Professional Documents
Culture Documents
While an organization is required to identify risks and opportunities and make decisions on what actions
to take, this doesn’t need to be maintained as documented information within the QMS.
However, risk registers are valuable. They log information about both risks and opportunities.
In this way, they make it easier to record, track, manage, and evaluate the risks and opportunities. They
also aid in ISO 9001 compliance.
A risk register can be a simple document, spreadsheet, or database. The most effective format is usually
a table. A table can encapsulate a great deal of information in just a few pages.
For each risk, a risk register typically records the following information:
likelihood of occurrence
severity of effect