About to remove unused files

docs/estimating/Risk-First-Analysis.md

@@ -152,7 +152,7 @@ On the face of it, it's clear why the Sales Team might feel annoyed - there is a
 
 ![Fixing The Build, v2](/img/generated/estimating/planner/ci-impact-2.svg)
 
-The above diagram models that.  Fixing the CI Pipeline is now implicated in reducing [Staff Risk](/tags/Staff-Risk), [Coordination Risk](/tags/Coordination-Risk) and [Funding Risk](/tags/Funding-Risk) for the whole business and therefore seems like it might have a better [Expected Return](/tags/Expected-Return).
+The above diagram models that.  Fixing the CI Pipeline is now implicated in reducing [Agency Risk](/tags/Agency-Risk), [Coordination Risk](/tags/Coordination-Risk) and [Funding Risk](/tags/Funding-Risk) for the whole business and therefore seems like it might have a better [Expected Return](/tags/Expected-Return).
 
 ## Judgement
 

docs/practices/Deployment-And-Operations/Release.md

@@ -22,13 +22,15 @@ practice:
      reason: "Delivering features might mean you get paid for the software you write."
   attendant:
    - tag: Schedule Risk
-     reason: "Delays in the release process can impact overall project timelines."
+     reason: "Delays in the release process can impact overall project time-lines."
    - tag: Operational Risk
      reason: "Releasing software means that the software has to be supported in production."
    - tag: Process Risk
      reason: "Complex release procedures are a source of process risk."
    - tag: Reliability Risk
      reason: "Releases can introduce discontinuities in software service if not managed well."
+   - tag: Reputational Risk
+     reason: "Poor release management can destroy reputation and good-will." 
    - tag: Legal Risk  
      reason: Publishing or releasing code may involve licensing, Intellectual Property, Liability or other legal compliance."
   related:

docs/practices/External-Relations/Marketing.md

@@ -17,6 +17,8 @@ practice:
      reason: "Promotes the software to reach potential customers and increase market share."
    - tag: Communication Risk
      reason: "Facilitates communication of the product's value proposition to the target audience."
+   - tag: Reputational Risk
+     reason: "Good communication and product marketing can help solidify good reputation."
   attendant:
    - tag: Funding Risk
      reason: "Marketing campaigns can be expensive."

docs/practices/External-Relations/Outsourcing.md

@@ -13,7 +13,7 @@ practice:
    - "External Hiring"
    - "Third-Party Development"
   mitigates:
-   - tag: Staff Risk
+   - tag: Agency Risk
      reason: "Accesses external resources and skills that may not be available internally."
    - tag: Funding Risk
      reason: "Can be cost-effective by leveraging economies of scale."

docs/practices/External-Relations/Sales.md

@@ -20,8 +20,8 @@ practice:
    - tag: Communication Risk
      reason: "Facilitates direct communication with potential customers to understand their needs."
   attendant:
-   - tag: Staff Risk
-     reason: "Requires a dedicated sales team and resources."
+   - tag: Agency Risk
+     reason: "Probably requires a dedicated sales team and resources."
    - tag: Funding Risk
      reason: "Sales activities can incur significant costs."
    - tag: Deadline Risk

docs/practices/Planning-And-Management/Estimating.md

@@ -17,7 +17,7 @@ practice:
      reason: "Provides realistic timelines helps hit important deadlines."
    - tag: Funding Risk
      reason: "Accurate estimation helps in securing and managing funding."
-   - tag: Staff Risk
+   - tag: Agency Risk
      reason: "Helps in planning and managing staff usage effectively."
   attendant:
    - tag: Schedule Risk

docs/practices/Planning-And-Management/Issue-Management.md

@@ -22,7 +22,7 @@ practice:
      reason: "Provides a systematic approach to managing and addressing operational issues."
    - tag: Communication Risk
      reason: "Facilitates communication about issues and their status among team members."
-   - tag: Trust and Belief Risk
+   - tag: Reputational Risk
      reason: "Tracking and fixing bugs improves software reputation."
    - tag: Security Risk
      reason: "Track and Prioritise Security Issues and Incidents."

docs/practices/Testing-and-Quality-Assurance/Security-Testing.md

@@ -12,20 +12,23 @@ practice:
    - "Penetration Testing"
    - "Vulnerability Testing"
    - "Security Assessment"
+   - "Security Hardening"
   mitigates:
    - tag: Security Risk
      reason: "Identifies and addresses vulnerabilities in the software."
    - tag: Operational Risk
      reason: "Ensures the software can withstand security threats and attacks."
    - tag: Contextual Risk
      reason: "Helps ensure compliance with security standards and regulations."
+   - tag: Agency Risk
+     reason: "Make sure that agents don't exercise unwarranted control over resources."
   attendant:
    - tag: Schedule Risk
      reason: "Security testing can be time-consuming, impacting schedules."
    - tag: Complexity Risk
      reason: "Requires specialized skills and tools, adding complexity."
-   - tag: Staff Risk
-     reason: "Requires security experts."
+   - tag: Agency Risk
+     reason: "Likely requires security experts with specialist skills."
   related:
    - ../Development-and-Coding/Coding
    - ../Testing-and-Quality-Assurance/Performance-Testing

