Risk Management in Technology RMiT

Bank Negara Malaysia issued the Risk Management in Technology policy document (RMiT) on July 18, 2019, which sets out Bank Negara’s requirements regarding financial institutions’ management of technology risk. The policy came into effect on January 1, 2020, and covered implementing a comprehensive technology risk management framework. The policy applies regardless of whether the financial institution operates the data center themselves or working with an outsourcing partner.


To begin working towards compliance, it’s important to first figure out what regulations or laws you need to comply with.


Start by determining what your organization’s most critical security flaws are. 


Having policies and procedures in place to mitigate risk is crucial for both compliance and safety. Conduct automated and continuous tests to make sure you stay compliant.

The security challenges of RMiT

Holm Security VMP (Vulnerability Management Platform) protects your organization by detecting vulnerabilities before any malicious individual or organization does. The platform includes vulnerability management for networks and websites, risk analyses for social engineering, and various tools that facilitate continuous safety work.


Cyber security operations

Our platform scans the following aspects of the cyber-attack life cycle:

  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and control
Cyber response and recovery

Holm Security VMP allows for automated procedures following the requirements in order to ease the process of governance of critical infrastructure, clear reporting of known threats as well as fixed cyber security risks. Escalation procedures can be automated and integrated.

Patch and end-of-life system management

Holm Security VMP can provide crucial information regarding patch information, EOL, and security vulnerabilities in network systems and web applications.

Control measures on cyber security

Holm Security VMP allows for automated security testing to be conducted scheduled and on-demand. Automated monitoring tools allow for the identification of configuration and rule changes.

Security Operations Center

Holm Security VMP is a vulnerability management tool that can be integrated with SOC’s as well as other protection systems.

Internal awareness and training

Holm Security VMP gives organizations the ability to continuously train and educate staff on proactive cyber security measures as well as providing awareness tools based on user behavior