PMI • PMI-RMP

PMI Risk Management Professional (PMI-RMP) Practice Test

Validates specialized expertise in project risk management, including risk strategy and planning, risk identification, risk analysis, risk response planning, and monitoring and controlling risk throughout the project lifecycle.

Exam Details

Questions

826

Duration

150 minutes

Passing Score

Pass/Fail

Difficulty

Professional

Last Updated

Feb 2026

Exam Domain Breakdown

Risk Strategy and Planning22%

Stakeholder Engagement23%

Risk Process Facilitation23%

Risk Monitoring and Reporting13%

Perform Specialized Risk Analyses19%

Exam Overview

The PMI Risk Management Professional (PMI-RMP®) is a globally recognized certification offered by the Project Management Institute (PMI) that validates advanced expertise in project risk management. It demonstrates a practitioner's ability to develop risk management strategies, identify and analyze risks, plan and implement risk responses, engage stakeholders in the risk process, and monitor risks throughout the project lifecycle. The certification reflects the full value delivery spectrum—predictive, agile, and hybrid project approaches are integrated across all five exam domains, making it relevant across modern project environments.

The PMI-RMP was updated with a revised Exam Content Outline (ECO) in 2024, ensuring alignment with current industry practices. It is recognized by employers worldwide and is particularly valued in industries where risk exposure is high, such as construction, IT, finance, defense, and infrastructure. Holders of the credential signal to employers they possess the specialized knowledge to proactively manage uncertainty and protect project outcomes.

Official exam page

Who Should Take This Exam

The PMI-RMP is designed for project risk specialists, project managers, program managers, and other practitioners who focus on or wish to specialize in risk management. It is well-suited for professionals who manage complex projects with significant risk exposure and want formal recognition of their risk management expertise beyond the general project management credentials.

Ideal candidates typically have several years of hands-on project risk management experience and are looking to differentiate themselves from generalist project managers. Those already holding the PMP® or CAPM® who want to deepen their risk specialization, as well as risk analysts, risk coordinators, and PMO professionals, are among the primary audiences for this certification.

Prerequisites

PMI requires candidates to meet one of two eligibility pathways. The first path requires a secondary degree (high school diploma, associate's degree, or global equivalent) combined with 36 months of project risk management experience within the last five years. The second path requires a four-year bachelor's degree (or global equivalent) with 24 months of project risk management experience within the last five years. Both pathways also require 30 contact hours of education in project risk management.

While not a formal requirement, candidates are strongly encouraged to have studied the PMI standard for risk management: the PMI Standard for Risk Management in Portfolios, Programs, and Projects (2019) and the PMBOK® Guide Seventh Edition. Familiarity with Chapter 11 of the PMBOK® Guide Sixth Edition (Project Risk Management) is also recommended, as it provides a detailed process-based framework for risk management that underpins much of the exam content.

Exam Format

The PMI-RMP exam consists of 115 questions in total, of which 100 are scored and 15 are unscored pretest questions used for future exam development. Questions are presented in multiple-choice (single answer) and multiple-answer select formats. The exam must be completed within 150 minutes. Candidates are allowed one 10-minute break during the exam.

The exam is delivered via computer-based testing (CBT) at Pearson VUE testing centers or through online proctored testing (OPT) for candidates who prefer to test from home or office. Results are reported as Pass or Fail; PMI does not publish a numeric passing score. Candidates may attempt the exam up to three times within their one-year eligibility window. Exam fees are $520 USD for PMI members and $670 USD for non-members.

Skills Measured

1.Domain 1 – Risk Strategy and Planning (22%): Developing the risk management plan, establishing risk thresholds and appetite, selecting appropriate risk tools and methodologies, and aligning the risk management approach to the project's delivery method (predictive, agile, or hybrid).
2.Domain 2 – Stakeholder Engagement (23%): Identifying and analyzing stakeholders in relation to risk, assigning risk ownership, promoting a risk-aware culture, facilitating risk workshops, and ensuring effective communication of risk information to relevant stakeholders throughout the project.
3.Domain 3 – Risk Process Facilitation (23%): Conducting risk identification and assessment activities, performing qualitative and quantitative risk analysis, developing risk response plans, and facilitating team collaboration to evaluate and prioritize risks across the project.
4.Domain 4 – Risk Monitoring and Reporting (13%): Tracking identified risks and watching for new risks, monitoring the effectiveness of risk responses, capturing risk-related lessons learned, and reporting risk status to stakeholders and governance bodies.
5.Domain 5 – Perform Specialized Risk Analyses (19%): Applying advanced analytical techniques such as Monte Carlo simulation, decision tree analysis, sensitivity analysis, and Expected Monetary Value (EMV) to support risk-informed decision-making on complex or high-stakes projects.

