Risk IdentifierA numerical identifier for each risk.
Risk DescriptionA textual description of each risk. Potentially links to extended risk analysis documentation.
Risk TriggerThe trigger conditions that cause the risk to occur. Often omitted.
ProbabilityAn assessment of the probability of the risk. Often represented as a percentage or rating scale such as "likely, possible, unlikely".
ImpactImpact if the risk occurs often as a "high, medium, low" rating. Impact may link to detailed analysis such as a cost estimate or impact assessment.
ScoreIt is reasonably common to "score" the risk by multiplying probability × impact based on a numerical rating system.
OwnershipThe person accountable for the risk.
MitigationSteps that are planned to mitigate the risk. This field can also be termed "treatment" if it is a common practice within your organization to take actions other than mitigation such as accepting, transferring or sharing risk.
Residual RiskA textual description of the risk remaining after treatment including any secondary risks.
Accepted ProbabilityThe remaining probability after treatment. This can be termed "accepted probability" to highlight that the owner is asked to accept this level of risk by approving the risk register.
Accepted ImpactThe remaining impact after treatment.
ExampleThe following is a basic example of a risk register.
|Overview: Risk Register|
A document or system that is used to capture risk management status for a strategy, project or operations activity.
Also Known As