Wipro Limited
SYSTEM AND METHOD FOR MANAGING SECURITY RISK OF INFORMATION TECHNOLOGY SYSTEMS IN AN ENTERPRISE

Abstract:

The disclosure relates to system and method for managing security risk of information technology (IT) systems in an enterprise. The method includes determining valid trustware components that need to be evaluated for security risk of an IT system within the enterprise; correlating information associated with each of the valid trustware components in a set of data repositories; generating a mapping list comprising the valid trustware components, test cases corresponding to each of the valid trustware components, and test environments corresponding to each of the valid trustware components based on the correlation; triggering trustware security units for testing the valid trustware components based on the mapping list; and identifying security issues associated with the valid trustware components based on the testing. The trustware security units are arranged in a sequential manner or a parallel manner to align with execution of the test cases corresponding to each of the valid trustware components.