CASE 8: Procurement of public key infrastructure
|
|
- May Bruce
- 7 years ago
- Views:
Transcription
1 CASE 8: Procurement of public key infrastructure Uni. Athens / CERES Country / region Netherlands Short description This is the case of an integrated central e-government infrastructure for issuing and using Public Key Certificates (PKC). These certificates allow any type of electronic transaction between citizens and public services or among the services of the public sector validated by electronic signature. The procurement involved the development, installation and maintenance of a top level system aiming at servicing the entire public administration. The innovative aspect of the procurement was that an integrated infrastructure was set up, allowing each public employee and each citizen to be e-authenticated in order to access this infrastructure using public key certificates. Another innovative aspect is that the infrastructure was consistent with both the European (developed by EESSI) and international standards (mostly developed by IETF). This condition allows the generalised use of the service, while it assures full compatibility, meaning that any authorised certificate service provider (CSP) can join the system. The technology existed by the time of the procurement, but the standardisation process was still evolving and it was the first time that a system like that had to be developed to serve applications of such a large scale. The company selected to implement the project is the PinkRoccade. The budget allocated was Euro (excluding VAT) including: the initial investment for the creation of the PKI root infrastructure and operational costs for a 6 year period. Procuring agency and policy background The procurement was part of the actions of the Dutch government for the modernisation of the public sector. A task force, PKIoverheid, was set up in 1999 to develop the requirements (Programma van Eisen) for the public key infrastructure (PKI). The introduction of such an infrastructure was mandatory according to the Directive 1999/93/EU for the application of electronic signatures in the public sector. The standards were developed by the ICT Standards Board (ICTSB) in the context of the European Electronic Signature Standardisation Initiative (EESSI). The PKIoverheid was later incorporated into a broader organisation created in 2001 by the Dutch Ministry of the Interior named ICTU (Information and Communications 3
2 Technology Unit). The ICTU was entrusted with the structural development of e- government. Its main aim is to advise the public sector on ICT applications and to implement large scale ICT projects on behalf of the Dutch government. Each one of its programmes focuses in the interaction between government and citizens enabled by ICTs. In this context, ICTU is responsible for the organisation and implementation of ICT public procurement, complying with the European Directives and the national legal framework. The success and impact The project succeeded in technological terms and the diffusion of the system in the entire public sector is now taking place: The PKI is increasingly being used in securing websites of the municipalities, government agencies and other public sector sites. PKI government certificates are currently being used by the healthcare personnel (400,000 people) and all Defence Department personnel (100,000 people), while by 2006 PKI certificates will be included in the electronic citizen ID card and a rollout of several million people is expected. An additional indication of success (leading to higher utilisation) was the inclusion of the certificate of the Dutch government PKI in the most recent versions of the most popular web-browsers (MS Internet Explorer, Mozilla Firefox) as a trusted certificate.1 The management skills and the expertise of the ICTU have been well recognised and ICTU experts are frequently invited to speak in seminars and expert groups on PKI and e-authentication. Procurement cycle Identification of requirements The Taskforce PKIoverheid during conducted a demand analysis in the public sector. This information was utilised for the establishment of the technological requirements, along with the list of requirements set up by careful analysis of the European standards of EESSI (where members of the Taskforce participated actively). The final description of the technological requirements was prepared by the Taskforce PKIoverheid in cooperation with external experts. Market intelligence (market research etc.) Taskforce PKIoverheid during made the necessary market and product research. The Taskforce cooperated with the TTP.NL project, which constituted a 1 Not all public key certificates are supported by the web browsers, which means that they don t allow the encryption to take place in the corresponding computer. Including the Dutch certificate demonstrates both its potential and the determination of the Dutch government to make it as user friendly as possible.
