Army Risk Management: Risk Assessments, The 5-Step Process & Forms

In today’s post, I’m going to spend a few minutes to educate you about Army Risk Management. This is one of those buzzwords most military leaders hear about, day in and day out. Sometimes, risk management is hyped up and has too much focus. In other cases, Risk Management is seen as a training obstacle by many Army leaders.

As an NCO or Officer, you have the responsibility to manage risks for your Soldiers. Your Soldiers must receive Battle Focused Training, and be prepared to do their wartime mission, but you must conduct that training in a safe environment. Sometimes that’s easier said than done.

What is Army Risk Management

Risk management is the Army’s primary process for assisting organizations and individuals in making informed risk decisions in order to reduce or offset risk, thereby increasing effectiveness and the probability of mission success. It is a systematic, cyclical process of identifying and assessing hazards, then mitigating the associated risks. ~ Army Pubs

In my own words, Risk Management is everything you do as a leader to reduce the risk of injury, illness, or death in everything you do in your unit or section.

army risk management

Why Is It Important?

As an Army leader, you are required to plan and execute difficult, complex, and dangerous training. After all, the best preparation for combat is tough, realistic training. To train and ensure minimal risk exposure, the Army utilizes the risk management process to give leaders a framework to take only the necessary risks to accomplish the training intent. Understanding the risk management process and combining that with critical thinking, you can make informed, deliberate decisions that will lead you to the best outcome under the most difficult conditions.

Composite Risk Management (CRM) is an essential skill that every Army leader needs to learn and develop. Every Soldier is responsible for safety, but it is up to the leadership team to provide a framework. Composite Risk Management worksheets (DA Form 7566) are due before every training event (more on that later in this article).

The point of CRM is to mitigate risks in order to avoid losing personnel or equipment, in other words, to avoid lessening your combat effectiveness. FM 5-19, Composite Risk Management, is your go-to guide for understanding the risk management process. The Ground Risk Assessment Tool (GRAT) will be your best friend when it comes to CRM resources online.

The 5-Step CRM Process

The CRM process consists of the following five steps: (1) Identify the hazards, (2) Assess the hazards, (3) Develop controls and make risk decisions, (4) Implement controls, and  (5) Supervise and evaluate.

# 1: Identify Hazards

Hazards and elements of risk are everywhere! You must be able to identify the hazards you face: enemy contact, heat stroke, fratricide, etc. A hazard, basically, is any actual or potential condition that can cause injury, illness, or death of personnel OR damage to or loss of equipment, property or mission degradation. Keep this thought in mind as you write down the potential hazards.

# 2: Assess Hazards

Hazards are inevitable and are separate from risk. Risk is the measurement of how much danger a hazard can pose. By estimating the probability and severity of each hazard, you can more effectively estimate the risk for the training. First, determine the likelihood of each hazard. Next, determine how severely each hazard will affect the success of your mission and the safety of your Soldiers. Last, prioritize the hazards, giving highest priority to those that are most destructive and most likely to occur. Remember, sometimes you will face many hazards of equal severity and you must use your best judgment in prioritizing them.

# 3: Develop Controls and Make Risk Decisions

After assessing each hazard, leaders develop controls to either eliminate the hazard or reduce its risk. When developing controls, leaders consider why the hazard is there, not just the hazard itself. There are different controls such as educational controls (utilizing the knowledge and skills of your Soldiers, etc.), physical controls (barriers, guards, ear protection, etc.) and avoidance.  No matter which you choose, your control must remove the hazard or reduce the risk to an acceptable level. Additionally, your control must be feasible and acceptable (i.e. control benefits must outweigh the cost of implementing). A good thing to do when developing controls is review LISTS:

  • Leadership– Leaders are competent to implement controls?
  • Individual– Individual Soldiers are sufficiently self-disciplined to implement a control?
  • Support– Availability of adequate personnel, equipment, supplies, and facilities necessary to implement a suitable control?
  • Training– Knowledge and skills are adequate to implement a control?
  • Standards– Guidance and procedures for implementing a control are clear, practical, and specific?

Once you have developed these controls, you then must assess your residual risk associated with each hazard and the overall residual risk of the training or mission. Then, you must determine whether the risk is worth taking. If you determine that the risk is too high, you must either develop additional controls, modify or reject a given plan of action. Remember, the Commander alone decides if controls are acceptable and whether to accept the resulting residual risk.