docs/presentations/AgileVsOpenSource/index.md

@@ -280,9 +280,9 @@ hide_table_of_contents: true
                 <img src="/img/presentations/AgileVsOpenSource/images/images.015.jpg" alt="Image of slide number 15" />
             </div>
             <div class="slide-notes">
-                      <p>But there’s a big problem with that Open Feedback loop.  Because it doesn’t properly involve money, it’s not well-funded.   So, there’s a big worry in Open Source which is nicely explained by this XKCD comic.  The worry is Staff Risk - that you have some dependency on a piece of software that is maintained invisibly by some critical person.  </p>
+                      <p>But there’s a big problem with that Open Feedback loop.  Because it doesn’t properly involve money, it’s not well-funded.   So, there’s a big worry in Open Source which is nicely explained by this XKCD comic.  The worry is Agency Risk - that you have some dependency on a piece of software that is maintained invisibly by some critical person.  </p>
 
-      <p>A lot of Open Source is funded by that guy in Nebraska.  It’s a personal project, done for the love of it, or through personal necessity.  The problem with that is the Staff Risk - by depending on this piece of software -no matter how good it is- you are also depending on the team maintaining it, to a certain extent.</p>
+      <p>A lot of Open Source is funded by that guy in Nebraska.  It’s a personal project, done for the love of it, or through personal necessity.  The problem with that is the Agency Risk - by depending on this piece of software -no matter how good it is- you are also depending on the team maintaining it, to a certain extent.</p>
 
       <p>If there were more money in the system, there might be a bigger team of people involved in that one supporting project.</p>
 

docs/risks/Communication-Risks/Communication-Risk.md

@@ -11,7 +11,6 @@ tags:
  - Communication Risk
  - Risks
  - Internal Model Risk
- - Trust And Belief Risk
 tweet: yes
 part_of: Operational Risk
 ---

docs/risks/Coordination-Risk/A-Model-Of-Coordination-Risk.md

@@ -1,6 +1,8 @@
 ---
 title: A Model Of Coordination Risk
 sidebar_position: 1
+tags:
+  - Coordination Risk
 ---
 
 ## A Model Of Coordination Risk

docs/risks/Coordination-Risk/CAP-Theorem.md

@@ -1,6 +1,8 @@
 ---
 title: CAP Theorem
 sidebar_position: 3
+tags:
+  - Coordination Risk
 ---
 
 Imagine talking to a distributed database, where your request (_read_ or _write_) can be handled by one of many agents.

docs/risks/Coordination-Risk/Decision-Making.md

@@ -1,6 +1,8 @@
 ---
 title: Decision Making
 sidebar_position: 2
+tags:
+  - Coordination Risk
 ---
 
 Within a team, [Coordination Risk](/tags/Coordination-Risk) is at its core about resolving [Internal Model](/tags/Internal-Model) conflicts in order that everyone can agree on a [Goal](/tags/Goal) and cooperate on getting it done.  Therefore, [Coordination Risk](/tags/Coordination-Risk) is worse on projects with more members, and worse in organisations with more staff.  

docs/risks/Dependency-Risks/Agency-Risk/Agency-Risk.md

@@ -24,6 +24,11 @@ part_of: Dependency Risks
 
 Coordinating a team is difficult enough when everyone on the team has a single [Goal](/tags/Goal).  But other people and organisations you might be involved with have their own goals too.  Sometimes their goals harmlessly co-exist with yours, other times they don't.   Even the software systems we employ can often have goals that run counter to our own.
 
+In software development, we're not lending each other money, but we _are_ being paid by the project sponsor, so they are assuming [Agency Risk](/tags/Agency-Risk) by employing us.  
+
+[Agency Risk](/tags/Agency-Risk) doesn't just apply to people: it can apply to _running software_ or _whole teams_  - anything which has agency over its actions.  
+
+> "Agency is the capacity of an actor to act in a given environment... Agency may either be classified as unconscious, involuntary behaviour, or purposeful, goal directed activity (intentional action). " - [Agency, _Wikipedia_](https://en.wikipedia.org/wiki/Agency_(philosophy)) 
 
 In this section, we are going to take a closer look at how [Agency Risk](/tags/Agency-Risk) arises, in particular we will:
 

docs/risks/Dependency-Risks/Agency-Risk/Agency-Risk-For-Software-Developers.md → docs/risks/Dependency-Risks/Agency-Risk/Human-Agency-Risk.md

