Risk Management Plan

Owning Knowledge Area
Risk Management
Typical Process Group
Planning

established project management guidelines definition

A subsidiary plan that describes how risk management activities will be structured and performed.

AI_PM requirements that support this deliverable (9)

IDDescriptionKnowledge AreaProcess Group
REQ-NFR-010All non-localhost traffic over TLS 1.2+Risk ManagementPlanning
REQ-NFR-011Bearer tokens revocable with configurable expiryRisk ManagementMonitoring & Controlling
REQ-NFR-012Passwords (if stored) hashed with modern KDF (Argon2id or bcrypt)Risk ManagementPlanning
REQ-NFR-030System tolerates single-process restarts without data lossRisk ManagementPlanning
REQ-NFR-032Backups schedulable; restore-from-backup produces identical operational stateRisk ManagementPlanning
REQ-NFR-051Loss of MAS connectivity degrades gracefully (read-only on MAS-canonical entities, queue writes for replay)Risk ManagementExecuting
REQ-NFR-064PWA service worker MUST NOT cache approval-decision-bearing endpoints — only static shellRisk ManagementPlanning
REQ-NFR-066Send-text/poll-output fallback channel rate-limited per agent token (60 send-text/min, 600 poll-output/min default)Communications ManagementMonitoring & Controlling
REQ-TRN-002Rollback procedure documented and testedRisk ManagementClosing