This paper proposes an integrated threat management framework to improve outcomes of software projects. Current best practice prescribes risk management and issue management to control threats. However, these processes cover only part of the spectrum of uncertainty. A broader framework of threat management is proposed that integrates issue management, risk management and crisis management. Case examples and steps to transition beyond risk management are also provided. Implications for research and practice are discussed. The framework provides a basis to extend efforts in research and practice to improve the capability of organizations to manage uncertainty and improve project results.