In the next to last part of our series on “Eight Powerful Project Management Processes” series, we take a look at a very critical process, the risk register. These processes are also included in our toolkit, Essential Gear for Project Managers.

Risk management is a critical, yet underutilized, process. In a survey we conducted of project managers, only 48 percent reporting using a risk register on more than 50% of their projects. There are many pitfalls involved in risk management, but the number one pitfall is to neglect to do it at all. Failing to undertake regular risk management means not only missing out on threats to the project, but also missing out on opportunities to save time and money and add value to the project.

The risk register is the project’s hub for collecting information about risks, risk ownership, root causes, and responses. Keeping the risk register updated throughout the project is a proactive step that can help improve the predictability of project outcomes. Risks can be catastrophic even if they are known and planned for, so one can imagine the impact of high-magnitude risks that were not accounted for. Tools like contingency reserve are useful only if risks are known. If too many risks are unknown, then the tool for managing those, the management reserve, may become overwhelmed—assuming there is a management reserve to begin with. The risk register is essential because it is a key piece to proactively managing a project. Below is an image of what a risk register might look like:

Best practices and pitfalls with risk registers include:

1. Collaborating with key team members and stakeholders.

To be effective, the risk register needs input from a variety of different areas. Team members and stakeholders should provide input to ensure that the risk register has covered the project from multiple points of view. Another often-overlooked source of risks is historical information and lessons learned from similar projects. Project managers can draw on struggles of other teams to illuminate possible risks facing them today.

Failing to involve key people in risk management is a pitfall for two reasons. One, the risks and associated qualitative and quantitative analysis will not be as realistic because experienced people who could have offered input did not. Second, the team members who were not involved cannot monitor risks as effectively, leaving others to be the risk owners. Placing risk ownership on other team members may overburden their project involvement.

Collaboration can be helped greatly by the presence of tools such as the Risk Breakdown Structure (RBS), which develops risks based on work packages in the WBS. See our Templates for a sample RBS and risk register.

2. Regularly updating the risk register.

The risk register needs to reflect the project status so that project managers can make sure they’re accounting for the latest risks. Risks do not just manifest before the project work begins; they can appear at any point during the project. For this reason, it is important to keep track of the risk register on a regular basis.

Failing to update the risk register is a pitfall for two reasons. One, the risk register will not be as effective due to it being out-of-date. Two, the project team will not mature as quickly in risk management practices if they do not practice regularly.

3. Assessing risks and planning responses.

It is not enough to just record the risks; their probability and impact need to be assessed and plans need to be made to respond to the risks. Consider any or all of the threat and opportunity responses:

Failing to assess risks is a pitfall because it is a passive strategy. To properly manage risks, project managers need to be proactive. As mentioned above, risk contingency reserve can be an integral part of the strategy for risks that have been discovered.

Download our Risk Register template to start using risk management on your projects right away.