ALARP & residual risk

The goal of risk management isn’t to eliminate every risk — it’s to reduce risk to an acceptable level and to be able to show it. Residual risk, ALARP, and benefit-risk are how that judgment is made and recorded.

Residual risk

Residual risk is the risk that remains after your controls are in place. Each risk carries both its initial score and its residual score, so the register shows what the controls actually achieved. Reducing residual risk to an acceptable level — and documenting that you have — is the heart of the risk-management file.

Re-evaluating after mitigation

Residual risk has to be re-assessed once controls are applied, not assumed. The module prompts you to re-evaluate residual risk so the residual scores reflect the controls as implemented rather than as hoped. This keeps the analysis honest: the recorded residual level is one you’ve actually re-judged.

ALARP and acceptability

A residual risk is then judged against your acceptability criteria. Where a risk is reduced As Low As Reasonably Practicable (ALARP) — or otherwise meets your defined acceptance threshold — that determination is recorded on the risk. This is the explicit decision an assessor looks for: not just that risk was reduced, but that what remains has been deliberately accepted on stated grounds.

Benefit-risk

Some residual risk may remain even after every practicable control. In those cases the question becomes whether the benefit of the device or system outweighs the remaining risk. Capturing that benefit-risk judgment completes the picture — the overall conclusion that the residual risk is acceptable in light of the benefit, which is the determination a submission ultimately rests on.

A complete, defensible record

Taken together — registers built on ISO 14971, scored risks, tracked controls, linked verification, and re-evaluated residual risk judged against acceptability and benefit — the risk module produces a risk-management record that’s defensible because every step is captured as you do it.