

BSBPMG517 Manage project risk
Name:
Student
Student name: Sahar Khalid 72517
Number:
Assessor Name: Date:
The following questions are to be completed by the assessor:
Is the Student ready for assessment? Yes No
Has the assessment process been explained? Yes No
Does the Student understand which evidence is to be collected
Yes No
and how?
Have the Student’s rights and the appeal system been fully
Yes No
explained?
Have you discussed any special needs to be considered during
Yes No
assessment?
The following documents must be completed and attached:

 1. Project and Project Checklist

The student will complete the Project provided to them by the
assessor. The Project Checklist will be completed by the
Supervisor.
 2. Short Answer Questions and Short Answer Questions
Checklist
The student will answer a range of Short Answer Questions. S NYS
The Short Answer Questions Checklist will be completed by the
assessor.
Student Declaration

I agree to undertake assessment in the knowledge that information gathered will only be used
for professional development purposes and can only be accessed by the RTO

I declare that:
 The material I have submitted is my own work.
 I have kept a copy of all relevant notes and reference material that I used in the production
of my work.
 I have given references for all sources of information that are not my own, including the
words, ideas, and images of others.
Student 29 March
Sahar Khalid Date:
Signature: 2021

Result and Feedback

Feedback to Student:
 Overall Outcome Competent Not yet Competent
Assessor
Date:
Signature:

BSBPMG517 – Sahar Khalid – 29 March 2021 2

 PROJECT - TASK 1

RISK MANAGEMENT PLAN FOR

ABC HOLDINGS PTY LTD

TABLE OF CONTENTS
INTRODUCTION...............................................................................................................................3
TOP THREE RISKS..........................................................................................................................4
RISK MANAGEMENT APPROACH...................................................................................................4
RISK IDENTIFICATION....................................................................................................................5
RISK QUALIFICATION AND PRIORITIZATION................................................................................6
RISK MONITORING.........................................................................................................................6
RISK MITIGATION AND AVOIDANCE.............................................................................................7

BSBPMG517 – Sahar Khalid – 29 March 2021 3

INTRODUCTION
The Template has been populated with a sample risk management plan. The Student should
delete the green text and replace the black text with their own risk management plan in each
section.

This section explains why risks exist and highlights the purpose and importance of the risk
management plan. It provides a general description of why risk management is essential to
effectively managing a project and describes what is needed before risk management can
begin.

As organizations begin new projects, they begin operating in an area of uncertainty that
comes along with developing new and unique products or services. By doing so, these
organizations take chances which results in risk playing a significant part in any project. The
purpose of the risk management plan is to establish the framework in which the project team
will identify risks and develop strategies to mitigate or avoid those risks. However, before
risks can be identified and managed, there are preliminary project elements which must be
completed. These elements are outlined in the risk management approach.

This project is considered a medium risk project as it has an overall risk score of 24 on a
scale from 0 to 100. The project risk score is the average of the risk scores of the most
significant risks to this project. A risk score below 16 is low risk project, a score between 16
and 45 is a medium risk project and a score above 45 is a high-risk project.

Before risk management begins it is imperative that a foundation is established for providing
structured project information, thus, the following project elements were completed and
defined prior to developing this Risk Management Plan:

 Define work scope, schedule, resources, and cost elements

o Develop project WBS/WBS dictionary
o Develop master schedule and detailed schedules
o Estimate project cost and finalize budget
o Identify required and available resources
o Establish performance measurement metrics

 Define minimum and maximum baseline thresholds

o Schedule
o Resources
o Cost

 Baseline reporting requirements

o Format
o Frequency of distribution
o Distribution list

 Define Risk Management Roles and Responsibilities

o Project Manager chairs the risk assessment meetings

BSBPMG517 – Sahar Khalid – 29 March 2021 4

 o Project team participates in risk assessment meetings and members serve as
meeting recorder and timekeeper
o Key stakeholders participate in risk assessment meetings
o Project Sponsor may participate in risk assessment meetings

TOP THREE RISKS

It is important to explicitly state the top three risks to the project in the Risk Management
Plan. This will make management aware of the top risks for the project and the nature of the
risks.

