SUCCESS STORY INFORMATION SECURITY
|
|
- Adela Garrett
- 6 years ago
- Views:
Transcription
1 SUCCESS STORY
2 Landis+Gyr cares for security in Smart Metering Safety modules for Smart-Meter Gateways according to Common Criteria The fabrication of intelligent power meters, the so called Smart Meters, is subject to legal provisions while fulfilling strong security requirements, and their compliance has to be checked and certified. Landis+Gyr, a Smart Meter pioneer, with the support of Sidler Information Security GmbH, has conceived a conforming information security concept, clearing the path towards secure Smart-Meter solutions. The first Smart-Meter-Gateway produced according to the latest standard could be registered for certification by Landis+Gyr in July Landis+Gyr, with headquarters in Zug and subsidiaries all around the globe, is a worldwide leader in the field of smart metering and a leading provider of integrated energy-management solutions. The company does not only enable energy providers and final customers to improve their energy efficiency and reduce their energy costs, therefore contributing with its effort to a sustainable resource exploitation. Creating and developing sustainable values and solutions and matching them with the challenges of energy policies are also part of the daily business of an industry leader. Implementation of legal requirements The deployment of intelligent power meters -that is, Smart Meters- is a basic prerequisite for the implementation of the Action Plan for the Energy Efficiency in Europe. It proposes that at least 80 percent of all consumers within the EU-member states are to be equipped with intelligent power meters before the year Within this frame, Germany has played a pioneering role and released, through the Bundesamt für Sich erheit in der Informationstechnik (BSI) a safety profile (BSI-CC-0073) for a Smart Metering Gateway and its appertaining safety modules conformed to the Common Criteria. Manufacturers like Landis+Gyr faced new challenges with these extensive requirements contained in the BSI-safety module and its legal provisions and to be implemented in electronic meters and Smart-Meter-Gateways. Not only the product itself will have to be submitted to certification in order to establish the compliance with these security requirements, there are also certain minimal requirements during the development process, the documentation, the support during the lifecycle of the product, testing and weak point checks that have to be met. The product will get its certification only if the whole framing environment passes this audit. Thomas Mosel, Head of Information Security EMEA at Landis+Gyr comments on this subject: «The safety module according to the internationally recognized IT-security guidelines of the Common Criteria includes a high number of security requirements. Very soon it was clear to us that we had to take in someone with the necessary know-how in order to implement this comprehensive catalogue of requirements, especially in the field of IT-security. Looking for an expert we came across Wolfgang Sidler of Sidler Information Security. His enormous knowledge in security questions matched perfectly with the forthcoming project. This way, we started to talk and eventually engaged him for the implementation of the project».
3 Cross GAP-analysis from A to Z In April 2012, Thomas Mosel und Wolfgang Sidler began with an in-depth survey with GAP analysis, in which the already existing information security was collated with the current requirement catalogue at hand. not to work under an enormous time pressure. We could take us enough time both for the establishment of the GAP-analysis and the security concept that was to follow in order to test each point for every detail and prepare ourselves intensively and very precisely for the BSI-certification». More than just an information security concept The Assurance Requirements of the Common Criteria are an important part of it. They define the minimum requirements of the development process, the documentation, the support during the product lifecycle, of tests and weak point checks that have to be necessarily observed and the way how the evaluator has to check these requirements. Based on the catalogue, it was later established which of these requirements already existed on an organizational level and which ones were required to be accomplished, which points had to be complemented in what way or even needed to be newly developed. And finally, how the final catalogue of measures would look like. The derived concept of information security established by Wolfgang Sidler on hand of the analysis he had worked out has been inserted in all areas of Landis+Gyr and is now applied on all levels, from the soft and hardware development through the configuration management to the production and quality assurance. It took around 12 months until this concept of information security could be presented to the management for clearance Thomas Mosel explains: «We had the privilege With the now released information security concept, Landis+Gyr has set the first decisive step on the way to a secure intelligent metering system for power and gas according to the new legal provisions. In July 2013, it could register the first Smart-Meter Gateway compliant with the Common Criteria and Safety Profile (BSI-CC-PP-0073) at the Bundesamt für Sicherheit in the Informationstechnik (BSI) for certification. The current development is now being aligned with the requirements of the Common Criteria Certification process. «A product certification is, except for certain limitations, valid on an international level. This is why we have displayed the security concept internationally, to enable its use regardless of the country or place where it is going to be used» explains Mosel, adding: «The experience in the field of security that Thomas Sidler brought us from an international level was also very helpful to us in this matter».mosel specifically mentions the ISO certification project of Landis+Gyr in England, that was realized simultaneously to the Common Criteria project and defines all safety relevant functions derived from the implementation and operation within the company of an Information-Safety Management System (ISMS) «Both projects have profited from each other within the frame of their respective analyses and concept developments, with information flowing in both directions». Here, Wolfgang Sidler worked with internal departments in England, actively supported the security audit and also was present from his assessing position during the successful certification in England in July».
