Risk categories

Generally, risk is defined as "exposure of an organization to factors that will lower its profits or lead it to fail". In the context of requirements, Journey to Rome attempts to indicate the probability of defects and the impact of defects on the organization.

Business risk

Questions in this category assess how often a feature is being used and by how many users, and what the impact of a defect would be.

Failure Probability

New functionality has a higher risk of failure than changed functionality. The same applies to low vs. high number of screens, low vs. high software maturity, and expected defect rate (= trust) based on past experience with the software.

Functional Complexity

Higher functional complexity results in defects that are harder to detect, because they might occur only in a very specific set of conditions. Factors include dependency to other systems, number of logical process steps (= paths), etc.