What is a Risk?
A risk is an uncertain event or set of events that could affect the achieving of the project. Risks can be both good and bad.
What is a Risk Register?
A risk register is a log of identified risks. It is a standard document format for recording all risk events, planned action and correspondence.
Example:
Risk no | Date | Risk Owner | Title | Description | Probability | Impact | Mitigation | Outcome | Status |
 |  |  |  |  |  |  |  |  |  |
 |  |  |  |  |  |  |  |  |  |
Â
Â
How to Manage Risks
The Risk Management Process
Risk management is a continuous cycle, not a one-time task. Follow these five steps:
Identify -Spot potential risks that could affect your objectives (financial, operational, reputational, legal, etc.)
Assess -Evaluate each risk by its likelihood and impact to prioritise where to focus effort
Respond - Decide on a treatment:
Avoid – stop the activity causing the risk
Reduce – put controls in place to lower likelihood or impact
Transfer – shift the risk (e.g. insurance, contracts)
Accept – acknowledge and monitor if the risk is within tolerance
Monitor -Track risks and controls on an ongoing basis; escalate if anything changes
Report - Keep stakeholders informed of significant risks and any changes in status
Documents Used to Record Risk
Document | Purpose |
|---|---|
Risk Register | The master log of all identified risks, their ratings, owners, and controls. The primary go-to document. |
Risk Assessment Form | Used to assess a specific risk or activity in detail. often completed before a new project or process change. |
Action/Treatment Plan | Records the specific actions agreed to mitigate a risk, with owners and deadlines. |
Issue Log | When a risk materialises and becomes an actual problem, it moves here for resolution tracking. |
Board/Management Report | Summarises the top risks for leadership review ,drawn from the Risk Register. |
Key rule: Every risk must have an owner - someone accountable for monitoring it and ensuring controls are in place.
Â
Â
@sr_business_consulting |
