A risk register is a central repository to describe and track risks and to record actions approved by a Risk Management Board or other authority. The register records details of all risks identified throughout the life of the project. It includes information for each risk, such as risk category, risk statement, likelihood, consequence, planned mitigation measures, the risk owner, Work Breakdown Structure and Integrated Master Schedule linkage, expected closure dates and documentation of changes.
The MFT will determine whether requirements documentation exists for the program. Stakeholders would likely know if such documentation exists. It is vitally important to understand the program requirements before finalizing the strategy for the new acquisition.
If requirements have not been documented, begin a Requirements Traceability Matrix (RTM). The RTM is beneficial because it provides a logical way to capture requirements, establish where they came from and what standards apply, and to document necessary changes as the program moves to the next step. The RTM also functions as a tool for identification of overlaps or conflicts between different sets of requirements. For example, government workers are transitioning to contract workers. The RTM would capture why this became a requirement and potentially where this is a requirement (i.e. if limited to certain locations or offices). Perhaps it was an increase in workload, or maybe the priority changed for the government workforce. Record the source and the reasoning behind the new requirement in the RTM.