Optimize Risk Responses

PMBOK note: This was a standalone principle in PMBOK 7 — “Optimize Risk Responses.” In PMBOK 8 it was consolidated into Adopt a Holistic View (risk as a cross-domain concern). The concept is fully tested; the label changed.

Definition

Optimizing risk responses means selecting responses that are proportionate to the significance of the risk, cost-effective, realistic, agreed upon by stakeholders, and owned by an appropriate person. Risk response planning covers both threats (avoid, transfer, mitigate, accept) and opportunities (exploit, share, enhance, accept). Over-responding wastes resources; under-responding leaves the project exposed.

Related concepts

• Risk Domain
• Adopt a Holistic View
• Risk Register
• Business Environment Domain

Exam angle

• Residual and secondary risks must be planned for — a response that creates a new risk isn’t complete
• Opportunity responses are equally tested: exploit, share, enhance, accept — not just threat responses
• “Accept” is a valid response when cost of response exceeds the risk’s expected monetary value
• Risk response must be proportionate — gold-plating the risk response is as wrong as ignoring the risk

My notes