Insurance + Risk Services

Does your business have a risk register?

A simple risk register could prevent potentially catastrophic outcomes.

What is a Risk Register?

A Risk Register is a central repository listing all potential risks associated with either operating your business generally, or undertaking an individual project. This master document not only lists potential risks, but grades them according to their likelihood of occurrence and seriousness of their impact, as well as plans and procedures to avoid or mitigate the identified issues.

A risk register is a necessary tool for any organisation to utilise as part of a broader risk management strategy, to ensure there are clear guidelines and procedures in place to lessen the impact of any unfortunate occurrences. It is also a useful tool to assist businesses with executive decision making, by weighing both benefits and negative impacts of undertaking new business.

Getting started

To get started, we recommend appointing an individual or small committee to develop your risk register. Those appointed will take ownership and responsibility of analysing risk within your business, developing strategies to minimise any potential risk, and collating a clear set of policies and procedures to guide ongoing management of risk.

Analysing Risk

The first step of analysing risk associated with your business or project is to list all possible occurrences that could have potentially negative outcomes for your organisation – these occurrences may affect your business in a myriad of ways, including in a financial, reputational or fulfilment capacity.

Once you have listed all potential risks with a brief description, you will need to list them in order of priority. This may be difficult, as one risk may appear severe but upon further investigation, is extremely unlikely to occur.

These simple tables may assist you in prioritising your risks.


RiskImage2                                         RiskImageSeverity

Risk Treatment

Once you have analysed the risk inherent in your business or project, you will need to individually review how you will ‘treat’ each risk. By treating each risk, you may be eliminating or lowering the likelihood of occurrence, or mitigating the potential severity of any consequences if the risk is realised.

Some common risk treatments include:

  • Identifying risks that can be easily eliminated by adjusting operations
  • Discontinuing any activity where the risk has been identified as unacceptable
  • Transferring financial liability by contracting an insurer for significant and necessary risk
  • Developing specific policies or guidelines to determine actions in situations that have been identified as involving risk

For any risk that cannot be eliminated or transferred, appropriate mitigation actions must be taken to lower the risk to a level that is comfortable for you. If businesses do not take appropriate measures to eliminate, transfer or mitigate these risks, often the financial outcomes outweigh the capacity of the business, leading to catastrophic consequences.

Next Steps

A vital part of developing a risk register, as well as a broader risk management plan, is ensuring that currency is maintained. A risk register will not form part of an effective risk management strategy if it is not updated with any new activity, and if regular audits are not completed.

We recommend that your risk management team schedule regular risk register audits to account for any new projects or changes in circumstance. It is similarly imperative that any related policies and procedures are reviewed and updated on a yearly basis to minimise any unnecessary risk.

Make sure you stay up to date with our Insights blog, for further details on how to protect yourself and your engineering business.

Need some help?

A clear and comprehensive risk management program can ensure your business is equipped with the necessary tools to effectively respond and manage hurdles that threaten your commercial success.

EngInsure’s specialist risk consultant will work closely with your key people to develop and implement an effective risk management strategy.

To discuss your risk management needs, contact us on 1300 854 251 or click here to submit an online enquiry.


This insight article is not intended to be personal advice and you should not rely on it as a substitute for any form of personal advice. Please contact Whitbread Associates Pty Ltd ABN 69 005 490 228 License Number: 229092 trading as EngInsure Insurance & Risk Services for further information or refer to our website.