Free risk register template
Jump to download form ↓Enter your email below to download this risk register template as a ready-to-use PDF.
Download a free risk register template. Identify, assess and track workplace risks with likelihood, consequence and controls. PDF ready.
Commercial Director
How to use: download the PDF, print or complete digitally on any device.
- ✓PDF format, ready to print or fill on screen
- ✓Use as-is or customise to suit your operation
- ✓Go digital in MapTrack for photos, alerts and audit trails
Download free PDF template
Trusted by teams across Australia and New Zealand
We respect your privacy. Unsubscribe anytime.
Preview the template
See the first part of the risk register template below. Download the full version above.
What is a risk register template?
A risk register is a management tool used to identify, assess, prioritise and track risks across a workplace, project or organisation. Each entry records the risk description, risk category, likelihood, consequence, inherent risk rating, controls in place, residual risk rating, risk owner and review date. The risk register provides a centralised view of all identified risks and their current control status, enabling management to allocate resources to the highest-priority risks and demonstrate that risks are being actively managed.
Under the WHS Act 2011, PCBUs must identify hazards, assess risks and implement controls. A risk register is the practical tool for meeting this obligation at an organisational level. While individual risk assessments address specific hazards, the risk register aggregates all risks into a single document that can be reviewed by management, safety committees and regulators. ISO 31000 (Risk management) provides the framework for risk management processes, and a risk register is a core output of that process. Organisations that maintain a current, reviewed risk register make better decisions because they have visibility into the full spectrum of risks and can prioritise accordingly.
Learn more about compliance and inspections in MapTrack.
Benefits of using this risk register template
- Centralised visibility: see all identified risks in one place, enabling informed decision-making about priorities and resource allocation.
- Regulatory compliance: demonstrate that risks have been identified, assessed and are being actively managed as required by the WHS Act.
- Prioritisation: risk ratings help management focus attention and resources on the highest-priority risks.
- Accountability: assigning a risk owner to each entry ensures someone is responsible for monitoring and controlling the risk.
- Continuous improvement: regular reviews of the register identify new risks, reassess existing risks and verify that controls remain effective.
- Audit readiness: a maintained risk register is key evidence for safety audits, certification assessments and legal proceedings.
Benefits of digitising forms in MapTrack
When you move your registers from paper to MapTrack, you get:
- Field users can easily scan a QR code to complete a form on mobile. Unlimited users.
- Automatically get alerts when faults are identified.
- Link every form digitally as a PDF to the relevant asset, location or person.
- Receive a digital PDF copy with every submission to your email.
- Ability to share forms digitally.
- Build conditional logic (show or hide questions based on answers).
- Take pictures or attach photos. Not possible with a paper-based form.
- Electronic signatures.
- Edit forms later without reprinting.
- Restrict permissions (who can view, complete or approve).
- Build forms with AI (describe what you need and MapTrack suggests the form).
- Escalate critical hazards instantly to safety managers via push notification.
- Maintain an auditable safety register that satisfies WHS regulator requests.
- Correlate incident trends across sites with built-in safety analytics.
Book a demo to see how MapTrack handles registers.
Try MapTrack free for 30 days
Full access to every feature. No credit card required. Per-asset pricing so you scale as your fleet grows.
- No credit card required
- 30 days free trial
- Cancel anytime
What to include in a risk register template
This risk register template covers 12 key areas:
- Risk ID: unique identifier for each risk entry.
- Risk description: clear, specific description of the risk event and its potential impact.
- Risk category: safety, operational, financial, environmental, reputational, legal, strategic.
- Likelihood: rating scale (rare, unlikely, possible, likely, almost certain) with definitions.
- Consequence: rating scale (insignificant, minor, moderate, major, catastrophic) with definitions.
- Inherent risk rating: likelihood x consequence before controls (low, medium, high, extreme).
- Controls in place: description of current controls (elimination, substitution, engineering, administrative, PPE).
- Residual risk rating: likelihood x consequence after controls.
- Risk owner: person responsible for monitoring and managing the risk.
- Review date: next scheduled review date for this risk entry.
- Status: open, under treatment, closed, escalated.
- Action plan: additional controls planned, responsible person and due date.
How to use this risk register template
- Identify risks through hazard identification, incident reviews, audits and consultation.: Gather risk information from workplace inspections, incident and near-miss reports, audit findings, worker consultation, industry data and regulatory changes. Each identified risk should be recorded as a separate entry in the register with a clear, specific description.
- Assess each risk using the likelihood and consequence matrix.: Rate the likelihood and consequence of each risk before controls (inherent risk). Use consistent definitions for each rating level to ensure objectivity. The inherent risk rating provides the baseline against which control effectiveness is measured.
- Document current controls and assess the residual risk.: For each risk, list the controls currently in place. Classify controls using the hierarchy of controls (elimination, substitution, engineering, administrative, PPE). Re-rate the likelihood and consequence with controls in place to determine the residual risk rating.
- Assign a risk owner and set a review date for each entry.: Nominate a specific person as the risk owner responsible for monitoring the risk and ensuring controls remain effective. Set a review date based on the risk level. High and extreme risks should be reviewed monthly, medium risks quarterly, and low risks annually.
- Review the register regularly and update as conditions change.: Review the full register at least quarterly with the management team or safety committee. Update risk ratings when conditions change, when incidents occur, when new information becomes available or when controls are modified. Close risks that have been eliminated and add new risks as they are identified.
In MapTrack, you can digitise safety inspections and compliance forms. Each submission is stored as a timestamped PDF against the asset record.
Get the free template
Enter your email above to download the full risk register template as a PDF.
Back to download formHow often should you complete this register?
The risk register should be reviewed in full at least quarterly. Individual risk entries should be reviewed according to their risk level: extreme and high risks monthly, medium risks quarterly, low risks annually. The register should also be updated whenever a new risk is identified, an incident occurs, or there are significant changes to operations, site conditions or legislation.
Frequently asked questions
- What is the difference between a risk assessment and a risk register?
- A risk assessment is a process applied to a specific hazard, task or activity to identify risks and determine controls. A risk register is a centralised document that aggregates all identified risks across the organisation or site. Individual risk assessments feed into the risk register. The register provides a portfolio view of all risks, their ratings, controls and owners, enabling management-level oversight and prioritisation.
- How many risks should a risk register contain?
- There is no fixed number. A risk register should contain every significant risk that has been identified. A small site might have 20 to 30 entries, while a large construction project or mining operation might have hundreds. The key is that risks are described at a useful level of specificity. Risks that are too broad are difficult to control, while risks that are too granular make the register unwieldy.
- Who should own the risk register?
- The PCBU or senior management has overall accountability for risk management. In practice, the safety manager or risk manager typically maintains the register. However, individual risk entries should be owned by the person best placed to monitor and control that specific risk. The management team or safety committee should review the full register at scheduled intervals.
- Is this risk register template free?
- Yes. This risk register template is completely free to download and use. Open the HTML file in any browser and print to PDF. No MapTrack account is required. If you want digital risk management with automated review reminders and dashboards, MapTrack can help.
Applicable regulatory standards
This template aligns with the following regulations and standards:
- WHS Act 2011, Section 17 - Management of risks
- WHS Regulations 2011 - Chapter 3, Part 3.1 (Managing risks to health and safety)
- ISO 31000:2018 - Risk management
Need to digitise safety inspections and compliance forms?
Register every asset in MapTrack, attach digital forms, and get a complete history of every inspection, service and compliance record.
Compliance and inspections · All templates · Pricing · Book a demo