Computer implemented systems and methods for assessing operational risks and mitigating operational risks associated with using a third party software component in a software application
First Claim
1. A method for automatically assessing operational risks and mitigating operational risks associated with using a software component in a software application,comprising:
- accessing software components comprising the software application;
responsive to accessing the software components, receiving software component characteristic information about each software component of the software components, including information about a characteristic of the software component that is related to an operational risk associated with using the software component in the software application, wherein the software component characteristic information comprises software currency information, software consistency information, software security information, software license type information and software version information;
determining that a third party software component of the software components is approved for use in the software application based on the software component characteristic information;
generating operational risk assessment information using one or more rules and based on the software component characteristic information;
outputting the operational risk assessment information requiring that the third party software component be upgraded; and
generating operational risk mitigation information based on the operational risk assessment information, and including information that prioritizes the third party software component for upgrade over at least another software component of the software components,wherein at least one step of the method is performed by a processor.
9 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are disclosed for automatically assessing and mitigating operational risks associated with using a software component in a software application. As a part of a method, one or more software components of the software application is accessed and software component characteristic information is received about each of the one or more software components, responsive to the accessing. The software component characteristic information includes information about a characteristic of a software component that is related to an operational risk associated with using the software component in the software application. Responsive to receiving the software component characteristic information, and based on the software component characteristic information, operational risk assessment information is generated using one or more rules. The generated operational risk assessment information is outputted where at least one step of the method is performed by a processor.
86 Citations
12 Claims
-
1. A method for automatically assessing operational risks and mitigating operational risks associated with using a software component in a software application,
comprising: -
accessing software components comprising the software application; responsive to accessing the software components, receiving software component characteristic information about each software component of the software components, including information about a characteristic of the software component that is related to an operational risk associated with using the software component in the software application, wherein the software component characteristic information comprises software currency information, software consistency information, software security information, software license type information and software version information; determining that a third party software component of the software components is approved for use in the software application based on the software component characteristic information; generating operational risk assessment information using one or more rules and based on the software component characteristic information; outputting the operational risk assessment information requiring that the third party software component be upgraded; and generating operational risk mitigation information based on the operational risk assessment information, and including information that prioritizes the third party software component for upgrade over at least another software component of the software components, wherein at least one step of the method is performed by a processor. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product for automatically assessing operational risks and mitigating operational risks associated with using a software component in a software application, the computer program product comprising a non-transitory computer-readable storage medium having program instructions stored thereon, which when executed by at least one processor, cause the at least one processor to perform a method comprising:
-
accessing software components comprising the software application; responsive to accessing the software components, receiving software component characteristic information about each software component of the software components, including information about a characteristic of the software component that is related to an operational risk associated with using the software component in the software application, wherein the software component characteristic information comprises software currency information, software consistency information, software security information, software license type information and software version information; determining that a third party software component of the software components is approved for use in the software application based on the software component characteristic information; generating operational risk assessment information using one or more rules and based on the software component characteristic information; outputting the operational risk assessment information requiring that the third party software component be upgraded; and generating operational risk mitigation information based on the operational risk assessment information, and including information that prioritizes the third party software component for upgrade over at least another software component of the software components, wherein at least one step of the method is performed by a processor. - View Dependent Claims (6, 7, 8)
-
-
9. A computer implemented system for automatically assessing operational risks and mitigating operational risks associated with using a software component in a software application, the system comprising:
-
at least one processor; and at least one memory storing computer program code, wherein the at least one memory and stored computer program code are configured, with the at least one processor, to cause the system to at least; access software components comprising the software application; responsive to accessing the software components, receive software component characteristic information about each software component of the software components, including information about a characteristic of the software component that is related to an operational risk associated with using the software component in the software application, wherein the software component characteristic information comprises software currency information, software consistency information, software security information, software license type information and software version information; determine that a third party software component of the software components is approved for use in the software application based on the software component characteristic information; generate operational risk assessment information using one or more rules and based on the software component characteristic information; output the operational risk assessment information requiring that the third party software component be upgraded; and generate operational risk mitigation information based on the operational risk assessment information, and including information that prioritizes the third party software component for upgrade over at least another software component of the software components, wherein at least one step of the method is performed by a processor. - View Dependent Claims (10, 11, 12)
-
Specification