Probability
Impact
| Very Low | Low | Moderate | High | Very High | |
|---|---|---|---|---|---|
| Very High | T3, T4, L1 | T6, L2 | C3, C4 | ||
| High | T1, C7 | C6 | |||
| Moderate | C5 | T8 | C1, C8, T7 | ||
| Low | C2, T5 | C10, T2 | |||
| Very Low | C9 |
Addressing The Risks
Customer Risks
| ID | Description | Mitigations |
|---|---|---|
| C1 | Student finds the tutor to be unhelpful | Support of a rating system that indicates this to other customers. Refund money based on circumstances (Business takes a loss). |
| C2 | Prospective tutors faking their qualifications | Require students to upload their official transcript in PDF format for qualification analysis. This file needs to contain the university's digital signature so not just any any PDF transcript will be considered valid. |
| C3 | Shortage of tutors | Give small bonuses to tutors for limited time to grow tutor market (Business takes a loss). |
| C4 | Shortage of tutees | Give free sessions to new members, and give loyalty-free sessions for a certain number of usages (Business takes a loss). |
| C5 | The tutee/tutor leaves a false negative review and/or rating | Withhold ratings and reviews until both users involved agree that the ratings are justified. Give users the ability to challenge ratings/reviews and require explanations for poor ratings/reviews. |
| C6 | Users misuse the application; use app maliciously | Create a terms of service agreement, and blacklist individuals who violate the service agreement. |
| C7 | Identity theft. Non-users impersonate users and/or users impersonate other users. | Implement a means authenticating users each time they navigate to a window from outside of the app back into some window inside of the app. This is similar to online banking application methods. Implement a "handshake" agreement where users must confirm their scheduled meeting at the start time. |
| C8 | Tutor/Tutee doesn't show up to their meeting | Payment is preallocated. Some deposit is required. Tutors and tutees are both rated, and if one or the other doesn't show up to the meeting then they will receive poor ratings. |
| C9 | Users try to book overlapping sessions | Only allow users to book appointments for times they do not currently have any session scheduled. This applies to both tutees and tutors. |
| C10 | Tutors are not adequately prepared to engage with tutees via web conferencing | Alert users of the minimum requirements for web conference meetings upon selecting 'web conferencing' as a tutoring preference. |
Technical Risks
| ID | Description | Mitigations |
|---|---|---|
| T1 | Transaction failure. Payment is not received. | Integrate usage of a 3rd party API designed to handle e-transactions. |
| T2 | Difficulty automating the process of reading a submitted transcript | Define reusable code for the general case, and optimize as more information is discovered. |
| T3 | Database server failure | Use reliable servers maintained by large corporations (i.e. Google's Firebase). |
| T4 | Security breach | Define known security features to prevent unauthorized access. |
| T5 | Some android phones not being able to run application. | Define minimum SDK for weaker hardware phones, and define normal SDK for standard phones. |
| T6 | Network server failure | Server redundancy. |
| T7 | Pay-rate algorithm does not compute competitive rates for tutors. | Determine a base pay that will increase/decrease due to various factors. Compare the pay-rates of similarly rated tutors who tutor the same courses. |
| T8 | Web-conferencing meeting does not get set up properly. | Schedule events with a Google Hangouts meet on the user's Google Calendar using well-documented Google API's. |
Legal Risks
| ID | Description | Mitigations |
|---|---|---|
| L1 | Possible violation of The Family Education Rights and Privacy Act (FERPA). | Have students explicitly agree to terms of service where they agree to disclose their grades. Transcripts are discarded after eligibility is determined. |
| L2 | User base uses application for illegal activities | Define explicitly in terms of service that illegal activities will not be tolerated and any such action will be reported to law enforcement. |