Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Brainstorming on  

Participants:

Definition:

Risk management is the process of identifying, assessing and controlling financial, legal, strategic and security risks to an organization’s capital and earnings. These threats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents and natural disasters. [1]

...




1ecosystem use cases
  • compatibility issues (technical, policy)
  • cannot solve compatibility and end up with silos
  • we cannot cope with the "stability" of paper (issuance, but also verification)
  • we cannot provide good enough usability → silos for fixing this
2credential flow
  • other standards and architectures are imposed on us, requiring us to change a lot
  • not good enough user-friendliness makes the wallet-ecosystem fail as a whole
  • GAFAMs to impose their way (including browsers as "their" tool, interference with their business interests)
3credential governance
  • how about other governance models being forced upon us?
  • intermediaries trying to keep their influence
  • overcoming national borders might impose barriers
  • failing to communicate the new "VC world" to end users and those engaged in the process
  • if usability is missing, the trust governance cannot be communicated appropriately
4Wallet and protocol governance
  • Most EU standarisation is behind closed doors and politisized
  • Unclear how EUDI will be goverened in the future
  • Unclear how much impact EUDI will have. If it does not go beyond Government based data, our sector will maybe create a parallel ecosystem

Based on the above definition and the risks mentioned in the table, this classification is presented. That includes other aspect of risk as well.

Suggested Risk Categories:

  • Financial
    • Companies with centralized Identity on the way of decentralization (GAFAM)
    • Competing technology
    • Marketing
    • Environmental cost
    • Funding
  • Legal
    • Governments Rules
    • International Compatibility (ex. GDPR)
    • Misusing of DID
    • User Responsibility
  • Strategic
    • Dependency 
    • Intermediaries
    • Acceptance
    • Engagement (Exposure to Governance Rules )and standards
    • Usability
    • Acceptance
    • Interoperability (Standards and Protocols)
    • Integration
    • Communication (Marketing)Ontopiness
  • Security
    • Physical vulnerabilities (Device lost)
    • Protecting data
    • Losing data
    • Dark Net
    • Trust InfrastructureProtecting sensitive data


[1] What is Risk Management? | IBM