Recently Updated Pages
Objectives
These guidelines aim at providing a uniform framework for the design, configuration, and manageme...
Definition of gaps
Based on the assessed current situation, a gap matrix shall be developed to highlight shortages i...
Definition of the strategic target position
The desired situation and attainable targets shall be defined within a period of 3-5 years. The t...
Personally identifiable information (PII) Processing and Transparency
The institution shall identify and meet the requirements for preserving privacy and protecting PI...
System and Information Integrity
The institution shall identify, report, and correct system security flaws on time. The institu...
Audit and Accountability
The institution shall create and retain system audit logs and records to the extent needed to ena...
Institution awareness and Training
The institution shall ensure that executives, senior management, managers, systems administrators...
Access Control
The institution shall limit system access to authorized users, processes acting on behalf of au...
Minimizing the exposure of systems to External Networks
Install and configure gateway firewall. Configure inbound and outbound Access Control List (AC...
Security Policy and Procedures
The public institution shall as a minimum have a documented Information Security Policy (ISP) bas...
Password Management
Objective: Ensure secure handling of user certificate passwords. Guidelines: Do not store us...
Signature Validation
Objective: Validate the authenticity and integrity of digital signatures, including Long-Term Va...
Certificate Revocation
Objective: Ensure your system correctly performs the certificate validity check. Guidelines: ...
Certificate Expiration
Objective Prevent the use of expired certificates in your system. Guidelines Automatically ...
Onboarding Process
The onboarding process is crucial for integrating new IT team members in the public sector, as it...
Software configuration and maintenance documentation [Mandatory]
Software maintenance and configuration document is a document that provides key information req...
User documentation [Mandatory]
This documentation is created for end-users and should explain in the simplest way possible how u...
Data migration documentation [Mandatory]
Data migration documentation is required when a software project involves moving data from a lega...
Test documentation [Mandatory]
Test documentation describes the process, objectives, and results of software testing. It can als...
API documentation [Mandatory]
API documentation contains instructions about how to effectively use and integrate with an API. I...