Organizations are highly dependent on technology to process the information. It is for this reason the technology in place must be assessed for risks and a mitigation plan must be developed. While IT Risk Management provides a framework, technology risk assessment is done with the emphasis on finding risks related to technology.
INFOGISTIC’s approach for technology risk management takes input from numerous best practices. Some of the best practices include NIST SP 800, DISA and CIS. Some of the activities performed in the TRA include secure configurations review of hardware & software, network design review etc.