# MAS TRM — Technology Risk Management Framework > Draft and validate the Technology Risk Management framework for MAS-regulated financial institutions. Covers governance, IT resilience, cyber security, data loss prevention, and technology audit per MAS TRM Guidelines (2021). Tags: Singapore, MAS, Technology Risk, Financial Services, Compliance ## Example Prompts - Draft our MAS TRM framework covering board oversight and IT resilience - Check our TRM document for MAS TRM Guidelines coverage - Add penetration testing cadence and third-party outsourcing risk to our TRM URL: https://rakenne.app/skills/sg-mas-trm-risk-framework/index.md Try this skill: https://rakenne.app/a/?skill=sg-mas-trm-risk-framework ## Overview Draft and validate the Technology Risk Management framework for MAS-regulated financial institutions. Covers governance, IT resilience, cyber security, data loss prevention, and technology audit per MAS TRM Guidelines (2021). ## Example Conversation > **You:** We need a TRM framework for our MAS-regulated entity. Cover board oversight, IT resilience with RTO/RPO, and penetration testing cadence. > **Agent:** I'll draft the TRM framework using the template and MAS TRM Guidelines checklist, then run `mas_trm_coverage_checker` to verify coverage. > **Agent:** Created `trm-framework.md`. Running `mas_trm_coverage_checker`... > **Agent:** **FAIL** — missing third-party and cloud outsourcing risk assessment, and penetration testing cadence. I've added those sections. Re-running... > **Agent:** **PASS** — all TRM domains are addressed. The document is ready for board or MAS review. ## What the Tools Validate **`mas_trm_coverage_checker`** scans the TRM framework document: - **Domains:** Board/senior management governance, technology risk management, IT resilience (RTO/RPO), cyber security, data governance (DLP, classification), third-party/cloud outsourcing risk. - **Rule:** Document must reference each domain; RTO/RPO and penetration testing cadence must be stated. - **Output:** PASS if all domains and requirements are present; FAIL with a list of missing or weak areas. Add content and re-run until PASS. ## Output Excerpt **TRM framework (excerpt):** ```markdown ## 3. IT resilience - System availability targets: 99.5% for core banking. - RTO: 4 hours; RPO: 1 hour for critical systems. - Penetration testing: annual, with scope covering internet-facing and internal segments. ``` **mas_trm_coverage_checker report (excerpt):** ``` === MAS TRM COVERAGE CHECKER === Result: PASS Document: trm-framework.md Domains with coverage: governance, trm, resilience, cyber, data, third_party All required areas addressed. No gaps: framework meets MAS TRM coverage expectations. ``` ## Getting Started Add your source materials to the project workspace, then activate the *MAS TRM — Technology Risk Management Framework* skill. The agent will guide you through the process step by step. --- Back to [Skill Library](https://rakenne.app/skills/index.md)