When identifying risks across the whole enterprise spectrum, a risk register is a simple and effective tool to capture critical information on the risk management process.
With advances in Risk Information Management Systems (RMIS) platforms and heavy computerized techniques, a simple Excel worksheet may seem outdated. However, it still can provide a foundation for simple risk management implementation within any organisation.
Some risk registers will go beyond just identifying risks and look to also document opportunities which can be exploited, harvested, or accepted based on their ability to improve current performance.
However, I believe when going through the risk identification process with strategic leaders, also throwing in opportunity identification can muddy the waters and take the exercise a bit off track.
I believe a good start is to first focus on identifying risk events that can derail current paths to achieving objectives and then from this process let the opportunity identification flow organically throughout the discussions.
This will help keep risk stakeholders on point when identifying risk events while also churning the mental wheels on how current processes, systems, or people can be optimised to improve performance.
Just a thought, but in the end a strategy that can help risk leaders focus on preventing errors leading to adverse events, while also finding ways to improve the current state of the business is a positive step.