Risk Register

Posted on March 27, 2009 by


The Risk Register is an important project management document. It originally appears as the only output to the Identify Risks process of the fourth edition PMBOK®. As more analysis, planning, and monitoring occurs throughout the four risk processes that follow it (Perform Qualitative Risk Analysis, Perform Quantitative Risk Analysis, Plan Risk Responses, and Monitor and Control Risks), the risk register is updated as part of performing each of these processes. As each of these risk processes are performed, more information is added to the expanding document. Eventually it may contain a list of all identified risks, along with information describing them including their causes, categorization, probability of occurrence, impact if they occur, planned responses, person responsible, qualitative and quantitative risk analyses, and current status. The risk register is also used as an input to three other processes outside of the risk knowledge area—Estimate Costs, Plan Quality, and Plan Procurements.