A Risk Register is a repository in which outputs of risk management processes are recorded.
It documents identified risks, their characteristics, assigned owners, response strategies, and monitoring plans, serving as the central reference for managing and tracking risk throughout the project or program.
Key Characteristics
- Comprehensive Record – Contains risk descriptions, categories, triggers, and status
- Living Document – Updated throughout the risk management lifecycle
- Supports Decision-Making – Informs planning, prioritization, and resource allocation
- Includes Response Details – Captures selected strategies and associated actions
Example Scenarios
- Logging new risks identified during execution along with mitigation plans
- Tracking risk status and changes in exposure throughout the project lifecycle
- Documenting residual risks and contingency triggers after implementing responses
Role in Risk Management
- Enables Transparency – Makes risks and their handling visible to stakeholders
- Facilitates Monitoring – Allows regular review and updates to risk status
- Supports Accountability – Links risks to owners and response actions
- Improves Historical Insight – Provides data for future projects and lessons learned
See also: Risk Management Plan, Risk Owner, Risk Action, Risk Response Plan, Monitor Risks.