1.9 Risk Assessment
| Field |
Value |
| Document ID |
SDWAN-CH1-009 |
| Version |
1.0 |
| Last Updated |
December 2025 |
| Author |
Network Architecture Team |
| Status |
Final |
| Classification |
Internal Use |
1.9.1 Executive Risk Summary
Overall Risk Profile
┌─────────────────────────────────────────────────────────────────────────────┐
│ SD-WAN MIGRATION RISK PROFILE │
│ Abhavtech.com Assessment │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ Risk Category Current Mitigated Impact Likelihood │
│ ───────────────────── ───────── ───────── ──────── ────────── │
│ Technical HIGH MEDIUM Critical Probable │
│ Operational MEDIUM LOW Major Possible │
│ Financial MEDIUM LOW Moderate Unlikely │
│ Organizational MEDIUM LOW Moderate Possible │
│ Vendor/Supply LOW LOW Minor Unlikely │
│ Compliance MEDIUM LOW Critical Unlikely │
│ ───────────────────── ───────── ───────── ──────── ────────── │
│ OVERALL SCORE MEDIUM LOW Major Possible │
│ │
│ Risk Score: 47/100 (Acceptable with mitigation) │
│ Confidence Level: 85% │
│ │
└─────────────────────────────────────────────────────────────────────────────┘
Risk Score Summary
| Risk Category |
Inherent Risk |
Mitigated Risk |
Control Effectiveness |
| Technical |
72/100 |
45/100 |
62% |
| Operational |
58/100 |
32/100 |
55% |
| Financial |
52/100 |
28/100 |
54% |
| Organizational |
55/100 |
30/100 |
45% |
| Vendor/Supply |
35/100 |
20/100 |
57% |
| Compliance |
60/100 |
25/100 |
58% |
| Weighted Average |
57/100 |
32/100 |
55% |
1.9.2 Technical Risk Assessment
T-001: Controller Infrastructure Failure
| Attribute |
Details |
| Risk ID |
T-001 |
| Category |
Technical - Infrastructure |
| Description |
SD-WAN Manager/Controller failure causing network-wide impact |
| Inherent Risk |
Critical (90/100) |
| Probability |
Medium (40%) |
| Impact |
Complete overlay failure, no new tunnel formation, policy updates fail |
| Affected Sites |
All 9 sites (19,000 endpoints) |
Mitigation Strategies:
| Strategy |
Implementation |
Residual Risk |
| 3-node vManage cluster |
Deploy cluster in Mumbai DC |
45/100 |
| Geo-redundant DR |
Chennai DR with 3-node standby |
35/100 |
| Controller redundancy |
4 vSmart (2 Mumbai + 2 Chennai) |
30/100 |
| Graceful restart |
WAN edges maintain tunnels 24hrs |
25/100 |
| Monitoring |
Real-time controller health alerts |
20/100 |
Control Implementation:
! WAN Edge graceful restart timer
system
graceful-restart
timer restart-timer 1440 ! 24 hours
timer stalepath-time 300 ! 5 minutes
T-002: SD-Access Integration Failure
| Attribute |
Details |
| Risk ID |
T-002 |
| Category |
Technical - Integration |
| Description |
VRF-Lite/BGP handoff failure between SD-Access borders and WAN Edge |
| Inherent Risk |
High (75/100) |
| Probability |
Medium (35%) |
| Impact |
Campus-to-WAN connectivity loss, VN isolation broken |
| Affected Sites |
All hub sites with fabric borders |
Root Causes:
| Cause |
Likelihood |
Detection |
| BGP peering failure |
25% |
BGP neighbor alerts |
| VRF mismatch |
15% |
Route table verification |
| SGT propagation break |
20% |
TrustSec logging |
| MTU issues |
20% |
Path MTU discovery |
| Routing loops |
10% |
Traceroute analysis |
Mitigation Matrix:
| Mitigation |
Owner |
Timeline |
Status |
| Dual border nodes per site |
Network Team |
Pre-deployment |
Planned |
| BFD for fast failover |
Network Team |
Implementation |
Planned |
| SGT inline tagging validation |
Security Team |
Testing |
Pending |
| Lab validation before production |
Project Team |
Week 4-5 |
Planned |
| Comprehensive test cases |
QA Team |
Ongoing |
In Progress |
BFD Configuration for Fast Failover:
! SD-Access Border Node
router bgp 65001
neighbor 10.254.1.2 remote-as 65501
neighbor 10.254.1.2 fall-over bfd
!