The top three high probability and high impact risks to this project are:

Delay in Server Equipment

Due to a manufacturer’s production backlog, the servers are not available for large
scale application testing causing a delay in the project schedule. The project manager
will mitigate this risk by using servers from the backup data centre if needed.

Fibre Optics Connection Not Completed

Due to construction delays in installing the fibre optic cable between the data centre
and the headquarters facilities users will not have a high-speed connection between
their site and the datacentre resulting in slow responses from the application making it
unusable. The Project Manager will implement a site to site broadband Ethernet radio
network between the data centre and headquarters facility.

Network Operations Centre (NOC) Not Appropriately Staffed

Due to lead times associated with hiring and training additional staff, the NOC does
not have the necessary staff to monitor the additional bandwidth associated with the
project resulting in a delay to the project schedule. The project manager will mitigate
this risk by working with the NOC to create an alternate work schedule to compensate
for the staffing shortage until additional staff hiring and training is complete.

RISK MANAGEMENT APPROACH

This section provides a general description for the approach taken to identify and manage the
risks associated with the project. It should be a short paragraph or two summarizing the
approach to risk management on this project.

The approach we have taken to manage risks for this project included a methodical process
by which the project team identified, scored, and ranked the various risks. The most likely
and highest impact risks were added to the project schedule to ensure that the assigned risk
managers take the necessary steps to implement the mitigation response at the appropriate
time during the schedule. Risk managers will provide status updates on their assigned risks
in the bi-weekly project team meetings, but only when the meetings include their risk’s
planned timeframe. Upon the completion of the project, during the closing process, the
project manager will analyze each risk as well as the risk management process. Based on this
analysis, the project manager will identify any improvements that can be made to the risk

BSBPMG517 – Sahar Khalid – 29 March 2021 5

management process for future projects. These improvements will be captured as part of the
lessons learned knowledge base.

RISK IDENTIFICATION

This section explains the process by which the risks associated with this project were
identified. It should describe the method(s) for how the project team identified risks, the
format in which risks are recorded, and the forum in which this process was conducted.
Typical methods of identifying risks are expert interview, review historical information from
similar projects and conducting a risk assessment meeting with the project team and key
stakeholders.

For this project, risk identification was conducted in the initial project risk assessment
meeting. The method used by the project team to identify risks was the Crawford Slip
method. The project manager chaired the risk assessment meeting and distributed notepads
to each member of the team and allowed 10 minutes for all team members to record as many
risks as possible.

Expert Interview
Two Expert Interviews were held for this project. The interviews revealed several
risks which were then mitigated by making changes to the project plan. The
remaining risks are included in the Risk Register.

Risk Assessment Meeting

A risk assessment meeting was held with key team members and stakeholders. The
risks identified during this meeting were added to the project plan and Risk Register.

Historical Review of Similar Projects

The project team reviewed the history of similar projects in order to determine the
most common risks and the strategies used to mitigate those risks.

RISK QUALIFICATION AND PRIORITIZATION

Once risks are identified it is important to determine the probability and impact of each risk
in order to allow the project manager to prioritize the risk avoidance and mitigation strategy.
Risks which are more likely to occur and have a significant impact on the project will be the
highest priority risks while those which are more unlikely or have a low impact will be a
much lower priority. This is usually done with a probability – impact matrix. This section
explains risks were qualified and prioritized for this project. For more information on how to
qualify and prioritize risks refer to our Risk Assessment Meeting Guide.

In order to determine the severity of the risks identified by the team, a probability and impact
factor was assigned to each risk. This process allowed the project manager to prioritize risks
based upon the effect they may have on the project. The project manager utilized a
probability-impact matrix to facilitate the team in moving each risk to the appropriate place
on the chart.

BSBPMG517 – Sahar Khalid – 29 March 2021 6

Once the risks were assigned a probability and impact and placed in the appropriate position
on the chart, the recorder captured the finished product and the project manager moved the
process on to the next step: risk mitigation/avoidance planning.

