Local install
Server runs on localhost. Browser opens to 127.0.0.1:8000. No outbound network calls in normal operation. Best for sensitive schemes and IT environments where data must not leave the machine. Mac and Windows supported.
Risk Studio runs on your hardware by default. No cloud upload, no SaaS dependency, no third‑party seeing your schedules unless you explicitly choose otherwise. Three deployment options, written for procurement and IT teams.
Server runs on localhost. Browser opens to 127.0.0.1:8000. No outbound network calls in normal operation. Best for sensitive schemes and IT environments where data must not leave the machine. Mac and Windows supported.
We help you provision Risk Studio into your Azure subscription. Your IT team holds the keys, manages the identities, and controls network egress. SOMA never has standing access to the environment.
Published HTML dashboards on a custom subdomain. Read‑only public URLs (or signed‑access if you prefer). The reports never include source data — only computed outputs (S‑curves, tornados, P‑values, narrative).
Local‑first means most customers' data never leaves their machine.
| Question | Answer |
|---|---|
| What data we process | XER schedule files, risk register CSVs / Excel sheets, correlation matrices, Safran exports (when you use Safran alongside Risk Studio), and the configuration files Risk Studio writes per scheme. |
| Where it lives | By default, in a local directory on your machine. Under BYO‑Azure, in storage you provision under your subscription. Under SOMA‑managed, in a UK‑region cloud environment under a signed data‑processing agreement. |
| What we send back to SOMA | Nothing, unless you opt in to anonymous usage telemetry — and that's off by default. The only outbound network call Risk Studio ever makes is the licence check against our HMAC‑signed entitlement endpoint, which carries only a hashed licence identifier. |
| Encryption at rest | Filesystem‑level via your OS — we recommend FileVault on macOS, BitLocker on Windows. For BYO‑Azure, choose Azure‑managed keys or your own Customer‑Managed Key (CMK). For SOMA‑managed, Azure‑managed keys by default. |
| Encryption in transit | Shareable cloud reports served over HTTPS with TLS 1.2+. Local install talks to localhost only — no transit. BYO‑Azure inherits your tenancy's network policies. |
| Data retention & deletion | You control retention on local install and BYO‑Azure deployments. For SOMA‑managed environments and shareable cloud reports, default retention is the contracted term plus six months for audit; we delete on written request inside thirty days at any other point. |
Honest status — we don't bluff certifications we haven't earned.
Formal certifications are on our roadmap; current status is available on request when you scope the engagement.
SOMA Project Controls acts as a data processor when running schemes on your behalf. A standard DPA template is available on request and signed at engagement start. We've designed Risk Studio so that for the local install case, no personal data flows to SOMA at all — the simplest defensible posture is the default.
If we discover a security issue affecting Risk Studio — whether it's a vulnerability we've patched, a third‑party advisory we've inherited, or an active incident — we notify customers within one working day. We tell you what we know, what we're doing, and when you'll next hear from us.
Reporting a security issue: hello@somaprojectcontrols.com with the subject prefix [SECURITY]. We acknowledge receipt within four working hours during UK business hours and start a triage within one working day. Coordinated disclosure: we will not publish details until you (the affected customer) have had a reasonable window to update.
A signed, dated security summary covering deployment options, certification status, the DPA template, and the incident response path. Drop into your procurement pack as is.