# 4: Implement Controls

You should ensure that controls are part of, or become SOP. It is critical to convert controls into clear, simple orders that Soldiers at all levels can understand. When you implement controls, you must coordinate and communicate with appropriate military units and civilian agencies. Additionally, you must explain to your subordinates how to implement controls.

# 5: Supervise and Evaluate Controls

You must supervise rehearsals and execution and ensure that everyone is enforcing standards and controls. You can do so through spot checks, inspections, SITREPS, brief-backs, buddy checks and close supervision by you and NCOs. During the training or mission you modify controls and implement new ones as necessary, anticipating, identifying and assessing new hazards. For example, Soldiers may become fatigued or equipment may begin to wear down. Your goal should always to keep risks at an acceptable level and to avoid any complacency.

Finally, when all is said and done, you must evaluate how well you executed the Army Risk Management Process. The reason for doing so is to find ways to repeat your successes and to identify lessons learned and benefit from those experiences. Think about why some controls worked and how you would act if you encountered that hazard again. Always aim to make controls more effective by modifying them, changing the way you implement them, or by developing different controls. This last step is important.

The Risk Assessment Form: DD 2977

Commanders at all levels will conduct a risk assessment and prepare a Risk Assessment Form as part of the planning process. After doing some research online, it appears that DD Form 2977 is the current Risk Assessment form used in the Army (leave a comment below if the form number is currently something different). Keep in mind forms do change from time to time, so refer to the current regulations to make sure that form is still valid.

While I was a Company Commander, I remember filling out these forms. Basically, you identify the task, hazard, initial risk level, control, how and who will implement, and residual risk level. Your goal is to put serious thought into this process to identify all potential risks and hazards, and mitigate or minimize them as much as possible.

Here’s a better explanation of the process I found online:

The risk assessment consists of the first two steps of the risk management process. In step 1, individuals identify the hazards that may be encountered in executing an activity. In step 2, they determine the impact of each hazard on the activity. The risk assessment provides for enhanced situational awareness. This awareness builds confidence and allows Soldiers, units, Army civilians, and organizations to implement timely, efficient, and effective protective control measures.

Steps 3 through 5 are the essential follow-through actions to manage risk effectively. In these steps, leaders balance risk against costs and take appropriate actions to eliminate unnecessary risk and accept residual risk at the appropriate level. During execution, leaders continuously assess the risk to the overall mission and to those involved in the task. Finally, leaders and individuals evaluate the effectiveness of controls and provide lessons learned so that others may benefit from the experience. e. Risk assessments, with the exception of deviations from AE or chemical agent safety standards, will be documented using DD Form 2977 (Deliberate Risk Assessment Worksheet). Instructions for DD Form 2977 can be found in appendix B. DA Form 7632 is mandatory for deviations from AE or chemical agent safety standards. Instructions for DA Form 7632 can be found in appendix C. ~ Army Pubs

the 5 step composite risk management process

Tips for Preparing Your Risk Assessment

As a small unit leader, there is a good chance you will be responsible to fill out a DA Form 7566 or DD Form 2977 (Composite Risk Management Worksheet) at some point or another in your military career. Whenever you are responsible for leading a training event, your chain of command will ask you to fill out the worksheet and submit it to your unit leaders to keep on file. You’ll also enclose a copy with your OPORD and post a copy at your training site.

The purpose of using this form is two-fold. First and foremost, it is often used as a CYA (cover your ass) in case something goes wrong during training. Filling out the form ahead of time shows that you at least “did your initial planning” and “thought through the potential hazards.” It doesn’t mean you won’t get in trouble if something goes wrong. But not having one puts a big target on your back.

In addition, it helps leaders “identify” and “think through” the hazards associated with the scheduled training, so they can come up with controls to minimize and mitigate those hazards. To me, this is the real value of using this form and completing your own risk assessment.

I highly encourage all leaders to put serious thought into this process and don’t rush it or wing it. Even though it might be inconvenient and time consuming to fill out the DA Form 7566 or DD Form 2977, there are benefits of conducting the exercise and filling out the worksheet.

What I want to do in the paragraphs below is share a few tips to help you do this with ease. These are some simple lessons I learned during my military career. Yes, most of these tips are common sense, but you would be surprised how many young military leaders don’t know much about the Army Risk Management process.