RISK MONITORING

This section should discuss how the risks in the project will be actively monitored. One
effective way to monitor project risks is to add those risks with the highest scores to the
project schedule with an assigned risk manager. This allows the project manager to see when
these risks need to be monitored more closely and when to expect the risk manager to provide
status updates at the bi-weekly project team meetings. The key to risk monitoring is to
ensure that it is continuous throughout the life of the project and includes the identification of
trigger conditions for each risk and thorough documentation of the process.

The most likely and greatest impact risks have been added to the project plan to ensure that
they are monitored during the time the project is exposed to each risk. At the appropriate
time in the project schedule a Risk Manager is assigned to each risk. During the bi-weekly
project team meeting the Risk Manager for each risk will discuss the status of that risk;
however, only risks which fall in the current time period will be discussed. Risk monitoring
will be a continuous process throughout the life of this project. As risks approach on the
project schedule the project manager will ensure that the appropriate risk manager provides
the necessary status updates which include the risk status, identification of trigger conditions,
and the documentation of the results of the risk response.

RISK MITIGATION AND AVOIDANCE

Once risks have been qualified, the team must determine how to address those risks which
have the greatest potential probability and impact on the project. This section explains the
considerations which must be made and the options available to the project manager in
managing these risks.

The project manager has led the project team in developing responses to each identified risk.
As more risks are identified, they will be qualified and the team will develop avoidance and
mitigation strategies. These risks will also be added to the Risk Register and the project plan
to ensure they are monitored at the appropriate times and are responded to accordingly.

The risks for this project will be managed and controlled within the constraints of time,
scope, and cost. All identified risks will be evaluated in order to determine how they affect
this triple constraint. The project manager, with the assistance of the project team, will
determine the best way to respond to each risk to ensure compliance with these constraints.

In extreme cases it may be necessary to allow flexibility to one of the project’s constraints.
Only one of the constraints for this project allows for flexibility as a last resort. If necessary,
funding may be added to the project to allow for more resources in order to meet the time
(schedule) and scope constraints. Time and scope are firm constraints and allow for no

BSBPMG517 – Sahar Khalid – 29 March 2021 7

flexibility. Again, the cost constraint is flexible only in extreme cases where no other risk
avoidance or mitigation strategy will work.

RISK REGISTER

Every project must maintain a risk register in order to track risks and associated mitigation
strategies. This section describes the risk register criteria as well as where the risk register is
maintained and how these risks are tracked in the project schedule.

The Risk Register for this project is a log of all identified risks, their probability and impact
to the project, the category they belong to, mitigation strategy, and when the risk will occur.
The register was created through the initial project risk management meeting led by the
project manager. During this meeting, the project team identified and categorized each risk.
Additionally, the team assigned each risk a score based on the probability of it occurring and
the impact it could potentially have. The Risk Register also contains the mitigation strategy
for each risk as well as when the risk is likely to occur.

Based on the identified risks and timeframes in the risk register, each risk has been added to
the project plan. At the appropriate time in the plan—prior to when the risk is most likely to
occur—the project manager will assign a risk manager to ensure adherence to the agreed
upon mitigation strategy. Each risk manager will provide the status of their assigned risk at
the bi-weekly project team meeting for their risk’s planned timeframe.

The Risk Register will be maintained as an appendix to this Risk Management Plan.

BSBPMG517 – Sahar Khalid – 29 March 2021 8

 PROJECT CHECKLIST

Project Checklist

Unit Code and

BSBPMG517 Manage project risk
Name:
Student name:

Assessor name:

Has the student

satisfactorily completed
Did the Student provide evidence of their ability to: the tasks?
Yes No

Task 1. Risk Management Plan

Using the template provided create a risk management plan for a project that includes:

Review of a project, and input from stakeholders, to  

determine and document the risk objectives and standards

Establish, and document, the project risk context to inform  

the risk management processes

Using valid and reliable risk identification methods, identify  

and document the project risks

Classify the project risks within agreed risk categories.  

