Answer
Though often overlooked, risks are an essential Flow Item type that mitigates risk to the business.
A risk is a Flow Item delivered to protect business value, for example, to protect the company from litigation, fines, or reputational harm.
Examples of Risks
- Vulnerabilities surfaced in security scans that require software fixes or upgrades
- Analysis of source code supply chains to prevent security breaches
- Securing a customer's PII or PCI information
- Implementing requirements of a new regulatory policy like GDPR or industry-specific regulations
Note: These are not the risks associated with delivery, such as missing a milestone.