ID Raiser Date Registered Category

Provides a unique reference for every risk entered into the Risk Register. It will typically be a numeric or alpha-numeric value. The person who raised the risk. The date the risk was identified.

The type of risk in terms of the project’s chosen categories (e.g. schedule, quality, legal, etc.). The default categories are OMB's list of 19 risk categories. Description In terms of the cause, event (threat or opportunity) and effect (description in words of the impact). Use If-Then format. Probability It is helpful to estimate the inherent values (pre-response action) and residual values (post-response action). These should be recorded in accordance with the project’s chosen scales. Impact It is helpful to estimate the inherent values (pre-response action) and residual values (post-response action). These should be recorded in accordance with the project’s chosen scales. Score Probability x Impact. Also called magnitude. Change Change in score since last review. Last Date of last review. Reviewed Guidance Recommended actions (e.g., escalation) to take based on the magnitude of the risk. Proximity This would typically state how close to the present time the risk event is anticipated to happen (e.g., imminent, within stage, within project, beyond project). Proximity should be recorded in accordance with the project’s chosen scales. Response How the project will treat the risk in terms of the project’s chosen Category categories. For threats: avoid, transfer, mitigate. For opportunities: exploit, share, enhance. For both: accept. Response Actions to resolve the risk, and these actions should be aligned to the Plan chosen response categories. Note that more than one risk response may apply to a risk. Trigger(s) An event that itself results in the risk event occurring (for example the risk event might be "flooding" and "heavy rainfall" the trigger). Owner Person responsible for implementing the response plan. Total Cost Cost to implement the set of actions to respond to the risk. Status Typically described in terms of whether the risk is active or closed.

0.9 0.7 0.5 0.3 0.1

0.09 0.07 0.05 0.03 0.01 0.1

0.27 0.21 0.15 0.09 0.03 0.3

0.45 0.35 0.25 0.15 0.05 0.5 Impact

0.63 0.49 0.35 0.21 0.07 0.7

0.81 0.63 0.45 0.27 0.09 0.9

Probability

Risk Register for [Project Name]
Monitor and Control Total Owner Cost Chris $200 Cairns

Risk Identification Date Registered 12/1/2012

Risk Analysis Pre-Response Last Response Impact Score Change Reviewed Guidance Proximity Category VH 0.45 UP ######### A Imminent Mitigate

Risk Planning Post-Response Response Plan Post a job on govloop.com. Engage Acquisition team to help identify vehicles to use. Draft initial requirements. Trigger(s) Outstanding offer made to Billy is rejected. Data analysis reveals gaps. Prob. L

ID 1

Raiser Chris Cairns

2

Category Description Prob. Schedule If we don't hire a PM, then the M project will never be completed. Steve 12/14/2012 Data / If we have to use third-party L Ressler informati services to get key data, then on we will need to hire contractors.

Impact Score Status L 0.09 Open

VH

0.27

NEW

######### B

Short term Mitigate

Steve $15,000 L Ressler

H

0.21

Open

Page 3 of 10

NAMES

RISK CATEGORIES

RISK GROUPS

Chris Cairns

Schedule

Resource Availability

RISK RISK RESPONSE STATUS CATEGORIES Avoid Open

Steve Ressler

Initial cost

Resource Availability

Transfer

Closed

N/A

Lifecycle cost

Resource Availability Technical Issues Business Impact Technical Issues Management and Oversight Security Business Impact Management and Oversight Summary of Failure Management and Oversight Business Impact Technical Issues

Mitigate

TBD

Technical obsolescence Feasibility Reliability of systems Dependency and interoperability Surety (asset protections) Risk of creating a monopoly Capacity of agency to manage investment Overall risk of investment failure Organizational and change management Business Data / information

Exploit Share Enhance Accept

Technology Strategic Security Privacy Project resources

Technical Issues Business Impact Security Security Resource Availability

PROBABILITY

IMPACT

PROXIMITY

Very High

VH

0.9

Very High

VH

0.9

Imminent

High

H

0.7

High

H

0.7

Short term

Moderate

M

0.5

Moderate

M

0.5

Mid term

Low Very Low

L VL

0.3 0.1

Low Very Low

L VL

0.3 0.1

Long term

PROXIMITY

RISK IMPACT SCALE

CHANGE

xx days/hrs

Less than or equal to 0.15

Green

New risk

NEW

0.01-0.15

Less than or equal to 0.15

within a Greater than workpackage 0.15 and less than or equal to 0.35 within a stage Greater than 0.35 Post project

Yellow

Change change in score Score increased Score decreased

--

0.21-0.35

Between 0.21 and 0.35

Red

UP

0.45-0.81

Greater than 0.45

DOWN

C

B

High likelihood of risk severely affecting one or more factors (cost, schedule, scope, quality). May have high potential of causing program/project stoppage. Medium likelihood of the risk moderately impacting one or more factors. Low likelihood of the risk moderately impacting one or more factors.

Notify senior management of project risk. Should be reported to as soon as possible to senior management officials (e.g., CIO, project sponsor, etc.) Asign a risk owner. Develop risk management activities. Those risks with lower magnitude may have less intensive activities. These risks might be tracked by the PM but not have an assigned risk owner or risk management activities.

A

Sign up to vote on this title
UsefulNot useful