Risk Management Register

Factor	Scale	Description
Severity	1–4	Impact if the risk materialises (1 = Minor, 4 = Critical)
Likelihood	1–5	Probability of occurrence (1 = Rare, 5 = Almost Certain)

Category	Examples
Data Breach	Unauthorised access, data loss, misaddressed information
Cyber Attack	Ransomware, phishing, malware, denial of service
Insider Threat	Malicious or negligent staff actions
Physical Security	Theft, fire, flood, unauthorised premises access
Third-Party	Supplier failure, data processor breach
Compliance	Regulatory non-compliance, missed deadlines
Operational	System outages, staff shortages
Reputational	Negative publicity, loss of patient trust

¶ Risk Management Register