2. A project team performs monthly risk audits for a project, where a large number of identified risks
have been realized. So far, the risk responses have been appropriate, and the reserves sufficient.
An executive for the requesting organization criticizes the project manager improper risk audits,
stating that only independent, external resources should perform risk audits.
How should the project manager respond?
Question
3. A. Explain that risk audits can be performed either internally or externally as long as they follow
the project management plan
B. Agree with the executive and submit a change request to update the project management
plan to have the audits conducted externally
C. Follow the guidance provided by the executive and hire a team of external auditors to conduct
the risk audits going forward
D. Explain that if the current risk audits are not sufficient, then a comprehensive project audit
should be carried out
HINT: Risk audits consider the effectiveness of the risk management process.
Question
4. Answer and Explanation:
The correct answer is A.
Risk audits are among the tools and techniques of the Monitor Risks process. Risk audits are used to
consider the effectiveness of the risk management process. The project manager is responsible for
ensuring that risk audits are performed at an appropriate frequency as defined in the project's risk
management plan.
Risk audits are typically performed by the project team and may be included during routine project review
meetings or may form part of a risk review meeting, or the team may choose to hold separate risk audit
meetings.
In this scenario, since conducting risk audits internally is not contrary to project management best
practices, and the current risk audit process has proven to be effective, there is no reason to agree with the
executive.
Answer
5. Therefore, among the available options, the best course of action is to explain to the executive that risk
audits can be performed either internally or externally as long as they follow the project management
plan.
Note that any stakeholder can request a change to the project. It is not clear from the question if the
executive's comment constitutes a change request. If, after explaining the rationale for continuing with
the current internal risk audits, the executive still wants external auditors performing the risk audits, the
project manager should follow the change control process established for the project.
However, in this situation, the change request would likely be rejected since there is no reason to believe
that the project would benefit from hiring external auditors to perform the risk audits.
Answer
6. All our questions are updated to the latest
A Guide to the Project Management Body of Knowledge
(PMBOK® Guide) standard.
Stop by at free.pm-exam-simulator.com/ and try the
PM Exam Simulator free for 7 days.
We are a trusted and experienced education provider.