Sorting out environmental risks

dictionary.txt

@@ -370,3 +370,4 @@ serviceability
 automakers
 pinto
 uptime
+nokia

docs/practices/Development-And-Coding/Library-Adoption.md

@@ -13,6 +13,7 @@ practice:
    - "Library Integration"
    - "Standards Adoption"
    - "Runtime Dependency"
+   - "Open-Source Consumption"
   mitigates:
    - tag: Implementation Risk
      reason: "Ensures consistency and reliability by adhering to proven standards and libraries."
@@ -24,7 +25,7 @@ practice:
    - tag: Software Dependency Risk
      reason: "Creates dependencies on the adopted standards and libraries."
    - tag: Lock-In Risk
-     reason: "Limits flexibility by adhering to specific standards and libraries which may be hard to change later."
+     reason: "Adopting proprietary libraries may lead to worsening terms-of-service in the future."
    - tag: Funding Risk
      reason: "Can incur costs associated with adopting standards or libraries."
   related:

docs/practices/Development-And-Coding/Standardisation.md

@@ -21,6 +21,8 @@ practice:
      reason: "Reduces operational errors by providing clear guidelines and protocols."
    - tag: Communication Risk
      reason: "Improves communication by using a common language and standardized terms."
+   - tag: Lock-In Risk
+     reason: "Using software that adheres to standards allows for swapping out components and promotes competition amongst dependencies."
   attendant:
    - tag: Inflexibility Risk
      reason: "May limit creativity and flexibility by enforcing strict adherence to standards."

docs/practices/External-Relations/Analysis.md

@@ -22,14 +22,14 @@ practice:
    - tag: Contextual Risk
      reason: "Developing an understanding the context into which a solution is put avoids legal and social problems."
    - tag: Internal Model Risk
-     reason: "Analysis is the process of doign work to build a better Internal Model."
+     reason: "Analysis is the process of doing work to build a better Internal Model."
+   - tag: Lock-In Risk
+     reason: "Analysis can identify dependencies where Lock-In Risk is high."
   attendant:
    - tag: Schedule Risk
      reason: "Can be time-consuming, potentially delaying the start of development."
    - tag: Agency Risk
      reason: "Creates dependencies on the availability and accuracy of information from stakeholders."
-   - tag: Lock-In Risk
-     reason: "Well-defined analysis can create rigid boundaries that limit flexibility."
   related:
    - ../Planning-and-Management/Requirements-Capture
    - ../Development-and-Coding/Coding

docs/practices/Planning-And-Management/Delegation.md

@@ -26,6 +26,7 @@ practice:
   related:
    - ../Planning-And-Management/Prioritising
    - ../Collaboration-And-Communication/Stakeholder-Management
+   - ../External-Relations/Outsourcing
 ---
 
 <PracticeIntro details={frontMatter} /> 

docs/practices/Planning-And-Management/Terms-Of-Reference.md

@@ -18,8 +18,6 @@ practice:
    - tag: Coordination Risk
      reason: "Provides a clear framework for coordination among team members and stakeholders."
   attendant:
-   - tag: Lock-In Risk
-     reason: "Poorly defined terms can create rigid boundaries that limit flexibility."
    - tag: Coordination Risk
      reason: "Requires alignment and coordination among all parties to agree to the terms."
    - tag: Schedule Risk

docs/risks/Dependency-Risks/Lock-In-Risk/Lock-In-Risk.md

@@ -16,8 +16,6 @@ part_of: Dependency Risk
 
 <RiskIntro fm={frontMatter} />
 
-In the previous sections on [Dependency Risk](/tags/Dependency-Risk) we've touched on [Lock-In Risk](/tags/Lock-In-Risk) several times, but now it's time to tackle it head-on and discuss this important type of risk.  
-
 ![Lock-In Risk is due to Dependency Risk and commitment](/img/generated/risks/posters/lock-in-risk.svg)
 
 As shown in the above diagram, [Lock-In Risk](/tags/Lock-In-Risk) is the risk we face due to _commitments_ around dependencies and the limitations they place on our ability to change.  To illustrate, lets consider two examples:
@@ -107,6 +105,12 @@ Will the dependency satisfy your expanding requirements going forward? It's ofte
 
 **Threat**: The owner of the dependency has the opportunity to unilaterally change the licensing conditions for your dependency.  (Compare to [Open Source](../Software-Dependency-Risk)).
 
+:::tip Anecdote Corner
+
+The IT industry is replete with examples of where Lock-In Risk is used as a key business strategy.  In the 1980's and 1990's Microsoft were able to use proprietary file formats as a way to lock-in users of the Microsoft Windows and Office ecosystems, nearly bankrupting Apple in the process.  
 
+However in 2007/2008 Apple were able to use the same strategy to build a locked-in ecosystem around the iPhone, relegating Blackberry, Nokia and Microsoft's offerings to being minor, incompatible players and leaving them locked out of the ecosystem.
 
+Amazon Web Services (AWS), started in 2006, is another example of a proprietary, locked-in ecosystem, with Microsoft and Google providing their own alternatives. It's easy to see the same strategic patterns being repeated again in different sections of the IT industry (Desktop, Mobile, Cloud).     
 
+It's worth pointing out Google's strategy here of creating (arguably) _open source_ alternatives for all of the above.  On the desktop, Chrome, on mobile, Android and in the Cloud, Kubernetes.  All of these are aimed at attracting users and developers interested in building out ecosystems which minimise lock-in.  Google's [strategy](https://opensource.google/documentation/reference/why/) here is that sacrificing some potential lock-in leads to a bigger overall ecosystem as a result.     

docs/risks/Environmental-Risks/Environmental-Risks.md

@@ -0,0 +1,28 @@
+---
+title: Environmental Risks
+description: Risks related the environment in which an operation is perfomed.
+
+
+featured: 
+  class: c
+  element: '<risk class="environmental" />'
+tweet: yes
+slug: /risks/Environmental-Risks
+tags: 
+ - Environmental Risk
+---
+
+# Environmental Risks
+
+In this section we're going to start considering the realities of running software systems in the real world.  
+
+There is a lot to this subject, so this section is just a taster: we're going to set the scene by looking at what constitutes an [Operational Risk](/tags/Operational-Risk), and then consider just two specific further types of environmental risk, [Security Risk](/tags/Security-Risk) and [Legal Risk](/tags/Legal-Risk).
+
+
+# PESTLE.
+
+## Types Of Feature Risk
+
+<TagList tag="Environmental Risk"  /> 
+
+

docs/risks/Environmental-Risks/Legal-Risk/Legal-Risk.md

@@ -0,0 +1,19 @@
+---
+title: Legal Risk
+description: Risks due to the legal context in which an operation is running.
+
+slug: /risks/Legal-Risk
+
+
+featured: 
+  class: c
+  element: '<risk class="legal" />'
+sidebar_position: 2
+tweet: yes
+tags: 
+ - Risks
+ - Legal Risk
+ - Environmental Risk
+---
+
+<RiskIntro fm={frontMatter} />

