Search
  • Duncan

7 reasons why risk registers might be doing more harm than good

Updated: May 6

Risk registers are everywhere. Organisations invest considerable time, effort, and resources creating them, updating them, and reporting them. But if you actually think about them for a moment, you’ll quickly start challenging them. Here are a few reasons why you might want to change the way you do things.

  1. Every organisation faces multiple risks - tens, hundreds, if not thousands. Trying to keep a spreadsheet updated with all that information is impossible.

  2. Risk should be expressed in ranges. Spreadsheets almost invariably use single values or qualitative descriptors which are arbitrary and subjective.

  3. Distilling the hundreds or thousands of risks down to a ‘top 20’ or something equally arbitrary will lose a lot of detail and masks much of the information.

  4. Chasing people for updates is a never-ending task which takes time and effort for no noticeable benefit. People would rather be running their departments than updating your file.

  5. Risk needs to be related to the organisation’s objectives, a standalone document probably removes this association.

  6. Risk registers are unlikely to contain information about different options available to decision makers.

  7. There is nothing which says organisations are required to use risk registers - it’s just always been done that way.

19 views

Recent Posts

See All

Risk management horror stories

There are plenty of horror stories from the world of risk management out there. I’m not talking about bad decisions, poor strategies, mistakes or accidents, but rather cases where people have not thou

What risk management software?

While helping organisations strengthen their risk management arrangements we’re often asked what software do we recommend for risk management. The unfortunate fact is that there are many products out

© 2020 Risk Management Ltd 

Registered in Scotland SC618911

Registered office 43 Millside Road, Peterculter, AB14 0WG