Retrospective topic: Are we managing risk?What is risk? Why do we care?
Where does risk come from?
- Are there domain specific risks we should watch out for?
- Are there industry risks we should know about?
Are the risks we are aware of likely to happen or outliers?
What is the implication or impact of they eventuate?
You could map this stuff onto an X-Y matrix and see what the team thinks are the risks they are exposed to. By doing this you'll also see the variations in people's tolerance or perspectives on risk.
My version of super high risky and critical may not be such a big deal to you. Let's talk about he gaps in perspectives.
What about the unknown-unknowns? How do we defend against these pesky potential problems? How do we figure out what they could even be?
Once we know what the risks we face are, how do we deal with them? Do we manage risk the right way? How do we visualise it? How do we manage it? What are the consequences of this approach?
Are we happy with our systemic approach to identifying and managing risk? What might we do to be better?