@@ -1,15 +1,9 @@
-
-
-## Agency In Software Development
-
-In software development, we're not lending each other money, but we _are_ being paid by the project sponsor, so they are assuming [Agency Risk](/tags/Agency-Risk) by employing us.  
-
-[Agency Risk](/tags/Agency-Risk) doesn't just apply to people: it can apply to _running software_ or _whole teams_  - anything which has agency over its actions.  
-
-> "Agency is the capacity of an actor to act in a given environment... Agency may either be classified as unconscious, involuntary behaviour, or purposeful, goal directed activity (intentional action). " - [Agency, _Wikipedia_](https://en.wikipedia.org/wiki/Agency_(philosophy)) 
-  
-
-## A Model For Agency Risk  
+---
+title: Agency Risk in People
+sidebar_position: 2
+tags:
+  - Agency Risk
+---
 
 ![Goal Hierarchy](/img/generated/risks/agency/hierarchy.svg)
 
@@ -20,12 +14,14 @@ The model above helps us explain the principal-agent problem:  when faced with t
  - will help their friends and colleagues every day, but perhaps fail to give to charities helping people in far worse conditions.
  - love their pets (who they consider in the _immediate family_ group) but eat other animals (somewhere off the bottom).
  - why people can be fiercely _nationalistic_ and tribal (supporting the goals of the third level) and also be against _immigration_ (helping people in the fourth level).
-
+
+## Agency Risk Threats
+
 [Agency Risk](/tags/Agency-Risk) clearly includes the behaviour of [Bad Actors](https://en.wiktionary.org/wiki/bad_actor) but is not limited to them:  there are various "shades of grey" involved.  We can often understand and sympathise with the decisions agents make based on an understanding of this hierarchy.   
 
 **NB:** Don't get hung up on the fact the diagram only has four levels.  You might want to add other levels in their depending on your personal circumstances.  The take-away is that there is a hierarchy at all, and that at the top, the people/things we care about _most_ are few in number.
 
-## Agency Risk In Software Development
+### 1. Crunches
 
 We shouldn't expect people on a project to sacrifice their personal lives for the success of the project, right?  Except that ["Crunch Time"](https://en.wikipedia.org/wiki/Video_game_developer#"Crunch_time") is exactly how some software companies work:
 
@@ -37,7 +33,7 @@ People taking time off, going to funerals, looking after sick relatives and so o
 
 Where an agent _excessively_ prioritises their own goals over the group we term this selfishness or perhaps nepotism.  Conversely, putting the tribe's or the team's needs over your own is _heroism_.
 
-### The Hero
+### 2. The Hero
 
 > "The one who stays later than the others is a hero. " - [Hero Culture, _Ward's Wiki_](https://wiki.c2.com/?HeroCulture)
 
@@ -52,27 +48,27 @@ Sometimes projects don't get done without heroes.  But other times, the hero has
 
 A team _can_ make use of heroism but it's a double-edged sword.  The hero can become [a bottleneck](/tags/Coordination-Risk) to work getting done and because they want to solve all the problems themselves, they [under-communicate](/tags/Communication-Risk).  
 
-### CV Building
+### 3. CV Building
 
 CV Building is when someone decides that the project needs a dose of "Some Technology X", but in actual fact, this is either completely unhelpful to the project (incurring large amounts of [Complexity Risk](/tags/Complexity-Risk)), or merely a poor alternative to something else.  
 
 It's very easy to spot CV building:  look for choices of technology that are incongruently complex compared to the problem they solve and then challenge by suggesting a simpler alternative.
 
-### Devil Makes Work
+### 4. Devil Makes Work
 
 Heroes can be useful, but _underused_ project members are a nightmare.   The problem is, people who are not fully occupied begin to worry that actually the team would be better off without them, and then wonder if their jobs are at risk.
 
 Even if they don't worry about their jobs, sometimes they need ways to stave off _boredom_.  The solution to this is "busy-work":  finding tasks that, at first sight, look useful, and then delivering them in an over-elaborate way that'll keep them occupied.  This is also known as [_Gold Plating_](https://en.wikipedia.org/wiki/Gold_plating_(software_engineering)).  This will leave you with more [Complexity Risk](/tags/Complexity-Risk) than you had in the first place. 
 
-### Pet Projects
+### 5. Pet Projects
 
 > "A project, activity or goal pursued as a personal favourite, rather than because it is generally accepted as necessary or important."  - [Pet Project, _Wiktionary_](https://www.wordnik.com/words/pet%20project)
 
 Sometimes budget-holders have projects they value more than others without reference to the value placed on them by the business.  Perhaps the project has a goal that aligns closely with the budget holder's passions, or it's related to work they were previously responsible for.  
 
 Working on a pet project usually means you get lots of attention (and more than enough budget), but it can fall apart very quickly under scrutiny.
 
-### Morale Failure
+### 6. Morale Failure
 
 ![Morale Failure](/img/generated/risks/agency/morale.svg)
 
@@ -85,8 +81,7 @@ Sometimes the morale of the team or individuals within it dips, leading to lack
  - **The goal isn't sufficiently worthy**, or the team doesn't feel sufficiently valued.
 
 
-
-### Teams
+## Agency Risk For Teams
 
 [Agency Risk](/tags/Agency-Risk) applies to _whole teams_ too.  It's perfectly possible that a team within an organisation develops [Goals](/tags/Goal) that don't align with those of the overall organisation.  For example: