Technology risk is not just the risk that the software does not perform as desired. Technology risk includes the following:
- general control failures – mostly focused on inappropriate access to hardware and/or software, network failures, resource issues, etc.
- application control failures – focused on software failures, improper use of data by the software, processing irregularities, back-up failures, etc.,
- wrong data definitions used by various users,
- system implementation failures – implementation management, testing, inaccurate/incomplete business requirements, poor integrations with other up/down stream systems, etc.,
- too many or uncontrolled EUCs performing operational system capabilities,
- privacy controls not in compliance,
- Cyber risks involving “system or data attacks”, system hacking, downloading viruses, “phishing”, other unauthorized access to a Company’s applications and/or data.
Hilltop’s CISA and Cyber auditors can assist your Company with designing, implementing and testing a technology controls framework that will help prevent, detect and monitor possible technology risks.