Explain the components of a risk register and suggest how they may be monitored and reviewed.
A basic risk register is likely to contain the following components:
Date hazard identified: this will help measure the time between the date the risk was identified and when the problem was resolved.
Location of hazard (if applicable): applicable for “physical” risks. Large organisations might have different sites, and different floors.
Type of Risk/Description of Risk: self-explanatory.
Likelihood of risk: e.g. high (more than 70% chance of occurrence), medium (between 30 – 70% chance) low (less than 30% chance of occurring).
Potential Cost: in pounds, or in impact (e.g. injury).
Risk Ownership: the name and details of an individual in the team or organisation who will take the ownership of treating the risk, having agreed to this responsibility.
Response Actions: a description of the course of action taken to treat the risk.
Residual Risk and Impact: Risk now that counter measures have been put into place
Current Status: e.g. being monitored, escalated to another person.
Closed date: date risk item was closed, and why it was closed.
Any one in the team or organisation could report a risk onto the risk register. A person in charge of its maintenance, e.g. risk manager, project manager, line manager, will decide or negotiate who takes ownership of the risk. If the importance of risk awareness and risk management has permeated the culture of the team or organisation, staff should be willing and capable of adequately treating the risk. The risk register will need to be reviewed by everyone who is tasked with taking ownership of a risk until the risk manager/senior managers are satisfied that the risk has indeed been effect ...