TRICORP supports the risk management process, from policy formulation to implementation and management of security measures. Risk is determined by considering the likelihood that known threats will exploit vulnerabilities and the impact they have on valuable assets. A security risk assessment identifies, assesses, and implements key security controls in applications. It also focuses on preventing application security defects and vulnerabilities.