Jump to content

Risk register

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Kenmckinley (talk | contribs) at 00:44, 25 August 2007. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A risk register is a tool commonly used in project planning and organisational risk assessments. It is often referred to as a Risk Log (for example in Prince2).

This tool is widely used within Risk Management for identifying, analysing and managing risks. In this context a project risk is essentially an uncertain event that, should it occur, will have an impact on the project (this could be positive or negative).

It contains the information on the identified and collected project risks that the project team identifies when estimating and adjusting the activity durations for risks.

The project team considers the extent to which the effects of risks are included in the baseline duration estimate for each schedule activity, particularly the risks with high impact.

Example contents

A wide range of contents for a risk register exist and recommendations are made by the Project Management Institute Body of Knowledge (PMBOK) and Prince2 among others. In addition many companies provide software tools that act as risk registers. Typically a risk register contains:

  • A description of the risk
  • The impact should this event actually occur
  • The probability of its occurrence
  • A summary of the planned response should the event occur
  • A summary of the mitigation (the actions taken in advance to reduce the probability and/or impact of the event)

Useful terminology

In a "qualitative" risk register descriptive terms are used: for example a risk might have a "High" impact and a "Medium" probability.

In a "quantitative" risk register the descriptions are enumerated: for example a risk might have a "£1m" impact and a "50%" probability.

Contingent response - the actions to be taken should the risk event actually occur.

Contingency - the budget allocated to the contingent response

Trigger - an event that itself results in the risk event occurring (for example the risk event might be "flooding" and "heavy rainfall" the trigger)

See also

Software