Claus B. Jensen IT Auditor, CISA, CIA

Size: px
Start display at page:

Download "Claus B. Jensen IT Auditor, CISA, CIA"

Transcription

1 Claus B. Jensen IT Auditor, CISA, CIA I am employed in Rigsrevisionen, Denmark. (Danish National Audit Office) I have worked within IT Audit since 1995, both as internal and external auditor and now in the public sector. CISA certified

2 Rigsrevisionen- About us? Rigsrevisionen - the Danish National Audit Office - is an independent institution, which since 1991 has been placed under the Danish Folketing (parliament). Rigsrevisionen employs about 270 people 2

3

4 Main conclusion from the report: The data for which the government bodies were responsible was not, at the time of the examination, adequately protected and the level of security exposed the IT systems and confidential data to undue risk of cyber attacks. Public Accounts Committee is concerned that the examined government bodies had insufficient security against hacker attacks and insufficient protection of IT systems and confidential digital data. 4

5 Rigsrevisionen recommends that: 1. all government bodies should address the risk of cyber attacks in their risk assessments and 2. consider whether the implemented technical restrictions on downloads of programmes from the Internet and the number of local administrator accounts have been adequately limited, and 3. whether applied software programmes, etc. are being updated regularly. 5

6 Rigsrevisionen recommends that: and that: 1. the Ministry of Finance should clarify how responsibilities for cyber security should be divided between the Danish Agency for Governmental IT Services and its clients; 2. the Ministry of Finance and the Danish Agency for Digitisation should, develop guidance for all government bodies on the implementation of security controls to mitigate cyber attacks. 6

7

8 Based on experience from previously performed IT audits, the Danish National Audit Office is of the opinion that the results of the examination may apply to a wider audience of government bodies than those included in the audit. 8

9 Objectives 1) To assess whether selected government bodies had sufficient focus on mitigating cyber attacks. 2) In relation to the Danish Agency for Governmental IT Services, we focused particularly on its assessment and test of the risk that an attack on one of its clients could spread to other clients, as the security level of the agency and its clients should be considered collectively because security weaknesses identified either at the agency or one of its clients could potentially affect other clients. 3) Finally, we checked whether the risk associated with a decision not to implement the controls had been recorded in the risk assessment reports in a manner that reflected that management had addressed the risk and the possibilities of mitigating cyber attacks. 9

10 BEST PRACTICE Technically restricted staff s options to download programmes; Limited use of local administrators and Domain Administrators; Systematic software updates. 10

11 HOW WE DEFINED BEST PRACTICE In October 2012, the Australian Department of Defence estimated that around 85 % of all cyber attacks can be mitigated through the implementation of these few security controls. 1. technical restriction of download of programs from the Internet; (Whitelisting) 2. limited use of local administrators 3. systematic software updates. 11

12 The three controls are also found on the SANS Institute s prioritised list of 20 critical security controls referred to as quick wins. According to the Danish GovCert, the conclusions from the Australian report and other similar reports can be transferred to a Danish setting. The Danish National Audit Office is of the opinion that unless otherwise justified implementing the three security controls is now to be considered good practice. 12

13 HOW WE CONDUCTED THE SURVEY We spent the first 4 weeks scanning the marked for security tools to anlyse and test if the 3 security controls were implemented. NO We simply asked the clients, have you implemented: 1. technical restriction of download of programs from the Internet; (Whitelisting)? 2. limited the use of local administrators? 3. systematic software updates? 4. If YES - we asked for documentation 13

14 Objective no. 1 Examination of the three security controls Had the selected government bodies implemented the three recommended security controls? 14

15 The results of the examination 15

16 Conclusion objective no. 1: The data for which the government bodies were responsible was not, at the time of the examination, adequately protected and the level of security exposed the IT systems and confidential data to undue risk of cyber attacks 16

17 Objective no. 2 Examination of specific security controls at the Danish Agency for Governmental IT Services (Shared Service Center solution) Risk of cyber attacks spreading Risk connected to extensive use of domain administrators 17

18 The results of the examination 1. It turned out that the Danish Agency for Governmental IT Services had not assessed the risk of an attack on one government body compromising the IT security of the agency s other clients. 2. Nor had the agency conducted tests to establish whether an attack on one government body could compromise the system security of the agency s other clients. 3. The Danish Agency for Governmental IT Services had granted rights and permissions to a large number of domain administrators a practice that represents a significant risk in relation to potential attacks. 18

19 Conclusion objective no. 2: The Danish Agency for Governmental IT Services has not to the extent required addressed the risk that a cyber attack on one government body with inadequate security controls could spread to other bodies, for instance, through the shared services. 19

20 Objective no. 3 we checked whether the risk associated with a decision not to implement the controls had been recorded in the risk assessment reports in a manner that reflected that management had addressed the risk and the possibilities of mitigating cyber attacks. 20

21 The results of the examination objective no. 3 None of the four government bodies had in their risk assessments recorded why technical restrictions concerning downloads from the Internet had not been implemented. 21

22 Does it matter? Should we be concerned? If YES why? 22

23 Some samples from out there 23

24 Several of the government agencies that rely on the services provided by the Danish Agency for Governmental IT Services have in recent years been affected by successful cyber attacks. According to the Danish Centre for Cyber Security some of the attacks could have been avoided, and the consequences of the majority of the attacks considerably reduced, if the three security controls referred to in this report had been implemented in the agencies. 24

25 Hackerangreb mod Erhvervs- og Vækstministeriet 2012 Søren Vulff, Vicedirektør, Statens It 25

26 april

27 STATENS IT LUKKER INTERNET FORBINDELSEN TIL EVM OG FORETAGER ANALYSE/OPRYDNING 27 april 2014

28 HVAD VAR DET, DER SKETE? Vi ved ikke, hvem der stod bag, men alt tyder på en statssponsoreret aktør. Vi ved ikke, om de fik fat i noget - og i så fald, hvad det var. Vi ved dog, at de ikke kom ind på nogen af de centrale systemer. Da vi fulgte dem via logs, kunne vi se, at de målrettet gik efter at finde driftsdokumentation og systembeskrivelser. De arbejdede i dansk kontortid. Vi var klar til hele tiden at afbryde forbindelsen, hvis de nærmede sig vitale systemer. 28 april 2014

29 HVAD LÆRTE VI? Ingen ved, hvor lang tid det kommer til at tage! Man har begrænset tid, så indsatsen skal være meget målrettet. Klar rollefordeling - ikke kun i forhold til det tekniske, men også i forhold til beredskabsledelse og kommunikation, herunder håndtering af presse. Vi blev hjulpet af, at vi var midt i en konsolidering og kunne meget hurtigt prioritere at idriftsætte IPS-enheder (Intrusion Prevention System) ift. Erhvervs- og Vækstministeriets netværk. Vi fik opbygget et meget frugtbart samarbejde sammen med andre myndigheder i situationen. 29 april 2014

30 Who s Targeted Verticals Hundreds of targets Dozens of campaigns Direct/Indirect attacks Symantec Security Response 30

31 31

32 Norway hit by hackers Danish newspaper March Den Nationale Sikkerhedsmyndighed (NSM) registered security events in was registered as successful hacker attacks! Govermental agencies, Defense Industry and Tekno industry Hackere tok over Gjensidiges nettsider Massive angrep rammer norske servere PCer benytter seg av NTP-servere for å synkronisere dato og klokkeslett. Disse serverne ble mandag målet for et kraftig DDoS-angrep. En norsk kommune utsettes for 6000 dataangrep i døgnet 32

33 Nobody is to small to be hit by a Cyber Attack Excerpts from the Danish Beekeeper Association's annual report Danish Beekeepers' Association operates several websites. We've had problems with hackers among other biplanter.dk and honningfestival.dk. The latter has been hacked twice in the past year. Now both sites have been cleaned and updated, so that will not happen again. 33

34 What was our goal to bring this area into focus? 1. To put cyber security on the agenda of policy makers at the Danish Government bodies - Attacks on several government bodies in recent years have accentuated the need for increased security in the Public Sector. 2. To spread the word that these three simple and cheap central security controls can prevent the majority of the currently known types of attacks. 3. Go well in hand with the implementation of ISO (To be implemented by all Danish Governmental agencies by 2014) 34

35 35

36 Thank you for your attention The report can be downloaded on (in Danish and English) 36

Report to the Public Accounts Committee on mitigation of cyber attacks. October 2013

Report to the Public Accounts Committee on mitigation of cyber attacks. October 2013 Report to the Public Accounts Committee on mitigation of cyber attacks October 2013 REPORT ON MITIGATION OF CYBER ATTACKS Table of contents I. Introduction and conclusion... 1 II. How government bodies

More information

Research on the Danish heroin assisted treatment programme

Research on the Danish heroin assisted treatment programme Research on the Danish heroin assisted treatment programme Katrine Schepelern Johansen Anthropologist, PhD Post.doc, Department of Anthropology, University of Copenhagen Treatment with heroin in Denmark

More information

Questionnaire #1: The Patient (Spørgeskema, må gerne besvares på dansk)

Questionnaire #1: The Patient (Spørgeskema, må gerne besvares på dansk) Table of Contents Questionnaire #1: The Patient... 2 Questionnaire #2: The Medical Staff... 4 Questionnaire #3: The Visitors... 6 Questionnaire #4: The Non-Medical Staff... 7 Page1 Questionnaire #1: The

More information

CAMP LOGOS administrated by Boligselskabet Sct. Jørgen (housing agency)

CAMP LOGOS administrated by Boligselskabet Sct. Jørgen (housing agency) CAMP LOGOS administrated by Boligselskabet Sct. Jørgen (housing agency) Camp Logos the buildings Camp Logos is the dorm across the street from The Animation Workshop. There are 4 buildings side by side

More information

<Matthías saga digitalis 6.0/>

<Matthías saga digitalis 6.0/> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

More information

Informationsteknologi Serviceledelse Del 4: Procesreferencemodel

Informationsteknologi Serviceledelse Del 4: Procesreferencemodel DS-information DS/ISO/IEC TR 20000-4 1. udgave 2010-12-14 Informationsteknologi Serviceledelse Del 4: Procesreferencemodel Information technology Service management Part 4: Process reference model DS/ISO/IEC

More information

Information og dokumentation Ledelsessystem for dokumentstyring Krav

Information og dokumentation Ledelsessystem for dokumentstyring Krav Dansk standard DS/ISO 30301 1. udgave 2011-11-22 Information og dokumentation Ledelsessystem for dokumentstyring Krav Information and documentation Management systems for records Requirements DS/ISO 30301

More information

Ny postlov i Norge New postal regulations in Norway. Frode Wold, Norway Post Nordic Address Forum, Iceland 5-6. may 2015

Ny postlov i Norge New postal regulations in Norway. Frode Wold, Norway Post Nordic Address Forum, Iceland 5-6. may 2015 Frode Wold, Norway Post Nordic Address Forum, Iceland 5-6. may 2015 < Norge skal innordne seg EU s postdirektiv og dette vil få konsekvenser for Posten Norge mht postnummeradministrasjon, postadresser

More information

C a r d c o n d i t i o n s

C a r d c o n d i t i o n s C a r d t y p e s Du har vel hørt om pigen, som trådte på brødet for ikke at smudse sine sko, og hvor ilde de blev hun opklædt, hun været ude, så sagde godt så hun ud, og hovmoden tog til. Et årstid havde

