Filetype Power Point PPTX | Posted on 01 Sep 2022 | 4 years ago
Authentication
digital resources
381x Filetype PPTX File size 1.11 MB Source: ec.europa.eu
The Context
• Core Principles for the exchange of confidential
business data endorsed by ESSC in February 2016
• "Exchange of confidential data takes place only when
confidentiality and information security meet the highest
standards".
• all ESS members to take the necessary regulatory,
administrative, technical and organizational measures to
ensure the physical and logical protection of confidential data
following agreed common confidentiality standards
Eurostat
Eurostat
The Context
• common information security standards (IT,
organizational and physical elements) shall be
established and their implementation should be
regularly monitored
• a system of monitoring has to be developed and
implemented covering ESS members(NSIs, ONAs (Other
National Authorities) and Eurostat
Eurostat
Eurostat
VISION 2020 - Mitigating risks of
microdata exchange
• Build trustworthiness between ESS
Members by:
Common Security Framework
Security Assurance
Reporting compliance to ESSC
• Scope:
management and exchange of microdata
between Member States on a mandatory
basis
Eurostat
Eurostat
ESS IT Security Framework (1)
• 1. Introduction document
• context/scope
• 2. Risk analysis
• focussing on
• management & storage of microdata
• transfer of confidential statistical information
•
based on ESTAT data classification
Eurostat
Eurostat
ESS IT Security Framework (2)
• 3. IT security controls
• Based on ISO27K:2013
• entry pack : 96 out of 114 controls selected with
213 sub-controls
• Level 1 : 105 controls
• Level 2 : Full ISO27K – 114 controls
• 4. Guidelines for implementing controls
• evidences to be provided.
• 5. Self-assessment
• excel sheet with compliance scoring to Entry Pack
Eurostat
Eurostat
no reviews yet
Please Login to review.
