The Register Nobody Outside Delivery Ever Reads : The Risk Register

EST. READ: 7 MINS

While projects eventually finish, organisations continue living with the decisions made throughout delivery for decades afterwards. If risk sits in the project risk register nobody outside delivery ever reads and never changes ownership, neither does accountability. Together, they raise a much bigger question: how should Boards, executives and Senior Responsible Owners think differently about risk before projects reach the point where decisions become irreversible?



Every major capital project has a document that quietly shapes whether an organisation inherits confidence or uncertainty.

It isn’t the Board paper.

It isn’t the business case.

It isn’t the monthly Steering Committee report.

It’s the project risk register.

Most executives will never read it cover to cover. Not because they don’t care, but because they rely on governance processes to ensure that risks emerging at project level are translated into strategic decisions at the executive and Board level.

What This Article Covers

This edition explores three recent examples that demonstrate different governance outcomes. The first highlights what happens when project risks remain isolated within delivery teams rather than becoming enterprise risks. The second examines why cancelling a project can sometimes represent stronger governance than continuing one. The third considers Australia’s growing capacity challenge, where labour shortages and procurement pressures are becoming strategic risks rather than operational issues. Together they raise a much bigger question: how should Boards, executives and Senior Responsible Owners think differently about risk before projects reach the point where decisions become irreversible?


Three Unrelated Stories

Below are three seemingly unrelated stories that caught my attention.

  1. The NSW Audit Office highlighted systemic weaknesses in how project risks are governed across major infrastructure programs.
  2. Queensland made the difficult decision to cancel Gold Coast Light Rail Stage 4 after independent reviews questioned its value and affordability.
  3. At the same time, Brisbane 2032 shifted decisively from planning into delivery, with billions of dollars of procurement entering a market already facing unprecedented workforce constraints.

Different jurisdictions.

Different projects.

Different outcomes.

Yet all three reveal the same underlying issue: the greatest governance risks rarely emerge because organisations don’t identify problems. They emerge because critical risks remain trapped within project teams instead of becoming enterprise conversations.


The Objective

The purpose of this article is not to revisit another discussion about cost overruns, budget pressures or delayed delivery. We have all seen those headlines.

Instead, I want to explore something less visible, but often far more consequential.

How effectively do organisations transfer knowledge, accountability and ownership of risk from delivery teams to the people ultimately responsible for operating the asset?

Because while projects eventually finish, organisations continue living with the decisions made throughout delivery for decades afterwards.

If risk never changes ownership, neither does accountability.



The Hidden Risk

The NSW Audit Office’s review of major capital projects focused public attention on escalating costs.

Sydney Metro City & Southwest increased from an original business case of approximately $11.5–12.5 billion to around $22–23 billion by late 2025. Sydney Metro West is currently estimated between $27–29 billion.

Across NSW Government, almost $907 million has been written off across major projects over the past three years, including $657 million relating to Transport for NSW.

Those numbers are significant.

But they weren’t the finding that stayed with me.

The Audit Office identified that significant project risks remained within delivery agencies’ project risk registers and had not been appropriately reflected in enterprise risk registers maintained by agencies responsible for owning and operating those assets.

That distinction matters.

Delivery teams are naturally focused on delivering today’s project.

Enterprise leaders are responsible for protecting tomorrow’s organisation.

Those perspectives are connected, but they are not the same.

If operational owners don’t understand the assumptions being made during delivery, they inherit consequences they never consciously accepted.

Every unresolved design assumption.

Every deferred maintenance decision.

Every optimistic programme assumption.

Every contract risk allocated without long-term operational consideration.

Eventually someone owns those decisions.

The hidden risk isn’t that organisations fail to identify project risks. It’s that governance fails to ensure those risks evolve into enterprise conversations at the right time.


The Response

Queensland’s decision to cancel Gold Coast Light Rail Stage 4 demonstrated a very different governance response.

Independent reviews concluded that projected costs had increased substantially while public support had weakened.

The decision attracted criticism, particularly from industry groups concerned about future investment and economic opportunities.

Yet governance is not measured by popularity. Nor is it measured by the number of projects that proceed to construction.

Good governance requires leaders to continually ask whether the assumptions supporting an investment remain valid.

Has demand changed?

Has affordability changed?

Has strategic value changed?

Has risk changed?

Stopping a project after years of planning is never easy.

But allowing sunk costs to become the reason a project continues is rarely good governance.

Sometimes the strongest decision a governance body makes is deciding not to proceed.


Where Governance Creates Value

Brisbane 2032 now presents a different challenge.

The delivery pipeline is accelerating.

Approximately $2.5 billion of procurement is moving into the market.

Around 1,500 tenders are expected over the coming five years, with thousands of suppliers already registering interest.

Yet Construction Skills Queensland forecasts workforce shortages peaking at around 50,000 workers during exactly the same delivery period.

Overlay that with Queensland’s broader $119.2 billion capital program across transport, health, housing and energy, and another picture begins to emerge.

Funding is no longer the only constraint.

Capability is becoming the strategic constraint.

When skilled labour becomes scarce, governance becomes even more important.

Contractors become more selective.

Procurement timelines extend.

Competition reduces.

Market pricing changes.

Programme sequencing becomes more complex.

Projects begin competing with each other for the same finite resources.

These are no longer delivery risks.

They become portfolio risks.

Enterprise risks.

Government risks.

Governance creates value when leaders recognise those shifts early enough to adapt before projects begin competing against themselves.


Thinking by First Principles

Before discussing schedules, procurement strategies or delivery models, I find it useful to return to first principles.

Every capital investment ultimately exists to improve an organisational outcome.

Not simply to deliver an asset.

That means every programme should be able to answer four simple questions:

  • Who owns this risk today?
  • Who owns it once construction finishes?
  • Has that future owner accepted it?
  • How will it continue to be monitored after the delivery team has left?

If those questions cannot be answered clearly, the governance model probably needs more attention than the project schedule.


Looking Beneath the Surface

One observation has stayed with me throughout my career.

Boards rarely inherit projects.

They inherit consequences.

The asset.

The operating costs.

The maintenance backlog.

The customer complaints.

The performance issues.

The regulatory obligations.

The future capital renewals.

By the time those issues become visible to operations, many of the underlying decisions were made years earlier during planning, design and procurement.

That’s why governance should never be viewed as a reporting exercise.

Its purpose is to ensure the right conversations happen while organisations still have choices.

Not after those choices have disappeared.


Key Takeaways

  • Project risks and enterprise risks are not the same thing.
  • Governance should actively transfer ownership of risk as projects mature.
  • Strong governance is demonstrated as much by stopping the wrong projects as by successfully delivering the right ones.
  • Workforce capability is increasingly becoming a strategic governance issue, not simply a delivery issue.
  • The most valuable risk conversations often occur long before construction begins.

Questions Worth Asking

At your next Steering Committee or Portfolio Review, consider asking:

  • Which project risks have been escalated into our enterprise risk register?
  • Who formally owns each critical risk after project completion?
  • Which assumptions are we treating as facts?
  • How are current market capacity constraints affecting delivery strategy?
  • If this project were handed over tomorrow, what operational risks would surprise us?
  • Are we measuring project success or organisational success?

The answers to these questions often reveal far more than another traffic light status report.

Because governance isn’t demonstrated by the quality of the register.

It’s demonstrated by the quality of the conversations the register creates.

Until the next one,

Renie Fernandes