Filetype Power Point PPTX | Posted on 30 Aug 2022 | 4 years ago
Authentication
digital resources
391x Filetype PPTX File size 0.91 MB
MDIA and Technology Assurances
• One of the main functions of the Malta Digital Innovation Authority is
that of providing technology assurances certification.
• The MDIA licenses Systems Auditors – entities which have the capacity to
provide technical audits.
• The MDIA provides guidelines as to what is required for the provision of
certification (control objectives to be audited, and other legal/technological
requirements).
• Technology developers and/or providers may apply for certification by
undergoing a technical audit by a licensed Systems Audit.
• Certification caters for Innovative Technology Arrangements (ITAs),
currently covering DLT-based systems, AI and critical systems.
• Certification is on a voluntary basis unless mandated by the lead
authority in the application domain (gaming, financial services,
environment, etc.).
• Recognised certification is intended to be a mark of quality
providing user and investor assurances.
MDIA Technology Assurance Sandbox
• A technology-centric and not regulatory sandbox – risk is
technological in nature, not operational.
• Aims to promote technology assurances by providing a gradual
process, supporting:
• ITAs in which the technology is still in a state of development by
allowing for gradual assessment.
• Innovative technologies with inherent risks which may benefit
from gradual operational deployment.
• Startups by allowing for technology assessment costs to be
spread.
• Sandbox residency allows for gradual technology assessment,
deployment of technology, and oversight.
• Based on the principle of proportionality, scaling with the level
of technological risk.
Technology Assurance Sandbox: The Benefits
• Safe development environment for solutions based on
innovative technologies.
• Align solutions to established control objectives based on
International standards and guidelines.
• Independent technical assessments by a MDIA-approved
domain experts.
• Technological Assurances through functional correctness and
sound technological best practices and international standards.
• Legal certainty through uncompromised due diligence
process, appointment of a Technical Officer and Forensic
Node.
• A mark of quality, providing user and investor assurances.
• In line with forthcoming EU regulation.
The Sandbox Process
n
o
g i
n y n t
i s c a a
d s n l c
r e i e p fi
a c o e o i
n i d d n n t i t
o o io st t r i o r o g n i t s r
b r s a a s t a t n s o a s e
s e l i x c
n p r u o e s u st w t l w fi e c
e e l r s E i c
r t b R e g e e t a e t l
O p a l l o i i e i r o l
x In v n i e i x l n e r
E f g 0 p v i i v C p u
E O M R M E F
o e e m e n F
n n e r r e r
The Onboarding Process
• Becoming a resident of the MDIA-TAS requires:
• Sandbox blueprint describing the technology (existing
and planned), functional specifications and analysis
technology risks.
• Residency plan providing a reporting plan (what will be
reported to MDIA and when) and milestones at which
additional assessment will be required. This must include
an exit plan.
• Business plan covering the technology which will be in the
MDIA-TAS.
• MDIA will evaluate these documents against published
criteria.
no reviews yet
Please Login to review.
