Security Assessment and Authorization Certification: Risk Rating Approach | Exam Answer

Is Sammy or Harry Correct? | CAP Exam Question Answered

Question

Sammy is the project manager for her organization.

She would like to rate each risk based on its probability and affect on time, cost, and scope.

Harry, a project team member, has never done this before and thinks Sammy is wrong to attempt this approach.

Harry says that an accumulative risk score should be created, not three separate risk scores.

Who is correct in this scenario?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The correct answer is A. Sammy is correct because organizations can create risk scores for each objective of the project.

Risk assessment is a critical process that involves identifying, analyzing, and evaluating risks to an organization's assets, operations, and objectives. It is an essential part of any project management plan and helps project managers make informed decisions about risk mitigation and response.

There are different approaches to risk assessment, but one common method is to use a risk probability and impact matrix. This matrix allows project managers to rate risks based on their likelihood of occurrence and the potential impact on the project's objectives, such as time, cost, and scope.

However, some project team members may argue that an accumulative risk score should be created, not three separate risk scores. This approach involves combining the probability and impact of each risk factor to arrive at a single risk score for the project.

While an accumulative risk score can be useful, it may not provide the same level of detail as individual risk scores for each project objective. Project managers need to understand how each risk factor can impact different aspects of the project, such as time, cost, and scope, to develop effective risk mitigation strategies.

Therefore, Sammy is correct in attempting to rate each risk based on its probability and affect on time, cost, and scope. By doing so, she can develop a more comprehensive risk management plan that addresses specific risks to each objective of the project.