Risk management is the process of identifying, assessing and controlling financial, legal, strategic and security risks to an organization’s capital and earnings. Thesethreats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents and natural disasters. [1]
Here is a summary of risks that is already gathered by other Work Items:
1
ecosystem use cases
compatibility issues (technical, policy)
cannot solve compatibility and end up with silos
we cannot cope with the "stability" of paper (issuance, but also verification)
we cannot provide good enough usability → silos for fixing this
2
credential flow
other standards and architectures are imposed on us, requiring us to change a lot
not good enough user-friendliness makes the wallet-ecosystem fail as a whole
GAFAMs to impose their way (including browsers as "their" tool, interference with their business interests)
3
credential governance
how about other governance models being forced upon us?
intermediaries trying to keep their influence
overcoming national borders might impose barriers
failing to communicate the new "VC world" to end users and those engaged in the process
if usability is missing, the trust governance cannot be communicated appropriately
Based on the above definition and the risks mentioned in the table, this classification is presented. That includes other aspect of risk as well.
