• Development

How to Use a RAID Log to Manage Risks in Website Project Planning

What is a RAID Log?

Most website design and build projects face challenges. The successful ones often use RAID logs to effectively manage risks.

Managing unexpected issues as they occur can be difficult. However, risks are just potential issues that haven’t happened yet. By planning for them and tracking preventive actions, you can minimize their negative impact.

Tracking risks alongside your activities can lower the chances of them becoming actual issues.

A RAID log is a tool that helps manage four key project challenges: Risks, Assumptions, Issues, and Dependencies.

If you use risk management software, much of this task can be automated. Without software, a manual tracker can be just as useful for setting up large projects.

RAID Planning

What is RAID in project management?

RAID is an acronym that stands for:

  1. Risk: Any uncertain event that could impact the project outcome. Risks should be identified throughout the project lifecycle. A mitigation plan should be created for high-impact or high-likelihood risks, especially around key milestones like launch day.
  2. Assumption: A factor assumed to be true during planning, based on past experiences or estimation techniques. Assumptions must be validated, as incorrect assumptions can lead to issues and delays.
  3. Issue: A problem that currently exists or has already occurred. Issues can result from realized risks, but they are known problems with mitigation plans, like bug fixes or stakeholder availability concerns.
  4. Dependency: A task or event that relies on the outcome of another task or event. When one activity directly impacts another, dependencies can cause issues.

Some project managers use RAAIDD logs, which also include:

  1. Action: Steps taken to mitigate risks or resolve issues. Actions are assigned to team members for accountability.
  2. Decision: Important decisions made during the project, logged for future reference and auditing purposes, especially for sensitive information projects.


woman planning project on work board

Benefits, Best practices & Maintenance


Benefits of using a RAID log

  • They allow an organisation to keep track of decisions made for predicted risks.
  • They allows managers to gain more control and oversight for the long run of the project.
  • They provide confidence to stakeholders that the project is being closely monitored.
  • They enable accountability for mitigated actions.
  • They are useful for project auditing purposes.


Best Practices for using RAID logs

Keep the Log Updated

It’s important to continuously update your log throughout the project life-cycle and make it part of key meeting agendas. With each meeting that’s had, any challenging factors that are discussed should be added to your RAID log to ensure clear visibility and tracking of the potential problem.

Rate Each RAID Item

Consider rating items in your log by likelihood and potential impact. A risk that would completely ruin a project but has zero chance of happening deserves no attention. A risk that is extremely likely to happen but will have no impact deserves even less! Usually we rate our RAID items out of 5 on both scales, and multiply the two scores. Anything that results in a score of 10 or more (e.g. a 3 for likelihood and a 4 for impact, giving a score of 12) deserves the team’s attention to mitigate its potential impact.

Stay Accountable to the Log

Accountability and responsibilities of each items should be distributed to the relevant task owners. This means that everyone who has visibility of the RAID log knows which areas they are personally responsible for, and what they need to do to stay on top of these aspects of the project. It also means that when the log is revisited, the task owner can be kept to account.

Consider Assumptions and Dependencies

It’s important to consider that Assumptions and Dependencies are just as dangerous as Risks and Issues. Risks and Issues tend to get the team’s focus, but an example of an assumption might be ‘We are assuming that the software will have an API for us to integrate with’. If the software does not have such an API, it could massively increase the required development budget for the project.

Make it Accessible

Lastly, RAID logs should be placed in a central repository for all project stakeholders to have access to and play their part in maintaining.

excel row displaying raid log table

How to Maintain a RAID Log

Maintaining the log is a fairly straightforward process; a simple excel sheet is all you need to get started. You can take a look at our RAID template in the image above.

Start by creating document control sheet outlining the following:

  • Title of the project
  • Date
  • Owner/Author
  • Version
  • Revision Date
  • Scope
  • References

The second sheet consists of the RAID log table consisting of the following columns: 

  • ID
  • Date Identified
  • Identified by
  • Owner
  • RAID or RAAIDD Type
  • Description
  • Impact score
  • Severity
  • Next steps
  • Status
  • Comments


That’s it! You can now get started on your next project using this RAID log template outline. Start populating the table and continuously monitor the status of each line item throughout the project. Consider storing your file in an accessible drive or central repository and your stakeholders will appreciate the transparency. If you want further your skillset, review Prince2 RAID log chapters or partner with a digital agency

If you’d like to receive helpful content like this straight to your inbox, why not sign up to our monthly newsletter – The Crux of It. We pack each newsletter full to the brim of helpful content for every stage of the website project journey.

Sign me up