A company has decided to implement a new archiving system. A data breach occurred during the implementation of the project. What should the project manager do first?
A.
Implement the planned risk response to handle the issue
B.
Review possible alternative documentation methods with team
C.
Update the risk register with the risk and proposed impact
D.
Ask the team to fix the system to resolve the issue
A is correct. You could ask the team to fix it first, however that might not be the FIRST thing you have to do. You may have to notify supervisors/security, notify customers, work with authorities of some kind, there's plenty of things that will likely be in the risk response before asking the team to fix it.
This is another terrible question. There is nothing to suggest that the team implementing an archiving solution would be able to fix the system or that the system had anything to do with the breach. The answer should be A.
If it were my organization's system, I'd want the first person who noticed this to take action immediately while I as the PM begin tracking whether there was a planned risk response in this scenario that could be applied. Overcoming the lapse in response time is the only logic I see in D being the first choice.
Based on PMI's approach and assumptions in project management, particularly as described in the PMBOK® Guide, it is generally assumed that the project manager has conducted thorough planning, including risk management planning, unless the scenario explicitly states otherwise. So A is the correct answer.
The key wording the question is "First". Once the breach has been dealt with, other actions can be taken. I see it as a crack in a water tank; First thing is close the crack, and then take other actions not ensure it does not happen again. Answer D
Risk response relative to cyber information security is something totally out of the scope of the project. Some risk may have been identified but the global cyber risk response is bigger than the project scope itself. D is the correct answer as no evidence the risk was identified so not B..
A. Implementing the planned risk response to handle the issue is the immediate action a project manager should take when a known risk, such as a data breach, occurs. If the risk was previously identified and a response was planned, it's crucial to execute that response promptly to mitigate the impact. Addressing the breach and containing its effects is a priority over other administrative or investigative tasks.
A. Implement the planned risk response to handle the issue
The project manager should first refer to the risk management plan and execute the planned risk response for the data breach incident.
Explanation:
You could ask the team to fix it first, however that might not be the FIRST thing you have to do.
You may have to notify supervisors/security, notify customers, work with authorities of some kind,
there's plenty of things that will likely be in the risk response before asking the team to fix it.
This section is not available anymore. Please use the main Exam Page.PMP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
[Removed]
Highly Voted 2 years, 7 months agoKim222
Most Recent 8 months agoiamfrankblack
8 months, 3 weeks agoCommonNickname
1 year, 1 month agoBruce_Liu
1 year, 1 month agohoomz
1 year, 2 months agocarlosivrivera
1 year, 2 months agobobo_d
1 year, 3 months agoOnly12go
1 year, 6 months agoSynikalDemon
1 year, 9 months agosmartrammy
1 year, 9 months agokevzzz
1 year, 10 months agoThirukj
1 year, 10 months agoHung3102
2 years agosanjiiv
2 years, 1 month agomeetkamal
2 years, 1 month agoneely
2 years, 3 months ago