4 Security awareness for employees Technical security measures do not only need organizational decisions but also -and very specially- personal measures in order to be effective. On the basis of the established information security scheme, a complementary training-concept related to the implementation of the security guidelines was put in place. On the initiative of Wolfgang Sidler, an awareness-training for employees took place for the first time in June A further security training based on the results obtained from the Common Criteria project and aimed to those employees engaged in the project followed in «It wasn t only the very positive response among the employees being useful, it also provided us with a constructive discussion and a good feedback» according to Thomas Mosel. «Especially the review and the resulting proposals for improvements that were subsequently produced by Wolfgang Sidler on behalf of the training records were extremely helpful. The awareness training conforms with current standards today and we will be able to perform, on demand and at any time, more of these trainings by our own». The bottom line The course for the future of intelligent metering systems has been set at Landis+Gyr, the final results of the project met the expectations and are in line to guarantee the security of the information, the data protection and the safety of Smart Grids. It is now only waiting for its certification. Once it has been granted, the industry will soon be offered sustainable solutions.
5 Project Details Smart Meter Gateway Common Criteria EAL4+ Product Certification Performing an information security gap analysis based on the ISO Elaborate special security concepts and policies for development, project management and production processes. Conduct ISO audit in England and France in Smart Meter production plants ISMS Framework coaching based on ISO and ISO Project Category Holzhäusernstrasse 5a CH-6331 Hünenberg - Switzerland
Assurance Continuity Maintenance Report
IFX_CCI_000003h, IFX_CCI_000005h, IFX_CCI_000008h, IFX_CCI_00000Ch, IFX_CCI_000013h, IFX_CCI_000014h, IFX_CCI_000015h, IFX_CCI_00001Ch and IFX_CCI_00001Dh design step H13 including optional software libraries
More informationLearn how to explain the purpose and business benefits of an ISMS, of ISMS standards, of management system audit and of third-party certification
LAST UPDATED 03-01-2018 ISMS (ISO/IEC 27001:2013) AUDITOR / LEAD AUDITOR TRAINING COURSE (A17533) COURSE DURATION: 5 DAYS LEARNING OBJECTIVES Learn how to explain the purpose and business benefits of an
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationLegal Regulations and Vulnerability Analysis
Legal Regulations and Vulnerability Analysis Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) Germany Introduction of the BSI National Authority for Information
More informationGlobal Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality
Global Manufacturer MAUSER Realizes Dream of Interconnected, Adaptive Security a Reality McAfee provides a trusted partnership for this agencies security infrastructure MAUSER Group Customer Profile Global
More informationThe German IT Security Certification Scheme. Joachim Weber
The German IT Security Certification Scheme Joachim Weber The German IT Security Certification Scheme 1. The role of the BSI 2. The German IT Certificate Scheme 3. Certification procedures in detail 4.
