Skip to Content
Department of Premier and Cabinet

3. Identify the risk

In this phase, your council identifies the potential risks that need to be managed. The sources of risk, areas of impact, events and change in circumstances, their causes and potential consequences should be identified and added to a list or register of risks.

Risk identification needs to be undertaken on a periodic basis, and also in the context of any proposed new service or project. Your council should schedule regular reviews of the risk register. These reviews should take into account any changes in the council’s services and operating environment, and identify all risks that impact on the council’s activities, regardless of whether or not the risks are under the council’s control.

Approaches used to identify risks may include:

  • brainstorming sessions;
  • review of audit findings;
  • assessment of historical incident data;
  • assessment of third party contracts;
  • ongoing project management; and
  • stakeholder needs.