Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio.

Published byBeverly Oliver Modified over 9 years ago

Similar presentations

Presentation on theme: "Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio."— Presentation transcript:

1 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio Manganelli Member of CNIPA board Centro Nazionale per l’Informatica nella Pubblica Amministrazione

2 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli National Center for IT in Public Sector (CNIPA)  Main tasks  Give formal advices to the central Administration on projects concerning Information and Communication (mandatory by law)  Foster the use of new technologies enabling innovation  Contribute at the definition of standards and technical rules with special care on security, interoperability, openness and performances  Coordinate the development of training courses Moreover CNIPA  contributes at the definition of the Government IT policy  carries out key projects in order to enable the public sector innovation (e.g. SPC)

3 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli CNIPA guidelines on security (book n. 23)  Guidelines for ICT security within public sector  National Plan for Information and Communication Security within Public Administration  ICT Security Organization Model for public sector  Guidelines were developed by a task force composed by experts of:  National Committee on ICT Security in the Public sector  Communication Ministry  CNIPA

4 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Contents of Security Plan and Organization Model  The National Plan indicate strategies and national initiatives for information security  The Organization Model outline the suitable organization for implementing the national plan in the public sector

5 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Certification in the Security National Plan  The National Plan outline the strategy for security certification within the public sector  Issues addressed:  Process certification (ISO/IEC 27001)  Product/system certification (ISO/IEC 15408)  Personnel certification

6 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Products and systems certification strategy  Certification strongly recommended for  process involved in citizen safety  homeland security  applications where security leak may cause social problems (e.g. digital signature)  Certification recommended for  applications where a security leak may cause huge economical losses Currently certification is mandatory only for digital signature

7 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Guidelines for the certification in the public sector  CNIPA and OCSI have started a joint workshop aimed at defining the criteria for adopting certified products, systems and services in the public sector  Issues so far addressed are  criteria for taking into account the certification requirements in products, systems and services  rules and policies for introducing certification requirements in call for tenders  the role of public administration as sponsor of the certification process

8 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli The security survey  Every year CNIPA carries out a survey on the security level of central public administrations, by means of an on line questionnaire  The answers are analyzed and reported by CNIPA  Results are then summarized scoring 4 Key Performance Indicators:  Logical security  Infrastructure security  Security of services  Organization for security

9 Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Certification in the security survey  Q: is security certification taken into account for products and services acquisition? A:yes61% no33 % n.a.6 % Figures refer to 2006

Download ppt "Rome, September 25th 2007 Security and Certification in the Public Sector – Claudio Manganelli Security and Certification in the Public Sector Ing. Claudio."

Similar presentations

Existing tools for cooperation – WG 2 1 Regional Policy Dialogue Capacity building seminars WORKING GROUP MEETINGS HIGH LEVEL SEMINAR SERIES 4 working.

Existing tools for cooperation – WG 2 1 Regional Policy Dialogue Capacity building seminars WORKING GROUP MEETINGS HIGH LEVEL SEMINAR SERIES 4 working.
MICS4 Survey Design Workshop Multiple Indicator Cluster Surveys Survey Design Workshop The MICS4 Process.

MICS4 Survey Design Workshop Multiple Indicator Cluster Surveys Survey Design Workshop The MICS4 Process.
Estonian public sector quality award pilot project 2003 Learning state agency Karin Närep Ministry of Finance of Estonia Rome 2003 Rahandusministeerium.

Estonian public sector quality award pilot project 2003 Learning state agency Karin Närep Ministry of Finance of Estonia Rome 2003 Rahandusministeerium.
THE COUNCIL OF EUROPE and the Information Society Council of Europe Summit (May 2005), Action Plan on e-democracy: We will also take initiatives so that.

THE COUNCIL OF EUROPE and the Information Society Council of Europe Summit (May 2005), Action Plan on e-democracy: "We will also take initiatives so that.
INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.

INITIATING THE PLANNING PROCESS. CONTENT Outputs from this stage Stage general description Obtaining government commitment Raising awareness Establishing.
STATSKONTORET Accessibility in ICT Procurement Clas Thorén Swedish Agency for Administrative Development.

