14.4.1 Review new and existing risk management technologies to achieve an optimal enterprise risk posture.
14.4.2 Review new and existing IT security technologies to support secure engineering across SDLC phases.
14.4.3 Continually assess effectiveness of the information system’s controls based on risk management practices and procedures.
14.4.4 Assess and evaluate system compliance with corporate policies and architectures.