Risk Register
How to Develop a Risk Register
Adapted, from PM 007 Project Risk Register, Template & Guide, Department of Premier and Cabinet, Tasmania and AS/NZS 4360 Risk Management.
What is a Risk Register?
The Risk Register records details of all the risks identified for the University, a budget centre or project. Risks associated with activities and strategies and are identified then graded in terms of likelihood of occurring and seriousness of impact. Risk registers may identify:
• a unique code for each risk;
• a description of each risk and its potential consequences (operational and strategic);
• actions and controls that currently exist to mitigate risks;
• factors that may impact upon the likelihood and consequence of the residual risk;
• risk grade (priority);
• whether the risk grade is acceptable;
• early warning factors and upward reporting thresholds.
Risk registers should be maintained for all Faculties, Divisions, key planning processes and commercial activities. It is expected that the majority of managers will document their key business processes, and upward report emerging risk areas.
Why would you develop a Risk Register?
As a formal document, the analysis contained in a risk register can be used to document and improve workplace practices. The register can also be used to notify senior managers of emerging risk exposures that warrant immediate attention.
Involving staff and other members of the University community in the process of compiling a risk register is likely to encourage a high level of ownership of, and commitment to, University processes and activities.
The process of identifying and analysing risks should be a part of tactical decision making and strategic planning. The worth of business plans can be improved significantly if the risks associated with key business processes and proposals are analysed and where
Adapted, from PM 007 Project Risk Register, Template & Guide, Department of Premier and Cabinet, Tasmania and AS/NZS 4360 Risk Management.
What is a Risk Register?
The Risk Register records details of all the risks identified for the University, a budget centre or project. Risks associated with activities and strategies and are identified then graded in terms of likelihood of occurring and seriousness of impact. Risk registers may identify:
• a unique code for each risk;
• a description of each risk and its potential consequences (operational and strategic);
• actions and controls that currently exist to mitigate risks;
• factors that may impact upon the likelihood and consequence of the residual risk;
• risk grade (priority);
• whether the risk grade is acceptable;
• early warning factors and upward reporting thresholds.
Risk registers should be maintained for all Faculties, Divisions, key planning processes and commercial activities. It is expected that the majority of managers will document their key business processes, and upward report emerging risk areas.
Why would you develop a Risk Register?
As a formal document, the analysis contained in a risk register can be used to document and improve workplace practices. The register can also be used to notify senior managers of emerging risk exposures that warrant immediate attention.
Involving staff and other members of the University community in the process of compiling a risk register is likely to encourage a high level of ownership of, and commitment to, University processes and activities.
The process of identifying and analysing risks should be a part of tactical decision making and strategic planning. The worth of business plans can be improved significantly if the risks associated with key business processes and proposals are analysed and where