bfd-template single-hop WAN-EDGE
interval min-tx 100 min-rx 100 multiplier 3
!
interface GigabitEthernet1/0/49
bfd template WAN-EDGE
| Attribute |
Details |
| Risk ID |
T-003 |
| Category |
Technical - Connectivity |
| Description |
IPsec/DTLS tunnel flapping or failure to establish |
| Inherent Risk |
High (70/100) |
| Probability |
Medium (30%) |
| Impact |
Site isolation, traffic blackhole, application degradation |
| Trigger Events |
NAT issues, firewall blocks, certificate expiry, MTU problems |
Tunnel Health Requirements:
| Metric |
Threshold |
Alert |
Escalation |
| Tunnel flaps |
>5/hour |
Warning |
P2 ticket |
| Tunnel down |
>1 minute |
Critical |
P1 escalation |
| BFD timeout |
>3 consecutive |
Warning |
Investigation |
| Control connection loss |
Any |
Critical |
P1 immediate |
Mitigation Controls:
┌────────────────────────────────────────────────────────────────────┐
│ TUNNEL STABILITY CONTROLS │
├────────────────────────────────────────────────────────────────────┤
│ │
│ 1. Pre-deployment Validation │
│ ├── NAT traversal testing (UDP 12346/12446) │
│ ├── Firewall rule verification │
│ ├── MTU path discovery (1400-1500 bytes) │
│ └── Certificate chain validation │
│ │
│ 2. Runtime Monitoring │
│ ├── BFD liveness detection (100ms timers) │
│ ├── Control connection keepalives │
│ ├── OMP route convergence tracking │
│ └── Tunnel statistics trending │
│ │
│ 3. Recovery Procedures │
│ ├── Automatic tunnel re-establishment │
│ ├── Graceful restart preservation │
│ ├── Alternate path selection (AAR) │
│ └── Manual intervention runbook │
│ │
└────────────────────────────────────────────────────────────────────┘
| Attribute |
Details |
| Risk ID |
T-004 |
| Category |
Technical - Performance |
| Description |
Critical applications fail SLA after SD-WAN migration |
| Inherent Risk |
High (68/100) |
| Probability |
Medium (35%) |
| Impact |
Business impact, user complaints, productivity loss |
| Applications at Risk |
Voice (MOS), SAP (response time), Video (quality) |
Application SLA Risk Assessment:
| Application |
Current SLA |
Risk Level |
Mitigation |
| Voice/Unified Comms |
MOS >4.0 |
Medium |
AAR Real-Time class, FEC |
| SAP S/4HANA |
<2s response |
Medium |
Direct MPLS path initially |
| Video Conferencing |
1080p quality |
Low |
Dedicated bandwidth class |
| Office 365 |
<50ms latency |
Low |
Cloud OnRamp SaaS |
| Database Replication |
<25ms local |
High |
MPLS backup during migration |
AAR SLA Monitoring:
! AAR Policy for Voice Protection
policy
app-route-policy VOICE-SLA
vpn-list VOICE-VPN
sequence 10
match
dscp 46
action
sla-class REAL-TIME strict
backup-sla-preferred-color mpls
T-005: Security Vulnerability Exposure
| Attribute |
Details |
| Risk ID |
T-005 |
| Category |
Technical - Security |
| Description |
Security gaps during migration exposing network to threats |
| Inherent Risk |
High (72/100) |
| Probability |
Low (20%) |
| Impact |
Data breach, compliance violation, reputation damage |
| Exposure Window |
Migration phases 2-4 (parallel operation) |
Security Risk Factors:
| Factor |
Risk |
Mitigation |
| Dual control planes |
Medium |
Unified policy enforcement |
| Internet exposure |
High |
Enterprise firewall + UTD |
| Certificate management |
