Management has asked you to perform a risk audit and report back on the results. Bonny, a project
team member asks you what a risk audit is. What do you tell Bonny?
A.
A risk audit is a review of all the risks that have yet to occur and what their probability of
happening are.
B.
A risk audit is a review of the effectiveness of the risk responses in dealing with identified risks
and their root causes, as well as the effectiveness of the risk management process.
C.
A risk audit is a review of all the risk probability and impact for the risks, which are still present
in the project but which have not yet occurred.
D.
A risk audit is an audit of all the risks that have occurred in the project and what their true
impact on cost and time has been.
Explanation:
Risk audit is a method to test the overall risk management process and the planned risk responses. A
risk audit is a review of the effectiveness of the risk responses in dealing with identified risks and
their root causes, as well as the effectiveness of the risk management process.
Answer option D is incorrect. This defines quantitative analysis of the risk events have occurred.
Answer options A and C are incorrect. These define risk analysis, part of project risk management
planning.
PMP Chapter 11. A Guide to the Project Management Body of Knowledge, (PMBOK
Guide), Fourth Edition, ISBN.9781933890517, Section 11.6.2.2.