Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question on part 2 - Risks

 
Krishna Jonnalagadda
Ranch Hand
Posts: 43
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a question on risk list for part 2.

I've identified some risks and have mitigation plans too.
Do i need to specify how my design is mitigating these risks ? or is it enough to give the mitigation plan ?

Eg. I've identified some security risks, can i just put in my assumptions that these will be taken care of ? as my use case doesnt talk about these.

Thanks
 
Krishna Jonnalagadda
Ranch Hand
Posts: 43
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can any one please post some experiences on this ..?
 
Rishi Shehrawat
Ranch Hand
Posts: 218
Hibernate Java Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You need to detail out the mitigations for the identified risks. The mitigations should be part of the solution proposed by you. Putting assumptions might not be sufficent.
I feel that all three risks should not be related to security. You could have a single risk related to security which covers different type of security risks & the proposed the mitigations.
 
Gaurav Tripathi
Ranch Hand
Posts: 94
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Your risks should cover functional as well as non-functional part. Its better if you could add mitigation of it.
 
Krishna Jonnalagadda
Ranch Hand
Posts: 43
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Should we add mitigation in words/sentences across each risk or show it in design (in class and sequence diagrams) ?

I saw in this forum that many people have put items as out of scope or put them in assumptions that are good to have and just concentrate on the given usecases.
For many security ristks we have to introduce many design patterns which will increase the scope ...and ofcourse takes more time/effort. ..

For non functional part , (to improve performance, xxxlities etc ..) i guess we could cover that in the design and atleast mention how the design will cover achieve them ..

Any comments ?? Any one who have passed part 2 and 3 ...please respond ??

Thanks


 
Vijaykumar Dixit
Ranch Hand
Posts: 32
Eclipse IDE Java Tomcat Server
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a question as well.

Suppose the SuD depends on a single external payment gateway provider, is it not a risk that we don't yet know its availability and reliability and that we should have a standby/alternative provider to minimize the risk. But this risk mitigation will not be part of technical design.

So I guess for non-technical risks, mitigation may be non-technical as well. However in here design should be capable of configurable providers.
 
Will Myers
Ranch Hand
Posts: 372
Java jQuery Scala
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suppose the SuD depends on a single external payment gateway provider, is it not a risk that we don't yet know its availability and reliability and that we should have a standby/alternative provider to minimize the risk. But this risk mitigation will not be part of technical design.

So I guess for non-technical risks, mitigation may be non-technical as well. However in here design should be capable of configurable providers.


It clearly states in chapter 9 of the Cade and Sheil book that you should concentrate on the greatest risks. I would argue that because there is no information on this external provider you should assume it is production quality and concentrate on the more obvious risks such as security, scalability, reliablity, maitainability, etc as these are more likely to be issues.
 
Siddhartha G Baruah
Greenhorn
Posts: 13
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Should we add mitigation in words/sentences across each risk or show it in design (in class and sequence diagrams) ?


I have the same question. Anyone?

@ Krishna, what have you decided?

Thanks.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic