Rank: New forum user 
|
I have recently devised a risk register and risk assessment process for my company, and although I have previous experiance in risk registers I was not directly linked with teh review due to a role change. Has anyone any experiance with starting from scratch adn how often to review the contect, ensure its upto date, and what data to feed in (including teh usual Accident/near miss data)
Help appreciated.
Lorraine
Edited by user 03 November 2017 14:55:08(UTC)
| Reason: SPELLING ERROR
|
|
|
|
|
|
Rank: Super forum user
|
First you need to be certain what you want the risk register for. Typically this will be to prioritise its management of risks. The key measurement will be its RAG rating for RED- Urgent action required. AMBER needs looking at but not until the REDs are done and GREEN-chugging along nicely. Keep it simple: list the risk, the consequences of that risk materialising, who is responsible for dealing with it and a timeframe. Do not add ridiculous numbers of columns and outcomes. I was given the job of creating a H&S risk register and it was decided it was not “sophisticated enough” and it was given to someone in strategic planning who produced a document so big and complicated you could not read it or print out (without decimating half the world’s forests) with several RAG ratings (so you did not know if you were closing the issue down or not) . it looked “sophisticated” but was useless when it came to prioritising risk. Based on it you establish a plan and then you follow it through. As to reviewing it well the owner should check it regularly (monthly?) but when the group monitoring the risk (H&S committee) should look at it is down to you. It should be at least annual but if you only need to meet up if something changes. Organising a meeting so that everybody can agree that nothing has changed is a bit pointless.
|
 1 user thanked A Kurdziel for this useful post.
|
|
|
|
Rank: Super forum user 
|
It is a management tool to assess the current position with regards to significant risks within the organisation - a snap shot. I suggest the RAG process is a good metaphor for easily distinguishing between those low, med and high risks. I update my risk register quarterly but I have found it is all too easy for it to grow 'arms and legs'. Initially it was used as a basis for discussion at quartely H&S meetings, however the minutes from the previous meeting now usually cover most aspects contained in the risk register.
I think it is important to keep it simple, otherwise there is a danger the risk register will get too large and unweildy and will require a lot of updating. Close items which are no longer an issue regularly in order to reduce uneccessary data. Finally, don't let others interfere with it, only one owner, whether they like the RAG or comments associated with the register is too bad. I often get the comment 'why is that amber/red' - because that is what I have deemed it to be!
|
2 users thanked RayRapp for this useful post.
|
|
|
|
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.