insan sujirishi wrote:hi, guys, about identifying 3 top risks,
shouldn't I have already taken care of these risks in my design?
i.e. if I worry about hackers, I should add firewall in my design
then I put this hacker risk and firewall in my risk/mitigation list
so in other words, is this indeed:
"list 3 things that you have in your design to prevent something bad from happening"
what do you guys think?
You are absolutely right. In my opinion, these risks may be related to functional or infrastructure. I'm sure you'll get more than 3 risks when you think about risks in the assignment. As you know that you only need to mention top 3 risks, you need to prioritize the risks.
Hacking, DB corruption are examples of common risks in almost all projects. If you identify risks which are speicific to your assignment (may be based on the requirements), that would be good.