More information

Presentation. Morten Hvenegaard Project Sales

Presentation. Morten Hvenegaard Project Sales Presentation One sensor in each luminaire - efficient lighting control 25 % savings on seamless daylight adjustment. One sensor in each luminaire - efficient lighting control 25 % savings on seamless daylight

More information

Nordic Master in Didactics of Mathematics

Nordic Master in Didactics of Mathematics Nordic Master in Didactics of Mathematics NORDIMA Barbro Grevholm Seminar i Bergen den 7-8 september 2011 Nordic Master in Didactics of Mathematics Project number NMP-2009/10730 The Master Consortium consists

More information

Agil Business Process Management - i Finans

Agil Business Process Management - i Finans Agil Business Process Management - i Finans Thomas Hildebrandt Lektor, PhD Leder af gruppen for Proces- & Systemmodeller ved IT Universitetet i København og Interessegruppen for processer og IT ved Infinit

More information

Student evaluation form

Student evaluation form Student evaluation form Back Number of respondents: 17 1. Multiple choice question Percentage Name of course: [Insert name of course here!] Course Objectives: [Insert course objectives (målbeskrivelse)

More information

Informationsteknologi Serviceledelse Del 3: Vejledning i definition af emne og brug af ISO/IEC 20000-1

Informationsteknologi Serviceledelse Del 3: Vejledning i definition af emne og brug af ISO/IEC 20000-1 DS-information DS/ISO/IEC TR 20000-3 1. udgave 2009-10-21 Informationsteknologi Serviceledelse Del 3: Vejledning i definition af emne og brug af ISO/IEC 20000-1 Information technology Service management

More information

SPDE. Lagring af større datamængder. make connections share ideas be inspired. Henrik Dorf Chefkonsulent SAS Institute A/S

SPDE. Lagring af større datamængder. make connections share ideas be inspired. Henrik Dorf Chefkonsulent SAS Institute A/S make connections share ideas be inspired SPDE Lagring af større datamængder Henrik Dorf Chefkonsulent SAS Institute A/S SPDE Scalable Performance Data Engine I/O delen af SPDServer software Følger med

More information

MORGENBOOSTER 2015 DISRUPTIVE BUSINESS DESIGN

MORGENBOOSTER 2015 DISRUPTIVE BUSINESS DESIGN MORGENBOOSTER 2015 DISRUPTIVE BUSINESS DESIGN JIM KEYES, CEO, BLOCKBUSTER, 2008 NEITHER REDBOX OR NETFLIX ARE EVEN ON THE RADAR SCREEN IN TERMS OF COMPETITION 2000 HEY, VI SKAL HA ET WEBSITE HM 2009 HEY,

More information

VHDL programmering H2

VHDL programmering H2 VHDL programmering H2 VHDL (Very high speed Integrated circuits) Hardware Description Language IEEE standard 1076-1993 Den benytter vi!! Hvornår blev den frigivet som standard første gang?? Ca. 1980!!

More information

National strategi for Datamanagement Input fra Bevaring, Formidling og Genbrug. Birte Christensen-Dalsgaard Det Kongelige Bibliotek

National strategi for Datamanagement Input fra Bevaring, Formidling og Genbrug. Birte Christensen-Dalsgaard Det Kongelige Bibliotek National strategi for Datamanagement Input fra Bevaring, Formidling og Genbrug Birte Christensen-Dalsgaard Det Kongelige Bibliotek Disposition Hvad er forskningsdata Hvorfor skulle forskere være interesseret?

More information

Softwareudvikling Kvalitetskrav til og evaluering af softwareprodukter (SQuaRE) Fælles industriformat (CIF) til brugbare testrapporter

Softwareudvikling Kvalitetskrav til og evaluering af softwareprodukter (SQuaRE) Fælles industriformat (CIF) til brugbare testrapporter Dansk standard DS/ISO/IEC 25062 1. udgave 2008-05-08 Softwareudvikling Kvalitetskrav til og evaluering af softwareprodukter (SQuaRE) Fælles industriformat (CIF) til brugbare testrapporter Software engineering

More information

Fremtidens vindenergi en magisters historie på Risø og DTU

Fremtidens vindenergi en magisters historie på Risø og DTU Downloaded from orbit.dtu.dk on: Oct 26, 2015 Fremtidens vindenergi en magisters historie på Risø og DTU Mortensen, Niels Gylling Publication date: 2015 Document Version Author final version (often known

More information

Software- og systemudvikling Softwaretest Del 1: Begreber og definitioner

Software- og systemudvikling Softwaretest Del 1: Begreber og definitioner Dansk standard DS/ISO/IEC/IEEE 29119-1 1. udgave 2013-09-26 Software- og systemudvikling Softwaretest Del 1: Begreber og definitioner Software and systems engineering Software testing Part 1: Concepts

More information

Join af tabeller med SAS skal det være hurtigt?

Join af tabeller med SAS skal det være hurtigt? Join af tabeller med SAS skal det være hurtigt? Henrik Dorf, chefkonsulent, PS Commercial Join af tabeller Skal det være hurtigt kræver det Valgmuligheder Viden Eksperimenter Historien En af de første

More information

Skolestart. Solveig Gaarsmand Skole og Samfund Good ID 2007

Skolestart. Solveig Gaarsmand Skole og Samfund Good ID 2007 Skolestart Solveig Gaarsmand Skole og Samfund Good ID 2007 1 Præsentation Hvem er vi? Hvor skal vores børn gå i skole? The trainer welcomes parents, pedagogues and teachers present and invites everybody

More information

COACH BOT Modular e-course with virtual coach tool support

COACH BOT Modular e-course with virtual coach tool support COACH BOT Modular e-course with virtual coach tool support LIFELONG LEARNING PROGRAM LEONARDO da VINCI Aarhus Social and Health Care College TRAINING FOR HEALTHCARE PROFESSIONALS AND HOME CARE PROVIDERS