STATSKONTORET Accessibility in ICT Procurement Clas Thorén Swedish Agency for Administrative Development.
CIPE ECONOMIC REFORM ROUNDTABLE : PRESENTATION GUIDELINES Date : June 19 th - 21 st, 2008 M. Majdi HASSEN,The IACE (Institut Arabe des Chefs d’Entreprises)

CIPE ECONOMIC REFORM ROUNDTABLE : PRESENTATION GUIDELINES Date : June 19 th - 21 st, 2008 M. Majdi HASSEN,The IACE (Institut Arabe des Chefs d’Entreprises)
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
SDMX – AN OECD PERSPECTIVE Paul Schreyer OECD CCSA Special Session, September 2014 Rome.

SDMX – AN OECD PERSPECTIVE Paul Schreyer OECD CCSA Special Session, September 2014 Rome.
Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.

Cross-border Empowerment of Next Generation Access National Networks MINISTRY OF TRANSPORT, INFORMATION TECHNOLOGY AND COMMUNICATIONS REPUBLIC OF BULGARIA.
The European Railway Agency in development

The European Railway Agency in development
World Class Standards Standards Mandate M 376 – Phase 2 European public procurement of accessible ICT Mandate M 376 - European Accessibility requirements.

World Class Standards Standards Mandate M 376 – Phase 2 European public procurement of accessible ICT Mandate M European Accessibility requirements.
2010 ・ 3 ・ 4 Manabu ETO. Standardization Education in Japan The standardization education in Japanese universities and postgraduate schools had depended.

2010 ・ 3 ・ 4 Manabu ETO. Standardization Education in Japan The standardization education in Japanese universities and postgraduate schools had depended.
Continuing education initiatives for the Italian Civil Servants Continuing education initiatives for the Italian Civil Servants the role of eLearning Continuing.

Continuing education initiatives for the Italian Civil Servants Continuing education initiatives for the Italian Civil Servants the role of eLearning Continuing.
INTRODUCTION TO PLANNING OUTLINE CAPACITY DEVELOPMENT TO IMPLEMENT CDM IN VIETNAM Dr. Bui Huy Phung National Centre for Natural Science & Technology Mr.

INTRODUCTION TO PLANNING OUTLINE CAPACITY DEVELOPMENT TO IMPLEMENT CDM IN VIETNAM Dr. Bui Huy Phung National Centre for Natural Science & Technology Mr.
Critical Role of ICT in Parliament Fulfill legislative, oversight, and representative responsibilities Achieve the goals of transparency, openness, accessibility,

Critical Role of ICT in Parliament Fulfill legislative, oversight, and representative responsibilities Achieve the goals of transparency, openness, accessibility,
ISMMMO, Antalya 25-29 April Internal Audit, Best Practices Özlem Aykaç, CIA,CCSA CAE Coca-Cola İçecek.

ISMMMO, Antalya April Internal Audit, Best Practices Özlem Aykaç, CIA,CCSA CAE Coca-Cola İçecek.
September 2007 1 SAFETY GROUPS PROGRAM SAFETY GROUPS PROGRAM 2008 Element Requirements.

September SAFETY GROUPS PROGRAM SAFETY GROUPS PROGRAM 2008 Element Requirements.
NATIONAL AGENCY FOR VOCATIONAL EDUCATION AND TRAINING, BULGARIA The 4th meeting of the SEEVET-Net 11-12 July, 2011 Chisinau, Moldova.

NATIONAL AGENCY FOR VOCATIONAL EDUCATION AND TRAINING, BULGARIA The 4th meeting of the SEEVET-Net July, 2011 Chisinau, Moldova.
EHR Systems Use and Quality in EHR Systems Use and Quality in Italy EHR Systems Quality Labelling and Certification 21 - 22 November 2011, Belgrade.

EHR Systems Use and Quality in EHR Systems Use and Quality in Italy EHR Systems Quality Labelling and Certification November 2011, Belgrade.

Similar presentations

Ads by Google