Unless you can predict the future, risks are unavoidable in projects of any size.
Unavoidable because, by definition, uncertain. And, if something can go wrong, it will go wrong.
Murphy’s Law apart, if risk decides to show up in your project, not necessary it’ll cause you to fall short of your project targets. It may even enrich it with opportunities, like task completion with fewer personnel than you originally planned.
Still, in both the positive and the negative scenario, you must reduce the number of times you’re caught off guard, and when you are, lessens the effect of what went wrong.
In short, you must manage risk.
As part of risk management, you should identify risks and update the risk register, as more information becomes available to ensure informed decision making.
Although risk management is not limited to the production of risk registers or risk logs, they can summarize effectively the range of risks that might jeopardize a project’s deliverable and communicate risk exposure within and outside the project team.
Let’s go through a step by step checklist to see how to identify as many unknown risks as possible and prepare the risk register.
Risk Register – Activity Checklist
1. Identify Specific Risks
- Review other project documents, including other subsidiary plans, agreements, and assumptions.
- Review past records of problems encountered in similar situations.
- Gather information with techniques such as brainstorming, the Delphi technique, and interviewing.
- Be specific, use the lowest level of the risk breakdown structure as a risk checklist.
- Use diagramming techniques such as a cause-and-effect diagram, flowchart, or influence diagram.
- Conduct strengths-weaknesses-opportunities-threats (SWOT) analysis.
2. Record Single Entries in the Risk Register
- Assign a unique risk ID.
- Create a risk name, short and descriptive.
- Specify whether the risk is positive or negative.
- Assess the current status of the risk ( ‘under review, increasing, decreasing, stable, dead’).
- Select a risk category, such as technical, financial, or legal.
- Describe the risk event.
- Recognize the risk factor that may give rise to the project risk.
- Describe the risk impact for the project on a impact scale.
- Assess the urgency of the risk based on its probability and severity.
- Identify who will be responsible for the risk and authorize action.
- Detail which actions will control the risk.
- Specify if the risk review frequency will be according to a factor such as probability, at the end of each stage, or at set regular intervals during each stage.
- Schedule the next review date.