More information

MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD

MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD Name: Candidate Registration Number: Date of Exam: MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD SURVIVAL SLP1 PAPER D English Base Paper for Reading Task 1 Task 2 Time allowed Translation Comprehension

More information

Informationsteknologi Personlig identifikation ISO-overensstemmende kørekort Del 4: Prøvningsmetoder

Informationsteknologi Personlig identifikation ISO-overensstemmende kørekort Del 4: Prøvningsmetoder Dansk standard DS/ISO/IEC 18013-4 1. udgave 2012-01-11 Informationsteknologi Personlig identifikation ISO-overensstemmende kørekort Del 4: Prøvningsmetoder Information technology Personal identification

More information

The modal verbs kan sende modtage Same word for must and may Future expressed without modal verb

The modal verbs kan sende modtage Same word for must and may Future expressed without modal verb The modal verbs A modal verb can, may must, shall or will is an auxiliary it modifies the verb and expresses whether the action described is seen as plan, intention, necessity, possibility, prediction,

More information

Evaluation and Assessment of Key Competences in Denmark

Evaluation and Assessment of Key Competences in Denmark Dublin, March 2013 Evaluation and Assessment of Key Competences in Denmark Benvido a Dublin Steen Lassen, senior advisor The Ministry of Children and Education, Denmark I: The Folkeskole internal and external

More information

Omkostnings- og investeringsteori Efterår 2009 Opgaver

Omkostnings- og investeringsteori Efterår 2009 Opgaver Omkostnings- og investeringsteori Efterår 2009 Opgaver Jonas Sveistrup Hansen - stud.merc.it 23. september 2009 1 Indhold 1 2-27 p. 76 - Identifying Cost Drivers 3 2 2-46 p. 81- Basic Relationship, Restaurant

More information

Softwareudvikling Retningslinjer for anvendelse af ISO 9001:2008 til computersoftware

Softwareudvikling Retningslinjer for anvendelse af ISO 9001:2008 til computersoftware Dansk standard DS/ISO/IEC 90003:2015 2. udgave 2015-01-07 Softwareudvikling Retningslinjer for anvendelse af ISO 9001:2008 til computersoftware Software engineering Guidelines for the application of ISO

More information

Vejledning til en europæisk COREfaktura-datamodel. CII-retningslinjer for implementering Del 1: Introduktion

Vejledning til en europæisk COREfaktura-datamodel. CII-retningslinjer for implementering Del 1: Introduktion DS-information DS/CWA 16356-1 1. udgave 2011-11-09 Vejledning til en europæisk COREfaktura-datamodel med UN/CEFACT CII-retningslinjer for implementering Del 1: Introduktion Guide for a European CORE INVOICE

More information

Rubber condoms Guidance on the use of ISO 4074 in the quality management of natural rubber latex condoms

Rubber condoms Guidance on the use of ISO 4074 in the quality management of natural rubber latex condoms Dansk standard DS/ISO 16038 1. udgave 2005-11-14 Kondomer Vejledning i brug af ISO 4074 ved kvalitetsstyring af latexkondomer Rubber condoms Guidance on the use of ISO 4074 in the quality management of

More information

GB INTRODUCTION manual:

GB INTRODUCTION manual: GS - GS/L S2/S4 4 5 GB INTRODUCTION manual: Manufacturing Firm; The person responsible for the use of the fork truck must make sure that all of the safety rules in force in INSTRUCTIONS FOR USE 1) Do not

More information

Sundhedsinformatik Kapacitetsbaseret roadmap for e-sundhedsarkitektur Del 1: Oversigt over nationale e-sundhedsinitiativer

Sundhedsinformatik Kapacitetsbaseret roadmap for e-sundhedsarkitektur Del 1: Oversigt over nationale e-sundhedsinitiativer DS-information DS/ISO/TR 14639-1 1. udgave 2012-10-11 Sundhedsinformatik Kapacitetsbaseret roadmap for e-sundhedsarkitektur Del 1: Oversigt over nationale e-sundhedsinitiativer Health informatics Capacity-based

More information

Informationsteknologi Små computersystemers. Del 251: USB-fæstnet SCSI (UAS)

Informationsteknologi Små computersystemers. Del 251: USB-fæstnet SCSI (UAS) Dansk standard DS/ISO/IEC 14776-251 1. udgave 2014-05-27 Informationsteknologi Små computersystemers grænseflade (SCSI) Del 251: USB-fæstnet SCSI (UAS) Information technology Small computer system interface

More information

Centre for Regional Change in the Earth System - CRES

Centre for Regional Change in the Earth System - CRES Centre for Regional Change in the Earth System - CRES Jens Hesselbjerg Christensen Danish Meteorological Institute http://cres-centre.net From science to decisions Thanks to Markku Rummukainen Outline

More information

Why Do People Pay the Way They Do: The Case of Cards, Cash, and Internet Banking in the Context

Why Do People Pay the Way They Do: The Case of Cards, Cash, and Internet Banking in the Context Why Do People Pay the Way They Do: The Case of Cards, Cash, and Internet Banking in the Context of Danish Society Xiao Xiao, Jonas Hedman, and Emma Runnemark Department of IT Management, Copenhagen Business

More information

Procesintegration og -automatisering. Michael Borges, Partner micborges@deloitte.dk

Procesintegration og -automatisering. Michael Borges, Partner micborges@deloitte.dk Procesintegration og -automatisering Michael Borges, Partner micborges@deloitte.dk Three eras of business automation The digital era The industrial era Machines replace heavy and dangerous manual work

More information

Hot & New in Symantec Management and Windows Protection

Hot & New in Symantec Management and Windows Protection [Technology Days 2010] Hot & New in Symantec and Windows Protection Finn Henningsen & Wael Al Assadi Hot & New in Symantec and Windows Protection AGENDA 1 2 3 Intro Storage /Wael Al Assadi Assadi Endpoint