3 voluntary accreditation scheme for electronic signature service providers in the Netherlands and also performed trial audits in several organisations. Through the TTP.NL project, the Taskforce PKIoverheid was kept informed on market developments. The authentication mechanisms of the new infrastructure constituted at that time an untested technology. Despite the technological risks associated with the early stage of the standards, ICTU supported the procurement based on the assessment that the full exploitation of the potential of the new technology would lead to the minimisation of bureaucratic processes and the effective transaction within and with the public sector. The establishment of a secure system allowing for the electronic exchange of official public documents and their verification with electronic signature was considered as an integral part of this effort. This assessment was based on a demand level analysis. A working group composed of legal and technical experts was set up in order to tackle all technical issues concerning the establishment of the infrastructure and to secure the feasibility of the project in terms of compliance with the legal and institutional framework (governing public sector operations and data protection etc). Tendering process The tendering process was implemented by Taskforce PKIoverheid in cooperation with the Ministry of Interior (BZK). The Taskforce first determined whether the installation, maintenance and operation of the PKI could be assigned to an existing government organisation, but eventually it was decided to proceed with a public tender. Potential suppliers were asked to provide a plan for implementing a secure PKI root infrastructure. In cooperation with internal and external experts employed in the project for nine months, the Taskforce organised the tendering material and process. The set of technical requirements was already prepared, so, more effort was placed upon the preparation of a model agreement that was describing all legal requirements, including security guarantees and liability qualities of the tenderer. The degree of compliance of this model agreement was part of the selection criteria (see below). An international call for tenders was published in the Journal of Official Publications of the European Union at the end of December Assessing/awarding For the assessment of the contract the Taskforce PKIoverheid in cooperation with the Ministry of Interior employed a number of internal and external evaluators. The set of the evaluation criteria was divided into three sections: 1. Accomplishment of the technical requirements: The tenderer should prove his experience and provide a coherent proposal on how he was going to fulfil the 5
4 technical and operational requirements of the project. 2. Financial issues: For the financial evaluation two separate cost drivers were considered: (a) costs related to the initial provision and overall technical support on PKI and (b) variable costs depending on to the amount of certificates issued. 3. Compliance with the model agreement: The tenderer should prove how he could accomplish the requirements of the articles of the agreement, especially as far as liability and security guarantees are concerned. The security guarantees by the service provider (rather than cost effectiveness) was the most significant criterion for the selection of the supplier. Contracting and management of the contract From the received tenders the company of PinkRoccade Infrastructure services was selected to host the root infrastructure, due to their proven track record of secure and reliable e-government services and PKI technology. The contract (in the form of a Service Level Agreement) was signed in August 2002 between the PinkRoccade and the Ministry of Interior. PinkRoccade had to supply the root certificate (a kind of electronic authentication seal attached to each new key certificate produced) and the central infrastructure. The duration of the contract was 6 years. A few months later, in December 2002, the root certificate for the Dutch government PKI was generated at PinkRoccade and used to sign the domain certificates of the Government, Business and Citizen domains. The monitoring mechanism includes the following: The submission to the PKIoverheid of monthly reports by PinkRoccade in which the company provides detailed evidence on its compliance with the Service Level Agreement. There are periodic meetings (about 2-3 times per year) between PKIoverheid and PinkRoccade representatives to discuss the status of the infrastructure. During these meetings PKIoverheid also checks the log files (track record of log-ins and certificates issued) kept by PinkRoccade. Independent auditors conduct annual WebTrust audits of the root infrastructure. Since the PKIoverheid infrastructure is also used for confidential electronic communication within the government, the Dutch Intelligence Service (AIVD) periodically audits the root infrastructure to ensure its security. Major reason for success 1. The system conformed to the requirements set by the 'Programma van Eisen' aiming at wide scale applications. This had not been done before elsewhere since most other national PKI's were based on a single, government owned monolithic certificate service provider, issuing certificates to the public.
5 2. The root certificate of the Dutch government PKI was recognisable and operational over web browsers such as Microsoft Internet Explorer and Mozilla, allowing for the wide diffusion of the technology among users. It is the first time that a national government root has been granted this feature. This is proved to be a very user-friendly characteristic in order to make the Dutch government PKI a widely used and trusted infrastructure. 3. The fact that the Ministry was prepared to finance the maintenance of the PKI for several years until the technology matures and a market emerges. Major impediments overcome For the procurement, the ICTU and the PKIoverheid had to work with standards and specifications which were still under development and not yet finalised by the European standardization institutes. The internal assessment helped overcome this impediment. It took time for the PKI to become a technology that was actually considered useful and necessary. At earlier stages PKIoverheid taskforce accepted significant negative publicity; it was not until very recently that the policy authorities and the wider public endorsed this innovative public spending. Major lessons to be learned 1. When implementing a large project involving the procurement of a nascent or unproven technology, government sponsoring and political support is of great importance. In this case the Ministry of Interior was prepared to finance and promote the project long enough, until the technology matured. A crucial question is how patient the procurer should be. Although there is no general optimum level of time-to-performance for a technology involving public spending, some guidelines are needed as to how patient clients could and should be. This is a major trade off that innovative procurement is required to look at. 2. When implementing an e-government tool for (in this case) e-authentication, it is very important for the success of the project that there are also practical business-cases in which the tool can be used. If there are no previous applications of the tool before its roll out, there is a very large likelihood of failure. PKIoverheid faced this problem until in recent years a stronger focus on user authentication and security has created viable business cases. 3. In the case of projects aiming at the development of tools or standards for digital security, it is very important that government bodies at a higher level stimulate the use of these tools / standards or (preferably) that their use is mandated in laws or regulations as a means to create a market. Otherwise government organisations will be very slow to adopt new security measures for which they see little usefulness and which they consider as expensive and restrictive. 7
6
QuoVadis Group. EUGridPMA Update September 2014
QuoVadis Group EUGridPMA Update September 2014 Overview Founded in 1999 in Bermuda, with particular focus providing PKI managed services to multinational organisations More than 3,500 customers Operations
More information17-11-05 ANNEX IV. Scientific programmes and initiatives
17-11-05 ANNEX IV Scientific programmes and initiatives DG TAXUD Pre-feasibility study for an observation system of the External Border of the European Union In this study, the external border will be
More informationTTP.NL Scheme. for management system certification. of Trust Service Providers issuing. Qualified Certificates for Electronic Signatures,
TTP.NL Scheme for management system certification of Trust Service Providers issuing Qualified Certificates for Electronic Signatures, Public Key Certificates, Website Certificates and / or Time-stamp
More informationTo join Achilles UVDB, visit www.achilles.com/uvdb, call +44 (0)1235 861118 or email enquiries@achilles.com
UVDB Achilles UVDB FAQ s About Achilles UVDB What is the Achilles UVDB Supplier Information Management Service? Achilles UVDB is the community for the UK utilities industry. It enables the utilities sector
More informationCOMMISSION OF THE EUROPEAN COMMUNITIES
EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 28.11.2008 COM(2008) 798 final COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE
More informationBoard of Member States ERN implementation strategies
Board of Member States ERN implementation strategies January 2016 As a result of discussions at the Board of Member States (BoMS) meeting in Lisbon on 7 October 2015, the BoMS set up a Strategy Working
More informationWritten Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015
Written Contribution of the National Association of Statutory Health Insurance Funds of 16.11.2015 to the Public Consultation of the European Commission on Standards in the Digital : setting priorities
More informationABERDEEN CITY COUNCIL. Name of Committee : Resources Management Committee
ABERDEEN CITY COUNCIL Name of Committee : Resources Management Committee Date of Meeting : 29 March 2007 Title of Report : CRM System Procurement Lead Officer : Jacek Nowak, Head of Customer Relations
More informationStandard operating procedure