More informationIT SECURITY AT THE GERMAN RESEARCH REACTOR FRM II BASED ON THE GERMAN IT SECURITY GUIDELINE SEWD-IT
IT SECURITY AT THE GERMAN RESEARCH REACTOR FRM II BASED ON THE GERMAN IT SECURITY GUIDELINE SEWD-IT M. BAUN, R. BROSCHE, A. KASTENMÜLLER Technische Universität München, Forschungsneutronenquelle Heinz
More informationISO/ IEC (ITSM) Certification Roadmap
ISO/ IEC 20000 (ITSM) Certification Roadmap Rasheed Adegoke June 2013 Outline About First Bank Motivations Definitions ITIL, ISO/IEC 20000 & DIFFERENCES ISO/ IEC 20000 Certification Roadmap First Bank
More informationBuild confidence in the cloud Best practice frameworks for cloud security
Build confidence in the cloud Best practice frameworks for cloud security Cloud services are rapidly growing and becoming more of a focus for business. It s predicted that more than $1 trillion in IT spending
More informationTesting and Certification Procedure
A PM 101E April 2011 Guideline for the Testing and Certification Procedure of the VDE Testing and Certification Institute (VDE Institute) (For information purpose only. In any case the German version shall
More informationProtecting your data. EY s approach to data privacy and information security
Protecting your data EY s approach to data privacy and information security Digital networks are a key enabler in the globalization of business. They dramatically enhance our ability to communicate, share
More informationProfessional Evaluation and Certification Board Frequently Asked Questions
Professional Evaluation and Certification Board Frequently Asked Questions 1. About PECB... 2 2. General... 2 3. PECB Official Training Courses... 4 4. Course Registration... 5 5. Certification... 5 6.
More informationModule 6: Network and Information Security and Privacy. Session 3: Information Security Methodology. Presenter: Freddy Tan
Module 6: Network and Information Security and Privacy Session 3: Information Security Methodology Presenter: Freddy Tan Learning Objectives Understanding the administrative, physical, and technical aspects
More informationBSI-CC-PP for
for Protection Profile for the Security Module of a Smart Meter Mini-HSM (Mini-HSM Security Module PP) - Schutzprofil für das Sicherheitsmodul des Smart Meter Mini-HSM, V1.0 developed by Federal Office
More informationAudit and Certification Process of GUTcert for
Audit and Certification Process of GUTcert for PRODUCT CERTIFICATION ACC. TO ISO 17065 Sustainable Biomass acc. ISCC and REDcert GUT Certifizierungsgesellschaft für Managementsysteme mbh Umweltgutachter
More informationBSI-CC-PP-0088-V for
BSI-CC-PP-0088-V2-2017 for Base Protection Profile for Database Management Systems (DBMS PP) Version 2.12 and DBMS PP Extended Package - Access History (DBMS PP_EP_AH) Version 1.02 developed by DBMS Working
More informationSWIFT Customer Security Controls Framework and self-attestation via The KYC Registry Security Attestation Application FAQ
SWIFT Customer Security Controls Framework and self-attestation via The KYC Registry Security Attestation Application FAQ 1 SWIFT Customer Security Controls Framework Why has SWIFT launched new security
More informationJoint Interpretation Library. Certification of "open" smart card products
Joint Interpretation Library Certification of "open" smart card products Version 1.1 (for trial use) 4 February 2013 Certification of "open" smart card products Joint Interpretation Library Acknowledgments:
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS
ACCREDITATION: A BRIEFING FOR GOVERNMENTS AND REGULATORS Accreditation is continuously gaining recognition as an important technical tool in the delivery of objectives across an increasing range of policy
More informationPredictive Assurance
Predictive Assurance Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) 9 ICCC Jeju, Korea September 2008 Irmela Ruhrmann Head of Division Certification,
More informationISO9001:2015 LEAD IMPLEMENTER & LEAD AUDITOR
ISO9001:2015 LEAD IMPLEMENTER & LEAD AUDITOR JPCANN ASSOCIATES LTD #58 NSAWAM ROAD, AVENOR JUNCTION, KOKOMLEMLE-ACCRA Office lines: +233 302 242 573 / +233 302 974 302 Mobile: +233 501 335 818 20 www.corptrainghana.com
More informationManufacturer certification in plant, metal and rolling-stock engineering
Manufacturer certification in plant, metal and rolling-stock engineering To ensure you meet the highest quality standards. TÜV SÜD Industrie Service GmbH Be prepared for going global In the course of globalisation,
More informationNew International Health and Safety Standard ISO 45001
New International Health and Safety Standard ISO 45001 By Mr. Coleman Tse, Sales & Marketing Director, BSI Hong Kong 4/24/2015 Who is BSI? Royal Charter Status focused on the development of standards,
More informationBSI-CC-PP for. Java Card Protection Profile - Open Configuration, Version December developed by. Oracle Corporation
BSI-CC-PP-0099-2017 for Java Card Protection Profile - Open Configuration, Version 3.0.5 December 2017 developed by Oracle Corporation Federal Office for Information Security (BSI), Postfach 20 03 63,
More informationProduct overview DETECT. PROTECT Connect.