More information

How To Write An International Safety Standard

How To Write An International Safety Standard Dansk standard DS/ISO 26262-6 1. udgave 2012-01-11 Motorkøretøjer Funktionssikkerhed Del 6: Produktudvikling på softwareniveau Road vehicles Functional safety Part 6: Product development at the software

More information

Statistiske metoder i procesledelse Kapabilitet og performance Del 3: Analyse af maskinperformance for måleværdier på (diskrete) emner

Statistiske metoder i procesledelse Kapabilitet og performance Del 3: Analyse af maskinperformance for måleværdier på (diskrete) emner Dansk standard DS/ISO 22514-3 1. udgave 2008-05-08 Statistiske metoder i procesledelse Kapabilitet og performance Del 3: Analyse af maskinperformance for måleværdier på (diskrete) emner Statistical methods

More information

Skovbrugsmaskiner Sikkerhedskrav til og prøvning af motordrevne stangsave til beskæring Del 2: Maskiner med rygbåret energikilde

Skovbrugsmaskiner Sikkerhedskrav til og prøvning af motordrevne stangsave til beskæring Del 2: Maskiner med rygbåret energikilde Dansk standard DS/EN ISO 11680-2 3. udgave 2012-01-18 Skovbrugsmaskiner Sikkerhedskrav til og prøvning af motordrevne stangsave til beskæring Del 2: Maskiner med rygbåret energikilde Machinery for forestry

More information

Opdatering af metadata via SAS -programmer

Opdatering af metadata via SAS -programmer Opdatering af metadata via SAS -programmer Henrik Dorf, chefkonsulent, PS Commercial Metadata SAS Management Console Meta browser SAS Data Integration Studio SAS Metadata Server Administrerer adgangen

More information

Naturgas Bestemmelse af sammensætning med defineret usikkerhed ved gaskromatografi Del 2: Usikkerhedsberegninger

Naturgas Bestemmelse af sammensætning med defineret usikkerhed ved gaskromatografi Del 2: Usikkerhedsberegninger Dansk standard DS/EN ISO 6974-2 2. udgave 2012-06-20 Naturgas Bestemmelse af sammensætning med defineret usikkerhed ved gaskromatografi Del 2: Usikkerhedsberegninger Natural gas Determination of composition

More information

Informationsteknologi Storage management Del 1: Oversigt

Informationsteknologi Storage management Del 1: Oversigt Dansk standard DS/ISO/IEC 24775-1 1. udgave 2014-11-13 Informationsteknologi Storage management Del 1: Oversigt Information technology Storage management Part 1: Overview DS/ISO/IEC 24775-1 København DS

More information

Jordundersøgelser Prøvetagning Del 5: Vejledning i undersøgelse af jordforurening på bymæssige og industrielle grunde

Jordundersøgelser Prøvetagning Del 5: Vejledning i undersøgelse af jordforurening på bymæssige og industrielle grunde Dansk standard DS/ISO 10381-5 1. udgave 2005-11-09 Jordundersøgelser Prøvetagning Del 5: Vejledning i undersøgelse af jordforurening på bymæssige og industrielle grunde Soil quality Sampling Part 5: Guidance

More information

DEFINITE AND INDEFINITE FORM

DEFINITE AND INDEFINITE FORM DEFINITE AND INDEFINITE FORM In Norwegian, a noun can appear either in the indefinite form or in the definite form. There are some absolute rules that determine which form is correct, but three important

More information

ACE Denmark - an accreditation operator

ACE Denmark - an accreditation operator ACE Denmark - an accreditation operator Learn how ACE Denmark improves the quality of Danish university study programmes. Page 2 ACE Denmark is based in the old university quarter in the heart of Copenhagen.

More information

The Effect of a Classroom Management Intervention Results from an RCT Anders Holm, Maria Keilow, Mette Friis-Hansen, and Rune Kristensen

The Effect of a Classroom Management Intervention Results from an RCT Anders Holm, Maria Keilow, Mette Friis-Hansen, and Rune Kristensen The Effect of a Classroom Management Intervention Results from an RCT Anders Holm, Maria Keilow, Mette Friis-Hansen, and Rune Kristensen Table 2. Course plan for the Classroom Management Intervention.

More information

Uppsala, ICLaVE2, 13. juni 2003 Introduction

Uppsala, ICLaVE2, 13. juni 2003 Introduction Uppsala, ICLaVE2, 13. juni 2003 Introduction The idea behind this speech was really a thought that came to me one late night. I can t describe it in details and it s not really thought through, but it

More information

GetProduct. Webservice name: GetProduct. Adress: https://www.elib.se/webservices/getproduct.asmx

GetProduct. Webservice name: GetProduct. Adress: https://www.elib.se/webservices/getproduct.asmx GetProduct Webservice name: GetProduct Adress: https://www.elib.se/webservices/getproduct.asmx WSDL: https://www.elib.se/webservices/getproduct.asmx?wsdl Webservice Methods: Name: Description: Output schema:

More information

Introduction. Objectives

Introduction. Objectives 1 af 7 06-05-2010 23:43 Introduction Povl Kjøller's "Do you want to sing together?" In this session we are going to listen to a Danish song from the 1970s. "Cykelsangen", as it is known, was written and

More information

Ergonomi Fysisk miljø Anvendelse af internationale standarder for personer med særlige behov

Ergonomi Fysisk miljø Anvendelse af internationale standarder for personer med særlige behov Dansk standard DS/EN ISO 28803 1. udgave 2012-04-23 Ergonomi Fysisk miljø Anvendelse af internationale standarder for personer med særlige behov Ergonomics of the physical environment Application of international

