I want to know what risks can be included in risk mitigation list.For e.g.c if i mention performance risk like large amount of data is stored in session.Will the risk mitigation strategy be to include that data be stored in back end and does this need to be be covered in my architecture solution.Can anyone clarify?
Your risk and mitigation list you should cover:
1) Some NFRs or SLAs which is some what difficult to meet and how you are tackling it.
2) Some Functional requirement- like integration with external system and which needs to adhere to the SLA and there could be chances that SLA can't be met in those cases how you are tackling it.
You can go beyond 3 risks and mitigation list also. I provided 7 in my finished assignment.
Can a missed requirement be a risk ?
Eg: In the standard Pet Store example, if after selecting a product and check out, if the requirement doesnt talk about updating the inventory ... should we consider this as risk and have a mitigation for this or put under assumptions or design decisions section and implement this ?