Product overview DETECT. PROTECT Connect. ABOUT US Since 70 successful years always there for you BERNSTEIN AG, headquartered in Porta Westfalica, looks back on an eventful past that is linked directly
More informationDescription of the certification procedure MS - ISO 9001, MS - ISO 14001, MS - ISO/TS and MS BS OHSAS 18001, MS - ISO 45001, MS - ISO 50001
The certification of a management system based on standard ISO 9001, ISO 14001, ISO/TS 29001, BS OHSAS 18001, ISO 45001 or ISO 50001, consists of the offer and contract phase, the audit preparation, performance
More informationIndustrial Security - Protecting productivity IEC INDA
Industrial Security - Protecting productivity IEC 62443 - INDA siemens.com/industrialsecurity Industrial Security IEC 62443 Page 2 07.10.2015 IACS, automation solution, control system Industrial Automation
More informationBSI-CC-PP for. FIDO Universal Second Factor (U2F) Authenticator, Version 1.0. developed by. Federal Office for Information Security
for FIDO Universal Second Factor (U2F) Authenticator, Version 1.0 developed by Federal Office for Information Security Federal Office for Information Security (BSI), Postfach 20 03 63, 53133 Bonn, Germany
More informationIf you should require any further information then please do not hesitate to contact us. We will be please to help you.
Description of the TÜV NORD CERT Certification Procedure for HACCP Food Safety System based on Codex Alimentarius Commission (CAC/RPC 1-1969, Rev. 4 (2003)) Certific ation CONTENT 1. CERTIFICATION PROCEDURE...
More informationWhite Paper IDIS (Interoperable Device Interface Specification)
White Paper IDIS (Interoperable Device Interface Specification) IDIS (Interoperable Device Interface Specification) Introduction 3 The drivers 3 Towards pan-european standardisation 3 From standards to
More informationSPECIFIC PROVISIONS FOR THE ACCREDITATION OF CERTIFICATION BODIES IN THE FIELD OF INFOR- MATION SECURITY MANAGEMENT SYSTEMS (ISO/IEC 27001)
BELAC 2-405-ISMS R0 2017 SPECIFIC PROVISIONS FOR THE ACCREDITATION OF CERTIFICATION BODIES IN THE FIELD OF INFOR- MATION SECURITY MANAGEMENT SYSTEMS (ISO/IEC 27001) The only valid versions of the documents
More informationDescription of the TÜV NORD CERT certification procedure GMP+ FC (Feed Certification scheme) of GMP+ International B.V. (NL)
Certific ation Table of contents 1 CERTIFICATION PROCEDURE... 3 1.1 Audit Preparation... 3 1.2 Establishment of readiness for certification... 3 1.3 Temporary approval... 3 1.4 Audit Stage 2 Certification
More informationCompliance and Security in a Cloud-First Era
Compliance and Security in a Cloud-First Era Regions: Dublin (EU-West) 3 x Availability Zones Launched in 2007 Frankfurt (EU-Central) 2 x Availability Zones Launched 2014 Edge Locations: Amsterdam,
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationWorking with the EU Directive High common level of network and information security. Martin Apel, SANS ICS Summit, Munich und
Working with the EU Directive High common level of network and information security Martin Apel, SANS ICS Summit, Munich und 18.06.2018 Outline 1. Overview over NIS-Directive 2. Who is an operator of essential
More informationISO/IEC :2015 IMPACT ON THE CERTIFIED CLIENT
ISO/IEC 17021-1:2015 IMPACT ON THE CERTIFIED CLIENT P R E S E N T E D B Y S H A N N O N C R A D D O C K, P R O G R A M S & A C C R E D I T A T I O N S M A N A G E R TODAY S APPROACH What is ISO/IEC 17021-1:2015?
