...
| Risk ID | Project Team or person identifying the risk | Identification Date | Risk (Description and potential impact) | Team or component impacted by the risk | Mitigation Plan (Action to prevent the risk to materialize) | Contingency Plan - Response Plan (Action in case of the risk materialized) | Probability of occurrence (probability of the risk materialized) High/Medium/Low | Impact High/Medium/Low | Status | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | OOF |
| Meeting the following requirement for CMSO - Upgrade vulnerable packages | OOF - CMSO | Will be taken up along with the feature implementation if it is required by the use cases | Project team will try to take up activity if no new feature is planned | Low | Low | Identified | ||||||||
| 2 | UUI |
| usecase UI dockers contain GPLv3
| UUI | Will take active action to contact Jira owner and find out witch package contains GPLv3 | Make the current dependencies work well and keep this problem to next release | High | Low | Identified | ||||||||
| 3 | Policy |
| Some package upgrades (e.g., CDS) may require significant rework
| Policy | Will continue to work on upgrades | Obtain a waiver for the problem packages | Medium | Medium | Identified | ||||||||
| 4 | SDC |
| Some package upgrades may require significant rework
| SDC | Will continue to work on upgrades | Obtain a waiver for the problem packages | Medium | Medium | Identified | ||||||||