PMP Risk Management: Remembering Risk Responses

What comes to your mind when you think of a risk? Maybe you think of a risky activity, like skydiving. Or maybe you think about driving a car, for which insurance is required because there is the risk of a car accident. Either way, these risks are bad.

Well if you’re studying for the PMP exam, you have missed a crucial part of understanding risk. According to the PMBOK guide, risk is not only negative, it is also positive. Negative risks are always known as threat, and positive risks are also known as opportunities. The PMBOK Guide, one pages 344-346, lists the possible risk responses for negative and positive risks. Here they are summarized in a table.

 Negative Risk ResponsesPositive Risk Responses

Let’s get into more detail. For each of the risks, I’ll provide a short summary, the PMBOK definition, and an example. (The PMBOK definition is shortened for readability — be sure to consult the PMBOK Guide for a full definition.)

Strategies for Risk Responses are tools & techniques of the Plan Risk Responses process. They absolutely key to you understand the Risk Management chapter of the PMBOK guide. You can bet that at least one or a few of these types of questions will appear on your PMP exam, so make sure you study this area thoroughly.

Negative Risks

Negative risks will sometimes draw your focus, because you are used to assuming risk are negative. Be sure to give each area an adequate response.

pmp risk management

Here’s a risk I recommend avoiding.


  • Short: Avoid should be used when you want to be sure that the negative risk is not encountered.
  • PMBOK: “Risk avoidance is a risk response strategy whereby the project team acts to eliminate the threat or protect the project from its impact” (344).
  • Example: There’s a high risk of lightning strike by building a flagpole at the top of the mountain, but it can be avoided by building it elsewhere, so you relocate it and avoid it.


  • Short: Give to someone else like insurance company.
  • PMBOK: “Risk transference is a risk response strategy whereby the project team shifts the impact of a threat to a third party, together with ownership of the response” (344).
  • Example: You buy homeowner’s insurance to protect yourself against major threats to your home. Insurance of all forms is a good example of transfer.


  • Short: Try to ensure it doesn’t happen.
  • PMBOK: “Risk mitigation is a risk response strategy whereby the project team act to reduce the probability of occurrence or impact of a risk” (345).
  • Example: If you are working on a project that requires you to adopt new technology, and you realize that your employees aren’t trained on the technology. You might invest in additional training to mitigate the risk to your project.


  • Short: Accept the risk when you can or you have to.
  • PMBOK: “Risk acceptance is a risk response strategy whereby the project team decides to acknowledge the risk and not take any action unless the risk occurs” (345).
  • Example: If you are on a project, and you realize a risk that will require you to spend an extra thousand dollars, you may accept the risk because the cost is fairly low.

Positive Risks

Don’t give up now! You’re almost through the positive risk responses.


  • Short: Use this strategy when you REALLY want the positive risk to happen.
  • PMBOK: “The exploit strategy may be selected for risks with positive impacts where the organization wishes to ensure that the opportunity is realized” (345).
  • Example: If you finish this deliverable one month early, you can accept another project from the customer who wants to give $1 million in business to your company.


  • Short: Try to ensure that the positive risk occurs.
  • PMBOK: “The enhance strategy is used to increase the probability and/or the positive impacts of an opportunity” (346).
  • Example: If you are working on a project and are given the opportunity to be a preferred vendor in the future, you might allocate extra resource to enhance the opportunity.


  • Short: Get a third party involved to try to help you best capture the positive risk.
  • PMBOK: “Sharing a positive risk involved allocating some or all of the ownership of the opportunity to a third party who is best able to capture the opportunity for the benefit of the project” (346).
  • Example: If you have the opportunity to make an extra $1 million on a project but do not have the expertise in the area required, you may bring in a trusted third-party vendor to share in the opportunity.


  • Short: Enjoy the benefits of the opportunity!
  • PMBOK: “Accepting an opportunity is being willing to take advantage of the opportunity if it arises, but not actively pursuing it” (346).
  • Example: Think of the converse of the accept strategy — you may save a few thousand dollars if something goes well from you. Because the savings aren’t so much in the context of your project, you won’t actively pursue it but will accept it if it occurs.

Congratulations on making it this far — these are key definitions for understanding the Plan Risk Responses tools and techniques. Now make sure you understand and find some practice questions.

Let’s exploit the risk of you getting a “P” in all 5 areas of the exam! Comment below to discuss how you are tackling risk response strategies in preparation for your PMP.

Sign up for Early Access to Magoosh PMP Prep!

Comments are closed.

Magoosh blog comment policy: To create the best experience for our readers, we will only approve comments that are relevant to the article, general enough to be helpful to other students, concise, and well-written! 😄 Due to the high volume of comments across all of our blogs, we cannot promise that all comments will receive responses from our instructors.

We highly encourage students to help each other out and respond to other students' comments if you can!

If you are a Premium Magoosh student and would like more personalized service from our instructors, you can use the Help tab on the Magoosh dashboard. Thanks!