Risk management is not explicitly addressed in agile methodologies. However, when prioritizing backlog items, risk is one of the key criteria and is intended to ensure that work packages that mitigate or resolve risks are addressed as early as possible. (See Backlog Prioritization). These are typically what are known as project risks.
Project Risks
Furthermore, risks can be divided into those that are “controllable within product development” and those that are not directly controllable and thus lie outside the scope of product development. Such risks can only be accepted and mitigated.
The most interesting aspect for the agility of product development is the consideration of decision risks:
How much information do we need to make a design decision, and what are the implications of the design decision—that is, what would need to be changed if this decision is later rejected? Early architectural decisions, in particular, or the selection of partners, are very difficult to reverse.
By consistently sorting design decisions according to their risk, a decision tree is created that illustrates the priorities for addressing and closing knowledge gaps.
…
Not only risks should be actively managed, but opportunities as well. The Upswing-Gravity Chart can be used to illustrate this, similar to a cost-benefit analysis.
Product Risks
In the context of regulated product development in particular, explicit product risk management is also required. This concerns risks to people and the environment during the manufacture and use of the product—that is, product risks. Product risks typically give rise to non-functional requirements for the product or its components (robustness, service life, availability, redundancy). These drive and influence architectural and design decisions. Additional monitoring functions are also frequently designed and integrated, sometimes extending to multi-channel monitoring. Based on the risk analysis, additional activities are often agreed upon during product development (e.g., additional tests, expert reviews, …)