The risk practitioner’s next step after identifying risk owners and responses for newly identified risk scenarios in a recent risk workshop is to update the risk register with the results, as it involves documenting and communicating the risk information and decisions, and maintaining the accuracy and completeness of the risk register. Preparing a business case for the response options, identifying resources for implementing responses, and developing a mechanism for monitoring residual risk are possible steps, but they are not the next step, as they require the prior update of the risk register with the new risk information and decisions. References = CRISC Review Manual, 7th Edition, page 109.