Risk Management Plan
established project management guidelines definition
A subsidiary plan that describes how risk management activities will be structured and performed.
AI_PM requirements that support this deliverable (9)
| ID | Description | Knowledge Area | Process Group |
|---|---|---|---|
| REQ-NFR-010 | All non-localhost traffic over TLS 1.2+ | Risk Management | Planning |
| REQ-NFR-011 | Bearer tokens revocable with configurable expiry | Risk Management | Monitoring & Controlling |
| REQ-NFR-012 | Passwords (if stored) hashed with modern KDF (Argon2id or bcrypt) | Risk Management | Planning |
| REQ-NFR-030 | System tolerates single-process restarts without data loss | Risk Management | Planning |
| REQ-NFR-032 | Backups schedulable; restore-from-backup produces identical operational state | Risk Management | Planning |
| REQ-NFR-051 | Loss of MAS connectivity degrades gracefully (read-only on MAS-canonical entities, queue writes for replay) | Risk Management | Executing |
| REQ-NFR-064 | PWA service worker MUST NOT cache approval-decision-bearing endpoints — only static shell | Risk Management | Planning |
| REQ-NFR-066 | Send-text/poll-output fallback channel rate-limited per agent token (60 send-text/min, 600 poll-output/min default) | Communications Management | Monitoring & Controlling |
| REQ-TRN-002 | Rollback procedure documented and tested | Risk Management | Closing |