Medium |
Automated renewal, 180-day validity |
| SGT propagation gaps |
Medium |
Inline tagging validation |
| Admin access expansion |
Low |
RBAC, MFA enforcement |
Security Control Checklist:
| Control |
Required |
Status |
Owner |
| AES-256-GCM encryption |
Yes |
Planned |
Security |
| TLS 1.3 control plane |
Yes |
Planned |
Network |
| Enterprise firewall at DIA |
Yes |
Planned |
Security |
| UTD with Snort 3.0 |
Yes |
Planned |
Security |
| Umbrella DNS security |
Yes |
Planned |
Security |
| CTS inline tagging |
Yes |
Pending |
Network |
| MFA for all admin access |
Yes |
Planned |
IAM |
1.9.3 Operational Risk Assessment
O-001: Skills Gap and Training Deficiency
| Attribute |
Details |
| Risk ID |
O-001 |
| Category |
Operational - Human Resources |
| Description |
Team lacks SD-WAN expertise causing deployment/operations errors |
| Inherent Risk |
High (65/100) |
| Probability |
High (60%) |
| Impact |
Deployment delays, configuration errors, extended outages |
| Current Gap |
SD-WAN Architecture: Basic, vManage Admin: None |
Skills Gap Analysis:
| Skill Area |
Current |
Required |
Gap |
Training Need |
| SD-WAN Architecture |
Basic |
Advanced |
Critical |
ENSDWI (5 days) |
| vManage Administration |
None |
Advanced |
Critical |
Admin workshop |
| Policy Configuration |
None |
Intermediate |
Major |
Hands-on lab |
| Troubleshooting |
Basic |
Advanced |
Major |
Bootcamp |
| API/Automation |
None |
Intermediate |
Moderate |
Python/REST |
| Security Features |
Basic |
Intermediate |
Moderate |
Security focus |
Training Plan:
| Training |
Duration |
Attendees |
Timeline |
Cost |
| ENSDWI (Cisco Official) |
5 days |
4 engineers |
Week 1-2 |
$XX,XXX |
| SD-WAN Design Workshop |
3 days |
2 architects |
Week 2 |
$X,XXX |
| Operations Bootcamp |
3 days |
3 operators |
Week 3 |
$X,XXX |
| Hands-on Lab Practice |
2 weeks |
All team |
Week 3-5 |
$X |
| Total Training Investment |
|
|
|
$XX,XXX |
O-002: Change Management Failures
| Attribute |
Details |
| Risk ID |
O-002 |
| Category |
Operational - Process |
| Description |
Inadequate change control causing unplanned outages |
| Inherent Risk |
Medium (55/100) |
| Probability |
Medium (40%) |
| Impact |
Service disruption, compliance violation, audit findings |
| Root Cause |
Complex multi-domain changes, template propagation |
Change Risk Categories:
| Change Type |
Risk Level |
Approval |
Maintenance Window |
| Template modification |
High |
CAB + Architect |
Weekend |
| Policy push to production |
High |
CAB approval |
Off-hours |
| Controller upgrade |
Critical |
CAB + Management |
Scheduled outage |
| WAN Edge onboarding |
Medium |
Team lead |
Business hours |
| Routing changes |
Medium |
Architect |
Off-hours |
| Certificate renewal |
Low |
Automated |
Any time |
Change Control Process:
┌─────────────────────────────────────────────────────────────────────────────┐
│ SD-WAN CHANGE MANAGEMENT WORKFLOW │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ Request → Impact Analysis → Lab Test → CAB Review → Schedule → Execute │
│ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ Change │──▶│ Risk │──▶│ Lab │──▶│ CAB │ │
│ │ Request │ │ Assess │ │ Validate │ │ Approve │ │
│ └───────────┘ └───────────┘ └───────────┘ └───────────┘ │
