(6.5)  Internal Risk Register.

 A register should be included identifying all the risks to be managed by the public sector during procurement, ranking them in order of importance, and assigning risk owners and mitigation strategies. There should be regular reporting of risk management to the project board and a process to regularly update the risk register. If there have been any recent gateway reviews to inform the register, information on this should be included.