Risk Assessment Matrix (Heat Map)
A McKinsey-quality PowerPoint risk assessment heat map for visualizing and communicating risk exposure. Features a 5×5 probability/impact matrix, risk categorization, and mitigation priority mapping.
What’s inside
- 5×5 probability/impact heat map
- Risk categorization and mitigation priority view
- Blank Template + Filled Example
About this download
The Risk Assessment Matrix (Heat Map) is a McKinsey-quality PowerPoint template for visualising and communicating risk exposure across an organisation, project or investment. Where the risk register captures the details of every risk, the heat map is the single image that tells the story to boards, investors and executive teams — which risks deserve attention now, which are trending up, and where the organisation is taking deliberate bets.
The template provides a 5×5 probability-by-impact grid with editable colour banding (green / amber / red), risk bubbles sized by either inherent score or residual score, colour-coded by category (strategic, operational, financial, compliance, technology, reputational, environmental), and labelled with short risk names or numeric IDs that reference the underlying register. Additional slides include a movement-over-time view showing how risks have migrated on the heat map across the last four quarters, a risk-appetite overlay that makes the acceptable-exposure zones visible, a top-10 risks summary list with owners, and a recommended-actions slide aligned to the four risk responses (treat, tolerate, transfer, terminate).
This template is used by Chief Risk Officers, Heads of Internal Audit, CFOs, programme directors, PMO leads, audit-committee secretaries and strategy directors. It is particularly important in regulated industries (financial services, healthcare, energy, insurance), for audit-committee papers, for ERM (Enterprise Risk Management) programmes, for strategy off-sites where risk is being assessed, and for investor communications in listed companies.
A credible heat map is grounded in a rigorously maintained underlying risk register — the picture tells the story, but the numbers have to be defensible. The common failure mode is a heat map with too many risks plotted (everything gets compressed and unreadable), with inconsistent scoring (different people using 1–5 differently), or with no reference to risk appetite (so the viewer cannot tell what is acceptable). The template includes facilitation notes on how to calibrate scoring, how many risks belong on a board-ready heat map (typically 15–25), and how to sequence the conversation around the image.
The filled example inside the download shows a complete heat map for a hypothetical listed technology company, with realistic movement across the year, clearly marked risk-appetite bands and a follow-up slide showing which risks crossed tolerance and what was done.
Inside Vizually, risks on the heat map link to the underlying initiatives, controls and test evidence — so a single click takes the audit committee from the picture to the detail, without switching tools.