│ │ │ │ │ │
│ ▼ ▼ ▼ ▼ │
│ ServiceNow Risk Matrix Test Results Meeting Minutes │
│ Ticket Document Sign-off Approval Record │
│ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ Schedule │──▶│ Execute │──▶│ Verify │──▶│ Close │ │
│ │ Window │ │ Change │ │ Testing │ │ Ticket │ │
│ └───────────┘ └───────────┘ └───────────┘ └───────────┘ │
│ │ │ │ │ │
│ ▼ ▼ ▼ ▼ │
│ Notification Runbook Health Check Post-Implementation │
│ to Users Execution Results Review │
│ │
└─────────────────────────────────────────────────────────────────────────────┘
O-003: Monitoring and Visibility Gaps
| Attribute |
Details |
| Risk ID |
O-003 |
| Category |
Operational - Observability |
| Description |
Insufficient monitoring during/after migration |
| Inherent Risk |
Medium (50/100) |
| Probability |
Medium (35%) |
| Impact |
Delayed incident detection, prolonged outages, SLA breach |
| Current State |
MPLS-focused NMS, limited SD-WAN visibility |
Monitoring Requirements:
| Layer |
Tool |
Integration |
Status |
| Controller Health |
vManage Dashboard |
Native |
Planned |
| WAN Edge Status |
vManage + SNMP |
SolarWinds |
Planned |
| Tunnel Analytics |
vAnalytics |
Native |
Planned |
| Application Performance |
ThousandEyes |
API |
Planned |
| Security Events |
Splunk SIEM |
Syslog |
Planned |
| Log Aggregation |
Splunk |
Syslog/API |
Existing |
| Alerting |
PagerDuty |
Webhook |
Existing |
Monitoring Implementation Timeline:
| Phase |
Monitoring Capability |
Target Date |
| Phase 1 |
Controller health, basic alerts |
Week 2 |
| Phase 2 |
WAN Edge monitoring, tunnel status |
Week 4 |
| Phase 3 |
Application analytics, SLA tracking |
Week 8 |
| Phase 4 |
Full observability, predictive alerts |
Week 12 |
1.9.4 Financial Risk Assessment
F-001: Cost Overrun Risk
| Attribute |
Details |
| Risk ID |
F-001 |
| Category |
Financial - Budget |
| Description |
Project exceeds approved budget of $XXX,XXX |
| Inherent Risk |
Medium (55/100) |
| Probability |
Medium (30%) |
| Impact |
Budget reallocation, project pause, scope reduction |
| Contingency |
15% reserve ($XXX,XXX) |
Budget Risk Factors:
| Factor |
Impact |
Likelihood |
Mitigation |
| Hardware price increase |
$XXK |
20% |
Lock pricing with PO |
| Additional licensing |
$XXK |
25% |
License audit upfront |
| Extended timeline |
$XXK |
35% |
Milestone tracking |
| Scope creep |
$XXK |
40% |
Change control process |
| Training overrun |
$XXK |
15% |
Fixed-price contracts |
Budget Tracking:
| Category |
Budgeted |
Risk Exposure |
Contingency |
| Hardware |
$XXX,XXX |
+$XX,XXX |
Covered |
| Licensing |
$XXX,XXX |
+$XX,XXX |
Covered |
| Professional Services |
$XX,XXX |
+$XX,XXX |
Partial |
| Training |
$XX,XXX |
+$XX,XXX |
Covered |
| Contingency |
$XXX,XXX |
-$XXX,XXX |
$XX,XXX remaining |
| Total |
$XXX,XXX |
+$XXX,XXX |
Adequate |
F-002: ROI Achievement Risk
| Attribute |
Details |
| Risk ID |
F-002 |
| Category |
Financial - Returns |
| Description |
Projected savings not realized, ROI falls below 200% |
| Inherent Risk |
Medium (48/100) |
| Probability |
Low (25%) |
| Impact |
Business case invalidation, stakeholder confidence loss |
| Target ROI |
233% (3-year) |
ROI Risk Scenarios:
| Scenario |
Probability |
3-Year Savings |
ROI |
Status |
