A Risk Register provides a record of identified risks relating to the project, including their status and history. It is used to capture and maintain information on all of the identified threats and opportunities relating to the project, and to help with the Risk theme.
- The composition, format and presentation of the Risk Register will be derived from the Risk Management Approach
- Entries are made on the Risk Register once a new risk has been identified
- There may be one or more risks inherent in the project mandate
- New risks may be discovered when creating the Project Brief, designing and appointing the project management team, establishing the project’s controls and developing its plans, when issuing Work Packages, when reviewing Work Package status, or when reviewing stage status
- Daily Log and Issue Register - often issues raised to the Project Manager and captured in the Daily Log or Issue Register are actually risks and only identified as such after further examination.
A Risk Register can take a number of formats, including:
- Document, spreadsheet or database
- Standalone register or a carry forward in progress review minutes
- Entry in a project management tool
- Part of an integrated project register for all risks, actions, decisions, assumptions, issues, lessons etc.
- The status indicates whether action has been taken
- Risks are uniquely identified, including information about which product they refer to
- Access to the Risk Register is controlled and it is kept in a safe place.