Standard operating procedure Title: Steps involved in outsourcing of services Status: PUBLIC Document no.: SOP/EMA/0083 Lead author Approver Effective date: 18-12-2014 Name: Caroline Maignen Name: Stefano
More informationMAXIMISING BROADBAND CONNECTIVITY ACROSS THE EU USING EUROPEAN FUNDING FOR SATELLITE BROADBAND ACCESS
SUMMARY: MAXIMISING BROADBAND CONNECTIVITY ACROSS THE EU USING EUROPEAN FUNDING FOR SATELLITE BROADBAND ACCESS - IMPLEMENTING A VOUCHER SCHEME - DECEMBER 2013 1. The European Commission wishes to maximise
More informationEfficiency and reform in government corporate functions through shared service centres
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 1790 SESSION 2010 2012 7 MARCH 2012 Cross government Efficiency and reform in government corporate functions through shared service centres 4 Key facts
More informationCall for social security experts ETUC project on Letterbox companies
Call for social security experts ETUC project on Letterbox companies This is a call for a subcontractor to provide expertise as part of the implementation of the ETUC project on Letterbox companies. In
More informationeid/authentication/digital signatures in Denmark
eid/authentication/digital signatures in Denmark 8. July 2008 Nikolas Triantafyllidis / Charlotte Jacoby Special Advisors Centre for Digital Signatures National IT- and Telecom Agency Authentication and
More informationInfo sheet : Considering labour standards in the procurement process
Info sheet : Considering labour standards in the procurement process In line with the EU procurement rules and the Government s value for money principle, contracting authorities can take steps to consider
More informationELECTRONIC SIGNATURES AND ACTS IN ELECTRONIC TOOLS USED IN PUBLIC PROCUREMENT MICHAELA POREMSKÁ *
M. Poremská: Electronic Signatures and Acts in Public Procurement 147 ELECTRONIC SIGNATURES AND ACTS IN ELECTRONIC TOOLS USED IN PUBLIC PROCUREMENT by MICHAELA POREMSKÁ * The contribution analyses a specific
More information26.3.2014 A7-0365/133
26.3.2014 A7-0365/133 Amendment 133 Amalia Sartori on behalf of the Committee on Industry, Research and Energy Report A7-0365/2013 Marita Ulvskog Electronic identification and trust services for electronic
More informationISA Work Programme SECTION I
ISA Work Programme SECTION I TABLE OF CONTENTS INTRODUCTION...4 1. THE CONTEXT...4 1.1. The need for the ISA programme...4 1.2. The political context...4 2. THE ISA PROGRAMME...5 3. THE EUROPEAN INTEROPERABILITY
More informationHaving regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,
28.8.2014 Official Journal of the European Union L 257/73 REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014 on electronic identification and trust services for electronic
More informationThe Scottish Wide Area Network Programme
The Scottish Wide Area Network Release: Issued Version: 1.0 Date: 16/03/2015 Author: Andy Williamson Manager Owner: Anne Moises SRO Client: Board Version: Issued 1.0 Page 1 of 8 16/04/2015 Document Location
More informationDigital Inclusion Programme Started. BL2a
PROJECT BRIEF Project Name Digital Inclusion Programme Status: Started Release 18.05.2011 Reference Number: BL2a Purpose This document provides a firm foundation for a project and defines all major aspects
More informationRegulation on the implementation of the European Economic Area (EEA) Financial Mechanism 2009-2014
the European Economic Area (EEA) Financial Mechanism 2009-2014 adopted by the EEA Financial Mechanism Committee pursuant to Article 8.8 of Protocol 38b to the EEA Agreement on 13 January 2011 and confirmed
More informationRegulation on the implementation of the Norwegian Financial Mechanism 2009-2014
Regulation on the implementation of the Norwegian Financial Mechanism 2009-2014 adopted by the Norwegian Ministry of Foreign Affairs pursuant to Article 8.8 of the Agreement between the Kingdom of Norway
More informationSpecification. Edexcel NVQ qualification. Edexcel Level 3 NVQ Certificate in Management (QCF)
Specification Edexcel NVQ qualification Edexcel Level 3 NVQ Certificate in Management (QCF) For first registration August 2010 Edexcel, a Pearson company, is the UK s largest awarding organisation offering
More informationCALL FOR AN EXPRESSION OF INTEREST FOR A SECONDED NATIONAL EXPERT WITHIN EUROJUST:
EUROJUST CALL FOR AN EXPRESSION OF INTEREST FOR A SECONDED NATIONAL EXPERT WITHIN EUROJUST: Seconded National Expert in the EJN Secretariat Reference: 08/EJ/SNE/02 M/F Eurojust wishes to set up a list
More informationTGA key performance indicators and reporting measures
TGA key indicators and reporting measures Regulator Performance Framework Version 1.0, May 2015 About the Therapeutic Goods Administration (TGA) The Therapeutic Goods Administration (TGA) is part of the
More informationNetwork Rail Infrastructure Projects Joint Relationship Management Plan
Network Rail Infrastructure Projects Joint Relationship Management Plan Project Title Project Number [ ] [ ] Revision: Date: Description: Author [ ] Approved on behalf of Network Rail Approved on behalf
More informationISO 9001:2015 Internal Audit Checklist