More information

SCRIPTING, DATABASES, SYSTEM ARCHITECTURE

SCRIPTING, DATABASES, SYSTEM ARCHITECTURE introduction to SCRIPTING, DATABASES, SYSTEM ARCHITECTURE RECAPITULATION OF PHP Claus Brabrand ((( brabrand@itu.dk ))) Associate Professor, Ph.D. ((( Programming, Logic, and Semantics ))) IT University

More information

Packaging Linear bar code and twodimensional symbols for product packaging

Packaging Linear bar code and twodimensional symbols for product packaging Dansk standard DS/ISO 22742 1. udgave 2005-03-17 Emballage Lineær stregkode og todimensionelle symboler for emballage til produkter Packaging Linear bar code and twodimensional symbols for product packaging

More information

God s mission and our mission. Leader Conference Mission in Denmark Kolding 21st March 2015

God s mission and our mission. Leader Conference Mission in Denmark Kolding 21st March 2015 God s mission and our mission Leader Conference Mission in Denmark Kolding 21st March 2015 When the time had fully come, God sent his son, Deus misit filium suum born of a woman, born under law, to redeem

More information

Sponsors ansvar ved outsourcing af en klinisk afprøvning. Dansk Selskab for GCP. Medlemsmøde 23 November 2010

Sponsors ansvar ved outsourcing af en klinisk afprøvning. Dansk Selskab for GCP. Medlemsmøde 23 November 2010 Sponsors ansvar ved outsourcing af en klinisk afprøvning Dansk Selskab for GCP Medlemsmøde 23 November 2010 Agenda Introduktion v/jane Arce, Formand for Dansk Selskab for GCP Lovgivning Hvorfor kontrol

More information

1) Testing of general knowledge 25%. Each right question counts 1. Each wrong counts 0.5. Empty

1) Testing of general knowledge 25%. Each right question counts 1. Each wrong counts 0.5. Empty 1 Exam 2 The exam consists of four parts: 1) Testing of general knowledge 25%. Each right question counts 1. Each wrong counts 0.5. Empty counts zero. See below note about Task 1. 2) Planning 20%. All

More information

THE ROTARY FOUNDATION. Det hele begyndte med at Arch Klump fik en idé i 1917!

THE ROTARY FOUNDATION. Det hele begyndte med at Arch Klump fik en idé i 1917! THE ROTARY FOUNDATION Det hele begyndte med at Arch Klump fik en idé i 1917! JE: Kommentarer: Det hele var Arch Klump s ide som RI president i 1917-1 mands ide ligesom Poul Harris. Det første bidrag kom

More information

Management. Support HR

Management. Support HR Brugerrejsen Product development Marketing Sales Support HR Service IT Financial Management Før Under Efter a b Planlægning Køreplan Købe billet: Orange eller 1...? Pladsbillet: Familie eller stille? Transport

More information

! Crowdsourcing!the!Library!

! Crowdsourcing!the!Library! CrowdsourcingtheLibrary ByLoneStefansen TheRoyalLibraryofDenmark Background KBhasbeenworkingwithcrowdsourcingfor3 years LibrarieshaveauniqueopportunitytoaBract andengagedifferentcommunides» NonFprofit»

More information

I will cover. Cyber Security and other recent performance audits. Report # 8 Why this audit? Background. Audit objective.

I will cover. Cyber Security and other recent performance audits. Report # 8 Why this audit? Background. Audit objective. I will cover. Report # 8 Security of information communications technology infrastructure Cyber Security and other recent performance audits Report # 9 TMAG: compliance with the National Standards for

More information

OIO Dekstop applikation

OIO Dekstop applikation OIO Dekstop applikation 25-09-2009. Version 1.0 Sammendrag af ideer og dialog på møde d. 24-09-2009 mellem ITST, Trifork og Designit Under udarbejdelse Diagram Test applikation Grupper Digitaliser.dk Applikation

More information

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts

CYBER SECURITY. ADVISORY SERVICES Governance Risk & Compliance. Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts CYBER SECURITY ADVISORY SERVICES Governance Risk & Compliance Shemrick Rodney IT Specialist Consultant Antigua & St. Kitts The Financial Services Industry at Crossroads: Where to From Here? WELCOME What

More information

SAP Best Practices. Færdigpakket branchespecifik og brancheovergribende knowhow. Tilgængelighed for SAP-kunder og SAP-partnere

SAP Best Practices. Færdigpakket branchespecifik og brancheovergribende knowhow. Tilgængelighed for SAP-kunder og SAP-partnere SAP Best Practices Færdigpakket branchespecifik og brancheovergribende knowhow Tilgængelighed for SAP-kunder og SAP-partnere 1. Tilgængelighed af SAP Best Practices 2. Download af SAP Best Practices Tilgængelighed

More information

COPYRIGHT Danish Standards Foundation. NOT FOR COMMERCIAL USE OR REPRODUCTION. DS/IEC/TR 80001-2-2:2012

COPYRIGHT Danish Standards Foundation. NOT FOR COMMERCIAL USE OR REPRODUCTION. DS/IEC/TR 80001-2-2:2012 DS-information DS/IEC/TR 80001-2-2 1. udgave 2012-09-14 Anvendelse af risikostyring inden for itnetværk indbefattende medicinsk udstyr Del 2-2: Vejledning ved offentliggørelse og formidling af sikkerhedsbehov,

More information

Avaya Brugergruppe dage

Avaya Brugergruppe dage 13.03.2015 1 Avaya Brugergruppe dage ODENSE 13.03.2015 2 BRUGERGRUPPEDAGE 2015 ODENSE Rigets tilstand på Blå Avaya Skal jeg gå SIP vejen? Hvad er Avaya Software Investment Protection Policy (ASIPP) SIP

More information

Søgeprotokol for Nationale Kliniske Retningslinjer

Søgeprotokol for Nationale Kliniske Retningslinjer Søgeprotokol for Nationale Kliniske Retningslinjer Projekttitel/aspekt NKR for OCD søgning på PICOs - sekundær litteratur Kontakt Fagkonsulent Anne Dorothee Müller / Betina Højgaard /projektleder Kontakt

More information

FaSMEd meeting, 24.02.15 Maria I.M. Febri

FaSMEd meeting, 24.02.15 Maria I.M. Febri FaSMEd meeting, 24.02.15 Maria I.M. Febri Hverdagsforestillinger (Every day concepts) Begrepet Hverdagsforestillinger Elever kommer til naturfagundervisning med diverse forestillinger basert på / bygd

More information

Too Much. Workmate. A. Listen to Adrian talking about obesity. 1 Who is he especially worried about?

