Software Risk Management

Harbinger is a provider of ICT and software risk management services including

  • software validation and verification services
  • software escrow services
  • ICT operational risk management servces.
  • ICT agreement auditing

We are specialists with expertise in the latest best practice technology, legal and escrow developments. We are available to audit your existing ICT governance practices and operational risks to provide advice on where improvements can be found that will reduce or mitigate your risk profile.

Our audit services are available throughout Australia, New Zealand and south east Asia. We have a history that extends back to 1989 and have undertaken audit programs for some of Australia's and the world's leading companies.

We provide robust, rigorous, scientific and independent services that; combined with our practical solutions, will significantly lower your business's risk.

How does Harbinger propose to help manage our ICT operational risk?

Step 1: Determine how many mission-critical software applications currently running within your organisation are subject to software license agreements or managed service agreements and therefore constitute technology and/or intellectual property beyond your control.

Step 2: Determine whether software and managed service agreements provide for software source code escrow.

If source code escrow is provided for then;

  • has it been implemented
  • will it ensure business continuity in the event of a release event or condition
  • does it include a regular regime for verifying that the escrow lodgements are complete, correct and usable in the event of a release
  • is the vendor compliant with the agreement and are being actively monitored.
  • do the terms and conditions of the escrow agreement meet modern escrow practices
  • is the agreement governed by local law

If the software and managed service agreements do not provide for escrow we negotiate on your behalf to ensure that your software vendor to vary the agreement t allow for escrow to be included.

Step 3: Make modification recommendations for your organisations:

  • software and managed services agreement templates
  • procurement processes and minimum requirements

Step 4: Provide a summary report of your organisations software operational risk profile.

This process is an excellent means you protect your business, ensure corporate compliance and meet regulations (such as Sarbanes Oxley 404). It will repair existing weaknesses in your model and enable you to take better control of future negotiations with mission critical software and service providers. 

To discuss your ICT and software risk audit requirements, please call one of our specialists on +61 3 9618 2000.

Further information: