RiskRegister

Revision as of 11:29, 18 February 2021

Abstract

Identifying risk in a project is always important in order to understand potential consequences related to given tasks and/or decision made within a project. Uncertainty and opportunities will always be present, and hence it is important to accommodate and grasp important factors, that might influence the outcome of a project and hence its success.

As the risk register tool presented in the PRINCE2 standard is a way of documenting and registering risk, it builds on other methods in order to locate more cryptic risks as well as how to deal with them. Hence he risk register is used as a risk management tool. However, more straight forward and easily identified risk are also added to the risk register and can be done so by the project manager, once updating or maintaining the document. In this document the risks are summarised, creating an overview of potential threats, risks and also opportunities.

Once risks are identified, the project manager can use the risk register tool to establish an overview of risk and potential threats or opportunities to the projects in a structured way. By filling in important information on the impact of the risk, the probability of the risk, how to handle the risk, amongst others, the project manager can locate and assign scores, indicating the importance of that risk being handled. Here manages should keep in mind, that assigned scores are based of the perception of the risk when added to the document and hence the quality of the risk register relies on an iterative and ongoing evaluation of registered risks. Noting down whether a risk has been handled or not is also an ongoing process that likewise is important in order to assure the quality of the risk register. Because of its simple structure the risk register can be reevaluated and adjusted on a day-to-day basis, by filling in the relevant information in the risk register document. This therefore makes it a simple yet effective tool in order to handle risks in a project.

Big Idea

^[1]

Application

• Risk identifier: Provides a unique reference for every risk entered into the risk register. It will typically be a numeric or alphanumeric value-Risk author
• Risk author: The person who raised the risk-Risk category
• Date registered: The date the risk was identified
• Risk category: The type of risk in terms of the project’s chosen categories (e.g. schedule, quality, legal)
• Risk description: Describes the risk in terms of the cause, event (threat or opportunity) and effect (in words of the impact)
• Probability, impact and expected value: I t is helpful to estimate the inherent values (pre-response action) and residual values (post-response action). These should be recorded in accordance with the project’s chosen scales
• Proximity: This would typically state how close to the present time the risk event is anticipated to happen (e.g. imminent, within the management stage, within the project, beyond the project). Proximity should be recorded in accordance with the project’s chosen scales
• Risk response categories: How the project will treat the risk in terms of the project’s chosen categories. For example:

1. for threats: avoid, reduce, transfer, share, accept, prepare contingent plans
2. for opportunities: exploit, enhance, transfer, share, accept, prepare contingent plans

• Risk response: Actions to be taken to resolve the risk. These actions should be aligned with the chosen response categories. Note that more than one risk response may apply to a risk
• Risk status: Typically described in terms of whether the risk is active or closed
• Risk owner: The person responsible for managing the risk (there should be only one risk owner per risk)
• Risk actionee: The person(s) who will implement the action(s) described in the risk response. This may or may not be the same person as the risk owner.

Limitations

References

1. ↑ Project Management: A guide to the Project Management Body of Knowledge (PMBOK guide), 6th Edition (2017)