> Column 3 = "Likelihood" (or "Probability") > Column 4 = "Risk score" (by multiplying the previous two fields. 25 is the max) > Column 5 = "Mitigation" (or "Strategy" or "Actions" or "Risk Response Action" as one user has suggested below)
> Then you just rank them all from highest to lowest risk score, and review each meeting.
> Some businesses also like to categorise risks if they have a lot, e.g. manufacturing risk, economic risk...
I would probably adapt the final column above, the 'Strategy/Action' column to be an 'Risk Response Action' button where the response/mitigation would in an action on an owner - the difference this and a normal action being the addition of a non-mandatory 'Trigger' - so the Action may behave per a normal action if the Trigger is not specified, or the Action becomes 'live' only if the trigger event occurs.
Risk reporting is often a complex and diverse area - different organisations can have highly variable risk reporting requirements but I agree that a generic reporting mechanism, similar in execution to the way in which boardPro has address the need for managing Action items and Minutes reviewing, with a special Agenda item type, would be very useful and would definitely add improved governance.
Our Board has requested it as well -- so adding my vote. Thx
This sounds like a great idea to improve governance for Directors.
Hi BoardPro. I've again got clients asking for this and see it has 31 votes now, so is near the top of the user wishlist. Where is it at please?
Hi BoardPro. I've just returned after some time away, and am wondering where this Risk Register idea from Jun 2018 is at?
13 upvotes suggests strong user demand.
The best risk register approach I've come across in recent years is as follows:
> Column 1 = "Risk"
> Column 2 = "Impact" (or "Severity")
> Column 3 = "Likelihood" (or "Probability")
> Column 4 = "Risk score" (by multiplying the previous two fields. 25 is the max)
> Column 5 = "Mitigation" (or "Strategy" or "Actions" or "Risk Response Action" as one user has suggested below)
> Then you just rank them all from highest to lowest risk score, and review each meeting.
> Some businesses also like to categorise risks if they have a lot, e.g. manufacturing risk, economic risk...
I like the trigger idea, Gavin. Would certainly help an organisation move at lightning speed when crisis strikes!
I would probably adapt the final column above, the 'Strategy/Action' column to be an 'Risk Response Action' button where the response/mitigation would in an action on an owner - the difference this and a normal action being the addition of a non-mandatory 'Trigger' - so the Action may behave per a normal action if the Trigger is not specified, or the Action becomes 'live' only if the trigger event occurs.
Risk reporting is often a complex and diverse area - different organisations can have highly variable risk reporting requirements but I agree that a generic reporting mechanism, similar in execution to the way in which boardPro has address the need for managing Action items and Minutes reviewing, with a special Agenda item type, would be very useful and would definitely add improved governance.