ENISA has conducted a preliminary study on the auditing frameworks for cyber security measures, providing 7 recommendations/ remarks on the common characteristics of the schemes.
In this report, ENISA presents an overview of existing auditing frameworks. These auditing frameworks are used in different setting and across different sectors (energy, finance etc), and are aiming at ensuring that providers comply with specific cyber security requirements. This work is undertaken in the context of incident reporting and minimum security measures for the telecommunications sector.
All twelve schemes are described in detail, presenting
- the process,
- the roles and
- the features of each scheme also by providing comprehensive visuals.
Outcome:
The outcome of this report is a set of 7 recommendations and a single auditing model that captures the most common features, creating this way a preliminary meta-framework.
This report can be a good reference point, since it offers a complete overview of international auditing schemes.
For full report: Schemes for Auditing Security Measures
Contact
For press questions and interviews, please contact: press@enisa.europa.eu.