This paper, featuring Gartner research and related content from CAST, delivers recommendations to successfully execute a lightweight, sustainable portfolio analysis that improves overall software risk management, whether applications are managed in-house or by vendors.