Fork me on GitHub
Risk First Logo

Home of Risk-First Software Development

Start Here

Quick Summary
A Simple Scenario
The Risk Landscape


Please star this project in GitHub to be invited to join the Risk First Organisation.


Consuming Hacker News 14 May 2019
Twitter Cards 22 March 2019
Next - Scrum? 7 March 2019
Available On Amazon 25 February 2019
New Proof 10 February 2019


Click Here For Details

Glossary of Risk Types

Risk Definition
Boundary Risks due to the commitments we make around dependencies, and the limitations they place on our ability to change.
Agency Risks due to the fact that things you depend on have agency, and they have their own goals to pursue.
Channel Risks due to the inadequacy of the physical channel used to communicate our messages. e.g. noise, loss, interception, corruption.
Communication Risks due to the difficulty of communicating with other entities, be they people, software, processes etc.
Codebase The specific risks to a project of having a large, complex codebase to manage.
Complexity Risks caused by the weight of complexity in the systems we create, and their resistance to change and comprehension.
Conceptual-integrity Risk that the software you provide is too complex, or doesn’t match the expectations of your clients’ internal models.
Coordination Risks that a group of agents cannot work together in a mutually beneficial way, and their behaviour devolves into competition.
Dead-End The risk that a particular approach to a change will fail. Caused by the fact that at some level, our internal models are not a complete reflection of reality.
Deadline Where the use of a dependency has some kind of deadline, which can be missed.
Dependency Risks faced by depending on something else. e.g. an event, process, person, piece of software or an organisation.
Feature-Access Risks due to some clients not having access to some or all of the features in your product.
Feature-Drift Risk that the features required by clients will change and evolve over time.
Feature Risks you face when providing features for your clients.
Feature-Fit Risk that the needs of the client don’t coincide with services provided by the supplier.
Funding A particular scarcity risk, due to lack of funding.
Implementation Risk that the functionality you are providing doesn’t match the features the client is expecting, due to poor or partial implementation.
Internal-Model Risks arising from insufficient or erroneous internal models of reality.
Invisibility Risks caused by the choice of abstractions we use in communication.
Learning-Curve Risks due to the difficulty faced in updating an internal model.
Map-And-Territory Risks due to the differences between reality and the internal model of reality, and the assumption that they are equivalent.
Market Risk that the value your clients place on the features you supply will change, over time.
Message Risks caused by the difficulty of composing and interpreting messages in the communication process.
Operational Risks of losses or reputational damage caused by failing processes or real-world events.
Opportunity Risk that a particular set of market conditions.
Process Risks due to the fact that when dealing with a dependency, we have to follow a particular protocol of communication, which may not work out the way we want.
Protocol Risks due to the failure of encoding or decoding messages between two parties in communication.
Red-Queen The general risk that the competitive environment we operate within changes over time.
Regression Risk that the functionality you provide changes for the worse, over time.
Reliability Risks of not getting benefit from a dependency due to it’s reliability.
Scarcity Risk of not being able to access a dependency in a timely fashion due to it’s scarcity.
Schedule The aspect of dependency risk related to time.
Security Agency Risks due to actors from outside the system.
Software Dependency Dependency Risk due to software dependencies.
Staff The aspect of dependency risks related to employing people.
Trust-And-Belief Risk that a party we are communicating with can’t be trusted, as it has agency or is unreliable in some other way.

Found this interesting? Please add your star on GitHub to be invited to join the Risk-First GitHub group.