Study Tips

Download and study the official PMI-RMP Exam Content Outline (ECO) from pmi.org—it defines all five domains, tasks, and enablers and is the primary blueprint for what will be tested.
Read the PMI Standard for Risk Management in Portfolios, Programs, and Projects (2019) in full, as it is the foundational reference PMI uses to define risk management principles and processes for the exam.
Supplement with PMBOK® Guide Sixth Edition Chapter 11 (Project Risk Management), which provides a detailed process-based treatment of risk identification, qualitative and quantitative analysis, response planning, and monitoring.
Practice with scenario-based questions that reflect hybrid and agile environments, since the updated ECO integrates predictive, agile, and hybrid approaches across all domains—not just traditional risk processes.
Use PMI's official exam prep resources, including the PMI-RMP Exam Prep course on PMI.org and the PMI Learning platform, which offer practice questions aligned to the current ECO.
Join a PMI chapter or study group to access peer discussions, exam experience sharing, and potential access to local prep workshops. Engaging with others preparing for the same exam reinforces understanding of difficult concepts.
For Domain 5 (Specialized Risk Analyses), ensure hands-on familiarity with quantitative techniques such as Monte Carlo simulation, EMV calculations, and sensitivity analysis—these are commonly tested and require more than conceptual understanding.

Career Benefits

Earning the PMI-RMP credential positions professionals for roles such as Risk Manager, Risk Analyst, Senior Project Manager, Program Risk Manager, and Risk Management Consultant. The certification is particularly valued in government, defense, construction, IT, and financial services sectors, where formal risk management expertise is often a hiring or contracting requirement. PMI's Earning Power Salary Survey has consistently shown that certified PMI professionals earn significantly more than their non-certified peers, with risk specialists in the U.S. averaging approximately $138,000 annually.

The PMI-RMP complements rather than competes with the PMP®—many professionals hold both, with the RMP signaling deep specialization. Compared to vendor-specific risk credentials, the PMI-RMP is methodology-neutral and internationally portable, making it recognized across industries and geographies. With only 30 PDUs required every three years for renewal (compared to 60 for the PMP), it also has a lower maintenance burden, making it an efficient specialization credential for experienced practitioners.

Sample Questions

Preview — answers shown

5 sample questions with correct answers and explanations. Start a practice session to test yourself across all 826 questions.

1. During Perform Quantitative Risk Analysis for a 36-month infrastructure project, the risk manager runs Monte Carlo simulation with 10,000 iterations. The results show: P10 = $47.2M, P50 = $52.8M, P80 = $56.4M, P90 = $59.1M. The approved cost baseline is $53.0M and management requests an 80% confidence level for budget planning. What should the risk manager recommend for the total project budget? (Select one!)

A$56.4M total budget with $3.6M contingency reserve and no management reserve

B$53.0M baseline plus $6.4M management reserve equals $59.4M total budget

C$53.0M baseline plus $3.4M contingency reserve plus management reserve per organizational policy

D$53.0M baseline plus $3.6M contingency reserve equals $56.6M total budget

Explanation

The P80 value of $56.4M represents 80% confidence for the total cost including identified risks. The difference between P80 ($56.4M) and baseline ($53.0M) is $3.4M, which represents the contingency reserve for known risks. However, the total project budget must also include management reserve for unknown-unknowns, which is not determined by Monte Carlo simulation and follows organizational policy. Contingency reserve is part of the cost baseline, so $56.6M incorrectly adds contingency outside the baseline. Using P80 as total budget without management reserve fails to account for unidentified risks. Using $6.4M as management reserve misunderstands that management reserve is separate from the Monte Carlo-derived contingency.

2. A risk manager on a healthcare IT implementation project receives conflicting risk information from multiple stakeholder groups. Before conducting probability and impact assessments, the risk manager needs to evaluate whether the available risk data is sufficient for reliable analysis. Which two factors are most critical when performing Risk Data Quality Assessment? (Select two!)

