Skip to main content

Technology Risk Assessment Process

This article applies to: Security Risk Assessment

If you've already purchased...
We recommend that you still submit a TRA request. This can help you identify risks that need to be addressed in your deployment and implementation of the software.
Action Description Usual time needed
Complete a request form Fill out a new request using the form on the ITSO’s SharePoint site. Two to 10 minutes
ITSO review

If your answers indicate a TRA is not required, you will be sent an email immediately that provides official notification that what you are purchasing does not require a TRA and the procurement of the product can proceed. Otherwise, a manager may review the request (usually within two business days). If the manager determines a TRA is not required, you will receive an email with that decision. That email would also serve as official notification to proceed with procurement.

Immediate for clearly non-required cases. Two days when review is needed.
ITSO engineer conducts assessment When an ITSO manager determines a TRA is required, a Security Engineer will be assigned to work on the TRA, usually within two business days.   Two to three weeks.
Submit purchase Attach the approval to proceed and/or the TRA Report document to the “I Want” document when you submit for purchasing.

About this Article

Last updated: 

Monday, January 28, 2019 - 1:43pm

Was this page helpful?

Your feedback helps improve the site.