Too Much. Workmate. A. Listen to Adrian talking about obesity. 1 Who is he especially worried about? Too Much Workmate 1. Work in pairs. Find these expressions in the text. Read them aloud. 1 Jo større han blev, desto mindre motionerede han. 2 I mange år havde han ikke kunnet gå i biografen. 3 Han løste

More information

MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD

MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD Name: Candidate Registration Number: Date of Exam: MINISTRY OF DEFENCE LANGUAGES EXAMINATIONS BOARD SURVIVAL SLP1 NORWEGIAN PAPER F Reading Task 1 Task 2 Time allowed Translation Comprehension 15 minutes

More information

COPYRIGHT Danish Standards Foundation. NOT FOR COMMERCIAL USE OR REPRODUCTION. DS/ISO/IEC 24730-22:2012

COPYRIGHT Danish Standards Foundation. NOT FOR COMMERCIAL USE OR REPRODUCTION. DS/ISO/IEC 24730-22:2012 Dansk standard DS/ISO/IEC 24730-22 2. udgave 2012-08-29 Informationsteknologi Realtidslokaliseringssystemer (RTLS) Del 22: Direct Sequence Spread Spectrum (DSSS), 2,4 GHz-protokol for luftgrænseflade:

More information

Overview TECHIS60441. Carry out security testing activities

Overview TECHIS60441. Carry out security testing activities Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being

More information

FORSLAG / DRAFT DSF/DS/EN 13200-6 DK NA:2014

FORSLAG / DRAFT DSF/DS/EN 13200-6 DK NA:2014 FORSLAG / DRAFT DSF/DS/EN 13200-6 DK NA:2014 Forslagsnr.: M287549 Draft no.: Forslaget er: The draft is: (IDT = identisk med/identical to - EQV = baseret på/equivalent to - MOD = modificeret/modified)

More information

Casestudier, der understøtter IEC 62232 Bestemmelse af RF-felter og SAR-værdier i nærheden af radiokommunikationsbasestationer

Casestudier, der understøtter IEC 62232 Bestemmelse af RF-felter og SAR-værdier i nærheden af radiokommunikationsbasestationer DS-information DS/IEC/TR 62669 1. udgave 2011-07-04 Casestudier, der understøtter IEC 62232 Bestemmelse af RF-felter og SAR-værdier i nærheden af radiokommunikationsbasestationer med det formål at evaluere

More information

Summary. /3 The purpose of this report was to observe Vestergaard Company A/S s possibilities of

Summary. /3 The purpose of this report was to observe Vestergaard Company A/S s possibilities of entering the Turkish market. /3 The purpose of this report was to observe Vestergaard Company A/S s possibilities of Summary Vestergaard Company A/S Belinda S. Jensen, Gamze Celik, Katrine Junker og Kristine

More information

Business development. Linnea Jacobsen. 1. semester 2014

Business development. Linnea Jacobsen. 1. semester 2014 Business development Linnea Jacobsen 1. semester 2014 v Business Models v Business Model Canvas v Groupwork Literature Alexander Osterwalder & Yves Pigneur: Business Model Generation: s. 14-47 + 76-103

More information

Left dislocation in main and subordinate clauses

Left dislocation in main and subordinate clauses Nordic Atlas of Language Structures (NALS) Journal, Vol 1, 406-414 Copyright J. B. Johannessen 2014 Licensed under a Creative Commons Attribution 3.0 License Left dislocation in main and subordinate clauses

More information

Man, Machine and DDoS Mitigation

Man, Machine and DDoS Mitigation Man, Machine and DDoS Mitigation The case for human cyber security expertise Automated DDoS mitigation poses risks Distributed denial of service (DDoS) attacks can overwhelm DDoS appliances Today s DDoS

More information

Kvalifisering av ny teknologi

Kvalifisering av ny teknologi Kvalifisering av ny teknologi Siemens AS 26.05.2011 Siemens Oil & Gas solutions - Offshore 2010. All rights reserved. De tre viktigste tingene subsea: Pålitelighet Pålitelighet Pålitelighet Hvorfor kvalifisering?

More information

CRES - a Scientific Platform for Sharing Climate Change Related Knowledge in Denmark

CRES - a Scientific Platform for Sharing Climate Change Related Knowledge in Denmark CRES - a Scientific Platform for Sharing Climate Change Related Knowledge in Denmark Jens Hesselbjerg Christensen Danish Meteorological Institute http://cres-centre.net Outline Something about communicating

More information

How To Understand And Understand Phytoestrogen

How To Understand And Understand Phytoestrogen Course Catalogue 2013 SCANBUR Academy COURSE CATALOGUE 2013 Scanbur Academy proudly presents our first course catalogue. We look forward to meeting you at one or more of our courses in 2013. If you have

More information

HVAD ER VI? HVOR ER VI? Ved Kim Grenaa & Uffe Buchard

HVAD ER VI? HVOR ER VI? Ved Kim Grenaa & Uffe Buchard HVAD ER VI? HVOR ER VI? Ved Kim Grenaa & Uffe Buchard PROGRAM 10:15 Find dit DNA 11:15 Pause 11:30 Marketingplatform & Show PR, Step by Step Guide 12:30 Frokost 13:15 Den nye verden v/ Emilia van Hauen