Page 1 of 14 Client: Date: Client ID: Auditor Audit Report Key - SAT: Satisfactory; OBS: Observation; NC: Nonconformance; N/A: Not Applicable at this time Clause Requirement Comply Auditor Notes / Evidence
More informationBUDGET HEADING 04.03.03.03 INFORMATION, CONSULTATION AND PARTICIPATION OF REPRESENTATIVES OF UNDERTAKINGS CALL FOR PROPOSALS
EUROPEAN COMMISSION Employment, Social Affairs and Inclusion DG Employment and Social Legislation, Social Dialogue Labour Law BUDGET HEADING 04.03.03.03 INFORMATION, CONSULTATION AND PARTICIPATION OF REPRESENTATIVES
More informationThird EU Health Programme 2014-2020
Third EU Health Programme 2014-2020 THE CHALLENGES - increasingly challenging demographic context threating the sustainability of health systems - fragile economic recovery limiting the resources available
More informationMalta Resources Authority Millennia, Aldo Moro Road, Marsa MRS 9065 Malta Telephone: (356) 21220619 Fax: (356) 22955200. Call for Quotations
Malta Resources Authority Millennia, Aldo Moro Road, Marsa MRS 9065 Malta Telephone: (356) 21220619 Fax: (356) 22955200 Call for Quotations Closing Date: 7 th October 2014 at 10:00 am Date Published: 16
More informationInformation Commissioner's Office
Information Commissioner's Office IT Procurement Review Ian Falconer Partner T: 0161 953 6480 E: ian.falconer@uk.gt.com Last updated 18 June 2012 Will Simpson Senior Manager T: 0161 953 6486 E: will.g.simpson@uk.gt.com
More informationRISQS FAQs. About RISQS. services provided by
services provided by RISQS FAQs About RISQS RISQS, formerly known as Achilles Link-up, supports the GB Rail industry in the management of supply chain risk. The scheme has been developed to provide a service
More informationThe centre of government: an update
Report by the Comptroller and Auditor General Cabinet Office and HM Treasury The centre of government: an update HC 1031 SESSION 2014-15 12 MARCH 2015 4 Overview The centre of government: an update Overview
More informationAnnex 2: Rules and Procedures for the Swiss-Polish Cooperation Programme
Annex 2: Rules and Procedures for the Swiss-Polish Cooperation Programme Annex 2 is an integral part of the Framework Agreement between the Swiss Federal Council and the Government of the Republic of Poland
More informationLaunch of ECDL Syllabus 5.0 The Global Standard for Digital Literacy
Launch of ECDL Syllabus 5.0 The Global Standard for Digital Literacy Damien O Sullivan Ceo ECDL Foundation Introduction ECDL ICDL European Computer Driving Licence International Computer Driving Licence
More informationA guide for government organisations Governance of Open Standards
A guide for government organisations Governance of Open Standards The Standardisation Forum Standardisation Board and Forum The Standardisation Board and Forum were established to promote digital cooperation
More informationSUPPLY CONTRACT NOTICE. Software Solution and ICT equipment for the State Aid System of BiH. Bosnia and Herzegovina
SUPPLY CONTRACT NOTICE Software Solution and ICT equipment for the State Aid System of BiH 1. Publication reference EuropeAid/137621/DH/SUP/BA Tender no. EC/BiH/TEN/15/012 2. Procedure Open 3. Programme
More informationSSLPost Electronic Document Signing
SSLPost Electronic Document Signing Overview What is a Qualifying Advanced Electronic Signature (QAES)? A Qualifying Advanced Electronic Signature, is a specific type of digital electronic signature, that
More informationUse and verification of the NHS number for all active patients.
Title: Reference No: Owner: Author: Use and verification of the NHS number for all active patients. NHSNYYIG-004 Director of Standards Information Governance Team First Issued On: March 2008 Latest Issue
More informationAWARD OF CONTRACT MAINTENANCE AND UPGRADE OF THE HIGHWAYS ASSET MANAGEMENT SYSTEM (REF: CU2373)
Wards Affected: All Wards ITEM 9 CABINET PROCUREMENT COMMITTEE 5 AUGUST 2014 AWARD OF CONTRACT MAINTENANCE AND UPGRADE OF THE HIGHWAYS ASSET MANAGEMENT SYSTEM (REF: CU2373) Author: Rachael Kingsley, Head
More informationProject Initiation Document
Project Sponsor: Richard Ellis Version: 1.0 Date: 2 nd July 2009 Document Control Project Sponsor Richard Ellis Project Initiation Document Project Call Recording and Workforce Management Document PID
More informationProcurement Policy Note Supporting Apprenticeships and Skills Through Public Procurement
Procurement Policy Note Supporting Apprenticeships and Skills Through Public Procurement Action Note 14/15 27 August 2015 Issue 1. Raising skills levels within the UK workforce is key to delivering sustainable
More informationCEMR RESPONSE. Green Paper on e-procurement. Brussels, January 2011
COUNCIL OF EUROPEAN MUNICIPALITIES AND REGIONS CONSEIL DES COMMUNES ET REGIONS D EUROPE Registered in the Register of Interest Representatives Registration number : 81142561702-61 CEMR RESPONSE Green Paper
More informationTG 47-01. TRANSITIONAL GUIDELINES FOR ISO/IEC 17021-1:2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES
TRANSITIONAL GUIDELINES FOR ISO/IEC 17021-1:2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES Approved By: Senior Manager: Mpho Phaloane Created By: Field Manager: John Ndalamo Date of Approval:
More informationCall for tenders. Integrated Projects of the EU Social Dialogue 2014-16
Call for tenders Integrated Projects of the EU Social Dialogue 2014-16 Activities jointly managed Part A: Tools to support the EU Social Dialogue development Date of publication on the ETUC, BUSINESSEUROPE,
More informationDERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY
DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY VERSION 1.0 ISSUED JULY 2015 CONTENTS Page CONTENTS VERSION CONTROL FOREWORD i ii iii POLICY 1 Scope 1 Aim and Objectives 1 Methods and Standards 1
More informationHow To Manage Health Id In The Netherlands
Health ID Management in the Netherlands Schiphol Expert Meeting March 20th 2006 Drs Ellen Maat MPA Head of Program Unit Health ICT Ministery of Health, Welfare and Sport Ministerie van Volksgezondheid,
More informationGhana Government Enterprise Architecture Implementation Plan
Ghana Government Enterprise Architecture Implementation Plan GGEA Implementation Plan Copyright 2008 Page 1 of 1 ABBREVIATIONS Term GGEA EA MDA GICTeD GoG CIO QAC RFP CMM Definition Ghana Government Enterprise
More informationLevel 1 Certificate in Energy Management Essentials Online. Learner Handbook
Certificate in Energy Management Essentials Online Learner Handbook Contents 1 Welcome... 2 2 Expectations... 3 2.1 What you can expect from the Energy Institute and your tutor... 3 2.2 The Energy Institute
More informationCHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT
CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT 1 Scope of Internal Audit 1.1 Terms of Reference 1.1.1 Do terms of reference: (a) establish the responsibilities and objectives
More informationSFJCCAD2 Promote business continuity management
Overview This unit is about providing advice and assistance on business continuity management, including general advice for the business and voluntary sectors, and specific advice and assistance to individual
More informationInformation Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationTENDER NUMBER: ITT/SACU/015/2015/O Information and Communication Technology (ICT) Audit IT Effectiveness Review
TENDER NUMBER: ITT/SACU/015/2015/O Information and Communication Technology (ICT) Audit IT Effectiveness Review CLOSING DATE & TIME FRIDAY, 23 JANUARY 2015 17H00 (Namibian Time) POSTAL & PHYSICAL ADDRESS
More informationPREANNOUNCES RESEARCH WITHIN PRIORITY SECTORS CALL FOR PROPOSALS
THE GENERAL SECRETARIAT FOR RESEARCH AND TECHNOLOGY AS PROGRAMME OPERATOR OF THE GREEK-EEA RESEARCH PROGRAMME IMPLEMENTED UNDER THE GREEK FINANCIAL MECHANISM 2009-2014 PREANNOUNCES RESEARCH WITHIN PRIORITY
More informationSocial Value briefing
Social Value briefing About This Briefing This briefing is provided on behalf of the Department for Education s overarching strategic partnership for voluntary, community and social enterprise sector organisations
More informationHead of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2
Policy Procedure Information security policy Policy number: 442 Old instruction number: MAN:F005:a1 Issue date: 24 August 2006 Reviewed as current: 11 July 2014 Owner: Head of Information & Communications
More informationDigital Britain One: Shared infrastructure and services for government online
REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 1589 SESSION 2010 2012 9 DECEMBER 2011 Cross government Digital Britain One: Shared infrastructure and services for government online 4 Key facts Digital
More informationGuidelines. for drawing up contracts for Joint Doctoral Supervision and Dual Degrees. August 2014 1
Guidelines for drawing up contracts for Joint Doctoral Supervision and Dual Degrees August 2014 1 Guidelines for drawing up contracts for Joint Doctoral Supervision and Dual Degrees Dutch Law has made
More informationEuropol Public Information VACANCY NOTICE
The Hague, 3 February 2016 File nº: Europol/2016/TA/AD9/237 VACANCY NOTICE Name of the post: Reporting to: Business Manager IRU - EU Internet Referral Unit - within the Operations Department (OD) AD9 Head
More informationELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION
ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION This can be a complex subject and the following text offers a brief introduction to Electronic Signatures, followed by more background on the Register of
More informationDutch programme on Open Standards and Open Source Software for governments
Dutch programme on Open Standards and Open Source Software for governments Mark Bressers, programme manager OSOSS egovernment in the Netherlands! National agencies, provinces, local municipalities and
More informationEuropol Public Information VACANCY NOTICE. Facilities Officer with the Facilities Team of Europol (C58) - Temporary Agent, AST4
The Hague, 08 March 2016 Reg. nº: Europol/2016/TA/AST4/181 VACANCY NOTICE Name of the post: Reporting to: Facilities Officer with the Facilities Team of Europol (C58) - Temporary Agent, AST4 Senior Specialist
More informationThe innovation value chain:
The innovation value chain: Context: where is the demand for demand-side innovation policy at in Europe? Lead Market Initiative: And lessons learned And future directions Henriette van Eijl EC, DG Enterprise,
