This phase tries to find the potential risks related to the usage of the API. The focus is on the impact of those risks, so architecture can be designed to mitigate (or ignore) them.
This phase corresponds to the risk matrix filling in a project plan. The focus is on concrete issues typical for APIs. These are issues that are often overlooked before production use.
Why are they often overlooked? Because the relevance of these issues varies and depends on the impact to the business. Priority and methods of mitigating are business area and API dependent.
Interview
Risk areas in the template:
The goal here is to find the impact, not necessarily the exact solution for mitigation. Mention any clear and existing workarounds. These are for example having default values, using manual process or just living with the situation temporarily. The actual mitigation plan can be made just before starting the building phase. Purpose of this template is to remind the team to design, implement and test these requirements.
In addition, more traditional risks can and should be considered.
These risks should also be evaluated and mitigated as a part of the project or service planning.