| Best Case |
20% |
$X,XXX,XXX |
259% |
Target |
| Expected |
55% |
$X,XXX,XXX |
233% |
Baseline |
| Conservative |
20% |
$X,XXX,XXX |
188% |
Acceptable |
| Worst Case |
5% |
$X,XXX,XXX |
141% |
Below threshold |
Savings Protection Strategies:
| Strategy |
Protected Savings |
Implementation |
| MPLS cancellation schedule |
$XXX,XXX/year |
Contractual commitment |
| DIA cost negotiation |
$XX,XXX/year |
Multi-vendor quotes |
| Operational efficiency |
$XXX,XXX/year |
Automation metrics |
| Circuit optimization |
$XX,XXX/year |
Bandwidth right-sizing |
1.9.5 Organizational Risk Assessment
ORG-001: Stakeholder Resistance
| Attribute |
Details |
| Risk ID |
ORG-001 |
| Category |
Organizational - Change |
| Description |
Key stakeholders resist SD-WAN adoption |
| Inherent Risk |
Medium (50/100) |
| Probability |
Medium (30%) |
| Impact |
Delayed approvals, reduced support, project delays |
| Stakeholders |
Business units, Operations team, Security team |
Stakeholder Analysis:
| Stakeholder |
Influence |
Interest |
Current Position |
Strategy |
| CIO |
High |
High |
Champion |
Maintain support |
| IT Operations |
Medium |
High |
Neutral |
Early involvement |
| Security Team |
High |
Medium |
Skeptical |
Address concerns |
| Business Units |
Medium |
Medium |
Positive |
Communicate benefits |
| Finance |
High |
Medium |
Supportive |
ROI reporting |
Engagement Plan:
| Stakeholder Group |
Engagement Activity |
Frequency |
| Executive Sponsor |
Status briefings |
Bi-weekly |
| IT Operations |
Working sessions |
Weekly |
| Security Team |
Design reviews |
Monthly |
| Business Units |
Communication updates |
Monthly |
| All stakeholders |
Steering committee |
Monthly |
ORG-002: Resource Availability
| Attribute |
Details |
| Risk ID |
ORG-002 |
| Category |
Organizational - Resources |
| Description |
Key personnel unavailable during critical phases |
| Inherent Risk |
Medium (52/100) |
| Probability |
Medium (40%) |
| Impact |
Timeline slippage, quality reduction, knowledge gaps |
| Critical Resources |
Network architects, Security engineers, Project manager |
Resource Risk Matrix:
| Role |
Allocated |
Backup |
Risk if Unavailable |
| Lead Architect |
1 FTE |
1 backup |
High - Design delays |
| Network Engineers |
3 FTE |
2 backup |
Medium - Workload |
| Security Engineer |
1 FTE |
1 backup |
High - Compliance risk |
| Project Manager |
1 FTE |
1 backup |
Medium - Coordination |
| Operations |
2 FTE |
1 backup |
Low - Training period |
Mitigation:
- Cross-training for all critical roles
- Documentation of all decisions/designs
- Vendor professional services on retainer
- Knowledge transfer sessions weekly
1.9.6 Compliance and Regulatory Risk
C-001: PCI-DSS Compliance During Migration
| Attribute |
Details |
| Risk ID |
C-001 |
| Category |
Compliance - Regulatory |
| Description |
PCI-DSS requirements not maintained during migration |
| Inherent Risk |
High (70/100) |
| Probability |
Low (15%) |
| Impact |
Audit failure, fines, card processing suspension |
| Deadline |
PCI-DSS 4.0 compliance by March 2025 |
PCI-DSS Control Mapping:
| PCI Requirement |
SD-WAN Control |
Status |
| 1.1 Network segmentation |
Service VPN isolation |
Planned |
| 1.2 Firewall protection |
Enterprise firewall |
