Ngenaire Docs

Risk Register

The Risk Register is the project's catalog of identified risks. Each risk is scored by probability × impact, placed on a risk-level heatmap, and tracked through to mitigation. Risks can also depend on one another, and those dependencies feed a risk critical-path graph.

Sidebar location: Track → Risk Register (/projects/risk-register).

What a risk record contains

  • Title and description.
  • Probability and impact — the two factors scored to produce the risk level.
  • Risk level — derived from probability × impact (the heatmap places it in Low / Medium / High / Critical).
  • Status — track the risk from identification through mitigation to closure.
  • Owner — the person accountable for the risk.
  • Mitigation — what is being done to prevent or absorb it.
  • Dependency links — relationships to other risks (see below).

Walkthrough

  1. Open Track → Risk Register.
  2. Click to add a new risk. Enter the title and description, then set probability and impact — the risk level and heatmap position update from these.
  3. Assign an owner and write the mitigation plan.
  4. Use the heatmap to triage: the high-probability, high-impact cell is your priority queue. Probability × impact gives each risk its level.
  5. Update status as the risk moves through mitigation, and close it when the trigger is resolved.
  6. Review the stats dashboard to see counts broken down by level and status.

Risk-to-risk dependency links

Risks rarely stand alone. You can link risks to one another with these relationships:

  • Depends on — this risk depends on another.
  • Blocks — this risk blocks another.
  • Influences — this risk influences another.

These links build a risk critical path — the longest cumulative-risk path through the linked network. It surfaces the chain of interdependent risks that carries the most combined exposure, so you know which risks to attack as a group rather than in isolation.

AI Assistant prompts

Identify the top five risks by score and propose a mitigation for each.

Which risks form the longest dependency chain, and how should we sequence mitigation?

Recommend technical risks based on the requirements set, focusing on safety-critical items.

Tips

  • One owner per risk. Accountability belongs to a person, not a team.
  • Score honestly. The heatmap is only useful if probability and impact reflect reality.
  • Link related risks. Dependency links turn a flat list into a network and reveal the risk critical path.

Related