One of the biggest source of IT security risk is from custom code, whether from adapted applications or from custom integrations. In-house development do not often use rigorous secure coding practices found in commercial software development. IT project risks include security risks such as coding practice, data security, access control, product architecture, and deployment architecture. Other types of projects risks can include disaster, back up and recovery, availability, vendor, support, legal and license. Not understanding these project risks can lead to project delays, cost overrun, vulnerabilities, privacy breaches, and unplanned system downtime.
Agiliance RiskVision provides an IT program management office an integrated platform to manage IT project risks. RiskVision's flexible collaboration and workflow engines enforce processes for project planning, documentation, risk assessment, review, and approval. In case exceptions are required, RiskVision manages the full exception lifecycle, including request, risk assessment, initial approval, and subsequent periodic re-approval. RiskVision makes it simple to collaborate among program offices, project teams, architecture, security and standards review boards, operations, procurement, finance, and management.