Risk Register (Template)
Tip: Keep it simple. Each risk should have evidence and a clear recommendation.
| ID | Risk Title | Domain | Impact | Likelihood | Evidence (brief) | Recommendation | Effort | Owner Type | Target (30/60/90) |
|---|---|---|---|---|---|---|---|---|---|
| 1 | Identity & Access | High | Med | M | IT/MSP | 30 | |||
| 2 |
Scoring guide (simple)
- Impact: business harm if this happens (money, downtime, trust)
- Likelihood: how likely given current posture
- Effort: S (hours), M (days), L (weeks+)