| Boundary | Risks due to the commitments we make around dependencies, and the limitations they place on our ability to change. |
| Agency | Risks due to the fact that things you depend on have agency, and they have their own goals to pursue. |
| Channel | Risks due to the inadequacy of the physical channel used to communicate our messages. e.g. noise, loss, interception, corruption. |
| Communication | Risks due to the difficulty of communicating with other entities, be they people, software, processes etc. |
| Codebase | The specific risks to a project of having a large, complex codebase to manage. |
| Complexity | Risks caused by the weight of complexity in the systems we create, and their resistance to change and comprehension. |
| Conceptual-integrity | Risk that the software you provide is too complex, or doesn't match the expectations of your clients' internal models. |
| Coordination | Risks that a group of agents cannot work together in a mutually beneficial way, and their behaviour devolves into competition. |
| Dead-End | The risk that a particular approach to a change will fail. Caused by the fact that at some level, our internal models are not a complete reflection of reality. |
| Deadline | Where the use of a dependency has some kind of deadline, which can be missed. |
| Dependency | Risks faced by depending on something else. e.g. an event, process, person, piece of software or an organisation. |
| Feature-Access | Risks due to some clients not having access to some or all of the features in your product. |
| Feature-Drift | Risk that the features required by clients will change and evolve over time. |
| Feature | Risks you face when providing features for your clients. |
| Feature-Fit | Risk that the needs of the client don't coincide with services provided by the supplier. |
| Funding | A particular scarcity risk, due to lack of funding. |
| Implementation | Risk that the functionality you are providing doesn't match the features the client is expecting, due to poor or partial implementation. |
| Internal-Model | Risks arising from insufficient or erroneous internal models of reality. |
| Invisibility | Risks caused by the choice of abstractions we use in communication. |
| Learning-Curve | Risks due to the difficulty faced in updating an internal model. |
| Map-And-Territory | Risks due to the differences between reality and the internal model of reality, and the assumption that they are equivalent. |
| Market | Risk that the value your clients place on the features you supply will change, over time. |
| Message | Risks caused by the difficulty of composing and interpreting messages in the communication process. |
| Operational | Risks of losses or reputational damage caused by failing processes or real-world events. |
| Opportunity | Risk that a particular set of market conditions. |
| Process | Risks due to the fact that when dealing with a dependency, we have to follow a particular protocol of communication, which may not work out the way we want. |
| Protocol | Risks due to the failure of encoding or decoding messages between two parties in communication. |
| Red-Queen | The general risk that the competitive environment we operate within changes over time. |
| Regression | Risk that the functionality you provide changes for the worse, over time. |
| Reliability | Risks of not getting benefit from a dependency due to it's reliability. |
| Scarcity | Risk of not being able to access a dependency in a timely fashion due to it's scarcity. |
| Schedule | The aspect of dependency risk related to time. |
| Security | Agency Risks due to actors from outside the system. |
| Software Dependency | Dependency Risk due to software dependencies. |
| Staff | The aspect of dependency risks related to employing people. |
| Trust-And-Belief | Risk that a party we are communicating with can't be trusted, as it has agency or is unreliable in some other way. |