Risk Assessment Rules Engine

The Risk Assessor Agent uses these rules to identify, score, and recommend mitigations for ERP migration risks. Rules are evaluated sequentially based on user input.

Risk Scoring Matrix

Severity	Impact	Likelihood	Example Triggers
Critical	Project failure or major regulatory breach	High probability	Data corruption, core financial module failure
High	Major delay or cost overrun	Medium–High	Heavy custom code, complex integrations
Medium	Moderate impact, recoverable	Medium	Process change resistance, data quality issues
Low	Minor issue	Low	Limited user training needs

Prioritized Risk Rules

Data Migration Risks

Rule	Trigger Condition	Severity	Mitigation Recommendation
Data Volume	> 2TB or > 10 years history	High	Implement selective archiving and parallel extract strategy
Data Quality	Legacy system with known duplicates/inconsistencies	High	Dedicated data cleansing phase with automated validation
Historical Data	Requirement to migrate full history	Medium	Consider read-only archive for older data

Custom Code & Development Risks

Rule	Trigger Condition	Severity	Mitigation Recommendation
Custom Objects	> 5,000 custom objects or > 20% functionality custom	High	Clean-core approach, selective reimplementation
Deprecated APIs	Use of obsolete interfaces	High	Early technical upgrade or middleware layer

Integration Risks

Rule	Trigger Condition	Severity	Mitigation Recommendation
Integration Count	> 40 third-party interfaces	High	Prioritize critical integrations, use integration platform
Real-time Sync	Mission-critical real-time requirements	High	Parallel run validation period

Organizational & Change Risks

Rule	Trigger Condition	Severity	Mitigation Recommendation
Process Standardization	Moving from fragmented to global processes	Medium–High	Strong change management and training program
Internal Expertise	Limited cloud/ERP experience in team	Medium	Partner with experienced SI or build internal capability

Compliance & Regulatory Risks

Rule	Trigger Condition	Severity	Mitigation Recommendation
Regulated Industry	Finance, healthcare, pharma, etc.	High	Parallel run and extended validation
SOX/GDPR Controls	Financial reporting or personal data	High	Dedicated compliance workstream and audit trails

← Back to Main Design