Risk assessment template and matrix

RISK ASSESSMENT MATRIX AND

TEMPLATE

Queensland State Archives

Risk assessment matrix

Below is an example of a risk assessment matrix commonly utilised by government departments to

describe, analyse, assess, rate and control hazards or risks.

LIKELIHOOD

CONSEQUENCES

Negligible /

Insignificant

Low / Minor

Medium /

Moderate

Very high /

Major

Extreme /

Critical

Rare

LOW

Consider

accepting the

risk or routine

management

LOW

Consider

accepting the

risk or routine

management

LOW

Consider

accepting the

risk or routine

management

MEDIUM

Specify

responsibility

and action

HIGH

Quarterly senior

management

review

Unlikely

LOW

Consider

accepting the

risk or routine

management

LOW

Consider

accepting the

risk or routine

management

MEDIUM

Specify

responsibility

and action

MEDIUM

Specify

responsibility

and action

HIGH

Quarterly senior

management

review

Possible

LOW

Consider

accepting the

risk or routine

management

MEDIUM

Specify

responsibility

and action

MEDIUM

Specify

responsibility

and action

HIGH

Quarterly

senior

management

review

HIGH

Quarterly senior

management

review

Likely

MEDIUM

Specify

responsibility

and action

MEDIUM

Specify

responsibility

and action

HIGH

Quarterly

senior

management

review

HIGH

Quarterly

senior

management

review

EXTREME

Monthly senior

management

review

Almost

Certain

MEDIUM

Specify

responsibility

and action

MEDIUM

Specify

responsibility

and action

HIGH

Quarterly

senior

management

review

EXTREME

Monthly senior

management

review

EXTREME

Monthly senior

management

review

Risk Assessment Matrix and Template

Queensland State Archives 2

Example risk assessment register

Risk description

Likelihood

Potential impact of risk

Existing risk reduction

measures and/or

controls

Consequences

rating

Level of

risk

Priority

rating

There is a strong

likelihood that the

allocation of grant

monies will become

the subject of public

scrutiny through the

Right to Information

(RTI) process.

Failure to produce

evidentiary public

records required

under RTI could

prejudice the rights of

individual citizens,

organisations or the

public authority.

Possible:

The event

could happen

at sometime

within 5 years.

If records are not produced

in accordance with the

Right to Information Act

2009 the public authority

may be subject to penalty.

The failure within the

process could potentially

affect community

confidence in the relevant

public authority.

Services would continue

but recordkeeping practices

would need to be reviewed

for cause of failure and

corrective measures

implemented.

Review recordkeeping

practices for

documenting and

reporting against

funding programs with

particular attention to

the public records kept

of the evaluation of

funding applications and

the dispersal of funds.

Ensure that regular

internal audits of

funding programs are

undertaken and that

records of audits are

kept for the appropriate

period.

Medium:

Potential likelihood to

threaten the running

or services of the

public authority and

can be managed by

implementing new or

modified

recordkeeping

controls.

Significant