Technology Assessment Recognition Framework

The Technology Assessment Recognition Framework (TARF) by the MDIA is a tiered framework designed to provide varying degrees of recognition to a wide range of technologies, from emerging to traditional, aligning with international standards and industry best practices.

TARF is scalable, allowing seamless integration of new technologies. It is targeted towards owners or operators of technology solutions, who want to assess and obtain recognition for their technology-related controls.

TARF’s official recognition aims to provide varying degrees of confidence for stakeholders like Lead Authorities, investors, developers, suppliers, end-users, and the public. The framework is flexible, allowing applicants to choose what they wishto be assessed against, with different assessment levels building upon each other for higher trust levels.

TARF’s Four Assessment Levels:

Level 0 – Self-Assessment (sector-specific).

Level 1 – Technology Sandbox.

Level 2 – Technology Review.

Level 3 – Technology Assurance.

Technology Domains

While TARF can be applied to any software-based technological solution, it is also able to focus on specific technology domains:

• Cloud Computing
• Internet of Things (IoT)
• Artificial Intelligence (AI)
• Distributed Ledger Technologies (DLT)

Aligned with International Standards

TARF monitors controls to stay aligned with international information security frameworks, including:

• Accountability
• Availability
• Confidentiality
• Integrity
• Privacy

Official Recognition by the MDIA

The MDIA provides official recognition depending on the Assessment Levels undertaken:

• Acknowledgment: Denotes participation at TARF Level 0 (Self-Assessment).
• Mark of Credit: Verifies Technology Review at TARF Level 1 or 2.
• Certification: Provided for technology solutions that successfully undergo a TARF Level 3 assessment.