V5 Ultimate
Quality

Risk matrix

risk register · risk score matrix

TL;DR

A grid of likelihood × consequence used to score and rank risks for prioritised treatment — the workhorse of ISO 31000-style risk management.

A risk matrix plots Severity (or Consequence) against Likelihood (or Probability) to produce a risk score or band (e.g. Low / Medium / High / Extreme). Matrices appear in ISO 31000 enterprise risk, ISO 14971 medical-device risk, HACCP food-safety hazard assessment and the GAMP 5 / CSA risk-based validation approach.

The technique is only as good as the rating definitions — vague Likelihood labels (Rare/Possible/Likely) without anchored frequencies (e.g. <1/year vs >1/month) make matrices subjective and indefensible to inspectors.

Regulatory anchors
  • ISO 31000:2018
  • ISO 14971:2019
  • ICH Q9(R1)
Related terms
ISO 14971FMEAHACCPCSARoot cause analysisCAPANCRDeviationOOSOOT5 Whys8DFishbone / IshikawaSPCCp / CpkPp / PpkMSAGage R&RAQL
Want to see Risk matrix in V5?

Free trial, no credit card, onboard in days, not months.

Start freeBook a demo
Back to glossary