What is Risk Register?

In my belief the core components of a typical risk register must be:

  • Date
  • Description and nature of the risk
  • Likelihood
  • Impact
  • Risk score
  • Risk treatment measure (like mitigation action)
  • Owner of the risk
  • Risk tolerance level
  • Risk ratings
  • Related project, product or department
  • Affected stakeholders
  • Assessment detail
  • Contingent response (the actions to be taken should the risk event actually occur)
  • Trigger (an event that itself results in the risk event occurring)



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Pournader

Ben Pournader


Information Security Expert, Cyber Security Engineer, Blogger, Mentor, PCI SME, CISM, CISA, CRISC, RHCSA, MCSE, CCNA, MBA, PMP, CLSSGB