Application risk assessments (ROS)¶
Before deploying any application to nais, the team owning the application must conduct a risk assessment (ROS) in the TryggNok tool (NAV internal link). This risk assessment should be kept reasonably up-to-date through the lifetime of the application.
When conducting the risk assessment, any assumptions about underlying component risks can be verified by checking the Platform risk assessments. These may also be referred to in the application risk assessment.
For details about the ROS process, see the ROS documentation (NAV internal link).