J0794 – Manajemen eCorporation Chapter 8 pg. 321 1. Have we established suitable criteria and procedures for evaluating the risk of IT projects? Are these criteria and procedures effective in communicating this risk to management? 2. Do we have project planning, tracking, and control processes that accommodate different degrees of project risk? 3. Are we using adaptive approaches appropriately for projects that entail high requirements volatility or other sources of uncertainty? Do we have processes in place that will allow us to learn and adjust during the duration of a project? 4. Is the overall risk of our project portfolio a good fit with our business objectives and strategies?