Making a Map of Risks

I’m currently exploring how “Wardley maps” can be applied in strategies for testing. Here is an example of how I used a map to understand and work with risks.

In my current projects the system under test is not software development, but rather a end-2-end transition of IT services. The technology is part reinstallation, part spin up of containers – in other words, some elements are more or less commoditized. Also some elements are more or less visible to the stakeholder. It seems like a good fit for a Wardley map….

How to use Wardley Mapping to understand how you deliver customer value

Read the intro by Stephan Willemse on Medium

First I need to tailor the horizontal axis a bit. I have read up on the articles by Simon Wardley and Ben Mosior with regards to the framing of “evolution”. For a quick intro read Erik Schön describes the four stages, like this:

  • Genesis: the unique, the very rare, the uncertain, the constantly changing and the newly discovered. Our focus is on exploration. 
  • Custom Built: representing the very uncommon and that which we are still learning about. It is individually made and tailored for a specific environment. It is bespoke. It frequently changes. It is an artisan skill. 
  • Product (+ rental): the increasingly common, the manufactured through a repeatable process, the more defined, the better understood. Change becomes slower here. Whilst there exists differentiation particularly in the early stages there is increasing stability and sameness. 
  • Commodity (+ utility): scale and volume operations of production, the highly standardized, the defined, the fixed, the undifferentiated, the fit for a specific known purpose and repetition, repetition and more repetition. 

There is also a relevant article, where Evolution is the level of ambiguity – which is just one of the relationships Wardley Mapping have with the Cynefin Framework.

The key legend to the horizontal axis is the relative position from unknown/uncharted to embedded/industrialized – to you or the organization being mapped. It’s possible to tailor the labels specifically to the components being mapped – like the legends of altitude lines, buildings and roads on a map. Here’s one for the specific risk context above:

Risk legendUnchartedKnownStableStandard
ElaborationWe don’t know the risks yetWe see these risks.Risks are stabile.Risks are reduced to standard components
Experimental tailored legend

First I map the system landscape: relative to the business vertically and relative to Risk stage horizontally. It gives me this anonymized map:

It’s probably only half-way right, but with this I can consider:

  • How far can I move the elements to the right?
  • What inertia blocks movement?
  • Which ones can I move the furthest?

With the map (position and movement) I can consider what happens when risks change and evolves – how does evolution affect the test strategy?

If we automate Configuration, the risk is significantly reduced.

Reinstallation can only get us to a certain point, due to:

don’t make any changes to our mother-ship

8 thoughts on “Making a Map of Risks

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.