HoliRisk ScreenshotOrganizations always have internal and external factors that can pose a risk to the achievement of their objectives. Risk management is the field responsible for defining and managing controls, and policies, to address those risks that affect valuable assets. Risk management can be useful in several different contexts. It can be applied in an entire organization, a specific department or area, or even a specific function, project or activity. This diversity of contexts also results in one of the main problems of the field where efforts operate in silos with narrowly focused, functionally driven, and disjointed risk management activities. As consequence, organizations are faced with a fragmented view of risks, with different languages, parameterizations, and metrics that lead to highly complex specific-built solutions that cannot be reuse. This document describes the conceptual design of the HoliRisk - a flexible generic framework to support the steps of risk assessment, which was designed taking in consideration the principles from ISO31000.


This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Find at opensourceprojects.eu

Go to HoliRisk's page on opensourceprojects.eu for more details about requirements, interaction and source code by following the link above.

How to install HoliRisk

  1. If you just want to use the tool:
    1.1. Install a Java Servlet Container like Apache Tomcat or Jetty in your Windows or Linux machine;
    1.2. Download both .WAR files in the Binaries section;
    1.3. Open each of these files and change the configurations to your liking (file in "\WEB-INF\classes\gui.properties");
    1.4. Deploy each file in the chosen servlet container and access the Tool through the web browser.
  2. If you want to change the source code and then use the tool:
    2.1. Checkout the source code from the Git page;
    2.2. Download and install Apache Maven;
    2.3. Run the maven package command for each of the two projects in Git. This will create 2 separate .WAR files;
    2.4. Do steps 1.3 and 1.4.

Learn more about Holirisk in the videos below.

Back to Risk Tools