# 1: Do It Ahead of Time

One of the best tips I can share with you is to complete your risk assessment at least one week ahead of time (if possible). The benefit of doing this is that you will get to “review” the document several times before it is due and make any required changes. When you procrastinate and wait to the last minute, it’s easy to miss things. I’ve found that when I did risk assessments one or two weeks ahead of time, I would make several changes to improve it, as time went by. This allowed me to create a quality, finished product.

# 2: Build a Library of Risk Assessments

Another great tip is to build up your own library of risk assessments. You can get these from your chain of command, online, or from your peers. Find a pre-made risk assessment for all types of different events such as convoys, ranges, APFT, and more. The benefit of doing this is that you won’t have to create your risk assessment from scratch. You can use one from your library as a template and just make minor changes.

# 3: Have Someone Review It

Have your officer or NCO counterpart review your risk assessment before you turn it in. Have them “eagle eye” it and see if there is anything you missed. A good, fresh set of eyes can make a big difference.

# 4: Educate Yourself

At a bare bones minimum, read FM 5-19 to learn more about risk assessments. In addition, it would be in your best interest to sit down with an experienced NCO or officer in your unit and have them give you a class on how to fill out risk assessments the right way. Finally, spend some time and review DA Form 7566 or DD Form 2977 so you know what information needs to go on it.

Preparing a good risk assessment is very important for the safety of your Soldiers. The major benefit is not the finished piece of paper. Instead, the major benefit is the process you went through to identify the hazards and to come up with control measures to minimize or mitigate those hazards.

army leader risk assessment

ATP FM 5-19: Composite Risk Management

As a small unit leader, you should take a few hours and study FM 5-19: Composite Risk Management. It will help educate you about your responsibilities as a leader, concerning risk management. It’s filled with great tips, training, and resources that you can reference when needed. Here’s a brief overview of what you will find in FM 5-19:

Chapter # 1: The CRM Process

The first chapter in FM 5-19 talks about the steps of Composite Risk Management, which include:

  • Step 1 – Identify hazards
  • Step 2 – Assess hazards to determine risk
  • Step 3 – Develop controls and make risk decisions
  • Step 4 – Implement controls
  • Step 5 – Supervise and evaluate

This chapter will walk you through the steps so you understand the “process” you should go through when you are doing your safety planning.

Chapter # 2: Responsibilities

In this chapter you will learn the responsibilities of commanders, the S3, staff, the leader, and the individual. It gives examples and is very specific about who is responsible for what.

Chapter # 3: Application to Troop Leading Procedures

This chapter is really beneficial for anyone at the company level and lower, who utilizes the Troop Leading Procedures to do their mission planning. It will teach you how to integrate the CRM Process into the Troop Leading Procedures.

Chapter # 4: Application to the Military Decision Making Process

This chapter talks about how to implement the CRM Process into the Military Decision Making Process. This is an important chapter for personnel serving on staffs at the battalion level and higher.

Chapter # 5: Application to Training Management

This chapter talks about the SAT Process used in the Total Army School System Training battalion. It talks about how CRM is used in product development and training. 

Chapter # 6: Application to Other Functional Areas

This chapter talks about how to use the CRM Process to minimize sexual assaults, suicides, POV accidents, and other issues that affect unit morale. It’s really focused on the individual Soldier.

Appendix A: Instructions and Sample Forms

I think the sample forms in here are priceless. There are tons of forms you can see that serve as examples. If you need to do a Risk Assessment form, this would be a good starting point.

Appendix B: Glossary / Key Terms / Acronyms

This chapter gives you all of the important definitions and acronyms.


The bottom line is Army Risk Management is important. As leaders, we owe it to our Soldiers to provide tough, realistic, and safe training. Utilizing the proper Risk Management process will help you do that better.

What are your thoughts about Army Risk Management? Leave a comment below to let me know what you think. I look forward to hearing from you.

Other Posts You Might Enjoy:
  1. The Military Decision Making Process
  2. Troop Leading Procedures
  3. The Five Types of Army Orders
  4. When to Disobey a Direct Order
  5. Top 10 Military Battles in the Bible
chuck holmes

Chuck Holmes
Former Army Major (resigned)

Suggested Resources:

  • Drop the Belly Fat Today! Decrease cravings. Lose weight and feel great. Learn how.
  • The # 1 Health Product you need, but haven't heard of before! Get the info.
  • The # 1 Side Hustle for 2024 & Beyond! Daily Pay. Take the free tour.

Leave a Comment

Your email address will not be published. Required fields are marked *