A risk register, sometimes known as a risk log, is an important component of the overall risk management framework. Created during the early stages of a project, the risk register is a tool that helps you track issues and address them as they arise.
The risk register is also an important topic of study for PMP certification as well as the Prince2 Certification. A risk register is used to identify, assess, and manage risks down to acceptable levels through a review and updating process.
What is the Purpose of a Risk Register?
The purpose of a risk register in project management is to record the details of all risks that have been identified along with their analysis and plans for how those risks will be treated.
Basically, it’s a log that identifies risks along with their severity and the actions and steps to be taken to mitigate the risk. The risk register database can be viewed by project managers as a management tool for monitoring the risk management processes within the project. It is the responsibility of the project manager to ensure that the risk register is updated whenever necessary. The task of updating the risk registers is usually delegated to the project control function.
The list of risks that are identified and recorded in the risk registers drives the following risk management processes specified in the PMBOK® Guide.
Perform Qualitative Risk Analysis
In the Perform Qualitative Analysis process, details are added to the existing list of risks in the risk register including the priority of risks, the urgency of the risks, the categorization of risks, and any trends that were noticed while performing this process. Risks that have been managed, avoided, or are no longer relevant can be removed from the risk register. The associated risk action plans can also be deleted from the risk registers.
Perform Quantitative Risk Analysis
In the Perform Quantitative Risk Analysis process, the risk register is updated with the probabilities associated with each identified risk and the probability of meeting the cost and time projections. Additionally, risk priorities are updated and trends that have been observed are also noted.
Plan Risk Response
In the Plan Risk Response process, a specific response plan is created to manage each risk. These risk response plans are updated in the risk register as an output of this process.
While managing risks, remember that not all risks are negative-positive risks are opportunities. Accordingly, a project manager should devise strategies for managing negative risks or threats as well as positive risks or opportunities.
Monitor and Control Risk
In the Monitor and Control risks process, plans are re-assessed and re-evaluated. The risk register is updated with information on new risks as an output of this process. This information should be regularly updated in the risk register, whether it is changing to the risk estimates or actual numbers such as costs related to weather damage.
When is a Risk Registers Created?
As per the PMBOK Guide, the risk register is the output of the Identify Risk process in the Risk Management knowledge area. The Identify Risk process is a planning process used to identify the risks, which could impact the project and understand the nature of those risks.
Although the Identify Risks process is performed early on in the project, risks change over time and new risks can arise. Therefore, it may be necessary to perform the identify risks process multiple times throughout the project.
What are the Components of a Risk Register?
There is no standard list of components that should be included in the risk register. The PMBOK Guide, and PRINCE2, and other organizations make recommendations for risk register contents; however, these are not the only recommendations that may be used.
The following table displays the example components of a risk registers used in managing risks in large and complex projects.
A risk registers is an important component of the overall risk management framework since it records all identified risks in the project. Created in the Identify Risks process as per the PMBOK Guide, the risk registers also drives the other risk processes like Perform Qualitative Risk Analysis, Perform Quantitative Risk Analysis, Plan Risk Responses, and Monitor and Control Risks.
|Are you a professional who is aspiring to be a project manager? Try answering this PMP Practice Questions and assess yourself!|
Check out our course on PMI-RMP® Training Videos
PMP® and PMI® are registered trademarks of the Project Management Institute, Inc.