More informationA compliance journey to the cloud how to build a medical cloud platform regulatory- and ISO27000-compliant. Carl Zeiss Meditec AG Thorsten Bischoff
A compliance journey to the cloud how to build a medical cloud platform regulatory- and ISO27000-compliant Carl Zeiss Meditec AG Thorsten Bischoff Carl Zeiss Meditec Company Snapshot Headquarters in Jena,
More informationSmart Gas Metering in Germany.
Smart Gas Metering in Germany. New OMS Standard for Germany. New security standard. 10 th October 2012, Metering Billing/CRM Europe 2012, Amsterdam Andreas Bolder, Deutsche Telekom Technischer Service
More informationSession 609 Tuesday, October 22, 2:45 PM - 3:45 PM Track: IT Governance and Security
Session 609 Tuesday, October 22, 2:45 PM - 3:45 PM Track: IT Governance and Security An Overview of Recent Changes to ISO 20000 Ron Lester Enterprise Service Management Consultant, Information Technology
More information_isms_27001_fnd_en_sample_set01_v2, Group A
1) What is correct with respect to the PDCA cycle? a) PDCA describes the characteristics of information to be maintained in the context of information security. (0%) b) The structure of the ISO/IEC 27001
More informationSolution Oil & Gas. tgood.com
Solution Oil & Gas tgood.com TGOOD Introduction TGOOD is the global leader in prefabricated electric power distribution solutions. It is the company that first comes to mind when cost-effective electric
More informationINFORMATION SECURITY MANAGEMENT
ISMS (ISO/IEC 27001:2005 to ISO/IEC 27001:2013) Transition Training Course (A17700) Two (2) Days It is recommended for ISMS registered Provisional Auditors, Auditors, Lead Auditors, Principal Auditors
More informationTraining Catalog. Decker Consulting GmbH Birkenstrasse 49 CH 6343 Rotkreuz. Revision public. Authorized Training Partner
Management and Information Technology Solutions Decker Consulting GmbH Training Catalog Decker Consulting GmbH Birkenstrasse 49 CH 6343 Rotkreuz Revision 9.1 05.12.2018 public Authorized Training Partner
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationRSB Standard for participating operators
Type of document: RSB International Standard Status: Approved for certification Date: 1 March 2011 Version 2.0 RSB Standard for participating operators RSB reference code: RSB-STD-30-001 Published by the
More informationISO Information Security Management Systems Implementation Road Map
www.uaeiso.com ISO 27001 Information Security Management Systems Implementation Road Map 10 Step Approach to ISO 27001 Certification Awareness Training Information Security Policy and Objectives Finalization
More informationR e a c t i o n s t o t h e e - I n v o i c i n g r e p o r t o f t h e EU- E x p e r t g r o u p
Seite 1 von 6 Re: R e a c t i o n s t o t h e e - I n v o i c i n g r e p o r t o f t h e EU- E x p e r t g r o u p General assessment 1. Do you agree with the report s assessment, conclusions and recommendations?
More informationISO/IEC Information technology Security techniques Code of practice for information security controls
INTERNATIONAL STANDARD ISO/IEC 27002 Second edition 2013-10-01 Information technology Security techniques Code of practice for information security controls Technologies de l information Techniques de
More informationBULGARI S.p.A BY THE AUTHORITY OF THE COUNCIL. IS A CERTIFIED MEMBER OF THE Responsible Jewellery Council. Executive Director
BY THE AUTHORITY OF THE COUNCIL BULGARI S.p.A IS A CERTIFIED MEMBER OF THE Responsible Jewellery Council CERTIFIED MEMBER: 0000 1127 CERTIFICATION PERIOD: 13 DECEMBER 2017 13 DECEMBER 2020 WILFRIED HOERNER
More informationValcambi SA BY THE AUTHORITY OF THE COUNCIL. IS CHAIN-OF-CUSTODY CERTIFIED BY THE Responsible Jewellery Council. Executive Director
CHAIN-OF-CUSTODY BY THE AUTHORITY OF THE COUNCIL IS CHAIN-OF-CUSTODY CERTIFIED BY THE Responsible Jewellery Council NUMBER: C0000 0065 CERTIFIED UNTIL: 04 JULY 2020 TYPES OF ELIGIBLE MATERIALS HANDLED:
More informationWhite Paper Implementing mobile electronic identity
Implementing mobile electronic identity A DXC Enterprise approach based on hardware token microsd card Table of contents Secure Element form factors in mobile devices 2 Other alternatives for implementing
More informationMobile Felica on CX Virgo platform Version 5.0
122 MAINTENANCE REPORT MR1 (supplementing Certification Report No. CRP298) Mobile Felica on Sm@rtSIM CX Virgo platform Version 5.0 Issue 1.0 September 2017 Crown Copyright 2017 All Rights Reserved Reproduction
More informationMicrosoft Partner FAQ
Microsoft Partner FAQ Topic: New role-based certifications and competencies Q. What is the new certification model? A. The model is based on three tiers of expertise: Fundamentals, Associate and Expert.
