Hello readers and welcome back to our project management career series. This series is designed to help you prepare for a change of job or an interview either as a project manager or a project team member.

In our project management career series, we have explored the following areas:

  • Project management career series – Introduction
  • Project management career series – Scope management
  • Project management career series – Time management
  • Project management career series – Quality management
  • Project management career series – Cost management
  • Project management Career series – Human resource management

As usual, we will explore probable project management questions that could arise from the risk management knowledge area during an interview for the position of a project manager. As usual, we will also provide a practical way to answer these questions.

Risk is often associated with a negative effect, but contrary to what most people think, project risk is an uncertain event or condition that, if it occurs can have a positive or negative effect on one or more project objectives such as scope, schedule, cost, and quality. Since risk has its foundation in uncertainties (positive or negative) it is important for us as project management to always plan, manage and reduce the impact of negative risk on our organization while taking advantage of the positive risk.

Risk management is the continuous process of identifying, analyzing, evaluating, responding and controlling the risks on a project. Unlike many people naturally assume, risk occurs across all phases of a project and not just the implementation phase. Some common types of risk include strategic risk, financial risk, time risk, stakeholders’ risk, market acceptance risk, etc.

The following are probable project risk management related questions you can expect during a project management interview.

Q: As the project manager, you are to subcontract a part of a project you are working on to a third party. Your organization has never carried out this kind of project and you have no previous knowledge about the technicalities involved. What is the best contract type to reduce or eliminate risk to your organization?

Answer – There are two main types of contracts in project management, which are the fixed price contract and the cost reimbursable contracts.

  • The fixed price contract is a legal agreement between the buyer (project organization) and the seller (contractor) to provide goods or services at a fixed price to the organization.
  • In a cost reimbursable contract, the buyer pays the seller the cost incurred while performing the service or providing the goods.

There are lots of variations to both forms of the contract. What we need to know is that the fixed price contract transfers project cost risk to the seller while the cost reimbursable contract transfers the project cost risk to the buyer. Since we are looking at eliminating the risk on the organization, then a fixed price contract is our best option.

Q: At what phase of a project is the risk and uncertainties the highest?

Answer – Project risk and uncertainties are greatest at the beginning of a project. As the projects develop and the deliverables and milestones are met, the risk decreases. We should also note that the ability to influence the outcome of a project without significantly affecting the cost is greater at the beginning of a project than as the project advances. This is why risk management starts at the beginning of a project so that risk can be identified at an early stage and preventive measures and responses are put in place.

Source: PMBOK Guide Fifth Edition

Q: The SWOT analysis is a common risk management tool; however, we have recently identified that just listing the strengths, weaknesses, opportunities and threats have not helped us much in preventing risk. What more can you do to make our SWOT analysis more effective?

Answer – This is a tricky question and is a combination of general, strategic and project management. The SWOT analysis in itself isn’t a bad risk analysis tool but can be when poorly implemented. SWOT analysis goes beyond just the listing of the SWOT. It analyzes the impact of the SWOT. This simply means now that you know the SWOT, what do you do with it? How do you eliminate the weaknesses and threats and how do you take advantage of the strengths and opportunities?

SWOT analysis can also be more effective when used with other analysis. For example, while a SWOT analysis can identify marketing as strengths and competitors as weaknesses, it doesn’t analyze them. It is therefore your responsibility as a project manager to make sure a marketing analysis and competitors’ analysis is carried out based on the output of the SWOT in order to have a more effective strategy.

Q: When faced with negative risk, what are the available strategies that you can employ as a project manager?

Answer – There are four ways of responding to negative risk:

  • Avoid – this is a strategy that prevents the risk from occurring or prevents it from having any effect on your project. Risks that do not occur cannot harm the project. An example is shifting a construction start time from November to June to avoid excessive snowfall.
  • Transfer – Rather than eliminating the risk, it is shifted to a third party and they are allowed to manage the risk as well. For example, the insurance companies or use of a fixed price contract in projects. Transferring risks do come at a cost.
  • Mitigate – This is where the project manager acts to reduce the impact of risk or probability of risk occurrence on a project. This requires taking preventive measures such as testing, use of stable suppliers, creating prototypes, etc.
  • Accept – There are some risks that just have to be accepted in a project. The risk would be identified and when it occurs, the project team would implement their pre-planned response strategy.

Q: Differentiate between internal and external risk in projects.

Answer – Internal risks are risks that are within the control of the project team and the organization such as financial risk, infrastructural risk, human resource risk or technological risk. External risks, on the other hand, are risks that are beyond the control of the project team and organization. They are generally more difficult to predict. Examples include war, economic upheave, national disasters, etc.

Q: The probability and impact matrix is a very good tool for risk analysis. How does this function?

Answer – The probability and impact analysis tool is a qualitative management tool used in plotting the probability of a risk occurring against the impact of the risk on the project. It shows both the positive risk (opportunities) and negative risks (threats). The risks are arranged based on the organizational risk threshold and help organizations to plan risk responses based on the level of the risk.

Q: What strategies can be adopted when faced with a positive risk?

Answer – Just like negative risks, there are four strategies that can be adopted for a positive risk:

  • Exploit – This strategy is used when an organization wishes to ensure that an opportunity that has been identified happens. Exploiting could involve the use of the latest opportunity on a project or best human resource to ensure that the project objectives are met and finished on time.
  • Enhance – This is when the organization takes deliberate actions to increase the probability of the positive impact of a risk occurring.
  • Share – This is sharing the positive risk with a third party who has the ability to realize the opportunity for the good of the project. Mergers, joint ventures and partnerships are common examples of positive risk sharing.
  • Accept – When a risk is accepted, the organization is willing to take advantage of the opportunity but are not going out of their way to make it happen.

Q: You have developed a contingent response plan for a pre-identified risk. During project implementation, the risk still occurred and had a cost effect of $10,000 on the project. What did the project manager forget to do?

Answer – Contingent plans are pre-planned responses to know risk and are adapted once the risk occurs. Once a contingent plan is in place for any kind of risk, it is the function of the project manager to look out for risk triggers. Risk triggers are measures or indicators that signals that a risk might occur. From the question above, while some other things might have happened, it is very likely the project manager did not set risk triggers or did not remember to look out for the triggers when they happened

Q: When is it important to have a stakeholders risk profile analysis?

Answer – One of the primary goals of the project manager is to ensure stakeholders satisfaction in all projects. Risk profile analysis gets information about various stakeholders risk threshold, which would determine how much risk the relevant stakeholders can afford. This is particularly relevant in the project selection phase, as any project with risks higher than the risk threshold of relevant stakeholders should not be considered.


Project risk management, like any other project management knowledge area, is an important part of project management. Any project management recruiter would test your knowledge in risk management. Some risk, if taken advantage of, can be good while others can be disastrous to the project. You should therefore be preemptive, critical and analytical to ensure that project risks are not.

Once again, thank you for reading. In our next article we will explore interview questions based on the project communication management knowledge area. If you have any questions or comment, leave us a message in the comment box below, and we will surely get back to you.