Planned |
| 2.1 Default password change |
Template enforcement |
Planned |
| 3.4 Data encryption |
AES-256-GCM |
Planned |
| 4.1 Transmission encryption |
IPsec tunnels |
Planned |
| 10.1 Audit logging |
Syslog to SIEM |
Planned |
| 11.2 Vulnerability scanning |
Quarterly scans |
Existing |
Compliance Timeline:
┌─────────────────────────────────────────────────────────────────────────────┐
│ PCI-DSS COMPLIANCE TIMELINE │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ Dec 2025 Jan 2026 Feb 2026 Mar 2026 │
│ │ │ │ │ │
│ ▼ ▼ ▼ ▼ │
│ ┌─────┐ ┌─────┐ ┌─────┐ ┌─────┐ │
│ │Start│ │Pilot│ │ Prod │ │Audit│ │
│ │Prep │ │ Val │ │Deploy│ │Ready│ │
│ └─────┘ └─────┘ └─────┘ └─────┘ │
│ │ │ │ │ │
│ Controls Testing Cutover QSA │
│ Design Complete Complete Review │
│ │
└─────────────────────────────────────────────────────────────────────────────┘
1.9.7 Risk Register Summary
Top 10 Risks by Priority
| Rank |
Risk ID |
Description |
Inherent |
Mitigated |
Priority |
| 1 |
T-001 |
Controller infrastructure failure |
90 |
20 |
Critical |
| 2 |
T-002 |
SD-Access integration failure |
75 |
35 |
High |
| 3 |
T-005 |
Security vulnerability exposure |
72 |
30 |
High |
| 4 |
T-003 |
Tunnel formation issues |
70 |
28 |
High |
| 5 |
C-001 |
PCI-DSS compliance gap |
70 |
25 |
High |
| 6 |
T-004 |
Application performance degradation |
68 |
32 |
Medium |
| 7 |
O-001 |
Skills gap |
65 |
30 |
Medium |
| 8 |
F-001 |
Cost overrun |
55 |
28 |
Medium |
| 9 |
O-002 |
Change management failures |
55 |
25 |
Medium |
| 10 |
ORG-002 |
Resource availability |
52 |
28 |
Medium |
Risk Heat Map
┌─────────────────────────────────────────────────────────────────────────────┐
│ RISK HEAT MAP │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ Impact │
│ ▲ │
│ │ │
│ 5 │ Critical │ │ T-001 │ │ │
│ │ │ │ │ │ │
│ 4 │ Major │ T-003 │ T-002,T-005 │ │ │
│ │ │ T-004 │ C-001 │ │ │
│ 3 │ Moderate │ F-001,O-002│ O-001 │ │ │
│ │ │ ORG-002 │ │ │ │
│ 2 │ Minor │ │ │ │ │
│ │ │ │ │ │ │
│ 1 │ Negligible │ │ │ │ │
│ │ │ │ │ │ │
│ └─────────────┴────────────┴──────────────┴────────────┴────────────▶ │
│ 1 2 3 4 5 │
│ Unlikely Possible Probable Likely Almost │
│ Certain │
│ Probability │
│ │
│ Legend: Risk before mitigation │
│ │
└─────────────────────────────────────────────────────────────────────────────┘
1.9.8 Risk Mitigation Action Plan
| Action |
Owner |
Deadline |
Status |
| Complete training enrollment |
PM |
Week 1 |
Pending |
| Order lab equipment |
Procurement |
Week 1 |
Pending |
| Establish change control board |
PM |
Week 1 |
Pending |
| Create monitoring integration plan |
Operations |
Week 2 |
Pending |
| Document rollback procedures |
Architect |
Week 2 |
Pending |
Short-term Actions (Week 3-6)
| Action |
Owner |
Deadline |
Status |
| Complete team training |
All |
Week 5 |
Pending |
| Validate lab environment |
Engineer |
Week 4 |
Pending |
| Test SD-Access integration |
Network |
Week 5 |
Pending |
| Establish monitoring baseline |
Operations |
Week 6 |
Pending |
| Conduct tabletop exercises |
Team |
Week 6 |
Pending |
Long-term Actions (Week 7+)
| Action |
Owner |
Deadline |
Status |
| Production pilot deployment |
Team |
Week 8 |
Pending |
| PCI-DSS validation |
Security |
Week 10 |
Pending |
| Full production rollout |