Document these classifications.
Task 2. Risk Management Presentation to Stakeholders

For this task you are to create a Risk Management Presentation that you could use to inform
your Stakeholders about how you will manage risks associated with your project. Presentation
includes:

Introduction and overview of the project  

Determine the risk analysis classification criteria and apply

this to the agreed risk ranking system. Document the risk  
analysis classification criteria applied.
Using the risk analysis processes, within your delegated
authority, analyse and qualify the risks, threats, and  
opportunities for the project. Document this analysis and
qualification process.

BSBPMG517 – Sahar Khalid – 29 March 2021 9

Working in agreement with project client and other  
stakeholders, determine and document the risk priorities

Accurately document the risk analysis outcomes for  

inclusion in the risk register and risk management plan

Identify and document the existing risk controls  

Using agreed consultative methods with the project client

and other stakeholders, consider and determine risk  
treatment options, recording the agreed risk treatments
Implement the agreed risk treatments. Document the
implementation, including any issues encountered and how  
they were overcome.
Review the project outcomes, identifying the risk
management issues that arose to determine effectiveness of
the risk-management processes and procedures, ensuring to  
identify improvements for application to future projects.
Documented this review process, including the
improvement recommendations.
Presenters notes for each slide that addresses the topic on
the slide and explains the topic and actions required from  
the Stakeholders to the audience

A minimum of 20 slides  

Task 3. Risk Management Stakeholder Communication

Plan
Plan includes the process and identification or risk
management that relates to the following tasks:
Updates to the risk plans, allocating risk responsibilities to
appropriate project team members. Providing a copy of the  
updated risk plans.
Establishing a regular risk review processes to maintain
currency of the risk plans. Documents the risk review  
processes.
Actions to regularly monitor the risk environment,
identifying changed circumstances impacting on the project
risks, determining the appropriate risk responses to the
changed environment, and implementing them, modifying
the plans to maintain currency of risk treatments and  
controls. Documents the plans for the monitoring of tasks,
and any changed circumstances identified, and provide all
modified plans outlining implemented treatments and
controls.

 

Feedback to Student:

BSBPMG517 – Sahar Khalid – 29 March 2021 10

Result  Satisfactory  Not Yet Satisfactory

Date
Assessor Signature:
:

BSBPMG517 – Sahar Khalid – 29 March 2021 11

 1. SHORT ANSWER QUESTIONS
Instructions

Answer the questions below by writing in the space provided. If you require more space, use a
blank sheet of paper. Alternatively, you may like to use Microsoft Word and print out your
answers to each question.

What you will need

 Research materials such as books, internet, magazines, workplace documentation etc.

 Access to legislative and regulatory documentation
 Your Learner Guide and other learning materials provided for this unit of competence

Word limit

Short Answer Approximately 4 typed lines = 50 words

Responses

1. Who should you include and obtain input from when determining risk objectives
and standards for project risk?

2. To inform the risk management process, you will first need to identify and establish
the project risk context. What might this include?

BSBPMG517 – Sahar Khalid – 29 March 2021 12

 3. List five examples of valid and reliable risk identification methods suitable to use to
search for risks associated with your project

4. Explain three examples of the risk categories in which you would classify project
risks

5. Why apply the agreed risk ranking system once the risk analysis classification
criteria have been determined?

BSBPMG517 – Sahar Khalid – 29 March 2021 13

 6. What tools could be used in the risk analysis process, within the delegated authority,
to analyse and qualify risks, threats, and opportunities?

7. What criteria might you consider when determining the priorities of risks in
agreement with the project client and other stakeholders?

