Build a prioritized risk register with likelihood, impact, mitigation, owner, and status. — Claude Skill
Une compétence Claude pour Claude Code par Anthropic✓ — exécuter /risk-assessment dans Claude·Mis à jour le 13 juin 2026·vmain@da04ccb
Identifies operational, financial, compliance, strategic, reputational, and security risks, then ranks them in a practical risk register.
- Uses a simple likelihood-by-impact matrix that non-specialists can understand.
- Classifies risks across operational, financial, compliance, strategic, reputational, and security categories.
- Prioritizes material and controllable risks instead of listing every possible concern.
- Creates mitigation, owner, and status for each risk.
A team says a project has risks, but the risks are not scored, owned, or tied to mitigations.
Run /risk-assessment to create a prioritized register with likelihood, impact, owner, mitigation, and escalation triggers.
Pour qui
Ce qu'il fait
Know what could block, delay, or damage a launch before committing.
Assess operational, compliance, security, and financial vendor risks.
Identify risks before changing a workflow, system, or control.
Fonctionnement
Collect the project, process, vendor, or decision being assessed.
Identify risks by category and remove low-materiality noise.
Score likelihood and impact as high, medium, or low.
Convert scores into critical, high, medium, or low risk level.
Add mitigation, owner, and status so the register is actionable.
Options d'entrée
Project, vendor, process, system change, launch, or decision being assessed.
Exemple
Project: migrate customer data from legacy CRM to new CRM over one weekend. Known concerns: duplicate accounts, missing billing contacts, executive customer list, support team needs old tickets, security wants access review, launch date tied to sales kickoff. Need: prioritized risk register and mitigations.
| | Low Impact | Medium Impact | High Impact | |---|---|---|---| | High Likelihood | Medium | High | Critical | | Medium Likelihood | Low | Medium | High | | Low Likelihood | Low | Low | Medium |
| Risk | Category | Likelihood | Impact | Level | Mitigation | Owner | Status | |---|---|---|---|---|---|---|---| | Duplicate accounts corrupt customer ownership | Operational | High | High | Critical | Run dedupe dry run and manual review for top accounts | RevOps | Open | | Billing contacts missing after migration | Financial | Medium | High | High | Validate billing contact field mapping before cutover | Finance Ops | Open | | Old support tickets not visible to agents | Reputational | Medium | Medium | Medium | Keep read-only legacy access for 30 days | Support Lead | Mitigated | | Access permissions copied incorrectly | Security | Low | High | Medium | Complete role-based access review before go-live | Security | Open | | Sales kickoff demo depends on migration | Strategic | Medium | Medium | Medium | Prepare fallback demo environment | Sales Ops | Accepted |
1. Run migration dry run with duplicate and missing-field report. 2. Review top 100 customer accounts manually before final cutover. 3. Keep read-only legacy CRM access during the first 30 days. 4. Complete access review and sign-off before production migration. 5. Prepare sales kickoff fallback if cutover is delayed.
| Trigger | Escalate to | Why | |---|---|---| | Duplicate rate above 2% in dry run | RevOps + Sales leadership | Customer ownership may be wrong | | Missing billing contacts above 1% | Finance Ops | Invoicing follow-up could fail | | Access review not signed off by Friday | Security + Project sponsor | Go-live should not proceed without approval |
Métriques améliorées
Compatible avec
Envie d'utiliser Risk Assessment ?
Choisissez comment commencer.
Installez et exécutez cette compétence localement sur votre ordinateur.
Ouvrez un terminal sur votre ordinateur et collez cette commande :
Cela télécharge la compétence avec tous ses fichiers sur votre ordinateur :
Ajoutez -g à la fin pour le rendre disponible dans tous vos projets.
Démarrez Claude Code, puis tapez la commande :
Risk Assessment
Systematically identify, assess, and plan mitigations for operational risks.
Risk Assessment Matrix
| Low Impact | Medium Impact | High Impact | |
|---|---|---|---|
| High Likelihood | Medium | High | Critical |
| Medium Likelihood | Low | Medium | High |
| Low Likelihood | Low | Low | Medium |
Risk Categories
- Operational: Process failures, staffing gaps, system outages
- Financial: Budget overruns, vendor cost increases, revenue impact
- Compliance: Regulatory violations, audit findings, policy breaches
- Strategic: Market changes, competitive threats, technology shifts
- Reputational: Customer impact, public perception, partner relationships
- Security: Data breaches, access control failures, third-party vulnerabilities
Risk Register Format
For each risk, document:
- Description: What could happen
- Likelihood: High / Medium / Low
- Impact: High / Medium / Low
- Risk Level: Critical / High / Medium / Low
- Mitigation: What we're doing to reduce likelihood or impact
- Owner: Who is responsible for managing this risk
- Status: Open / Mitigated / Accepted / Closed
Output
Produce a prioritized risk register with specific, actionable mitigations. Focus on risks that are controllable and material.
Documents de référence
name: risk-assessment description: Identify, assess, and mitigate operational risks. Trigger with "what are the risks", "risk assessment", "risk register", "what could go wrong", or when the user is evaluating risks associated with a project, vendor, process, or decision.
Risk Assessment
Systematically identify, assess, and plan mitigations for operational risks.
Risk Assessment Matrix
| Low Impact | Medium Impact | High Impact | |
|---|---|---|---|
| High Likelihood | Medium | High | Critical |
| Medium Likelihood | Low | Medium | High |
| Low Likelihood | Low | Low | Medium |
Risk Categories
- Operational: Process failures, staffing gaps, system outages
- Financial: Budget overruns, vendor cost increases, revenue impact
- Compliance: Regulatory violations, audit findings, policy breaches
- Strategic: Market changes, competitive threats, technology shifts
- Reputational: Customer impact, public perception, partner relationships
- Security: Data breaches, access control failures, third-party vulnerabilities
Risk Register Format
For each risk, document:
- Description: What could happen
- Likelihood: High / Medium / Low
- Impact: High / Medium / Low
- Risk Level: Critical / High / Medium / Low
- Mitigation: What we're doing to reduce likelihood or impact
- Owner: Who is responsible for managing this risk
- Status: Open / Mitigated / Accepted / Closed
Output
Produce a prioritized risk register with specific, actionable mitigations. Focus on risks that are controllable and material.