Good practices on the implementation of regulatory technical standards
MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…
Security Guide for ICT Procurement
The “Security Guide for ICT Procurement” aims to be a practical tool for electronic communications service providers to better manage security risks when dealing with vendors of ICT products and outsourced services. The Guide maps security risks…
Security and Resilience in Governmental Clouds
Cloud computing offers a host of potential benefits to public bodies, including scalability, elasticity, high performance, resilience and security together with cost efficiency. Understanding and managing risks related to the adoption and…
IT Risk Management is essential
Visual Tool Ensures Regulatory Compliance and Effective Implementation of Corporate Risk Management Requirements
ENISA develops graphical framework illustrating the integration of Risk Management/Risk Assessment into corporate operational processes
Online Platform for Security of Personal Data Processing
This report presents the focus and main functionalities of the ENISA’s online platform for the security of personal data processing. This platform is only one tool, which cannot replace the need of a greater compliance and accountability…
Self Assessed Risk Management (SARM)
ENISA announces availability of a draft report and beta version of tool on Risk Management
Indispensable baseline security requirements for the procurement of secure ICT products and services
This short paper can be of use to suppliers and procurement officers when planning, offering and purchasing ICT products, systems and services. It is meant as a practical, technologically neutral document with clear, simple and sector-agnostic…
Risk Management Studio Tool
The tool Risk Management Studio has been updated on the inventory of RM/RA tools.
How to achieve the Interoperability of EU Risk Management Frameworks
The European Union Agency for Cybersecurity (ENISA) issues an analysis of the interoperability potential of cybersecurity risk management frameworks and methodologies to improve decision-making.
Auditing Framework for TSPs
This report provides an overview of the dedicated means of auditing for TSPs. It discusses specifically the following areas: standards applicable to TSPs and Conformity Assessment Bodies (auditors), methodology of auditing TSPs (off- and on-site),…