|
A risk register is a risk management tool commonly used in risk management and regulatory compliance. It acts as a central repository for all risks identified by the organisation and, for each risk, includes information such as source, nature, treatment option, existing counter-measures, recommended counter-measures and so on. ISO 73:2009 Risk management—Vocabulary〔http://www.iso.org/iso/catalogue_detail?csnumber=44651〕 defines a risk register to be a record of information about identified risks. It can sometimes be referred to as a risk log (for example in PRINCE2). ==Contents== A Risk Register can contain many different items. There are recommendations for Risk Register content made by the Project Management Institute Body of Knowledge (PMBOK) and PRINCE2. ISO 31000:2009〔http://www.iso.org/iso/home/standards/iso31000.htm〕 does not use the term risk register, however it does state that risks need documented. There are many different tools that can act as risk registers from comprehensive software suites to simple spreadsheets. The effectiveness of these tools depends on their implementation and the organisation's culture. A typical risk register contains: * A risk category to group similar risks * A brief description or name of the risk to make the risk easy to discuss * The impact or consequence should this event actually occur rated on a number scale (e.g. 1-3) * The probability or likelihood of its occurrence rated on a number scale (e.g. 1-3) * Risk Score or Risk Rating (the multiplication of Probability and Impact) Additional fields can be added depending on need. The risks are often ranked by Risk Score so as to highlight the highest priority risks. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Risk register」の詳細全文を読む スポンサード リンク
|