ESS Security and Secure exchange of information Expert Group (E4SEG) DIME/ITDG SG ESS IT Security Framework Pascal Jacques ESTAT B2 Local Security Officer.

Slides:



Advertisements
Similar presentations
Cooperation Framework for Member States under ESS VIP SIMSTAT ESSnet Workshop, Rome Dec Georges Pongas (slides by Mushtaq Hussain)
Advertisements

Eurostat Coverage of Security Issues Pascal Jacques ESTAT B0 Local Informatics Security Officer.
NEXT Lessons Learned from Integrated Regulatory Review Service (IRRS) 22 nd and 23 rd January 2014, Brussels Fernando Franco, Spanish Nuclear.
Quality assurance activities at EUROSTAT CCSA Conference Helsinki, 6-7 May 2010 Martina Hahn, Eurostat.
Joanna Fiedler Enlargement and Neighbouring Countries Unit DG Environment European Commission REReP → RENA Vision of the European Commission PEIP Regional.
Eurostat ESS Security and Secure exchange of information Working Group (E4SWG) ITDG – Item 4 Security progress and issues Pascal Jacques ESTAT B0 Local.
ESS Vision 2020 Strategic Risk Management Risk Mitigation Involvement of the DIME-ITDG DIME-ITDG Steering Group – item 07 Luxembourg,
Eurostat ESS Security and Secure exchange of information Expert Group (E4SWG) Report of the activity of the Task Force in 2015 Pascal Jacques ESTAT B0.
Eurostat ESS.VIP.SERV – sharing statistical services in the ESS Gergely Koevesd, Eurostat (B3) DIME/ITDG Steering committee 18 November
ESDEN - modernisation of data exchange in the ESS
Item 5: Vision 2020 Implementation paper – version 1.1 DIME/ITDG Steering Group – item 05 Meeting of 18 November 2015 BECH B2/404.
Item 5 of the Agenda of the DIME/ITDG SG 24 February 2015 ESS EA TF : Progress report Enterprise Architecture Reference Framework (ESS EA RF)
Agenda item 5 ESS Vision 2020: other activities DIGICOM and SIMSTAT DIME-ITDG joint plenary Luxembourg,
Eurostat Standardisation DIME-ITDG 2015 Item 6 DIME-ITDG February
Strategic approach to national implementation programmes for SEEA by UNSD Sixth Meeting United Nations Committee of Experts on Environmental Economic Accounting.
From Intrastat to SIMSTAT and ESS.VIP Programme ESTAT Walter Radermacher.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 32 – Financial Control Bilateral screening:
ISO 9001 Quality Management System implementation experience in the Agency on Statistics of the Republic of Kazakhstan (ASRK) Zhasser Jarkinbayev, ASRK.
Audit of predetermined objectives
ESS Vision 2020 Recent developments Addressing the skill gaps
Implementing the ESS Vision 2020
ESS Vision 2020 Implementation
TurkStat's experience with the preparation for the peer review in 2015
SISAI STATISTICAL INFORMATION SYSTEMS ARCHITECTURE AND INTEGRATION
Annual Statistical Programme 2016
ESS Security Survey ESTAT LISO – B0.
GBV survey: progress EUROSTAT 20 March 2018.
Overview of the ESS quality framework and context
22 February, ITDG/DIME Item 2 – Progress and deployment
ESS Vision 2020 Resource Directors Group – June 2015
The ESS.VIP Programme: an update
ESSnet Projects Pascal JACQUES Unit/B5 Methodology and research
ESS Security and Secure exchange of information Expert Group (E4SEG) nd EG Meeting Agenda Pascal Jacques ESTAT B2 Local Security Officer.
ESS Vision 2020: ESS.VIP Validation
Updated Inventory of national practices
ESS Security and Secure exchange of information Expert Group (E4SEG) DIME/ITDG Item 8 ESS Security Assurance Pascal Jacques ESTAT B2 Local Security Officer.
9. Quality and Experimental data
Item 8 Cost assessment survey of production of statistics in the ESS
Opinions after the 24/25 February 2016 Plenary
Item 3 of the draft agenda ESS.VIP ADMIN: progress report
Assessment of Quality in Statistics GLOBAL ASSESSMENTS, PEER REVIEWS AND SECTOR REVIEWS IN THE ENLARGEMENT AND ENP COUNTRIES Mirela Kadic, Project Manager.
High level seminar on the implementation of the
CORA ESSNet COmmon Reference Architecture starting ...
Draft Methodology for impact analysis of ESS.VIP Projects
Peer reviews DIME/ITDG Steering Group 15 February 2019 Claudia Junker
Commission Activities Eurostat : Latest developments
ESS Vision 2020 Recent developments
Point 6. Eurostat plans for Time Use Survey data processing and dissemination Working Group on Time Use Surveys 10 April 2013.
Meeting of the Directors of Social Statistics
Conclusions of the seminar
Working Group on Statistical Confidentiality Item 3 of the Agenda
Steering Committee June 8th, 2016
Morbidity statistics Item 10 of the agenda
Item 8 Revision of the European Statistics Code of Practice
ESS Resource Directors Group Luxembourg
ESS Security and Secure exchange of information Expert Group (E4SEG) Item 1 of the agenda IT security assurance DIME/ITDG SG Meeting London 15/2/20189.
Policy Group on Statistical Cooperation October 2013, Skopje
Implementing the “Vision” within the ESS
The New Biogeographic Process General info – December 2011
IT security assurance – 2018 and beyond Item 2 of the agenda DIME/ITDG Steering Group June 2018 Pascal JACQUES ESTAT B2/LISO.
EUnetHTA Assembly May 2018.
15. Report from the Quality WG
Item 2.2 of the agenda IT Working Group meeting 2016
"Experience with the peer reviews, successes and things to change for next reviews" Delina Ibrahimaj, Albania.
DSC Contract Management Committee Meeting
Item 11 Preliminary results of the second phase of the Cost analysis of European Statistics (by products) in the ESS Walter Sura, A.2 – Strategy and.
Task Force Peer reviews and quality Eurostat
Implementing the “Vision” within ESS
RDG TF Cooperation models – Action Plan Progress report
Presentation transcript:

