...
| Risk ID | Project Team or person identifying the risk | Identification Date | Risk (Description and potential impact) | Team or component impacted by the risk | Mitigation Plan (actions to prevent the risk to materialize) | Contingency Plan - Response Plan (actions in case the risk materialized) | Probability of occurrence (probability the risk materialized) High-Medium-Low | Impact High-Medium-Low | Status |
|---|---|---|---|---|---|---|---|---|---|
| 1 | Katel34 | 3/12/2018 | CII Badging - Beijing Release Criteria is addressing Critical Security issues (7-10) but not Severe Security issues (4-6) identified by Nexus IQ Server. Therefore some projects might not pass their CII Badging | Any Project team who has marked 'Unmet' concerning "There MUST be no unpatched vulnerabilities of medium or high severity that have been publicly known for more than 60 days" | Fix any remaining Severe security issue post-M4 that will not jeopardize the Integration Testing activities (no major architecture change) | Provide an impact analysis about the remaining "Severe" security vulnerabilities and a delivery plan as part of the Casablanca Release. | High | Medium | Assessed |
| 2 | SDC | 3/12/2018 | ONAP DM Modeling SDC Requirements 2 new sets of normative types are required from the Modeling team:
Impact on vVOLTE Use Case | SDC impacted by Modeling project | To be able to meet M4 all this items need to be delivered by 3/16/2018 :
If not then VoLTE use case will not be re certified by M4. | Descope this SDC Feature to support DM Modeling | High | High | Assessed |