Chapter 6 of 12

Chapter 6: Risk Identification and Mitigation

The Business Risk Mapper and Pre-Mortem exercise.

What You'll Learn By the end of this chapter, you'll know how to map and categorize business risks, use the Pre-Mortem technique to uncover hidden threats, and understand critical data governance requirements.

Risk is Inevitable. Unmanaged Risk is Fatal.

Every startup faces risks. The difference between success and failure is whether you identify and mitigate them before they become crises.

The Business Risk Mapper categorizes threats so you can prioritize what to address. Not all risks are equal—some will kill you, others are just noise.

The Four Risk Categories

Market Risk

"Nobody wants this."

Mitigated by: Validation in Playbook 02. Evidence of demand.

Product Risk

"We can't build this."

Mitigated by: Technical feasibility assessment. Capability audit.

Financial Risk

"We run out of money."

Mitigated by: Unit economics. Burn scenarios. Fundraising.

Team Risk

"We implode."

Mitigated by: Culture alignment. Clear roles. Agreements.

The Risk Matrix

Use a standard Probability × Impact Matrix to score and prioritize risks:

Red Zone

Score 15-25

Existential threats. Proceeding unmitigated is negligence. Must address before building.

Yellow Zone

Score 6-12

Strategic threats. Must be monitored and planned for. Have contingencies ready.

Green Zone

Score 1-5

Operational noise. Acceptable risks. Don't over-engineer mitigations.

How to Calculate Risk Score

Risk Score = Probability (1-5) × Impact (1-5)

Probability: 1 = Unlikely, 3 = Possible, 5 = Almost Certain
Impact: 1 = Minor annoyance, 3 = Significant setback, 5 = Company-ending

The Pre-Mortem Exercise

The Pre-Mortem is a powerful psychological tool to uncover hidden risks that people are reluctant to voice.

The Prompt

"It is 2 years in the future and the company has completely failed. What caused this?"

This reframing allows team members to voice doubts they would otherwise suppress. Run this exercise with your co-founders and early team.

Common Pre-Mortem findings:

"We built a feature, not a product."
"We depended on a single API that got deprecated."
"A competitor with deep pockets gave it away for free."

"The founders had a falling out over equity."
"We couldn't hire fast enough to meet demand."
"Regulations changed and made our model illegal."

Data Risk: The New 5th Pillar

For AI companies, data risk is now on par with market risk. It's not just about compliance; it's about survival.

Data Poisoning

If your training data is flawed, biased, or copyrighted, your model is a liability. Audit your data supply chain as rigorously as your financial accounts.

Prompt Injection / Leakage

Users will try to trick your AI into revealing system instructions or sensitive data. Implement "Guardrail" layers before the model sees user input.

Data Governance Risks

With GDPR, CCPA, and emerging AI regulations, data privacy is a feasibility constraint—not an afterthought.

Requirement	The Question	Feasibility Impact
Right to Forget	Can we technically delete all traces of user data?	Difficult in AI models and blockchain; may require architecture redesign
Data Residency	Does our architecture support EU data storage?	Multi-region infrastructure has cost implications
Consent Management	Can we track and honor consent preferences?	Requires purpose-built systems; retrofitting is expensive

The Retrofitting Trap If your architecture cannot support these requirements, it must be refactored before the MVP build. Retrofitting privacy compliance costs 10x more than building it in from the start.

What You Walk Away With

Risk Inventory

Comprehensive list of threats categorized by type

Risk Matrix

Prioritized view of what to address first

Pre-Mortem Insights

Hidden risks surfaced before they become problems

Compliance Checklist

Data governance requirements mapped

Save Your Progress

Create a free account to save your reading progress, bookmark chapters, and unlock Playbooks 04-08 (MVP, Launch, Growth & Funding).

Create Free Account

Ch 5: Operational Feasibility Ch 7: Lean Canvas v2

Works Cited & Recommended Reading

Unit Economics & Financial Modeling

1. Validated Learning Techniques | Lean Startup Guide. LeanPivot.ai
2. Startup Financial Forecasting: The 9 Most Costly Mistakes. FinroFCA
3. Financial Modeling for Startups: A Strategic Tool for Success. Kruze Consulting
4. Why early-stage startups should wait to calculate LTV:CAC. For Entrepreneurs
5. The 3:1 LTV:CAC Rule is Wrong for Most Startups. Reddit r/Entrepreneur
6. 4 reasons why LTV/CAC is not a great metric for early startups. Growth Eng Blog

SaaS Metrics & Benchmarks

7. SaaS Trends 2025-2026: 25 Definitive Trends Shaping the Industry. Modall
8. The Great SaaS Price Surge of 2025: A Comprehensive Breakdown. SaaStr
9. SaaS gross margin explained: What it is, and why it's important. Stripe
10. SaaS Gross Margin Benchmarks and How To Increase Yours. Lighter Capital
11. 2025 SaaS Churn Rate: Benchmarks, Formulas and Calculator. Vena Solutions
12. How to Compare CAC Benchmarks by Industry. Phoenix Strategy Group
13. How I Calculate the CAC Payback Period. The SaaS CFO
14. The Rule Of 40: How To Calculate And Use It For SaaS. CloudZero

Pricing Strategy & Research

15. What Is A Hybrid Revenue Model? Definition, Types, Benefits. Marketplacer
16. How To Use The Van Westendorp Price Sensitivity Meter. SurveyMonkey
17. How To Price Your Product: Van Westendorp Pricing Model. Forbes
18. Van Westendorp Price Optimization Using LimeSurvey. LimeSurvey
19. Using Conjoint Analysis for Pricing Research. Qualtrics
20. Understanding Conjoint Analysis in Market Research. LimeSurvey

AI Costs & Unit Economics

21. AI Pricing: How Much Does AI Cost in 2025? Monetizely
22. The Best Cheapest AI Inference Services of 2025. SiliconFlow
23. Welcome to LLMflation - LLM inference cost is going down fast. Andreessen Horowitz
24. Avoiding The Looming AI Unit Economics Crisis. Moreland Connect
25. Beyond Benchmarks: The Economics of AI Inference. arXiv

Burn Rate & Cash Management

26. What is burn rate? What startups need to know. Stripe
27. The Bill Gurley Chronicles: VCs, Marketplaces, and Early-Stage Investing. Macro Ops

Feasibility & Risk Assessment

29. AI Project Feasibility Checker. LaSoft
30. Technical Feasibility Study & Risk Assessment Framework. Incurvo
31. Startup feasibility: How to know if my startup idea is good. Business Model Hacking
32. Startup Evaluation Checklist: Essential Investment Criteria. Qubit Capital
33. What Is a Risk Matrix? [+Template]. Atlassian
34. How to Run Pre-Mortem Exercises [Templates Included]. Atlassian

Regulatory & Compliance

35. EU AI Act Compliance Checker. EU AI Act
36. President Trump Signs EO to Stop State Regulation of AI. Ogletree
37. Executive Order Limiting State Power to Regulate AI. K&L Gates
38. How 2025 state legislative sessions grew the AI patchwork. Engine
39. CCPA Requirements 2026: Complete Compliance Guide. Secure Privacy

Templates & Frameworks

40. Free Lean Canvas Template. Atlassian Confluence
41. Free Startup Financial Model Template: Excel/Sheets Download. Zeni AI

Note: Some links may contain affiliate referrals. We only recommend resources we genuinely find valuable for startup founders.

Turn Theory Into Action

Evaluate your revenue models and cost structure with the LeanPivot AI tool suite.

Start Free Today

We value your privacy