More informationInternal Audit Progress Report Performance and Overview Committee (19 th August 2015) Cheshire Fire Authority
Internal Audit Progress Report (19 th August 2015) Contents 1. Introduction 2. Key Messages for Committee Attention 3. Work in progress Appendix A: Risk Classification and Assurance Levels Appendix B:
More informationQuality Management Standard BS EN ISO 9001:2008. www.imsworld.org
Quality Management Standard BS EN ISO 9001:2008 The Origin of Quality Standards Ministry of Defence Marks & Spencer Ford Motor Company All had their own Quality standards, which they expected their suppliers
More informationThe Gestamp Supplier Risk Management (SRM) system. Supplier Frequently Asked Questions (FAQ)
The Gestamp Supplier Risk Management (SRM) system Supplier Frequently Asked Questions (FAQ) April 2016 2013 Contents Overview... 4 Why has Gestamp partnered with Achilles?... 4 The importance of complying
More informationAgency Board Meeting 28 July 2015
SEPA 22/15 Agency Board Meeting 28 July 2015 Report Number: SEPA 22/15 Audit Committee Annual Performance Report 2014-2015 Summary: Risks: Resource and Staffing Implications Equalities: Environmental and
More informationOpen Document Standards for the Government Guide
Open Document Standards for the Government Guide Programma Nederland Open in Verbinding & Forum Standaardisatie Date 13 april 2011 Colofon Pagina 2 van 17 Contents Colofon...2 Contents...3 1 Introduction...5
More informationSpace project management
ECSS-M-ST-80C Space project management Risk management ECSS Secretariat ESA-ESTEC Requirements & Standards Division Noordwijk, The Netherlands Foreword This Standard is one of the series of ECSS Standards
More informationDigital Signatures and Interoperability
Setting Processes for Electronic Signature Dr. Joachim Schiff On behalf of the SPES Consortium Workgroup City of Saarbruecken IKS Nell-Breuning-Allee 1 D-66115 Saarbruecken Germany Tel. 0049 681 905 5000
More informationChair Cabinet Committee on State Sector Reform and Expenditure Control
Office of the Minister of State Services Chair Cabinet Committee on State Sector Reform and Expenditure Control REPORT OF THE GOVERNMENT CHIEF INFORMATION OFFICER ON THE REVIEW OF PUBLICLY ACCESSIBLE INFORMATION
More informationFAQs Electronic residence permit
FAQs Electronic residence permit General 1) When was the electronic residence permit introduced? Since 1 September 2011, foreigners in Germany have been issued with the new electronic residence permit
More informationCOUNCIL OF THE EUROPEAN UNION. Brussels, 7 October 2003 (OR. en) 12858/03 RECH 152 OC 589
COUNCIL OF THE EUROPEAN UNION Brussels, 7 October 2003 (OR. en) 12858/03 RECH 152 OC 589 LEGISLATIVE ACTS AND OTHER INSTRUMENTS Subject : Council Decision on the signing of the Framework Agreement between
More informationData for the Public Good. The Government Statistical Service Data Strategy
Data for the Public Good The Government Statistical Service Data Strategy November 2013 1 Foreword by the National Statistician When I launched Building the Community - The Strategy for the Government
More informationUNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures
Introduction to the law of electronic signatures Luca Castellani Head, Regional Centre for Asia and the Pacific UNCITRAL Secretariat Incheon, Republic of Korea Outline 1. Methods and technologies for electronic
More informationEUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL
EUROPEAN COMMISSION ENTERPRISE AND INDUSTRY DIRECTORATE-GENERAL Innovation policy Technology for innovation; ICT industries and E-business Brussels, 7 th December 2005 DG ENTR/D4 M 376 - EN STANDARDISATION
More informationThe Trust, and Bennett in particular, have range of staff and resources as you would expect from a large secondary school.
Bennett Memorial Diocesan School Tenax Schools Trust Bishop Chavasse School INVITATION TO TENDER FOR PROJECT MANAGEMENT SERVICES Background The Department for Education has approved an application from
More informationThe Gateway Review Process
The Gateway Review Process The Gateway Review Process examines programs and projects at key decision points. It aims to provide timely advice to the Senior Responsible Owner (SRO) as the person responsible
More informationInternal Audit Report. Chief Executive s Unit. Review of Contract Management
Internal Audit Report Chief Executive s Unit Review of Contract Management February 2010 CONTENTS 1. BACKGROUND 1 Page 2. AUDIT SCOPE AND OBJECTIVES 1 3. AUDIT APPROACH 1 4. AMENDED PROCESS 2 5. SUMMARY
More informationTendering to Public Sector Organisations
Tendering to Public Sector Organisations Introduction Authorities have to meet contract regulations and must ensure they provide equal opportunity and achieve the best value for money. Other factors include
More informationL@Wtrust Class 3 Registration Authority Charter
Class 3 Registration Authority Charter Version 1.0 applicable from 09 November 2010 Building A, Cambridge Park, 5 Bauhinia Street, Highveld Park, South Africa, 0046 Phone +27 (0)12 676 9240 Fax +27 (0)12
More information1.1 Approve the proposals for the roll-out of the new telephone system as set out in this report.
