Skip to main content

Risk Register

:::info Source Sourced from services/delivery-service/SERVICE_RISK_REGISTER.md in the documentation repo. :::

ID	Risk	Sev	Impact	Mitigation	Owner
R-DL-01	AI tutor hallucination at learner surface	S1	Wrong answers; regulatory exposure	RAG over course context; refusal UX; quarterly accuracy eval; red-team corpus	Delivery + AI Services
R-DL-02	Offline bundle tamper bypass	S1	Content piracy + progress forgery	Mount-time SHA + JWS + license verify; tamper event; device trust revoke	Delivery + Content + Security
R-DL-03	Cross-tenant session resume	S1	Data leak (another tenant's progress)	Enrollment check on start/resume; tenant iso test; session.tid invariant	Delivery
R-DL-04	Statement loss (network blip mid-session)	S2	Progress regression; compliance data loss	Client statements outbox 7-day; idempotency; server dedup	Delivery + Progress
R-DL-05	SCORM cmi.* tracking mismatch	S2	LMS-mode courses show wrong progress	SCORM adapter; conformance in CI; fixture courses	Delivery + Content
R-DL-06	AI tutor PII leak to provider	S1	Privacy + contract breach	AI gateway pre-call PII redaction; no-train flag	AI Services + Delivery
R-DL-07	Local AI model too large for low-end Android	S2	App fails to launch / crashes	Model quantized; fallback to cloud-only mode; device-class detection	Delivery + AI Services
R-DL-08	Revocation during active session	S3	Learner frustration	Graceful unmount; save progress; clear UI message	Delivery
R-DL-09	Clock skew on offline device → license expiry bugs	S3	False license-expired refusals	Server-time embedded in bundle; elapsed-time-based expiry check	Delivery + Content
R-DL-10	Session abandonment timeout too aggressive	S4	Legitimate pauses count as abandon	60-min default; tenant-configurable; grace resume ≤ 1h	Delivery + Product
R-DL-11	xAPI statement schema drift	S2	LRS rejects statements	Schema registry + CI validation; Pact with progress	Delivery + Progress
R-DL-12	Navigation cursor race across devices	S2	Learner resumes at wrong block	Vector-clock + LWW on cursor; UI shows sync state	Delivery + Sync
R-DL-13	Branching scenario infinite loop	S3	Learner stuck	DAG validation at publish; max depth 50 per scenario	Delivery + Authoring
R-DL-14	LTI 1.3 platform key validation miss	S2	External LMS impersonation	LTI Advantage validation; per-launch nonce; platform key pinning	Delivery + Security
R-DL-15	GDPR erasure — session data	S1	Incomplete erasure	Participate in saga; delete sessions, tutor turns, offline-mount records	Compliance + Delivery

Governance

Weekly: Delivery + AI Services + Content leads review.
AI tutor regressions gate each release; red-team corpus updated quarterly.

Governance