The Risk Management Register is a management tool that identifies, assesses, and records recommended actions that management must take to alleviate the risk potential down to acceptable levels.

The register provides a framework in which potential problems that threaten the delivery of the anticipated benefits of a system or application are recorded.

The Risk Management Register contains the following topics:

  Initial Risk Information
      Risk Description / Risk Event Statement
      Responsibility for the risk
      Date reported and date updated
  Risk Assessment Data
      Impact (High / Medium / Low)
      Specific impact of risk
      Probability of occurrence (High / Medium / Low)
      Timeline (Near term / Medium / Far Term)
      Status of response
          Plan developed but not enacted
          Plan enacted but effect not determined
          Plan enacted and effective
  Risk Response / Action
      Completed action
      Planned future actions
      Risk status.

Scroll down to the IT Risk Management Register example below.