Incremental Deliverable 1 Formal Risk Plan Inspection - SeoulSKY/safe-zone-system GitHub Wiki

Document

Date

  • September 28th, 2020

Length

  • 1.5 hours

Participants

  • Bathiya(author)
  • Emeka(reviewer)
  • Jeremie(notetaker, reviewer)
  • Jorgen(reader, reviewer)
  • Sahngwoo(reviewer)
  • Spencer(reviewer)

Agenda

  • Individual Risk
    • Is the likelihood of this risk accurately assessed
      • Is this risk more likely to happen than predicted
      • Is this risk less likely to happen than predicted
    • Is the severity of this risk accurately assessed
      • If this risk were to happen would it be more severe than predicted
      • If this risk were to happen would it be less severe than predicted
  • Risk Plan
    • Are there any risks that have a higher risk factor that aren't on the risk plan
    • Can the risk be rearranged based on the new risk factor estimates?

Notes

  • General
    • Fix capitalization
    • Fix formatting issues
    • Arrange the risks in terms of top 10
    • Increase the range from low, medium, high to very low, low, medium, high, very high
    • Divide solutions into contingency plans and mitigations
  • Team members may withdraw from the class
    • Clarify the back up positions into contingency and mitigation
    • Reduce probability to low
      • It is unlikely to at this point in the semester that people drop out
  • Miscommunication within team members
    • Have a standup to communicate with team members about what you are doing
    • Change probability to Very High
      • Miscommunication is inevitable
    • Reduce severity to medium
      • The chance of
  • Lack of commitment due to personal reasons or due to responsibilities towards
    • Change probability to Very High
      • Based on peoples schedules there will be weeks when people just aren't available
    • Change severity to medium
  • Poor time estimation
    • Change probability to very high
      • It seems evitable that we misestimate
    • Change severity to high
      • It could be really bad if something major doesn't get done
  • Team members get sick from Covid or other illnesses
    • Change probability to high
      • Given current covid numbers this seems likely
    • Change severity to medium
  • Lack of Technical skills
    • Also add to ask TA/Professor
    • Change probability to very high
    • Change severity to high
  • Problems with authentication server of application using keycloak.
    • Reword risk to make it more clear
    • Also talk with the TA/Professor on how to do it properly
    • Remove unsure how to handle app and web authentication
    • Change probability to very high
    • Change severity to high
  • Problems with maintaining software security
    • Also talk with the TA/Professor on how to do it properly
    • Change probability to very high
    • Change severity to very high
  • Poor testing/ Lack of adequate testing
    • Clarify the points
    • Change probability to medium
    • Change severity to high
  • Selenium errors when HTML tags are changed
    • Clarify the position
    • Work with your testing team buddy
    • Include selenium tests in CI to ensure
    • Change probability to very low
    • Change severity to low
  • Problems with testing for software security
    • Also add to ask TA/Professor
    • Change probability to very high
      • Figuring out how to test
    • Change severity to high
      • Not finding security issues would be very bad
  • Stakeholder wants to change requirements/team misunderstands stakeholders requirements
    • Record stakeholder meetings
    • Add showing the stakeholder mockups and prototypes before continuing and have a demo environment
    • Change probability to high
    • Change severity to medium