Decisions:
- Accept: acknowledge the risk, but do not take any action before it hits
- Mitigate: take measures to reduce the probability of occurrence or the potential damage
- Avoid: do something else without this risk, e.g. nothing
- Transfer: let someone else take care of it, e.g. insurance
- (Deny the risk: not allowed to choose, but many managers do this nevertheless...)
| Probability of occurrence | Potential damage | Decision | Reasons | |||
|---|---|---|---|---|---|---|
Financial | 1 | GAFAM |
|
| ||
| 2 | Competing technology | |||||
| 3 | Environmental cost | |||||
| Legal | 4 | Governments Rules | ||||
| 5 | International Compatibility (ex. GDPR) | |||||
| Strategic | 6 | Dependency | ||||
| 7 | Intermediaries | |||||
| 8 | Acceptance | |||||
| 9 | Engagement (Governance Rules) | |||||
| 10 | Usability | |||||
| 11 | Interoperability (Standards and Protocols) | |||||
| 12 | Integration | |||||
| 13 | Communication (Marketing) | |||||
| Security | 14 | Physical vulnerabilities (Device lost) | ||||
| 15 | Protecting sensitive data |
| 100 | ||||
| 90 | ||||
| 80 | ||||
| 70 | ||||
| 60 | ||||
| 50 | ||||
| 40 | ||||
| 30 | e.g. Physical vulnerabilities (Device lost) | |||
| 20 | ||||
| 10 | ||||
| percentage of occurrence Probability / Potential damage | Low | Medium | High | Very High |