APPENDIX L Agenda Item No. 13 REPLACEMENT OF TELEPHONE SYSTEM Councillor Cartwright Leader of the Council 1.0 Purpose The purpose of this paper is to recommend the progressive roll-out of new telephone
More informationThe Audit of Best Value and Community Planning The City of Edinburgh Council. Best Value audit 2016
The Audit of Best Value and Community Planning The City of Edinburgh Council Best Value audit 2016 Report from the Controller of Audit February 2016 The Accounts Commission The Accounts Commission is the
More informationHKCAS Supplementary Criteria No. 8
Page 1 of 12 HKCAS Supplementary Criteria No. 8 Accreditation Programme for Information Security Management System (ISMS) Certification 1 INTRODUCTION 1.1 HKAS accreditation for information security management
More informationPKI - current and future
PKI - current and future Workshop for Japan Germany Information security Yuichi Suzuki yuich-suzuki@secom.co.jp SECOM IS Laboratory Yuichi Suzuki (SECOM IS Lab) 1 Current Status of PKI in Japan Yuichi
More informationHIGHLANDS AND ISLANDS PATHFINDER BROADBAND PROCUREMENT: APPOINTMENT OF PREFERRED SUPPLIER
ARGYLL AND BUTE COUNCIL STRATEGIC POLICY COMMITTEE CHIEF EXECUTIVE 20 JULY 2006 HIGHLANDS AND ISLANDS PATHFINDER BROADBAND PROCUREMENT: APPOINTMENT OF PREFERRED SUPPLIER 1 SUMMARY This report updates the
More informationThe guidance will be developed over time in the light of practical experience.
Freedom of Information Act Awareness Guidance No. 14 International Relations The Information Commissioner s Office (ICO) has produced this guidance as part of a series of good practice guidance designed
More informationCode of Practice on the Identity Card Number and other Personal Identifiers Compliance Guide for Data Users
Code of Practice on the Identity Card Number and other Personal Identifiers Compliance Guide for Data Users INTRODUCTION What does the code of practice cover? The code of practice gives practical guidance
More informationRequirements set for account holders and representatives of emissions trading accounts
Record no. 954/302/2010 13 February 2015 Requirements set for account holders and representatives of emissions trading accounts These requirements are based on the Commission s Registry Regulation 1. The
More informationMANAGING DIGITAL CONTINUITY
MANAGING DIGITAL CONTINUITY Project Name Digital Continuity Project DRAFT FOR CONSULTATION Date: November 2009 Page 1 of 56 Contents Introduction... 4 What is this Guidance about?... 4 Who is this guidance
More informationOverview of GFSI and Accredited Certification
Overview of GFSI and Accredited Certification Overview of GFSI and Accredited Certification Introduction Global food trade is expanding and providing consumers with access to a wider variety of foods all
More informationElectronic Palliative Care Co-Ordination Systems: Information Governance Guidance
QIPP Digital Technology Electronic Palliative Care Co-Ordination Systems: Information Governance Guidance Author: Adam Hatherly Date: 26 th March 2013 Version: 1.1 Crown Copyright 2013 Page 1 of 19 Amendment
More informationAUDITOR GUIDELINES. Responsibilities Supporting Inputs. Receive AAA, Sign and return to IMS with audit report. Document Review required?
1 Overview of Audit Process The flow chart below shows the overall process for auditors carrying out audits for IMS International. Stages within this process are detailed further in this document. Scheme
More informationBusiness Continuity Policy. Version 1.0
Business Continuity Policy Version.0 January 206 Contents Contents Version control Foreword Policy. Scope.2 Aim and objectives.3 Methods and standards.4 Responsibilities.5 Governance.6 Training and exercises
More informationReport of External Evaluation and Review
Report of External Evaluation and Review Gilligan Business School Limited Confident in educational performance Confident in capability in self-assessment Date of report: 17 December 2014 Contents Purpose
More informationIngredients of a European business model for certification of EHR systems
Ingredients of a European business model for certification of EHR systems The demographics Health funding impacted by global financial crisis Population expansion volume impact The aging non-working sector
More informationINSPIRE, The Dutch way Observations on implementing INSPIRE in the Netherlands
European Commission DG Environment, Unit D.4 Governance, Information & Reporting 1049 Brussels Belgium Dir. Ruimtelijke Ontwikkeling Plesmanweg 1-6 Den Haag Contactpersoon Per mal INSPIRE, The Dutch way
More informationONLINE PAYMENT PRIVACY POLICY
ONLINE PAYMENT PRIVACY POLICY Updated: June, 2013 In order to operate the College online-payments system, Sanjari International College (SIC) may collect and store personal information student/customer
More informationProposal Negotiation. a guide. Constantine Vaitsas, vaitsas@help-forward.gr
Proposal Negotiation a guide Constantine Vaitsas, vaitsas@help-forward.gr Presentation Outline Proposal Time Scale Negotiation Process Legal Negotiations Financial Negotiations Technical Negotiations NEF
More informationProject acronym: Open Source software usage by European Public Administrations
Project acronym: OSEPA Project name: Open Source software usage by European Public Administrations Project code: INTERREG IVC, 0918R2 Document Information: Document title: Interim synthesis assessment
More information