docs/risks/Environmental-Risks/Operational-Risk/Operational-Risk.md

@@ -0,0 +1,54 @@
+---
+title: Operational Risk
+description: Risks of losses or reputational damage caused by failing processes or real-world events.
+
+slug: /risks/Operational-Risk
+
+
+featured: 
+  class: c
+  element: '<risk class="operational" />'
+sidebar_position: 1
+tweet: yes
+tags: 
+ - Risks
+ - Legal Risk
+ - Operational Risk
+ - Environmental Risk
+---
+
+<RiskIntro fm={frontMatter} />
+
+> "The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." - [Operational Risk, _Wikipedia_](https://en.wikipedia.org/wiki/Operational_risk#Definition)
+
+
+
+## Operational Risks
+
+When building software, it's tempting to take a very narrow view of the dependencies of a system, but [Operational Risks](/tags/Operational-Risk) are often caused by dependencies we _don't_ consider - i.e. the **Operational Context** within which the system is operating.<!-- tweet-end -->  Here are some examples:  
+
+ - **[Staff Risks](/tags/Staff-Risk)**: 
+   - Freak weather conditions affecting ability of staff to get to work, interrupting the development and support teams. 
+   - Reputational damage caused when staff are rude to the customers.
+
+ - **[Reliability Risks](/tags/Reliability-Risk)**:
+   - A data-centre going off-line, causing your customers to lose access.
+   - A power cut causing backups to fail.
+   - Not having enough desks for everyone to sit at.
+
+ - **[Process Risks](/tags/Process-Risk)**:
+   - Regulatory change, which means you have to adapt your business model.
+   - Insufficient controls which means you don't notice when some transactions are failing, leaving you out-of-pocket.
+   - Data loss because of bugs introduced during an untested release.
+
+ - **[Software Dependency Risk](/tags/Software-Dependency-Risk)**:
+   - Hackers exploit weaknesses in a piece of 3rd party software, bringing your service down.
+
+ - **[Agency Risk](/tags/Agency-Risk)**:
+   - Workers going on strike.
+   - Employees trying to steal from the company (bad actors).
+   - Other crime, such as hackers stealing data.
+
+This is a long laundry-list of everything that can go wrong due to operating in "The Real World".  Although we've spent a lot of time looking at the varieties of [Dependency Risk](/tags/Dependency-Risk) on a software project, with [Operational Risk](/tags/Operational-Risk) we have to consider that these dependencies will fail in any number of unusual ways, and we can't be ready for all of them.  Preparing for this comes under the umbrella of [Operations Management](#operations-management).
+
+

docs/risks/Operational-Risk.md → docs/risks/Environmental-Risks/Operational-Risk/Operations-Management.md

@@ -1,54 +1,3 @@
----
-title: Operational Risk
-description: Risks of losses or reputational damage caused by failing processes or real-world events.
-
-
-featured: 
-  class: c
-  element: '<risk class="operational" />'
-sidebar_position: 15
-tweet: yes
-tags: 
- - Risks
- - Legal Risk
- - Operational Risk
----
-
-<RiskIntro fm={frontMatter} />
-
-> "The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." - [Operational Risk, _Wikipedia_](https://en.wikipedia.org/wiki/Operational_risk#Definition)
-
-In this section we're going to start considering the realities of running software systems in the real world.  
-
-There is a lot to this subject, so this section is just a taster: we're going to set the scene by looking at what constitutes an [Operational Risk](/tags/Operational-Risk), and then look at the related discipline of [Operations Management](#operations-management).  Following this background, we'll apply the Risk-First model and have a high-level look at the various mitigations for [Operational Risk](/tags/Operational-Risk).  
-
-## Operational Risks
-
-When building software, it's tempting to take a very narrow view of the dependencies of a system, but [Operational Risks](/tags/Operational-Risk) are often caused by dependencies we _don't_ consider - i.e. the **Operational Context** within which the system is operating.<!-- tweet-end -->  Here are some examples:  
-
- - **[Staff Risks](/tags/Staff-Risk)**: 
-   - Freak weather conditions affecting ability of staff to get to work, interrupting the development and support teams. 
-   - Reputational damage caused when staff are rude to the customers.
-
- - **[Reliability Risks](/tags/Reliability-Risk)**:
-   - A data-centre going off-line, causing your customers to lose access.
-   - A power cut causing backups to fail.
-   - Not having enough desks for everyone to sit at.
-
- - **[Process Risks](/tags/Process-Risk)**:
-   - Regulatory change, which means you have to adapt your business model.
-   - Insufficient controls which means you don't notice when some transactions are failing, leaving you out-of-pocket.
-   - Data loss because of bugs introduced during an untested release.
-
- - **[Software Dependency Risk](/tags/Software-Dependency-Risk)**:
-   - Hackers exploit weaknesses in a piece of 3rd party software, bringing your service down.
-
- - **[Agency Risk](/tags/Agency-Risk)**:
-   - Workers going on strike.
-   - Employees trying to steal from the company (bad actors).
-   - Other crime, such as hackers stealing data.
-
-This is a long laundry-list of everything that can go wrong due to operating in "The Real World".  Although we've spent a lot of time looking at the varieties of [Dependency Risk](/tags/Dependency-Risk) on a software project, with [Operational Risk](/tags/Operational-Risk) we have to consider that these dependencies will fail in any number of unusual ways, and we can't be ready for all of them.  Preparing for this comes under the umbrella of [Operations Management](#operations-management).
 
