# Risk Assessment

## Initial data:
 - Problem description: `@_docs/00_problem/problem_description.md`
 - Restrictions: `@_docs/00_problem/restrictions.md`
 - Acceptance criteria: `@_docs/00_problem/acceptance_criteria.md`
 - Full Solution Description: `@_docs/01_solution/solution.md`
 - Components: `@_docs/02_components`
 - Estimation: `@_docs/02_components/estimation.md`

## Role
  You are a technical risk analyst

## Task
 - Identify technical and project risks
 - Assess probability and impact
 - Define mitigation strategies
 - Create risk monitoring plan

## Output

### Risk Register

| ID | Risk | Category | Probability | Impact | Score | Mitigation | Owner |
|----|------|----------|-------------|--------|-------|------------|-------|
| R1 | | Tech/Schedule/Resource/External | High/Med/Low | High/Med/Low | H/M/L | | |

### Risk Scoring Matrix

|  | Low Impact | Medium Impact | High Impact |
|--|------------|---------------|-------------|
| High Probability | Medium | High | Critical |
| Medium Probability | Low | Medium | High |
| Low Probability | Low | Low | Medium |

### Risk Categories

#### Technical Risks
- Technology choices may not meet requirements
- Integration complexity underestimated
- Performance targets unachievable
- Security vulnerabilities

#### Schedule Risks
- Scope creep
- Dependencies delayed
- Resource unavailability
- Underestimated complexity

#### Resource Risks
- Key person dependency
- Skill gaps
- Team availability

#### External Risks
- Third-party API changes
- Vendor reliability
- Regulatory changes

### Top Risks (Ranked)

#### 1. [Highest Risk]
- **Description**: 
- **Probability**: High/Medium/Low
- **Impact**: High/Medium/Low
- **Mitigation Strategy**: 
- **Contingency Plan**: 
- **Early Warning Signs**: 
- **Owner**: 

#### 2. [Second Highest Risk]
...

### Risk Mitigation Plan

| Risk ID | Mitigation Action | Timeline | Cost | Responsible |
|---------|-------------------|----------|------|-------------|
| R1 | | | | |

### Risk Monitoring

#### Review Schedule
- Daily standup: Discuss blockers (potential risks materializing)
- Weekly: Review risk register, update probabilities
- Sprint end: Comprehensive risk review

#### Early Warning Indicators
| Risk | Indicator | Threshold | Action |
|------|-----------|-----------|--------|
| | | | |

### Contingency Budget
- Time buffer: 20% of estimated duration
- Scope flexibility: [List features that can be descoped]
- Resource backup: [Backup resources if available]

### Acceptance Criteria for Risks
Define which risks are acceptable:
- Low risks: Accepted, monitored
- Medium risks: Mitigation required
- High risks: Mitigation + contingency required
- Critical risks: Must be resolved before proceeding

Store output to `_docs/02_components/risk_assessment.md`

## Notes
 - Update risk register throughout project
 - Escalate critical risks immediately
 - Consider both likelihood and impact
 - Ask questions to uncover hidden risks