Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Potential damage

  • Low
  • Medium
  • High
  • Very high

Decisions:

  • Accept:  acknowledge the risk, but do not take any action before it hits
  • Mitigate: take measures to reduce the probability of occurrence or the potential damage
  • Avoid: do something else without this risk, e.g. nothing
  • Transfer: let someone else take care of it, e.g. insurance
  • (Deny the risk: not allowed to choose, but many managers do this nevertheless...)



Probability of occurrence Potential damageDecision    Reasons

Financial
1

GAFAM

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

Financially it is not possible to compete with GAFAM

Mitigate→ find approach against GAFAM in strategic category

2

Competing technology

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

3

Marketing

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

Mitigate→

  • compatibility with new rules
  • participation in the activities steering and show case the development
  • communicate with institutes to bring them to ecosystem 
4

 Funding

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
participating in projects and present ourself and requirements and capabilities
5

Environmental cost

Legal
  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
not selecting environmental consuming technology like some types of ledgers
Legal6
4

Governments Rules

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
  • develop and share best practices
  • monitoring 
  • develop common strategies 
7

International Compatibility (ex. GDPR)

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

same as above plus

finding common denominator solutions 



8

Misusing of DID 

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
Refer to existing solution like revoking ID
Strategic6

Dependency 


9

User Responsibility

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
  • training user
  • wallet technical support
  • follow legal framework e.g. GDPR
Strategic10

Dependency 

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

11

Intermediaries

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
Improvement in EUDI wallet
12

Exposure to Governance Rules and standards

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

13

Usability



  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
Existing system are still in place, and we improve the products and solutions continuously.
14Acceptance
  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
Existing system are still in place, and we improve the products and solutions continuously.
15
7

Intermediaries

8

Acceptance

9

Engagement (Governance Rules)

10

Usability

11

Interoperability (Standards and Protocols)

12

Integration

13

Communication (Marketing)

Security14

Physical vulnerabilities (Device lost)

15

Protecting sensitive data

percentage of occurrence  Probability 10090807060504030e.g. Physical vulnerabilities (Device lost)
  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
mitigate the risk with customization
16

Integration

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
mitigate the risk with development
17

ontopiness 



  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny
come up with new services
Security


18

Protecting data


  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

any security solution

  • security reviews
  • incident handling capabilities
  • awareness programs
19

Losing data


  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

improve recovery processes


20

Dark Net

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny

21

Trust Infrastructure

  •  (once in 10 years)
  •  (once in 5 years)
  •  (once in 2 years)
  •  (once in 1 years)
  •  (many times in a year)
  •  Low   
  •  Medium
  •  High
  •  Very high
  •  Accept
  •  Mitigate
  •  Avoid
  •  Transfer
  •  Deny


  • Consensus


2010
many times in a year
  • Competing technology
  • Exposure to Governance Rules and standards
  • Misusing of DID
  • Dependency
  • Usability
  • Acceptance
  • Protecting data
User Responsibility
  • GAFAM
  • Losing data
once in 1 years
Funding
  • Marketing
  • Intermediaries

once in 2 yearsDark Net
  • Governments Rules
  • International Compatibility (ex. GDPR)
  • Interoperability (Standards and Protocols)
  • Integration
ontopiness 
once in 5 years


Trust Infrastructure

once in 10 years

Environmental cost


Occurrence Probability / Potential damage
LowMediumHighVery High


  •  No-consensus-pile

.....