Risk Register Update — Hospitality & Tourism Edition
A recurring procedure for reviewing, updating, and maintaining the event risk register to ensure risks are proactively identified, assessed, and mitigated throughout the event lifecycle.
Purpose
To maintain an accurate and current view of event risks so that the event team and stakeholders can make informed decisions and take timely action to prevent or minimise the impact of adverse events.
Scope
Applies to all active event risks from initial identification through to closure, including regular review cycles and event-triggered updates.
Prerequisites
- Established risk register with an agreed risk assessment framework including probability and impact scales
- Risk owners assigned for all identified risks
- Regular risk review cadence defined in the event management plan
Includes food safety compliance (HACCP), RSA requirements, liquor licensing documentation, and tourism accreditation record keeping.
Step-by-Step Procedure
Identify New Risks
Proactively scan the event environment, recent events, and upcoming activities to identify any new risks that should be added to the register.
- 1.1Review recent event progress reports, meeting minutes, and change requests for emerging risk indicators
- 1.2Consult with team members and subject matter experts about potential risks in their areas
- 1.3Check external factors such as market conditions, regulatory changes, or vendor issues that could affect the event
- Use a risk prompt checklist covering common risk categories to ensure comprehensive identification
Reassess Existing Risks
Review all open risks in the register to update their probability and impact ratings based on current event conditions and any new information.
- 2.1For each open risk, evaluate whether the probability has increased, decreased, or remained the same since the last review
- 2.2Reassess the potential impact considering any changes in event scope, timeline, or dependencies
- 2.3Recalculate risk scores and reprioritise the risk register accordingly
Review Mitigation Action Progress
Check the status of all planned risk mitigation actions to ensure they are being executed on schedule and are having the intended effect.
- 3.1Contact risk owners to obtain status updates on their assigned mitigation actions
- 3.2Assess whether completed mitigation actions have reduced the risk as expected
- 3.3Identify any mitigation actions that are overdue or stalled and escalate as needed
- 3.4Define new or revised mitigation actions where existing plans are insufficient
Close Resolved Risks
Formally close any risks that have been fully mitigated, are no longer relevant due to changed circumstances, or have occurred and been managed.
- 4.1Review risks flagged for potential closure and confirm with the risk owner that closure is appropriate
- 4.2Document the closure rationale and any residual risk that remains
- 4.3Move closed risks to the closed section of the register while retaining the full history
Escalate Critical Risks
Identify any risks that have reached or exceeded the defined escalation threshold and formally escalate them to the appropriate stakeholders for attention.
- 5.1Review the updated risk register for any risks that meet the escalation criteria defined in the risk management plan
- 5.2Prepare an escalation brief for each critical risk including the current assessment, mitigation status, and required stakeholder action
- 5.3Submit the escalation to the event sponsor or steering committee as appropriate
Update and Distribute the Risk Report
Produce an updated risk summary report and distribute it to the event team and stakeholders as part of the regular reporting cycle.
- 6.1Generate the risk summary showing total open risks, new risks added, risks closed, and top risks by score
- 6.2Include a trend analysis showing how the risk profile has changed since the last report
- 6.3Distribute the report to all stakeholders via the agreed communication channel
- Use a visual risk heat map to communicate the risk profile at a glance
Quality Checkpoints
Common Mistakes to Avoid
Expected Outcomes
Percentage of risks that have been reviewed and updated within the defined review cycle, indicating how current the register is
Percentage of risk mitigation actions completed on or before their scheduled due date
Percentage of identified risks that materialised into actual issues, measured against the total number of risks identified, indicating identification and mitigation effectiveness
Frequently Asked Questions
Who is responsible for identifying risks?
Risk identification is a shared responsibility. While the event manager facilitates the process, every team member should be encouraged to raise potential risks. Stakeholders, subject matter experts, and even guests can contribute valuable risk insights.
What is the difference between a risk and an issue?
A risk is an uncertain event that may occur in the future and would affect the event if it does. An issue is a problem that has already occurred and requires immediate action. When a risk materialises, it transitions from the risk register to the issue log.
Should we include positive risks or opportunities in the register?
Yes, a comprehensive risk register should include opportunities as well as threats. Positive risks represent potential benefits that the team can exploit or enhance. Managing opportunities alongside threats gives stakeholders a balanced view of uncertainty.
How often should the risk register be updated?
For most events, a fortnightly review cycle is appropriate. High-risk events or those in critical phases may benefit from weekly reviews. The frequency should be defined in the event risk management plan and adjusted based on the event risk profile.
Want this customised for YOUR business?
We'll tailor every step to your exact operations, tools, and team structure.