Risk Register

From Open Risk Manual

Definition

Risk Register. All risks facing an organization, listed, ranked and categorized so that appropriate treatments can be assigned to them.

A Risk Register is a core component in some risk management frameworks, typically when the prevailing Risk Type that must be managed is Operational Risk.

Risk Register Elements

An indicative list of risk register elements is as follow:

  • Risk Identifier: A unique identifier for a specific risk
  • Risk Author: Person identfied the Risk.
  • Date Identified: The Date the Risk was first identified
  • Data Updated: The last date the Risk was re-evaluated and the Risk Status updated
  • Risk Type: The risk type (from a defined Risk Taxonomy)
  • Risk Description: This is written is a specific way (e.g., cause, event and effect).
  • Probability of Occurence: Typically from a scale
  • Impact Severity: Typically from a scale
  • Risk Mitigation: The manner by which the risk will be mitigated (typically from a menu of options)
  • Risk Status: Current status of the identified Risk
  • Risk Owner: Mention one person who is responsible for managing the Risk.