A risk register is a tool in risk management and project management. It is used to identify potential risks in a project or an organization, sometimes to fulfill regulatory compliance but mostly to stay on top of potential issues that can derail intended outcomes.
The risk register includes all information about each identified risk, such as the nature of that risk, level of risk, who owns it and what are the mitigation measures in place to respond to it. Download our free risk register template for Excel. It’s a great risk register example.
You’ll never be able to anticipate everything that could go astray in a project, but by doing the due diligence, you’re able to have a plan in place to respond quickly before risks become real problems and sidetrack the whole project.
Having a list to track risk, whether by a simple spreadsheet or as part of a more robust project management software solution, is a good idea to tackle in any project plan. There is risk inherent in everything, and that goes doubly for managing a project with lots of moving parts.
Why Do You Need a Risk Register?
If you know what risk management is, then you’ll know that the next step to managing risk is strategically working to control the potential issues that are most likely to occur when you’re managing a project. Therefore, you should have a mechanism in place to collect potential risks and then map out a path to get the project back on track, should those risks become realities.
How to Make a Risk Register
The first thing you have to do is identify the risks. Projects are all different, of course, but for organizations that run similar projects year over year, there might be historical data to review to help identify common risks to those types of projects. Additionally, you can anticipate some risks based on market forces (supply and demand risks, for example), or based on common staffing or personnel issues, or even based on the weather.
Collect the Risks
To collect the possible risks that can show up when managing a project requires a systematic approach to make sure you’re as thorough as possible. The project risk register is a system, which can then track that risk if it in fact appears and then evaluate the actions you’ve set in place to resolve it.
When registering these risks on a spreadsheet or within your project management software, you have a place to put all this data and follow the specific risk throughout the project, thereby seeing if the actions you’ve put in place to remedy the risk are working. A risk tracking document therefore keeps the risk on a tight leash so it doesn’t run ruin over your project.
Document the Risks
The documentation of risk is vital to the success of any project. It gives you a single place to identify the risk, note its history—from where it first occurred to where you finally resolve it—and even tag the risk to the person who identified it and owns its management. You can remark on how likely the risk will impact the project and so much more.
Monitor the Risks
As mentioned, you have a place to assign a team member to the risk. That person then is responsible for monitoring the risk and leading any actions required to mitigate that risk or address it once it becomes an issue. By documenting this process in a register, you’re less likely to lose track of the risk over the course of a busy project, which means the risks aren’t turning into real issues that are running rampant out of sight and threatening the success of the project.
Resolve the Risks
Finally, when the risk is resolved, you can close it. Nothing is better than checking off that risk in your paperwork as no longer a problem in the project. Also, if the risk has been remedied, then you don’t want to continue putting resources against a problem that no longer exists. It simply gives you more control and fosters better communications with your team and stakeholders.
What Makes Up a Register to Track Risk?
Let’s go step by step through risk log tracking so when we can get the most out the document when we use it.
Get the team together to brainstorm potential risks. Every team member is responsible for different areas of the project, so use their expertise to help identify potential project derailing risks. You’ll also want to speak with stakeholders to make sure you’ve brought their concerns to mind, and are tracking their risks, too. Be sure to exhaust all areas of potential impact, from market forces to resources to the weather.
The next thing you want to do is describe the risk. Try to be as thorough as you can while keeping the description to the essentials. Having too vague a risk will make it a challenge to truly understand whether a risk has become a real issue or not. For example, don’t write, “The Weather,” for a risk contingent on the weather. Rather, go for something specifically related to your project, such as, “Monsoon season in India could cause shipping delays for copper.”
Include everything that the risk can influence, so you can develop a strong strategy to deal with it. For example, if layoffs have been rumored in your business sector regionally, identify the actual impact that might have on your project if it came to pass. For example, “Projected layoffs in Southeast manufacturing could risk production schedules in June. This could delay the entire project by 3 months, unless alternative production options are considered.” This tells the risk owner to investigate potential options for manufacturing facilities outside of that region, so a real backup plan is in place.”
This is the heavy lifting in the register, so give it the time and effort necessary to complete it properly. You want to be thorough, but not excessive. Keep the response short and to the point. Do your research, so if the risk shows up in the project you can go right into action. Document all response plans and implementation strategies. If this requires a long document, add a link or add an attachment to the risk document to point directly towards the planned response.
Not all risks are created equally. You have to decide here which are going to move to the front of the line and which are okay to ignore if you don’t have the time and resources. Here you’ll determine the level of risk: high, medium or low. This way you can filter your register and then prioritize.
Finally, assign an owner to each risk. If you don’t have a team member responsible for each and every potential risk, then you might not know about it until that risk is irreversible.
There is one last column in your register, and that’s a place to collect any notes that don’t fit under the categories already discussed. It’s important to have a place to put these ideas so they don’t get lost in the endless churn of a project.
Using ProjectManager.com to Track Risks
ProjectManager.com is an award-winning project management software with integrated risk tracking features that allow you to list, manage and collaborate with ease. Once you’ve selected a certain risk, there’s a simple and fast way to edit every aspect of the risk, including its name, description, which it is assigned to, and it’s level of priority. Even better, you have the ability to add notes, files, images and other attachments to that specific risk.
One of our most powerful risk management features is our real-time dashboard. Our project dashboard gives you a snap shot of your project status and is ideal for catching risks ahead of time, before they become issues. This unique feature is valued by project managers all over the world, in major companies like Volvo, NASA and Bank of America.
ProjectManager.com is cloud-based project management software that offers a collaborative risk tracking tool that gives you all the features you need to identify, track and resolve risks as they become issues in your project. Try it yourself and see how it can make managing risk and the whole project that much easier. Take our free 30-day trial today!