CISOBot - Your AI CISO Assistant

TDA-17

Unsupported Technology Assets, Applications and/or Services (TAAS)

Weight: 10/10

Description

Mechanisms exist to prevent unsupported Technology Assets, Applications and/or Services (TAAS) by: (1) Removing and/or replacing TAAS when support for the components is no longer available from the developer, vendor or manufacturer; and (2) Requiring justification and documented approval for the continued use of unsupported TAAS required to satisfy mission/business needs.

Control Question

Does the organization prevent unsupported Technology Assets, Applications and/or Services (TAAS) by: (1) Removing and/or replacing TAAS when support for the components is no longer available from the developer, vendor or manufacturer; and (2) Requiring justification and documented approval for the continued use of unsupported TAAS required to satisfy mission/business needs?

Control Metadata

Domain:

Technology Development & Acquisition

Validation Cadence:

Annual

Evidence Request List:

E-AST-09

Framework Mappings

This control maps to the following compliance frameworks

MAS TRM

7.3.17.3.27.3.3

HKIA GL20

4.14.24.36.16.2

Have questions about this control?

Ask CISOBot for implementation guidance and best practices