Architectural risk register beyond project-level risks.
Categories:
Technical risks:
- Scalability ceiling approaching.
- Single integration point of failure.
- Deprecated platform features in critical paths.
- Performance regression at growth thresholds.
Operational risks:
- Talent dependency on key individuals.
- Vendor instability.
- Knowledge documented inadequately.
- Backup / disaster recovery untested.
Strategic risks:
- Salesforce roadmap divergence from current implementation.
- Industry / competitor moves.
- Regulatory shifts.
- M&A possibilities.
Process per risk:
- Identify — surface risks proactively.
- Score — probability × impact.
- Assign owner.
- Mitigation — actions to reduce probability or impact.
- Contingency — what if it materialises.
- Track — review monthly.
Mitigation patterns:
- Scalability: design for 10x current volume.
- Single integration: identify alternatives, build resilience.
- Deprecated features: track timeline; migrate before forced.
- Talent dependency: knowledge sharing, pair programming, documentation.
- Vendor instability: monitor health, plan exits.
Reporting:
- Quarterly to leadership.
- Top risks visible.
- Mitigation progress tracked.
Senior insight: architectural risks are slow-moving compared to project risks. Project risks fire in months; architectural risks build over years and detonate when undetected.
Architect's job: see risks before they become incidents.