What is the Risk Register?
As discussed in our last article, the risk management plan is essential to the project manager. Moving on from the risk management plan, the risk register is a log records all the risks that have been identified and their severity upon the project as well as the actions needed to mitigate or deal with each risk.
The risk register therefore provides a framework that the project team can work to in order to reduce the impact of identified risks.
How to use the risk register
Having identified the risks to the project, they are recorded in the risk register and each is given a measurement of potential risk and impact. While individual risks are prioritised as to their level and trend, the details which may be recorded within the risk register include:
- Type (e.g. business/project/stage)
- Severity (impact on project)
- Actions to be taken (to prevent/reduce/transfer the risk)
- Status (current or no longer a risk)
The risk register will also be used to identify and record who is responsible to monitor the risk (the ‘owner’ of the risk).
The risk register should be used at team meetings to discuss project performance and reassess individual risk levels. In this way, the risk management of a project becomes a fluid and real-time project management process:
- The owner of the risk continually monitors that risk
- Review meetings are held to review risks and trends, and reprioritise the risk register
- The project team applies stated actions to mitigate risks as part of risk management strategy, in order to maintain risk below a critical level (and at a level that is manageable)
- Lessons learned are captured and used to improve risk measurement and mitigation
Preparing the risk register for final review
The project manager should also ensure that the risk register contains details of how the risk was reported (which is usually through the monitoring procedures such as team meetings), and how the project team implemented mitigation strategies. Finally, how the plan and any actions taken have impacted the project, client, and other stakeholders should also be recorded.
By ensuring that these final detail are recorded within the risk register, the project manager will be properly equipped to conduct a Post Implementation Review (PIR) of the project. We discuss the PIR in our next article.