The Risk Management Association has developed a new Technology Risk Framework that addresses the historical gaps in the understanding and applicability of technology-driven risks. The framework, developed by RMA’s Technology Risk Committee, is scalable based on the size and complexity of an institution and its needs.
The Framework allows risk managers to identify, assess, and manage technology risks across four broad categories: confidentiality; integrity; availability; and value delivery.
“It’s critical to take a fresh look at your approach to technology risk by tying confidentiality, integrity, availability, and value delivery into your overarching risk structure to ensure holistic coverage across the organization,” said Erika Crandall, Chief Compliance Officer & Head of Risk, Reserve Trust. Crandall will speak about the new Technology Risk Framework at GCOR XIV, which will launch as a virtual conference on July 14.
“The Technology Risk Framework is an important addition to the broader set of frameworks and tools developed by RMA’s Operational Risk Council and ERM Council over the past year, which include cyber risk metrics; Principles of Ethical Conduct; and Operational Risk, Emerging Risk, Strategic Risk, and Reputational Risk frameworks,” said Edward J. DeMarco Jr., RMA’s Chief Administrative Officer and General Counsel.
RMA members can view the full framework here.