Risk register
 |
This article needs attention from an expert on the subject. See the talk page for details. WikiProject Business or the Business Portal may be able to help recruit an expert. (June 2008) |
A Risk Register is a Risk Management tool commonly used in Project Management and organisational risk assessments. It acts as a central repository for all risks identified by the project or organisation and, for each risk, includes information such as risk probability, impact, counter-measures, risk owner and so on. It can sometimes be referred to as a Risk Log (for example in PRINCE2).
Contents |
[edit] Example contents
A wide range of suggested contents for a risk register exist and recommendations are made by the Project Management Institute Body of Knowledge (PMBOK) and PRINCE2 among others. In addition many companies provide software tools that act as risk registers. Typically a risk register contains:
- A description of the risk
- The impact should this event actually occur
- The probability of its occurrence
- Risk Score (the multiplication of Probability and Impact)
- A summary of the planned response should the event occur
- A summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)
The risks are often ranked by Risk Score so as to highlight the highest priority risks to all involved.
[edit] Example Risk Register in table format
Risk Register for project "birthday party"
| Risk Category | Risk Name | Risk Number | Probability (1-3) | Impact (1-3) | Risk Score | Mitigation | Contingency | Action By | Action When |
|---|---|---|---|---|---|---|---|---|---|
| Guests | The guests find the party boring | 1.1. | 2 | 2 | 4 | Invite crazy friends, provide sufficient liquor | Bring out the karaoke | Mack | within 2hrs |
| Guests | Drunken brawl | 1.2. | 1 | 3 | 3 | Don’t invite crazy friends, don't provide too much liquor | Call 911 | Jerry | Now |
| Nature | Rain | 2.1. | 2 | 2 | 4 | Have the party indoors | Move the party indoors | Milind | 10mins |
| Nature | Earthquake or fire | 2.2. | 1 | 3 | 3 | Start the party with instructions on what to do in the event of fire or earthquake | Implement the appropriate natural disaster response plan | Everyone | As per plan |
| Food | Not enough food | 3.1. | 1 | 2 | 2 | Have a buffet | Order pizza | Magua | 30mins |
| Food | Food is spoiled | 3.2. | 1 | 3 | 3 | Store the food in deep freezer | Order pizza | Matthew Susi | 30mins |
[edit] Useful terminology
In a "qualitative" risk register descriptive terms are used: for example a risk might have a "High" impact and a "Medium" probability.
In a "quantitative" risk register the descriptions are enumerated: for example a risk might have a "$1m" impact and a "50%" probability.
Contingent response - the actions to be taken should the risk event actually occur.
Contingency - the budget allocated to the contingent response
Trigger - an event that itself results in the risk event occurring (for example the risk event might be "flooding" and "heavy rainfall" the trigger)
[edit] See also
[edit] References
[edit] Further reading
- Tom Kendrick (2003). Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project. AMACOM/American Management Association. ISBN 978-0814407615.
- David Hillson (2007). Practical Project Risk Management: The Atom Methodology. Management Concepts. ISBN 978-1567262025.
- Kim Heldman (2005). Project Manager's Spotlight on Risk Management. Jossey-Bass. ISBN 978-0782144116.
- Robert Buttrick (2009). The Project Workout: 4th edition. Financial Times/ Prentice Hall. ISBN 978-0273723899.
