A risk register is an essential tool in every project’s risk management. Risk managers gather details regarding identified potential project risks and hazards and document them in the risk register (Guide, 2017). Depending on project variables such as size and complexity, a risk register may contain either extensive or limited project risk details. Such details often include the nature of the risks, their level of business impacts, and a course of corrective actions in the event of the risks occurring (Kerzner, 2017). Risk registers are generally created during the conceptualization phase of a project. The risk registers then get regularly updated and referenced through risk monitoring and control (Meredith et al, 2017). A risk register, therefore, is functionally important in project/business risk planning and management.
Risk registers function as risk management systems’ memory (Guide, 2017). Without risk registers, project risk identification and control would be chaotic and thus barely effective. Without a risk register, risk memories would be from individuals. However, the approach of depending on individuals is risky itself. For example, a risk management manager may no longer work in an organization. As a result, all information he/she harbours about an organization's risks disappears with him/her (Kerzner, 2017). The risk register ensures every foreseeable risk is guarded against through the maintaining of an up-to-date register by continuous risk monitoring and control (Meredith et al, 2017). To have an accurate memory of the risks, a risk register must contain the following details:
1. Identification of all project environments and their associated risks
2. Identification of all project planning assumptions and their associated risks
3. A list of all potential risks identified by the project risk management team. The list should indicate each risk's probability of occurrence and its potential impacts on the project.
4. A comprehensive list of keywords and categories used to categorize assumptions, risks, and environments (Leva et al, 2017). The list enables the various groups of a risk management team to access past risk management work.
5. A list of all quantitative and qualitative estimates made on project assumptions, project risks, and project environments (Leva et al, 2017). The list should also document methods used in making the estimates.
6. Minutes of every risk management meeting. The minutes should include all actions developed and adopted to counter each particular risk or any decisions made to ignore a certain risk (Leva et al, 2017).
7. A list of actual outcomes of risk management on identified risks. The list should contain results of actions implemented to mitigate risks that occur.
Maintaining an up-to-date risk register containing all the above information makes it simple for anyone proposing to conduct risk management on an organization’s project (Guide, 2017). Without the risk registers, risk management would be an expensive feat, time-consuming, and ineffective as the risk management teams would have to always reinvent the wheel (Meredith et al, 2017). And mistakes of the past would be added to the mistakes of the future (Kerzner, 2017). For instance, in developing a mobile app, any past mistakes that occurred in the selection of the platform and target users would recur in future if the mistakes were not fully documented. The occurrence of past mistakes does not prevent the occurrence of future mistakes that will emerge as technology and organizations evolve.
Kerzner, H., 2017. Project management: a systems approach to planning, scheduling, and controlling. John Wiley & Sons.
Guide, P.M.B.O.K., 2017. A guide to the project management body of knowledge. Sixth Edit. Project Management Institute, Inc.
Meredith, J.R., Mantel Jr, S.J. and Shafer, S.M., 2017. Project management: a managerial approach. John Wiley & Sons.
Leva, M.C., Balfe, N., McAleer, B. and Rocke, M., 2017. Risk registers: Structuring data collection to develop risk intelligence. Safety science, 100, pp.143-156.