Risk register
Encyclopedia
A Risk Register is a Risk Management
tool commonly used in Project Management
and organisational risk assessments. It acts as a central repository for all risks identified by the project or organisation and, for each risk, includes information such as risk probability, impact, counter-measures, risk owner and so on. It can sometimes be referred to as a Risk Log (for example in PRINCE2
).
Body of Knowledge (PMBOK) and PRINCE2 among others. In addition many companies provide software tools that act as risk registers. Typically a risk register contains:
The risks are often ranked by Risk Score so as to highlight the highest priority risks to all involved.
In a "quantitative" risk register the descriptions are enumerated: for example a risk might have a "$1m" impact and a "50%" probability.
Contingent response - the actions to be taken should the risk event actually occur.
Contingency - the budget allocated to the contingent response
Trigger - an event that itself results in the risk event occurring (for example the risk event might be "flooding" and "heavy rainfall" the trigger)
Risk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
tool commonly used in Project Management
Project management
Project management is the discipline of planning, organizing, securing, and managing resources to achieve specific goals. A project is a temporary endeavor with a defined beginning and end , undertaken to meet unique goals and objectives, typically to bring about beneficial change or added value...
and organisational risk assessments. It acts as a central repository for all risks identified by the project or organisation and, for each risk, includes information such as risk probability, impact, counter-measures, risk owner and so on. It can sometimes be referred to as a Risk Log (for example in PRINCE2
PRINCE2
PRojects IN Controlled Environments 2 is a structured project management method endorsed by the UK government as the project management standard for public projects. The methodology encompasses the management, control and organisation of a project...
).
Example contents
A wide range of suggested contents for a risk register exist and recommendations are made by the Project Management InstituteProject Management Institute
The Project Management Institute is a not-for-profit professional organization for the project management profession with the purpose of advancing project management.- Overview :...
Body of Knowledge (PMBOK) and PRINCE2 among others. In addition many companies provide software tools that act as risk registers. Typically a risk register contains:
- A description of the risk
- The impact should this event actually occur
- The probabilityProbabilityProbability is ordinarily used to describe an attitude of mind towards some proposition of whose truth we arenot certain. The proposition of interest is usually of the form "Will a specific event occur?" The attitude of mind is of the form "How certain are we that the event will occur?" The...
of its occurrence - Risk Score (the multiplication of Probability and Impact)
- A summary of the planned response should the event occur
- A summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)
The risks are often ranked by Risk Score so as to highlight the highest priority risks to all involved.
Example Risk Register in table format
Risk Register for project "birthday party"Risk Category | Risk Name | Risk Number | Probability (1-3) | Impact (1-3) | Risk Score | Mitigation | Contingency | Action By | Action When |
---|---|---|---|---|---|---|---|---|---|
Guests | The guests find the party boring | 1.1. | 2 | 2 | 4 | Invite crazy friends, provide sufficient liquor | Bring out the karaoke Karaoke is a form of interactive entertainment or video game in which amateur singers sing along with recorded music using a microphone and public address system. The music is typically a well-known pop song minus the lead vocal. Lyrics are usually displayed on a video screen, along with a moving symbol,... |
Mack | within 2hrs |
Guests | Drunken brawl | 1.2. | 1 | 3 | 3 | Don’t invite crazy friends, don't provide too much liquor | Call 911 | Jerry | Now |
Nature | Rain | 2.1. | 2 | 2 | 4 | Have the party indoors | Move the party indoors | Milind | 10mins |
Nature | Earthquake or fire | 2.2. | 1 | 3 | 3 | Start the party with instructions on what to do in the event of fire or earthquake | Implement the appropriate natural disaster response plan | Everyone | As per plan |
Food | Not enough food | 3.1. | 1 | 2 | 2 | Have a buffet | Order pizza | Magua | 30mins |
Food | Food is spoiled | 3.2. | 1 | 3 | 3 | Store the food in deep freezer | Order pizza | Matthew Susi | 30mins |
Useful terminology
In a "qualitative" risk register descriptive terms are used: for example a risk might have a "High" impact and a "Medium" probability.In a "quantitative" risk register the descriptions are enumerated: for example a risk might have a "$1m" impact and a "50%" probability.
Contingent response - the actions to be taken should the risk event actually occur.
Contingency - the budget allocated to the contingent response
Trigger - an event that itself results in the risk event occurring (for example the risk event might be "flooding" and "heavy rainfall" the trigger)
See also
- RiskRiskRisk is the potential that a chosen action or activity will lead to a loss . The notion implies that a choice having an influence on the outcome exists . Potential losses themselves may also be called "risks"...
- Event chain methodologyEvent chain methodologyEvent chain methodology is an uncertainty modeling and schedule network analysis technique that is focused on identifying and managing events and event chains that affect project schedules...
- Risk Breakdown StructureRisk breakdown structureRisk Breakdown Structure - A hierarchically organised depiction of the identified project risks arranged by category.- An Introduction to the Risk Breakdown Structure :...
- Risk management toolsRisk management toolsRisk Management is a non-intuitive field of study, where the most simple of models consist of a probability multiplied by an impact. Even understanding individual risks is difficult as multiple probabilities can contribute to Risk total probability, and impacts can be "units" of cost, time, events...
- Issue logIssue LogIssue Log is a documentation element of software project management. An issue log contains a list of ongoing and closed issues of the project. While issue logs can be viewed as a way to track errors in the project, the role it plays often extends further...