More information

SAMSØ PÅ GAS. Skibsteknisk Selskab København 8. September 2014

SAMSØ PÅ GAS. Skibsteknisk Selskab København 8. September 2014 SAMSØ PÅ GAS Skibsteknisk Selskab København 8. September 2014 Consulting Naval Architects OSK-ShipTech A/S Denmark World Wide Marine Consultancy Services Since 1966 Geography Kanhavekanalen Kanhavekanalen

More information

Facility management Del 7: Vejledning i benchmarking af præstationer

Facility management Del 7: Vejledning i benchmarking af præstationer Dansk standard DS/EN 15221-7 1. udgave 2012-11-06 Facility management Del 7: Vejledning i benchmarking af præstationer Facility Management Part 7: Guidelines for Performance Benchmarking DS/EN 15221-7

More information

Informationsteknologi til læring, uddannelse og oplæring Informationsmodel for kompetencer Del 2: Informationsmodel for kompetenceniveau

Informationsteknologi til læring, uddannelse og oplæring Informationsmodel for kompetencer Del 2: Informationsmodel for kompetenceniveau Dansk standard DS/ISO/IEC 20006-2:2015 1. udgave 2015-08-04 Informationsteknologi til læring, uddannelse og oplæring Informationsmodel for kompetencer Del 2: Informationsmodel for kompetenceniveau Information

More information

Akustik Metode til beregning af forventet høretab forårsaget af støj

Akustik Metode til beregning af forventet høretab forårsaget af støj Dansk standard DS/ISO 1999 1. udgave 2014-06-26 Akustik Metode til beregning af forventet høretab forårsaget af støj Acoustics Estimation of noise-induced hearing loss DS/ISO 1999 København DS projekt:

More information

Hordaland på Børs Bergen 22 August 2013

Hordaland på Børs Bergen 22 August 2013 Hordaland på Børs Bergen 22 August 2013 Tor Magne Lønnum, CFO Follow us on Twitter: @TrygIR 1 19 augusti 2013 Disclaimer Certain statements in this presentation are based on the beliefs of our management

More information

Olie- og naturgasindustrien Levetidsomkostninger Del 3: Retningslinier for implementering

Olie- og naturgasindustrien Levetidsomkostninger Del 3: Retningslinier for implementering Dansk Standard DS/ISO 15663-3 1. udgave 2001-11-20 Olie- og naturgasindustrien Levetidsomkostninger Del 3: Retningslinier for implementering Petroleum and natural gas industries Lifecycle costing Part

More information

Vejen til privat finansiering. 16. juni 2011

Vejen til privat finansiering. 16. juni 2011 Vejen til privat finansiering 16. juni 2011 Vejen til privat finansiering 1 Præsentation 2 Investor og banken din første kunde 3 Struktureret søgning 4 Netværk til finansiering 5 Case Intelligent styring

More information

Sundhedsinformatik Krav til den elektroniske patientjournals arkitektur

Sundhedsinformatik Krav til den elektroniske patientjournals arkitektur Dansk standard DS/ISO 18308 1. udgave 2011-09-06 Sundhedsinformatik Krav til den elektroniske patientjournals arkitektur Health informatics Requirements for an electronic health record architecture DS/ISO

More information

Curriculum Vitae Helene Ratner

Curriculum Vitae Helene Ratner Curriculum Vitae Helene Ratner PERSONAL DATA Helene Ratner Born: 11.11.1980 Finsensvej 105, 4. th T: +45 3082 6019 (mobile) 2000 Frederiksberg E: heleneratner@gmail.com EDUCATION 1/4 2009 31/3 2012 Ph.D.

More information

Petroleum Policy Topics

Petroleum Policy Topics Petroleum Policy Topics Erik M. Dugstad Deputy Director General Presentation to OLF Tax Seminar 4th May 2012 Norwegian Ministry of Petroleum and Energy Agenda introduction The White Paper: An industry

More information

Informationsteknologi Cloudcomputing Oversigt og ordliste

Informationsteknologi Cloudcomputing Oversigt og ordliste Dansk standard DS/ISO/IEC 17788 1. udgave 2014-10-21 Informationsteknologi Cloudcomputing Oversigt og ordliste Information technology Cloud computing Overview and vocabulary DS/ISO/IEC 17788 København

More information

www.scherning.dk / SPRING 2013

www.scherning.dk / SPRING 2013 www.scherning.dk / SPRING 2013 METTE SCHERNING en dansk smykkedesigner METTE SCHERNING a Danish jewellery designer Mette Scherning mestrer om nogen kunsten at kreere smykker med Mette Scherning masters

More information

Praksis inden for elektronisk fakturering i EU

Praksis inden for elektronisk fakturering i EU DS-information DS/CWA 16463 1. udgave 2012-06-28 Praksis inden for elektronisk fakturering i EU Code of Practice for Electronic Invoicing in the European Union DS/CWA 16463 København DS projekt: M263481

More information

The Danish National Return to Work Program. Nordisk socialforsikringsmøde Tammerfors Finland Juni 2012 Glen Winzor Head of division NRCWE gwi@nrcwe

The Danish National Return to Work Program. Nordisk socialforsikringsmøde Tammerfors Finland Juni 2012 Glen Winzor Head of division NRCWE gwi@nrcwe The Danish National Return to Work Program Nordisk socialforsikringsmøde Tammerfors Finland Juni 2012 Glen Winzor Head of division NRCWE gwi@nrcwe The background From 2004 to 2008 there was a dramatic

More information

Information Security Awareness Training

Information Security Awareness Training Information Security Awareness Training Presenter: William F. Slater, III M.S., MBA, PMP, CISSP, CISA, ISO 27002 1 Agenda Why are we doing this? Objectives What is Information Security? What is Information

More information