Open Risks
Purpose
This page lists unresolved risks that prevent the documentation from being treated as final approved technical documentation.
The risk register should be reviewed before every internal approval round.
Risk Severity
| Severity | Meaning |
|---|---|
| High | May affect security, financial integrity, tenant isolation, or recovery readiness |
| Medium | May affect operational reliability, developer onboarding, or audit readiness |
| Low | Documentation quality or follow-up improvement |
Current Open Risk Register
| ID | Risk | Severity | Owner | Status | Mitigation |
|---|---|---|---|---|---|
| RISK-RBAC-001 | RBAC evidence is not attached to documentation | High | CTO / Backend | Evidence Pending | Technical team confirmed test cases and manual testing cover the listed denial scenarios; attach evidence in Evidence Log |
| RISK-SCOPE-001 | Scope / account isolation evidence is not attached | High | Backend | Evidence Pending | Maqsafy is not SaaS; attach school, supplier, and operator negative access evidence for account/scope isolation |
| RISK-CRED-001 | Credential lifecycle evidence is not fully attached | High | Product / Backend | Evidence Pending | Technical team confirmed credential replacement is Admin-only; attach test or permission evidence |
| RISK-PAY-001 | Payment idempotency evidence is not attached | High | Backend / Finance | Evidence Pending | Technical team confirmed server-to-server status checks and single-update enforcement; attach implementation/test evidence |
| RISK-RESTORE-001 | Restore test evidence is incomplete | High | CTO / Operations | Evidence Pending | Restore test was performed approximately during the last month; add exact date, environment, and validation result |
| RISK-RPO-001 | RPO wording is not formally approved | High | CTO | Open | Replace "zero data loss target" with approved measurable wording |
| RISK-API-001 | API documentation final format is partially confirmed | Medium | Backend | Partially Closed | Postman documentation exists and /openapi.yaml draft exists; decide whether a hosted Swagger UI is required |
| RISK-INT-001 | Integration provider names and ownership are still TBD | Medium | CTO / Operations | Open | Confirm providers or mark as intentionally undisclosed |
| RISK-REL-001 | Release approval and rollback ownership require final confirmation | Medium | CTO / Product | Open | Update Release Management with actual approvers |
| RISK-SEC-001 | Security controls are documented but not backed by evidence | Medium | CTO / Security | Open | Add sanitized control evidence |
Closure Criteria
A risk can be closed only when:
- The owner confirms the final decision.
- Evidence is added or the limitation is explicitly accepted.
- The affected documentation page is updated.
- The Documentation Review Checklist is updated.
Rules
- Do not close risks based on assumption.
- Do not downgrade financial, tenant isolation, or credential risks without technical confirmation.
- Use
Accepted Riskonly when the responsible owner explicitly accepts it.