 ## Operations Management
 
@@ -154,5 +103,4 @@ The "should we ship?" decision is therefore a complex one.  In [Meeting Reality]
 
 In a way, [actions](/tags/Take-Action) like **Design** and **Improvement** bring us right back to where we started from: identifying [Dependency Risks](/tags/Dependency-Risk), [Feature Risks](/tags/Feature-Risk) and [Complexity Risks](/tags/Complexity-Risk) that hinder our operation, and mitigating them through actions like _software development_.  
 
-Our safari of risk is finally complete: it's time to reflect on what we've seen in the next section, [Staging and Classifying](Staging-And-Classifying).  
-
+Our safari of risk is finally complete: it's time to reflect on what we've seen in the next section, [Staging and Classifying](Staging-And-Classifying).  

docs/risks/Environmental-Risks/Security-Risk/Security-Risk.md

@@ -0,0 +1,19 @@
+---
+title: Security Risk
+description: Risks due to hostile actors and events from inside or outside of the system.
+
+slug: /risks/Security-Risk
+
+
+featured: 
+  class: c
+  element: '<risk class="security" />'
+sidebar_position: 3
+tweet: yes
+tags: 
+ - Risks
+ - Security Risk
+ - Environmental Risk
+---
+
+<RiskIntro fm={frontMatter} />

docs/risks/Environmental-Risks/_category_.yaml

@@ -0,0 +1,4 @@
+position: 9
+link:
+  type: doc
+  id: Environmental-Risks

docs/tags.yml

@@ -34,10 +34,6 @@
   label: "Automation"
   permalink: "Automation"
 
-"Boundary Risk":
-  label: "Boundary Risk"
-  permalink: "Boundary-Risk"
-
 "Change Management":
   label: "Change Management"
   permalink: "Change-Management"
@@ -110,6 +106,10 @@
   label: "Documentation"
   permalink: "Documentation"
 
+"Environmental Risk":
+  label: "Environmental Risk"
+  permalink: "Environmental-Risk"
+
 "Estimating":
   label: "Estimating"
   permalink: "Estimating"
@@ -277,6 +277,10 @@
 "Runtime Adoption":
   label: "Runtime Adoption"
   permalink: "Runtime-Adoption"
+
+"Library Adoption":
+  label: "Library Adoption"
+  permalink: "Library Adoption"
 
 "Sales":
   label: "Sales"
@@ -540,4 +544,8 @@
 
 "Read All About It":
   label: "Read All About It"
-  permalink: "Read-All-About-It"
+  permalink: "Read-All-About-It"
+
+"Lock-In Risk":
+  label: "Lock-In Risk"
+  permalink: "Lock-In-Risk"

src/plugins/category-listing/index.js

@@ -8,7 +8,7 @@ module.exports = async function myPlugin(context, options) {
         allVersions.forEach(version => {
             const docs = version.docs;
 
-			docs.forEach(d => console.log(d))
+			// docs.forEach(d => console.log(d))
 
             // build the mapping of tags to docs
             const tagToDocMap = {};