Re: Risk Register as per ISO 27001:2013
Whilst the use of a risk register may be a useful tool, it is not a specific requirement of the standard is it? Evaluating the risk and appropriate treatment is required but that can be done however you wish.
See attached example for a comprehensive version. This is not my work, it was taken from the web - ISO 27001 Toolkit