BSBPMG517 – Sahar Khalid – 29 March 2021 14

 8. List three examples of the elements you might identify and include when
documenting the risk analysis outcomes for inclusion in risk register and risk
management plan

BSBPMG517 – Sahar Khalid – 29 March 2021 15

 9. List four examples of existing risk controls you might identify and document

10. Identify and briefly explain the different risk treatment methods suitable to
implement in the workplace

11. What information will need to be recorded and/or updated in risk plans?

BSBPMG517 – Sahar Khalid – 29 March 2021 16

 12. What are three examples of regular risk-review activities you might establish and
undertake to maintain the currency of a risk plan?

13. Explain the importance of regularly monitoring the risk environment

14. In a range of risk categories, identify at least eight examples of project risks

BSBPMG517 – Sahar Khalid – 29 March 2021 17

 15. What are the key components of a risk management plan?

16. Outline the risk classifications common to your industry sector, and relate these to
different risk contexts

17. Summarise the common organisational and the industry standard risk frameworks

BSBPMG517 – Sahar Khalid – 29 March 2021 18

 18. Briefly discuss the characteristics, techniques and appropriate applications of
quantitative and qualitative risk management techniques and approaches

19. Who should you include when determining risk responses to a changed
environment?

20. Why do you need to modify the plans in response to implemented agreed risk
responses?

BSBPMG517 – Sahar Khalid – 29 March 2021 19

 21. Discuss the importance of reviewing the project outcomes to determine
effectiveness of the risk-management processes and procedures

22. What are the key questions to ask when monitoring and reviewing risk so that you
can identify risk management issues and recommend future improvements?

BSBPMG517 – Sahar Khalid – 29 March 2021 20

 SHORT ANSWER QUESTIONS CHECKLIST

Short Answer Questions Checklist

Unit Code and

BSBPMG517 Manage project risk
Name:
Student name:
Assessor name:
Satisfactory
response
Yes No

Who should you include and obtain input from when determining  
1
risk objectives and standards for project risk?

To inform the risk management process, you will first need to

2 identify and establish the project risk context. What might this  
include?

List five examples of valid and reliable risk identification methods  

3
suitable to use to search for risks associated with your project

Explain three examples of the risk categories in which you would  

4
classify project risks

Why apply the agreed risk ranking system once the risk analysis  
5
classification criteria have been determined?

What tools could be used in the risk analysis process, within the
6 delegated authority, to analyse and qualify risks, threats, and  
opportunities?

What criteria might you consider when determining the priorities

7 of risks in agreement with the project client and other  
stakeholders?

BSBPMG517 – Sahar Khalid – 29 March 2021 21

 List three examples of the elements you might identify and include
8 when documenting the risk analysis outcomes for inclusion in risk  
register and risk management plan

List four examples of existing risk controls you might identify and  
9
document

Identify and briefly explain the different risk treatment methods  

10
suitable to implement in the workplace

What information will need to be recorded and/or updated in risk  

11
plans?

What are three examples of regular risk-review activities you

12 might establish and undertake to maintain the currency of a risk  
plan?

Explain the importance of regularly monitoring the risk  

13
environment

Who should you include when determining risk responses to a  

14
changed environment?

Why do you need to modify the plans in response to implemented  

15
agreed risk responses?

Discuss the importance of reviewing the project outcomes to

16 determine effectiveness of the risk-management processes and  
procedures

What are the key questions to ask when monitoring and reviewing
17 risk so that you can identify risk management issues and  
recommend future improvements?

Briefly discuss the characteristics, techniques and appropriate

18 applications of quantitative and qualitative risk management
techniques and approaches

BSBPMG517 – Sahar Khalid – 29 March 2021 22

 Who should you include when determining risk responses to a
19
changed environment?

Why do you need to modify the plans in response to implemented

20
agreed risk responses?

Discuss the importance of reviewing the project outcomes to

21 determine effectiveness of the risk-management processes and
procedures

What are the key questions to ask when monitoring and reviewing
22 risk so that you can identify risk management issues and
recommend future improvements?

Feedback to Student:

BSBPMG517 – Sahar Khalid – 29 March 2021 23

Result  Satisfactory  Not Yet Satisfactory

Assessor Signature: Date

:

BSBPMG517 – Sahar Khalid – 29 March 2021 24