More informationSIZ Informatikzentrum der Sparkassenorganisation GmbH Simrockstraße Bonn, Germany. Sicherer IT-Betrieb, Basisvariante, version 1.
The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company SIZ Informatikzentrum der Sparkassenorganisation GmbH Simrockstraße 4 53113 Bonn, Germany to confirm
More informationBSI C5 Status Quo. Dr. Clemens Doubrava, BSI,
BSI C5 Status Quo Dr. Clemens Doubrava, BSI, 11.12.2017 Expectations Cloud Service Provider Customers, more customers, An Everything-is-secure -Certification Preferably including data protection (GDPR)
More informationAT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant
Our Contact Details IT-SCAN GMBH c/o: DOCK3 Hafenstrasse 25-27 68159 Mannheim E: info@it-scan.de W: www.it-scan.de Nationalität Berufserfahrung C U R R I C U L U M V I T A E Diplom-Betriebswirt (FH) Peter
More informationHow to Become a CMA (Certified Management Accountant) May 10, 2017
How to Become a CMA (Certified Management Accountant) May 10, 2017 Today s Moderator Featured Presenter Agenda The CMA Designation Institute of Management Accountants (IMA) Why get a CMA? CMA Requirements
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD ISO/IEC 27006 Second edition 2011-12-01 Information technology Security techniques Requirements for bodies providing audit and certification of information security management systems
More informationFiscal 2015 Activities Review and Plan for Fiscal 2016
Fiscal 2015 Activities Review and 1. The Ricoh Group s Information Security Activities In response to changes emerging in the social environment, the Ricoh Group is promoting its PDCA management system
More informationDriving Global Resilience
Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India Chairman of the Business Continuity Institute
More informationUKAS accredited Certification Bodies
Transfer of ISO 9001 Certification between UKAS accredited Certification Bodies CIBSE Certification as a Certification Body The Significance of UKAS Accreditation The Transfer Route CIBSE Certification
More informationTÜV SÜD Industrie Service GmbH. Maximising efficiency of power stations and plants.
TÜV SÜD Industrie Service GmbH Maximising efficiency of power stations and plants. Maximising efficiency, increasing safety and availability at TÜV SÜD, we know what is important for power stations and
More informationCooperation with other Certification Systems
ISCC 254 Cooperation with other Certification Systems Cooperation with other Certification Systems ISCC 11-01-14 V 1.16 11-01-14 Copyright notice ISCC 2010 This ISCC document is protected by copyright.