Multiple correct answers

AExtent of stakeholder understanding of the risk and reliability of information sources

BAlignment of risk categories with the organizational Risk Breakdown Structure

CCalculation of expected monetary value for each identified risk

DAssignment of risk urgency ratings based on proximity to trigger events

EDevelopment of contingency response strategies for high-priority risks

Explanation

Risk Data Quality Assessment evaluates the credibility and usability of risk data before analysis proceeds. The two most critical factors are the extent of understanding (how well stakeholders comprehend the risk and its context) and reliability of information sources (trustworthiness and consistency of data). These determine whether the risk data is accurate enough to support meaningful probability and impact assessments. RBS alignment is part of risk categorization, not data quality evaluation. EMV calculation occurs during quantitative analysis, after data quality is confirmed. Urgency ratings are assessed during qualitative analysis using the validated data. Contingency strategies are developed during risk response planning, not during data quality assessment.

3. During a risk audit, an independent reviewer examines the response to a high-priority risk: 'Key software architect may leave the company during design phase.' The documented response strategy is Accept (Active) with a contingency plan to hire a contract architect within 2 weeks and a contingency reserve of $40,000. The auditor finds no evidence of pre-qualified contract architects or recruitment agency agreements. What should the auditor conclude? (Select one!)

AThe risk response is inadequate because active acceptance contingency plans require actionable preparation, not just budget

BThe risk response should be reclassified as passive acceptance since no proactive mitigation occurred

CThe risk response violates PMI standards and should be changed to a mitigation strategy

DThe risk response is adequate since active acceptance requires only budget allocation, not advance preparation

Explanation

Active acceptance requires both contingency reserve allocation AND a documented contingency plan that can be executed when triggers occur. A 2-week hiring plan without pre-qualified candidates or agency agreements is not actionable. True active acceptance means the organization is prepared to execute the contingency plan immediately when needed. Simply having budget without executable plans does not constitute active acceptance. Passive acceptance involves no contingency plan or reserve, only recognizing the risk. The response strategy itself (accept) is valid for this risk; the issue is inadequate implementation of active acceptance. PMI does not mandate specific strategies; the auditor identifies execution gaps, not strategy errors.

4. A risk manager facilitates assumption and constraint analysis during the Identify Risks process for a hospital expansion project. The team documents the following: Assumption A states the city will approve zoning changes within 90 days; Constraint B specifies construction cannot disrupt current hospital operations; Assumption C presumes key medical equipment vendors will maintain current pricing. Which action should the risk manager take? (Select one!)

AEncourage stakeholders to challenge the validity of each assumption and assess the risk associated with each assumption or constraint

BClassify assumptions as opportunities and constraints as threats based on their positive or negative impact on project objectives

CPrioritize the constraint over assumptions because constraints are fixed while assumptions can be validated through research

DDocument each assumption and constraint as separate risk events in the risk register with probability and impact assessments

Explanation

Encouraging stakeholders to challenge assumptions and assess associated risks is the correct approach per the Risk Identification domain task on assumption and constraint analysis. Assumptions represent uncertain factors that could prove false, and constraints may introduce risks if they cannot be satisfied. The risk manager should facilitate examination of whether assumptions are valid and what risks emerge if they prove incorrect or if constraints cannot be met. Documenting assumptions and constraints themselves as risk events is incorrect—they are sources of risk, not risks themselves; the risk is what happens if the assumption fails or constraint is violated. Classifying assumptions as opportunities and constraints as threats is overly simplistic and incorrect; assumptions can create threats if they fail, and constraints might limit both positive and negative outcomes. Prioritizing constraints over assumptions has no methodological basis; both require equal analysis for associated risks.

5. A risk manager performs Monte Carlo simulation for an IT infrastructure project with 50 work packages. The simulation runs 5,000 iterations and produces these results: P10 = $2.1M, P50 = $2.5M, P80 = $2.9M, P90 = $3.2M. The approved budget is $2.7M. The sponsor asks: 'What is the probability of completing within budget?' What should the risk manager report? (Select one!)

AApproximately 50% probability since $2.7M is close to the P50 median value

BApproximately 65% probability, interpolating between P50 and P80 values

CCannot determine from the data provided; additional simulation runs are required

DExactly 80% probability since P80 of $2.9M exceeds the $2.7M budget

Explanation

The $2.7M budget falls between P50 ($2.5M) and P80 ($2.9M). Linear interpolation provides a reasonable estimate: ($2.7M - $2.5M) / ($2.9M - $2.5M) = 0.5, indicating the budget is halfway between P50 and P80. Therefore, probability is approximately 50% + (0.5 × 30%) = 65%. P80 means 80 percent probability of being at or below that value; since budget is below P80, probability exceeds 80 percent. Assigning exactly P50 probability ignores that $2.7M exceeds the median. The simulation results provide sufficient data for interpolation; more runs are unnecessary.

One-time access to this exam

Full access to all 826 questions

Or $15/mo for all 201 exams

Detailed explanations

Free preview stays available