TES Risk and Impact Analysis

Risks management

Identify and prioritize risks based on their probability and severity. Then define what further actions you need to take to control the risks, and who needs to carry out these actions.

Risk rating

LOW	MEDIUM	HIGH	EXTREME
Acceptable Ok to proceed	As low as reasonably practicable - provide justification Take mitigation efforts	Generally unacceptable Seek support	Intolerable Place event on hold

LIKELIHOOD	SEVERITY
LIKELIHOOD	ACCEPTABLE Little to no effect on event	TOLERABLE Effects are felt, but not critical to outcome	UNDESIRABLE Serious impact to the course of action and outcome	INTOLERABLE Could result in disaster
IMPROBABLE Risk is unlikely to occur
POSSIBLE Risk will likely occur
PROBABLE Risk will occur

Risk	Before Mitigation				Mitigation/Justification	After Mitigation
Risk	Risk Type	Likelihood	Severity	Score	Mitigation/Justification	Likelihood	Severity	Score After Mitigation
AIMS Platform security is compromised.	Product	Possible	Intolerable	Extreme	NIST and DAST Vulnerability Scans,	Improbable	Intolerable	Low
Sensitive data is breached.	Product	Possible	Intolerable	Extreme	TES does not store sensitive data not store sensitive data. This risk and impact analysis will be reviewed for any content updates.	Improbable	Intolerable	Low
TES Content does not properly associate codes with conditions.	Product	Possible	Undesirable	High	Value Sets pulled from trusted, field-proven sources. New groupers curated and validated by RCKMS content team (experts)	Improbable	Undesirable	Low
User cannot remember password.	Product	Probable	Acceptable	Medium	SMTP password reset	Improbable	Acceptable	Low

Customers are unsatisfied with TES.	Business	Possible	Tolerable	Medium		Improbable	Tolerable	Low

TES Risk and Impact Analysis

Risks management

Risk rating

LIKELIHOOD

SEVERITY

✅ Action items