Risk Analysis is foreseeing the issues which could arise during the later stages of the software life cycle. Definitely at very first time it is difficult to analyze and comes with experience only but there are some risks which can be foreseen by analyzing the requirements closely and identifying the gaps there. Sometimes may happen that the gaps identified are not addressed by the client due some boundations like schedule, but at least that will be known and we can foresee the risk in future due to that.
Based on my experience here are few examples of risks which we had identified and added in the plan-
1. Frequent and enormous requirement changes
2. Requirements/changes not communicated quickly
3. Additional time taken by build and deployment activities
4. Frequent re-occurrence of issues
5. Too much shrinking of test schedule may result in not covering all the test scenarios
6. As the data testing will be carried out for sample data, there could be un-covered bugs (mostly data calculation bugs) in the non-tested data set
I know these are very high level and generic but I think should be helpful to initiate with.
Get back in case of further questions/suggestions on the same.