example

Procurement Risk Register

1
2
3
4
5
6
7
8
9
10

Name of tender: [name]

Risk

Impact

What would stop our procurement

objectives being met?

What would be the result of this risk?

Example: Suppliers do not

understand the business need.

Proposals fail to address the

requirements, no proposals meet the
need.

How risky is this if left uncontrolled?

Likelihood

Possible

Consequence

High

Risk rating
(uncontrolled)

Does Procurement Plan mitigate risk?

What is in place to reduce the risk?

Make sure the description of goods/services

is comprehensive. Double-check the final
draft with the business owner. Set
appropriate weightings.

What level of risk remains if mitigated?

Likelihood

Rare

Consequence

Low

Risk rating
(controlled)

Do we need additional controls?

What else could we do to reduce this
risk?

Test the description of goods/services

with someone not involved in the
drafting. Provide supplier briefings
before issuing tender.

RISK RATING = use colour + letter

G

green

yellow

amber

red

How to define your risks

Once you have identified specific risks, use the steps below to identify the likelihood, consequence and risk rating.

STEP 1 - choose one of the following to define the likelihood of the risk happening
Likelihood
level of risk

your assessment

Almost certain
Likely
Possible
Unlikely
Rare

Is expected to occur in most circumstances

Would probably occur in most circumstances
Could occur at some time
Is not expected to occur
May occur only in exceptional circumstances

STEP 2 - choose one of the following to define the consequence if the risk happens
Consequence
level of risk

your assessment

Extreme
High
Moderate
Low
Negligible

Significant impact on the achievement of goals/objectives

High impact on the achievement of goals/objectives
Moderate impact on the achievement of goals/objectives
Impacts on a limited aspect of the activity
The consequences are dealt with by routine operations

STEP 3 - use these two ratings to determine the overall risk rating (green/yellow/amber/red)
Plot the likelihood and consequence ratings on the matrix to identify the colour of the risk rating.
For example: a risk with a 'possible' likelihood and 'moderate' consequence would be rated as AMBER (where the two intersect on the matrix).
Likelihood

Consequence

Risk rating

rare
rare
unlikely
unlikely
rare
rare
unlikely
possible
possible
likely
rare
unlikely
possible
possible
likely
likely
almost certain
almost certain
unlikely
possible
likely
likely
almost certain
almost certain
almost certain

negligible
low
negligible
low
moderate
high
moderate
negligible
low
negligible
extreme
high
moderate
high
low
moderate
negligible
low
extreme
extreme
high
extreme
moderate
high
extreme

green
green
green
yellow
yellow
yellow
yellow
yellow
yellow
yellow
amber
amber
amber
amber
amber
amber
amber
amber
red
red
red
red
red
red
red

Examples of potential risks*

Identifying the need
Understatement of the need
Overstatement of the need
Insufficient funding
Impractical target dates
Probity failure
Misinterpretation of user needs
Political environment
Likely media interest

Developing the specification

Narrow definition or commercial specification (e.g. brand name)
Definition of inappropriate product or service
Biased specification
Inadequate specification or statement of work (for services)
Detrimental environmental impacts

Selecting the procurement method

Failure to identify potential sources
Selecting inappropriate method
Supplier collusion
Strength of New Zealand and international market

Contract documents
Terms and conditions unacceptable to service providers
Providing inadequate information method

Seeking, clarifying and closing offers

Failure to address service provider enquiries adequately
Actual or perceived favouritism in providing information
Actual or perceived breach of confidentiality
Insufficient number of responses
No response from known quality service providers

Evaluating offers
Failure to follow effective evaluation procedures
Breaches of security
Offers fail to meet needs
Failure to identify a clear winner. Decision made on subjective grounds

Selecting the preferred service provider

Selecting an inappropriate service provider
Selecting inappropriate product

Seeking, clarifying and closing offers

Not matching the expectations of buyer and service provider
Deadlock on details of agreement
Failure to secure mandatory conditions
Unfair or onerous requirements on the service provider in the contract conditions

Failure to reflect the terms offered and agreed in the contract

Inadvertently creating a contract without the delegates prior approval. Inappropriate product

Contract management
Variations in price and foreign exchange
Unwillingness of the service provider to accept the contract
Unwillingness of the service provider to accept the contract
Inadequately administering the contract
Commencement of work by the service provider before contract is exchanged or letter of acceptance issued
Unauthorised increase in scope of work
Loss of intellectual property
Failure to meet liabilities of third parties (e.g. royalties or third party property insurance)
Loss of or damage to goods in transit
Fraud
Key personnel not available
Supplier goes out of business

Disposal
Collusive bidding at auction
Inadequate tender management

Evaluating the procurement process

Failure to evaluate procurement and management processes
Failure to identify and address problem management
[* Source: NSW Government Procurement Guidelines]