Risk
by @mike47512
Deep risk assessment workflow—identifying risks, likelihood and impact, mitigation plans, owners, residual risk acceptance, and tracking. Use when assessing...
clawhub install risk📖 About This Skill
name: risk description: Deep risk assessment workflow—identifying risks, likelihood and impact, mitigation plans, owners, residual risk acceptance, and tracking. Use when assessing launches, migrations, vendors, or operational changes.
Risk Assessment
Risk assessment turns vague worry into prioritized actions: what can go wrong, how bad, what we do now, and who owns follow-up.
When to Offer This Workflow
Trigger conditions:
Initial offer:
Use six stages: (1) scope & stakeholders, (2) identify risks, (3) analyze likelihood & impact, (4) plan mitigations, (5) owners & deadlines, (6) review & tracking). Confirm scoring approach (simple matrix vs quantitative).
Stage 1: Scope & Stakeholders
Goal: Define system/project boundary and who can accept residual risk (product, eng, legal).
Exit condition: RACI or explicit approvers for go/no-go.
Stage 2: Identify Risks
Goal: Brainstorm across categories: technical, security, operational, legal, reputational, financial.
Practices
Stage 3: Analyze
Goal: Score likelihood and impact with a shared rubric; avoid false precision.
Stage 4: Plan Mitigations
Goal: Prevent, detect, and respond controls; rough cost/time per mitigation.
Stage 5: Owners & Deadlines
Goal: Each material risk has an owner and date; escalation path if unmitigated by launch.
Stage 6: Review & Tracking
Goal: Living RAID log; revisit after scope changes or incidents.