Technology Risk Assessment Process
This article applies to: IT Governance, Risk, and Compliance Consultation
| Action | Description | Usual time needed |
|---|---|---|
| Complete a request form | Fill out a new request using the form in TeamDynamix. | Two to 10 minutes |
| ITSO review |
If your answers indicate a TRA is not required, you will be sent an email immediately that provides official notification that what you are purchasing does not require a TRA and the procurement of the product can proceed. Otherwise, a manager may review the request (usually within two business days). If the manager determines a TRA is not required, you will receive an email with that decision. That email would also serve as official notification to proceed with procurement. |
Immediate for clearly non-required cases. Two days when review is needed. |
| ITSO engineer conducts assessment | When an ITSO manager determines a TRA is required, a Security Engineer will be assigned to work on the TRA, usually within two business days. | Two to three weeks. |
| Submit purchase | Attach the approval to proceed and/or the TRA Report document to the “I Want” document when you submit for purchasing. |
Comments?
To share feedback about this page or request support, log in with your NetID