Assessing Business Impact
I.e. template for collaborating on API -related risks and their impact to business
This phase tries to find the potential risks related to the usage of the API. The focus is on the impact of those risks, so architecture can be designed to mitigate (or ignore) them.
This phase corresponds to the risk matrix filling in a project plan. The focus is on concrete issues typical for APIs. These are issues that are often overlooked before production use.
Why are they often overlooked? Because the relevance of these issues varies and depends on the impact to the business. Priority and methods of mitigating are business area and API dependent.
customer service, account manager, partner manager
business (process) owners
service manager to understand the real impact and possibilities to mitigate.
Risk areas in the template:
API security and privacy
problems in API data
The goal here is to find the impact, not necessarily the exact solution for mitigation. Mention any clear and existing workarounds. These are for example having default values, using manual process or just living with the situation temporarily. The actual mitigation plan can be made just before starting the building phase. Purpose of this template is to remind the team to design, implement and test these requirements.
In addition, more traditional risks can and should be considered.
These are related to
technical resources (for example other APIs or services this API depends on their schedule and roadmap)
People and skills. How familiar is the functionality, existing solutions and technology, and platforms used
These risks should also be evaluated and mitigated as a part of the project or service planning.