Methodologygeneric
risk-assessment
Identify, assess, and mitigate operational risks. Trigger with "what are the risks", "risk assessment", "risk register", "what could go wrong", or when the user is evaluating risks associated with a project, vendor, process, or decision.
anthropics/knowledge-work-plugins
Install
Use with your agent
Install the risk-assessment skill, then use it as build context. Run: npx skills add https://github.com/anthropics/knowledge-work-plugins --skill risk-assessment. Then read the installed skill.md and follow its guidance to build or refactor my project.
Risk Assessment
Systematically identify, assess, and plan mitigations for operational risks.
Risk Assessment Matrix
| Low Impact | Medium Impact | High Impact | |
|---|---|---|---|
| High Likelihood | Medium | High | Critical |
| Medium Likelihood | Low | Medium | High |
| Low Likelihood | Low | Low | Medium |
Risk Categories
- Operational: Process failures, staffing gaps, system outages
- Financial: Budget overruns, vendor cost increases, revenue impact
- Compliance: Regulatory violations, audit findings, policy breaches
- Strategic: Market changes, competitive threats, technology shifts
- Reputational: Customer impact, public perception, partner relationships
- Security: Data breaches, access control failures, third-party vulnerabilities
Risk Register Format
For each risk, document:
- Description: What could happen
- Likelihood: High / Medium / Low
- Impact: High / Medium / Low
- Risk Level: Critical / High / Medium / Low
- Mitigation: What we're doing to reduce likelihood or impact
- Owner: Who is responsible for managing this risk
- Status: Open / Mitigated / Accepted / Closed
Output
Produce a prioritized risk register with specific, actionable mitigations. Focus on risks that are controllable and material.