Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio.

Slides:

Advertisements

Similar presentations

Existing tools for cooperation – WG 2 1 Regional Policy Dialogue Capacity building seminars WORKING GROUP MEETINGS HIGH LEVEL SEMINAR SERIES 4 working.

Advertisements

MICS4 Survey Design Workshop Multiple Indicator Cluster Surveys Survey Design Workshop The MICS4 Process.

Estonian public sector quality award pilot project 2003 Learning state agency Karin Närep Ministry of Finance of Estonia Rome 2003 Rahandusministeerium.

THE COUNCIL OF EUROPE and the Information Society Council of Europe Summit (May 2005), Action Plan on e-democracy: "We will also take initiatives so that.

INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.

STATSKONTORET Accessibility in ICT Procurement Clas Thorén Swedish Agency for Administrative Development.

CIPE ECONOMIC REFORM ROUNDTABLE : PRESENTATION GUIDELINES Date : June 19 th - 21 st, 2008 M. Majdi HASSEN,The IACE (Institut Arabe des Chefs d’Entreprises)

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

SDMX – AN OECD PERSPECTIVE Paul Schreyer OECD CCSA Special Session, September 2014 Rome.

Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.

The European Railway Agency in development

World Class Standards Standards Mandate M 376 – Phase 2 European public procurement of accessible ICT Mandate M European Accessibility requirements.

2010 ・ 3 ・ 4 Manabu ETO. Standardization Education in Japan The standardization education in Japanese universities and postgraduate schools had depended.

Continuing education initiatives for the Italian Civil Servants Continuing education initiatives for the Italian Civil Servants the role of eLearning Continuing.

INTRODUCTION TO PLANNING OUTLINE CAPACITY DEVELOPMENT TO IMPLEMENT CDM IN VIETNAM Dr. Bui Huy Phung National Centre for Natural Science & Technology Mr.

Critical Role of ICT in Parliament Fulfill legislative, oversight, and representative responsibilities Achieve the goals of transparency, openness, accessibility,

ISMMMO, Antalya April Internal Audit, Best Practices Özlem Aykaç, CIA,CCSA CAE Coca-Cola İçecek.

September SAFETY GROUPS PROGRAM SAFETY GROUPS PROGRAM 2008 Element Requirements.

NATIONAL AGENCY FOR VOCATIONAL EDUCATION AND TRAINING, BULGARIA The 4th meeting of the SEEVET-Net July, 2011 Chisinau, Moldova.

EHR Systems Use and Quality in EHR Systems Use and Quality in Italy EHR Systems Quality Labelling and Certification November 2011, Belgrade.

EQARF Applying EQARF Framework and Guidelines to the Development and Testing of Eduplan.

An Enabling Policy Framework for Public Libraries Group 1 Process towards Developing National Policy Facilitator: Richard Atuti & Carol Priestley Rapporteur:

Federal Aviation Administration Federal Aviation Administration 1 Presentation to: Name: Date: Federal Aviation Administration AMHS Security Security Sub-Group.

COMMITTEE FOR CO-OPERATIVES AND NPO SECTORS OF ICAI. The Institute of Chartered Accountants of India (Set up by an Act of Parliament) New Delhi.

VSS to implement strategies and use of VSS training tools 1.

The Global Centre for Information and Communication Technologies in Parliament 14 June 2006 V Legislative XML Workshop Towards European Standards for Legislative.

1 UNDECLARED WORK IN CROATIA Executive Capacity of Governance and Underground Economy: The Case of Croatia Zagrebl, September 1, 2015.

Wireless networking and VoIP strategies for the public sector Dr. Eng. Emilio Frezza CNIPA Centro Nazionale per l’Informatica nella Pubblica Amministrazione.

ICT Standards and Guidelines The Structure of the Project Akram Najjar CNSI – Senior Consultant Director of InfoConsult.

INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.

How to use the VSS to design a National Strategy for the Development of Statistics (NSDS) 1.

Governance Survey Conducted by the Palestinian Central Bureau of Statistics (PCBS) Presented to Workshop on Governance Assessments for Accountable Politics.

Assessing The Development Needs of the Statistical System NSDS Workshop, Trinidad and Tobago, July 27-29, 2009 Presented by Barbados.

The ten-year framework of the Global Centre for ICT in Parliament ECPRD Working Group on ICT Annual Meeting November 2010 Bucharest,

MINISTRY OF SOCIAL AFFAIRS AND HEALTH 1 The Finnish National Electronic Patient Record Archive

10/19/2015 / 1 Electronic Commerce Branch UNCTAD - United Nations Conference on Trade and Development Dr. Susanne Teltscher United.

Fiscal Policy Audit – National Audit Office of Finland Hannu Rajamäki Director for Performance Audit NAO of Finland.

Twinning Project Project Number BG2004/IB/EY/01 “Institutional Building at the Energy Efficiency Agency (EEA)” 28 September 2007, Varna Project Leader.

Mounir BENHAMMOU Director of Administrative and Financial Department Secretariat General of the Arab Maghreb Union EN/CSC2/2014/Pres/05.

Jean Monnet Chair of EU Labour Law Academic Year Silvia Borelli:

CIS meeting Budapest 3-4 July 2013 Christophe Duhamel the Global Strategy to Improve Rural and Agricultural Statistics 3 components of the plan.