More informationRSPO Certification Step by step
RSPO Certification Step by step Index Terms and definitions... 3 Objectives and applicable certification schemes... 5 Evaluation procedures... 7 Certification request... 7 Critical analysis of certification
More informationEVALUATION AND APPROVAL OF AUDITORS. Deliverable 4.4.3: Design of a governmental Social Responsibility and Quality Certification System
EVALUATION AND APPROVAL OF AUDITORS Deliverable 4.4.3: Design of a governmental Social Responsibility and Quality Certification System 1 TABLE OF CONTENTS 1. Scope and field of Application 3 2. Normative
More informationUGANDA NATIONAL BUREAU OF STANDARDS LIST OF DRAFT UGANDA STANDARDS ON PUBLIC REVIEW
UGANDA NATIONAL BUREAU OF STANDARDS LIST OF DRAFT UGANDA STANDARDS ON PUBLIC REVIEW S/No. STANDARDS CODE TITLE(DESCRIPTION) SCOPE 1. DUS ISO/IEC 29151:2017 technology -- Security techniques -- Code of
More informationGlobal Security Consulting Services, compliancy and risk asessment services
Global Security Consulting Services, compliancy and risk asessment services Introduced by Nadine Dereza Presented by Suheil Shahryar Director of Global Security Consulting Today s Business Environment
More information30 th -31 st May 2019 Brussels, Belgium 31 st May 2019 ISO Auditor Examination
Certified ISO 31000 Lead Auditor (2 days training) Advanced Course Become a Certified ISO 31000 Lead Auditor (CTA31000) An advanced course for Certified ISO31000 Risk Professionals only Updated to the
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationExpected outcomes. for accredited certification to ISO management system standards such as ISO 9001 and ISO 14001
casco for accredited certification to ISO management system standards such as ISO 9001 and ISO 14001 The International Accreditation not control such bodies, but does Forum (IAF) and the International
More informationInspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T
Inspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T What is Certification? Organic certification system is a quality assurance initiative,
More informationAviation Academy International GmbH AVIATION ACADEMY INTERNATIONAL. ISO Certification of Aviation Experts
Aviation Academy International GmbH AVIATION ACADEMY INTERNATIONAL ISO 17024 Certification of Aviation Experts The ISO/IEC 17024:2012 certification for Aviation Experts is a new Quality Standard for aviators
More informationWLA Certification : Preparation and Management
WLA Certification : Preparation and Management Australia 27-30 April 2015 By Driss HAMDOUNE MDJS Secretary General & WLA Security & Risk Management Committee Member What kinds of risk is our business activity
More informationBalancing energy and environmental demands
Balancing energy and environmental demands Solutions that optimise the safety and performance of conventional power plants and power station systems. TÜV SÜD South Asia Meet global energy demands As demand
More informationWhen Recognition Matters INTRODUCING NEW PECB CERTIFICATION SCHEMES.
When Recognition Matters INTRODUCING NEW PECB CERTIFICATION SCHEMES www.pecb.com 1 Introduction Seeing the great importance of distinguishing highly d professionals, PECB has introduced a new senior certification
More informationSection Qualifications of Audit teams Qualifications of Auditors Maintenance and Improvement of Competence...
Section 9. SFI 2010-2014 Audit Procedures and Auditor Qualifications and Accreditation Updated January 2011 Section 9 Introduction... 3 1. Scope... 3 2. Normative Reference... 3 3. Terms and Definitions...
More informationDemonstrating data privacy for GDPR and beyond
Demonstrating data privacy for GDPR and beyond EY data privacy assurance services Introduction The General Data Protection Regulation (GDPR) is ushering in a new era of data privacy in Europe. Organizations
More informationHEALTH AND SAFETY PROGRAM 207 Permit Writer Certification Procedure
Page 1 of 11 1.0 PURPOSE Axiall, Plaquemine Complex, has developed this procedure to establish guidelines and protocols to certify Safe Work Permit Writers and Confined Space Entry Supervisors. 2.0 SCOPE
More informationConformity assessment Requirements for bodies providing audit and certification of management systems. Part 6:
TECHNICAL SPECIFICATION ISO/IEC TS 17021-6 First edition 2014-12-01 Conformity assessment Requirements for bodies providing audit and certification of management systems Part 6: Competence requirements
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationAnnex No. 1 as of April 30, to the certification report. T-Systems-DSZ-ITSEC as of September 24, 2002
Annex No. 1 as of April 30, 2004 to the certification report T-Systems-DSZ-ITSEC-04084-2002 as of September 24, 2002 1 Scope of this annex 1 This annex describes - all changes applied by the vendor to
More informationThe emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18
The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18 European Union Agency for Network and Information Security
More informationAUDITOR / LEAD AUDITOR PHARMACEUTICAL AND MEDICAL DEVICE INDUSTRY
Requirement specification Certification of individuals: AUDITOR / LEAD AUDITOR PHARMACEUTICAL AND MEDICAL DEVICE INDUSTRY Requirement specification Auditor Lead Auditor rev 5.docx Page 1 1 Introduction
More informationICAO S COOPERATIVE NETWORK OF TRAINING CENTRES
ICAO S COOPERATIVE NETWORK OF TRAINING CENTRES MEMBERSHIP PROGRAMME Associate Full RTCE Corporate 1 Programme ICAO s cooperative network of training centres ICAO s TRAINAIR PLUS Programme promotes training
More informationIT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive
IT Governance ISO/IEC 27001:2013 ISMS Implementation Service description Protect Comply Thrive 100% guaranteed ISO 27001 certification with the global experts With the IT Governance ISO 27001 Implementation
More informationIBM Corporation. Global Energy Management System Implementation: Case Study. Global
Energy Management System Implementation: Case Study IBM Corporation ISO 50001 Registration: Results and Benefits It takes a global team to drive real success. Business case for energy management IBM is
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 22000 Lead Auditor www.pecb.com The objective of the Certified ISO 22000 Lead Auditor examination is to ensure that the candidate has
More informationProject Management Certification
Project Management Certification PM Certification Project Management Practice June 2015 Four Certification Levels in Project Management If you love your craft, then challenge yourself every day to improve
More informationEscaping PCI purgatory.
