Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 3 Next »

Risk rating

Summary view


LIKELIHOOD

SEVERITY

ACCEPTABLE
Little to no effect on event

TOLERABLE
Effects are felt, but not critical to outcome

UNDESIRABLE
Serious impact to the course of action and outcome

INTOLERABLE
Could result in disaster

IMPROBABLE
Risk is unlikely to occur

 

 

 

POSSIBLE
Risk will likely occur

 

 

 

 

PROBABLE
Risk will occur

 

 

 

 

Details

ID

Details

R01

Description: Solution does not accurately identify dependencies and therefore imports don’t import all data correctly

Mitigation: use a Proof of Concept towards the start of the work to demonstrate to wider team and community how the features work and ask for feedback, ensure there is enough time in the project for a structured testing approach

Likelihood: Possible

Severity: Undesirable

R02

Description: Project team doesn’t consult widely enough with the Mautic community therefore requirements and/or functions critical to the success of the project are omitted.

Mitigation: communicate about the project widely and regularly to the community via the Community Portal, make all documentation (including this risk log) public and open for feedback

Likelihood: Improbable

Severity: Tolerable

R03

  • Complexities in creating the feature are not uncovered until too late in the process - use a POC

R04

  • Data may get corrupted during import/export due to format mismatches, incomplete files, or interruptions - use standard file formats eg JSON; check for validity as a step; where possible implement an undo function

R05

  • Large import/export operations might slow down the system or cause timeouts - use an analysis function to stop import at more than X entities or break down into chunks; Use asynchronous processes with progress tracking to avoid blocking the UI.

R06

  • Imports may create duplicate entries, leading to data inconsistencies; Implement duplicate detection and merging logic (e.g., match on email or unique identifier). Offer configurable deduplication rules to users. Notify users of potential duplicates during import.

R07

  • Sensitive data may be exposed or manipulated during export or through maliciously crafted imports. Don't allow the export of any sensitive data eg email addresses and contacts; note all successful actions in the Mautic audit log

R08

  • Users may attempt to import/export files in unsupported or incorrectly formatted file types. Clearly specify the filetype required in the UI; Check for filetype and format up front on import, encourage users to only user files exported from Mautic.

R09

  • Misalignment with Mautic configurations. Import/export may conflict with existing workflows, campaigns, or custom fields. Validate imported data against Mautic's configuration (e.g., required fields, campaign dependencies). Structured testing prior to production release.

R10

  • New hires don’t have good enough understanding of the product - support them well, do regular reviews, keep work visible

  • No labels