ADMINISTRATIVE PROCEDURES REVIEW CONTENT, METHODOLOGY AND INSTRUMENTS Presented by: Nguyen Viet Anh, Member of the Prime Minister’s Special Task Force.

Overview of the Geomatics Standardization in China LI LI Head of China Delegation, ISO/TC 211 Secretary-general of National Standardization Technical Committee.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Guidelines for LDS preparation for Croatian LAG’s Estonian Leader Union Kadri Tillemann and Kristiina Timmo 28 th of September, Zagreb.

ANNOOR ISLAMIC SCHOOL AdvancEd Survey PURPOSE AND DIRECTION.

Law Seminars International Spectrum Management Conference NTIA: SPECTRUM POLICY FOR THE 21 st CENTURY The Federal Government Spectrum Management Perspective.

1 HUMAN RESOURCE MANAGEMENT : A CENTRAL BUSINESS CONCERN Prepared for HRCOSA : 5 November 2003 SACOB.

EVALUATION OF THE SEE SARMa Project. Content Project management structure Internal evaluation External evaluation Evaluation report.

ITU Strategic Planning ICE Proposal January, 2014.

National Geospatial Advisory Committee State of the Committee National Geospatial Advisory Committee May 2009.

19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.

New approach in EU Accession Negotiations: Rule of Law Brussels, May 2013 Sandra Pernar Government of the Republic of Croatia Office for Cooperation.

S istema P ubblico di C onnettività The public connectivity system Ing. Gaspare Ferraro Roma – 10 marzo 2009.

Quality Management Systems Advice from ISO/TC 176 for Sector-specific applications.

Accountability & Program Assessment Governing Board Online Training Module.

A look into current and future trends in national policies for eHealth and Innovation in the WHO European Region Clayton Hamilton, eHealth and Innovation.

A look at progress in the development of eHealth in the European Region Results and recommendations from the 2016 report “From Innovation to Implementation:

November | 1 CONTINUING CARE COUNCIL Report to Forum Year

8 Nobermer, 2010 Sungsoo Chun, MPH, PhD, Easton Reid, PhD, Mi-Kyung Kim Korean Institute on Alcohol Problems School of Health and Welfare, Sahmyook University,

Seminar for Certified Secretaries Working in State Corporations and County Governments Imperial Hotel Kisumu 13 – 15 April 2016 Session Facilitator: CS.

ESA/STAT/AC.161/Co.1 Coordination of social statistics at national and international levels Thoughts for discussion Rosemary Bender, Statistics Canada.

Wireless networking and VoIP strategies for the public sector

دائرة الإحصاءات العامة

Rahandusministeerium

National-level ICT training strategy

The Italian legislation relating to the employment of Information and Communication Technologies in Public Administration.

Regional Seminar on Developing a Program for the Implementation of the 2008 SNA and Supporting Statistics Gülfer DİKBAYIR September 2013 Ankara.

PRESENTATION OF EXISTING EVALUATION

NATIONAL STRATEGIES FOR IMPLEMENTING THE

Presentation transcript:

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio Manganelli Member of CNIPA board Centro Nazionale per l’Informatica nella Pubblica Amministrazione

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli National Center for IT in Public Sector (CNIPA)  Main tasks  Give formal advices to the central Administration on projects concerning Information and Communication (mandatory by law)  Foster the use of new technologies enabling innovation  Contribute at the definition of standards and technical rules with special care on security, interoperability, openness and performances  Coordinate the development of training courses Moreover CNIPA  contributes at the definition of the Government IT policy  carries out key projects in order to enable the public sector innovation (e.g. SPC)

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli CNIPA guidelines on security (book n. 23)  Guidelines for ICT security within public sector  National Plan for Information and Communication Security within Public Administration  ICT Security Organization Model for public sector  Guidelines were developed by a task force composed by experts of:  National Committee on ICT Security in the Public sector  Communication Ministry  CNIPA

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Contents of Security Plan and Organization Model  The National Plan indicate strategies and national initiatives for information security  The Organization Model outline the suitable organization for implementing the national plan in the public sector

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Certification in the Security National Plan  The National Plan outline the strategy for security certification within the public sector  Issues addressed:  Process certification (ISO/IEC 27001)  Product/system certification (ISO/IEC 15408)  Personnel certification

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Products and systems certification strategy  Certification strongly recommended for  process involved in citizen safety  homeland security  applications where security leak may cause social problems (e.g. digital signature)  Certification recommended for  applications where a security leak may cause huge economical losses Currently certification is mandatory only for digital signature

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Guidelines for the certification in the public sector  CNIPA and OCSI have started a joint workshop aimed at defining the criteria for adopting certified products, systems and services in the public sector  Issues so far addressed are  criteria for taking into account the certification requirements in products, systems and services  rules and policies for introducing certification requirements in call for tenders  the role of public administration as sponsor of the certification process

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli The security survey  Every year CNIPA carries out a survey on the security level of central public administrations, by means of an on line questionnaire  The answers are analyzed and reported by CNIPA  Results are then summarized scoring 4 Key Performance Indicators:  Logical security  Infrastructure security  Security of services  Organization for security

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Certification in the security survey  Q: is security certification taken into account for products and services acquisition? A:yes61% no33 % n.a.6 % Figures refer to 2006