Security April 2008 Escaping PCI purgatory. Compliance roadblocks and stories of real-world successes Page 2 Contents 2 Executive summary 2 Navigating the road to PCI DSS compliance 3 Getting unstuck 6
More informationTrend Micro Professional Services Partner Program
Trend Micro Professional Services Partner Program PROGRAM OVERVIEW The Trend Micro Partner Program provides professional services companies with the certification, training, technical support and access
More informationAn Introduction to the ISO Security Standards
An Introduction to the ISO Security Standards Agenda Security vs Privacy Who or What is the ISO? ISO 27001:2013 ISO 27001/27002 domains Building Blocks of Security AVAILABILITY INTEGRITY CONFIDENTIALITY
More informationEN CEPA CERTIFIED: HERE IS HOW IT WORKS DQS - COMPETENCE FOR SUSTAINABILITY
EN 16636 - CEPA CERTIFIED: HERE IS HOW IT WORKS DQS - COMPETENCE FOR SUSTAINABILITY AT LAST: THE EUROPEAN STANDARD FOR PEST MANAGEMENT HAS ARRIVED After more than three years of intensive work, the European
More informationLL-C (Certification) Services Overview
LL-C (Certification) Services Overview Who is LL-C (Certification)? LL-C (Certification) is an international certification body operating in more than 40 countries with experience in the field. Provides
More informationPATHWAYS TO INNOVATION IN DISASTER RISK MANAGEMENT. Paolo Venturoni CEO European Organisation For Security 4 th June 2018
PATHWAYS TO INNOVATION IN DISASTER RISK MANAGEMENT Paolo Venturoni CEO European Organisation For Security 4 th June 2018 1 What is EOS The European Organisation for Security (EOS) is the voice of the European
More informationORDINANCE ON EMPLOYMENT PROMOTION (AZAV) INFORMATION SECURITY MANAGEMENT SYSTEMS ACCORDING TO DIN ISO/IEC (INCL. IT SECURITY CATALOGUE)
Audit and Certification Process of GUTcert for QUALITY MANAGEMENT SYSTEMS ACCORDING TO ISO 9001 ENVIRONMENTAL MANAGEMENT SYSTEMS ACCORDING TO ISO 14001 ENERGY MANAGEMENT SYSTEMS ACCORDING TO ISO 50001
More informationEXAM PREPARATION GUIDE
EXAM PREPARATION GUIDE PECB Certified ISO 39001 Lead Auditor The objective of the PECB Certified ISO 39001 Lead Auditor examination is to ensure that the candidate has the knowledge and skills to plan
More informationNETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY.
NETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY. MACMON MODULE & BUNDLES DEVELOPMENT It is macmon s mission to improve and further develop its products. Exciting extensions are currently being worked
More informationLICS Certification Scheme
LICS Certification Scheme LICS Certified Community Interpreting Service Provider Language Industry Certification System Release date: V1.0, 2009-08-15 Austrian Standards plus GmbH, Heinestrasse 38, A-1020
More information