skip to navigation skip to content skip to footer

Defence Estate Quality Management System (DEQMS) Davis Langdon Certification Services

ID Risk Management - 1.0 Risk Registration

Risk Registration process flowchart Risk Process Image


1.1 - Risk Originator - Potential Risk Identified

Off System

  • 1.1 -A potential risk is identified. Triggers include:
    • Risks identified in a risk workshop
    • Risks identified when retiring risks
    • Risks identified throughout the project delivery
  • Does Risk Originator have BURM role? SAP Image
    • if NO - 1.2, Risk Originator will need to send the relevant Directorate BURM an email request to create the risk entry. The email must request:
      • Name and description of the risk
      • Relevant project if a project risk including PPM item (GEMS project ID) if known
      • Proposed Risk Owner
      • Any additional relevant information
    • if YES,continue to 1.3

Note: The Risk Originator may or may not be a Business Unit Risk Manager.

1.3 - Business Unit Risk Manager

SAP Image

  • 1.3 - Create SAP Risk Record (Shell) in SAP. The Shell should capture
    • Risk Name
    • Risk Description
    • Risk Category
    • Risk Drivers & Impacts
  • Does the prject exist in the Risk Org Structure ?SAP Image
    • If NO- 1.4, BURM sends an email request to a Master Data Maintainer requesting that they add the relevant project to the Risk Organisation Structure.
      • coninue to step 1.5
    • If YES - continue to step 1.7

1.5 - Risk Master Data Maintainer - Update Risk Organisational Structure

Risk & Compliance Elements Data Element Data

SAP Image

  • 1.5 - Risk Master Data Maintainer adds new project to the Risk Organisation Structure under the relevant directorate.

Off System

  • 1.6 - Risk Master Data Maintainer confirms change to Risk Organisation Structure by email BURM.
    • continue to step 1.7

1.7 - Business Unit Risk Manager (BURM)

Risk & Compliance Elements Data Element Data

SAP Image

  • 1.7 - BURM links Risk to Org Unit and PPM Object.
    • Select the relevant project in the "Organisation Unit" drop down (if not already completed in step 1.6) AND add the relevant project as an associated object in the "Context" menu.
    • NOTE: It is essential that project risks are linked to a project by BOTH the risk organisation structure and the PPM Object.
  • 1.8 - Assign Project Officer / Director as Risk Owner
    • Select the relevant project in the "Organisation Unit" drop down (if not already completed in step 1.6) AND add the relevant project as an associated object in the "Context" menu.
      • NOTE: The BURM must consult with the Risk Owner prior to assigning them the risk.
    • Click "Start Analysis" after assigning the Risk Owner.
  • 1.9 - Attach Relevant Documentation
    • Using the attachments and links tab - attach objective references to risk record - Emails and background papers. 
  • 1.10 - Notify Risk Owner
    • BURM uses the planner function to advise Risk Owner of action required. Follows up with DRN email.
      • NOTE: This step triggers a system workflow.

Continue to 2.0 Analyse/Evaluate Risk