ESS Security and Secure exchange of information Expert Group (E4SEG) DIME/ITDG SG ESS IT Security Framework Pascal Jacques ESTAT B2 Local Security Officer

The Context Core Principles for the exchange of confidential business data endorsed by ESSC in February 2016 "Exchange of confidential data takes place only when confidentiality and information security meet the highest standards". all ESS members to take the necessary regulatory, administrative, technical and organizational measures to ensure the physical and logical protection of confidential data following agreed common confidentiality standards

The Context common information security standards (IT, organizational and physical elements) shall be established and their implementation should be regularly monitored a system of monitoring has to be developed and implemented covering ESS members(NSIs, ONAs (Other National Authorities) and Eurostat

VISION 2020 - Mitigating risks of microdata exchange Build trustworthiness between ESS Members by: Common Security Framework Security Assurance Reporting compliance to ESSC Scope: management and exchange of microdata between Member States on a mandatory basis

ESS IT Security Framework (1) 1. Introduction document context/scope 2. Risk analysis focussing on management & storage of microdata transfer of confidential statistical information based on ESTAT data classification

ESS IT Security Framework (2) 3. IT security controls Based on ISO27K:2013 entry pack : 96 out of 114 controls selected with 213 sub-controls Level 1 : 105 controls Level 2 : Full ISO27K – 114 controls 4. Guidelines for implementing controls evidences to be provided. 5. Self-assessment excel sheet with compliance scoring to Entry Pack

Assurance mechanism (1) Self-assessment compiled by all ESS members June-August 2016. To help ESS measure their compliance level Results to be provided to ESTAT To inform November ESSC on IT Security landscape in the ESS Assurance mechanism Self-managed and financed certification mechanism - Conclusions of audit analysed and validated/endorsed by central ESS certification service;

Assurance mechanism (2) Central ESS certification service selected through an Open Call for Tender 29 ESS members to conduct audit ESTAT Included For ONAs, NSIs should act as intermediary Applies to ESS members and service providers (contractors, private cloud provider, etc.) Multiple interactions will be needed between central certification service and ESS members. Audit details and artefacts remain confidential – Summary of certification process submitted to ESSC annually

Capacity Building grants ESTAT to provide support to MS To improve their IT security level To ensure compliance to ESS IT Security Entry Pack Mono-beneficiary grants Organised in 2 steps First group of ESS members to be supported in 2017 for audit in 2018 Second group of ESS members to be supported in 2018 for audit in 2019

Roadmap (1) Present and discuss the ESS IT security framework. DIME_ITDG Steering Group 18/11/2015 Working Group Statistical Confidentiality 1/12/2015 12th SIMSTAT TF Meeting 9-10/2/2016 DIME/ITDG 24-25/2/2016 ESTAT IT Advisory Committee 26/2/2016 ESTAT DM 8/3/2016 VIG 14/3/2016 ESSC 18/5/2016 ITWG 26/5/2016 DIME/ITDG SG 28/6/2016 February 2016 - ESSC endorses Core Principles May 2016 – ESSC endorses IT security framework 6th June 2016 - launch ESS Self-Assessment exercise

Roadmap (2) 31th August 2016 – Receive Self-assessment and prepare analysis June 2016 - Launch call for tender for Central Certification Service September 2016 – Launch of 1st Call for proposals for mono-beneficiary grants : Capacity Building Grants to start early 2017 End 2016 Report to ESSC on ESS security level ESSC Endorsement of IT security assurance mechanism 2017 - Certification mechanism ESS countries phase 1 June 2017 – Launch of 2nd Call for proposals for mono-beneficiary grants : Capacity Building Grants to start early 2018 2018 - Certification mechanism ESS countries phase 2 2019 - Certification mechanism ESS countries phase 3 End of 2017, 2018, 2019: Reporting progress to ESSC 2020-2022 - Restart cycle of certification mechanism

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.