1. Right Answer: A,B,D
Explanation: Risk responses require a formal approach to issues, opportunities and events to ensure that solutions are cost-effective and are aligned with business objectives.The following should be considered: While preparing the risk response, identify the risk in business terms like loss of productivity, disclosure of confidential information, lost opportunity costs, etc. Recognize the business risk appetite. Follow an integrated approach in business.Risk responses requiring an investment should be supported by a carefully planned business case that justifies the expenditure outlines alternatives and describes the justification for the alternative selected.Incorrect Answers:C: There is no such requirement to follow the pre-defined risk responses. If some new risk responses are discovered during the risk management of a particular project, they should be noted down in lesson leaned document so that project manager working on some other project could also utilize them.

2. Right Answer: A
Explanation: When new risks are identified as part of the scope additions, Walter should update the risk register and the project management plan to reflect the responses to the risk event.Incorrect Answers:B: The project communications management plan may be updated if there's a communication need but the related to the risk event, not the communication of the risks.C: The contractual relationship won't change with the vendor as far as project risks are concerned.D: The project scope statement is changed as part of the scope approval that has already happened.

3. Right Answer: A,B,C
Explanation: Projects are initiated by sponsors who gather the information required to gain approval for the project to be created. Information often compiled into the terms of a project charter includes the objective of the project, business case and problem statement, stakeholders in the system to be produced, and project manager and sponsor.Following are the steps to initiate the project: Conduct a feasibility study: Feasibility study starts once initial approval has been given to move forward with a project, and includes an analysis to clearly define the need and to identify alternatives for addressing the need. A feasibility study involves:- Analyzing the benefits and solutions for the identified problem area- Development of a business case that states the strategic benefits of implementing the system either in productivity gains or in future cost avoidance and identifies and quantifies the cost savings of the new system.- Estimation of a payback schedule for the cost incurred in implementing the system or shows the projected return on investment (ROI) Define requirements: Requirements include:- Business requirements containing descriptions of what a system should do- Functional requirements and use case models describing how users will interact with a system- Technical requirements and design specifications and coding specifications describing how the system will interact, conditions under which the system will operate and the information criteria the system should meet. Acquire software: Acquiring software involves building new or modifying existing hardware or software after final approval by the stakeholder, which is not a phase in the standard SDLC process. If a decision was reached to acquire rather than develop software, this task should occur after defining requirements.Incorrect Answers:D: Risk management is planned latter in project development process, and not during initialization.

4. Right Answer: D
Explanation: The impact of network unavailability is the cost it incurs to the enterprise. As the network is unavailable for 1 day, it can be considered as the failure of some business units that rely on this network. Hence financial losses incurred by this affected business unit should be considered.Incorrect Answers:A, B, C: These factors in combination contribute to the overall financial impact, i.e., financial losses incurred by affected business units.

5. Right Answer: B
Explanation: This is an example of a preventive control as the problem is not yet occurred, only it is detected and are accounted for. By removing the scope items from the project work, the project manager is aiming to remove the added risk events, hence it is a preventive control. Preventive control is a type of internal control that is used to avoid undesirable events, errors and other occurrences, which an organization has determined could have a negative material effect on a process or end product.Incorrect Answers:A: Detective controls simply detect and report on the occurrence of problems. They identify specific symptoms to potential problems.C: Corrective actions are steps to bring the future performance of the project work in line with the project management plan. These controls make effort to reduce the impact of a threat from problems discovered by detective controls. They first identify the cause of the problems, then take corrective measures and modify the systems to minimize the future occurrences of the problem. Hence an incident should take place before corrective controls come in action.D: Scope creep refers to small undocumented changes to the project scope.