Team |
Week 14 |
Pending |
| Post-implementation review |
PM |
Week 16 |
Pending |
| ROI validation |
Finance |
Month 6 |
Pending |
1.9.9 Risk Governance
Risk Review Schedule
| Review Type |
Frequency |
Participants |
Focus |
| Daily standup |
Daily |
Project team |
Blockers |
| Weekly risk review |
Weekly |
PM + Leads |
New risks, status |
| Steering committee |
Bi-weekly |
Sponsors + PM |
Escalations |
| Monthly assessment |
Monthly |
Full team |
Register update |
| Quarterly audit |
Quarterly |
Internal audit |
Compliance |
Escalation Matrix
| Risk Level |
Response Time |
Escalation To |
Action |
| Critical |
< 1 hour |
CIO + Sponsor |
Emergency CAB |
| High |
< 4 hours |
IT Director |
Priority response |
| Medium |
< 24 hours |
Project Manager |
Standard process |
| Low |
< 1 week |
Team Lead |
Normal tracking |
Risk Acceptance Criteria
| Risk Score |
Decision |
Authority |
| 0-25 |
Accept |
Team Lead |
| 26-50 |
Mitigate |
Project Manager |
| 51-75 |
Transfer/Avoid |
IT Director |
| 76-100 |
Escalate |
CIO/Sponsor |
1.9.10 Contingency Planning
Rollback Triggers
| Scenario |
Trigger |
Rollback Action |
| Controller failure |
>30 min downtime |
Activate DR cluster |
| Tunnel instability |
>10% flap rate |
Revert to MPLS primary |
| Application SLA breach |
Voice MOS <3.5 |
Failback to MPLS |
| Security incident |
Active breach detected |
Isolate SD-WAN overlay |
| Compliance gap |
Audit failure imminent |
Pause migration |
Business Continuity
| Event |
Recovery Time |
Recovery Point |
Procedure |
| Single WAN Edge failure |
<1 minute |
0 |
HA failover |
| Dual WAN Edge failure |
<15 minutes |
0 |
MPLS fallback |
| Controller cluster failure |
<30 minutes |
<5 min |
DR activation |
| Complete SD-WAN failure |
<2 hours |
<15 min |
Full MPLS revert |
| Site disaster |
<4 hours |
<1 hour |
DR site activation |
1.9.11 Summary and Recommendations
Risk Assessment Summary
| Metric |
Value |
| Total risks identified |
15 |
| Critical risks |
1 |
| High risks |
4 |
| Medium risks |
8 |
| Low risks |
2 |
| Overall risk score |
47/100 (Acceptable) |
| Risk mitigation effectiveness |
55% |
Key Recommendations
- Prioritize Training: Address skills gap before production deployment
- Validate Integration: Extensive lab testing of SD-Access handoff
- Implement Monitoring Early: Full observability before production
- Maintain Rollback Capability: Keep MPLS circuits during parallel operation
- Document Everything: Runbooks, procedures, and decision records
- Engage Stakeholders: Regular communication and expectation management
Go/No-Go Risk Criteria
| Criteria |
Threshold |
Current |
Status |
| Critical risks mitigated |
All |
0/1 |
⚠️ Pending |
| Team training complete |
80% |
0% |
⚠️ Pending |
| Lab validation passed |
100% |
0% |
⚠️ Pending |
| Rollback tested |
Yes |
No |
⚠️ Pending |
| Monitoring operational |
Yes |
No |
⚠️ Pending |
| Stakeholder approval |
Yes |
No |
⚠️ Pending |
Project Risk Status: Ready to proceed with mitigation activities. 8-week readiness phase required before production deployment.
Document Revision History
| Version |
Date |
Author |
Changes |
| 1.0 |
December 2025 |
Network Architecture Team |
Initial release |
End of Section 1.9 - Risk Assessment