Risk Based Assurance & Acceptance (RBAA) involves focusing all members of the delivery team and every activity involved in the delivery process on the product risks (derived from the business risks).  Risk is driven from business impact (how much will this hurt if it goes wrong?), but the trigger of these business risks is often a fault in the delivered product. In order to address the risk to the correct degree (mitigation) the analysis of risk must include the likelihood factor for the risk occurring (how likely is it that there will be a fault in this part of the system).  Through risk identification and analysis the risk information is processed and consolidated in order to make it meaningful to each member of the project delivery team. All parties are aware of the risks and how they are impacted, from requirements capture, through the architectural design and development activities as well as the testing function.  The risk information is used to produce a risk profile for the system, which allows each party to understand the risk hierarchy within their area and focus the correct amount of effort on producing the item and measuring it. This process allows an understanding of the relative importance of all system artefacts produced throughout the delivery process. The system risk profile can be represented diagrammatically and is a re-usable artefact making impact analysis for subsequent product releases easier to quantify in terms of product risk.