Risk Register
Risk
Probability
Impact
Score
Mitigation Strategy (PM Owned)
Hauwei runs very old release which default to TLS 1.0/1.1 and is affecting our on-prem OSS app A and B. Compliance major non-comformity.
3
5
15

PM ACTIONFormed Risk review comettee have decided: Implement a time-bound security mitigation by isolating Huawei integrations behind a secure gateway with enforced TLS 1.2+ re-encryption, while executing a vendor upgrade roadmap.

Limited capacity in FinOps possess a thread for signing off UAT stage for billing data.
4
5
20

PM ACTIONEarly request of "Desired state of reports", CI level validation via custom scripts, UAT is conducted on pre-scheduled workshop - 1h systems training, 2h paired validation.

Hidden scope in legacy systems may introduce late suprises and put the timeline at risk, or affect US entity post data separation release.
4
3
12

PM ACTIONWe will approach early assessment with clear exit createria for migration and keep a "known unknowns" register for constant evaluation. Early introducton of Snowflake and Atlan for focused discovery and linege analysis and parallel run will help us identify edge cases and prevent major suprises.

Business expansion in the Middle East may introduce scope creep/interuption in data platform delivery cadance.
3
3
9

PM ACTIONInformal gathering of requirements, async reporting of project progress to Product Management and Business Owners, pipeline documentaion ready with requirements to ingest new use cases.

  • Risk matrix - Probability X Impact > 10 > requires explicit attention, else > PM Owned
  • The Risk Register is a living document, reviewed weekly by the core project team and monthly by the Steering Committee.