TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL"

Transcription

1 TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL Presented By: Sunita Ramsumair Legal Officer Ministry of National Security September 29, 2014

2 Format of Presentation Background Trinidad and Tobago Cyber Security Agency Policy Trinidad and Tobago Cyber Security Agency Bill, List of Clauses Trinidad and Tobago Cyber Security Agency Functions Trinidad and Tobago Cyber Security Agency Powers Trinidad and Tobago Cyber Security Incident Response Team Functions

3 Background In December 2012 the Government of Trinidad and Tobago approved a National Cyber Security Strategy (NCSS) The NCSS sought to guide all operations and initiatives related to cyber security in Trinidad and Tobago In order to achieve the objectives of the NCSS 5 keys areas of focus were identified

4 Background 1. Governance 2. Incident management 3. Collaboration 4. Culture 5. Legislation

5 Background Governance The fundamental goal is to establish a Trinidad and Tobago Cyber Security Agency (TTCSA) as the main body responsible for all cyber security matters and to act as the coordinating centre for all cyber security operations

6 Trinidad and Tobago Cyber Security Agency- Policy

7 Trinidad and Tobago Cyber Security Agency- Policy TTCSA Policy was approved in 2013 TTCSA Policy Purpose: This Policy seeks to establish by legislation the Trinidad and Tobago Cyber Security Agency which will be the main body responsible for all cyber security measures and be the coordinating centre for all cyber security operations.

8 Trinidad and Tobago Cyber Security Agency- Policy It is expected that the TTCSA would- a. Implement and advise on the National Cyber Security Strategy and any subsequent amendments b. Provide situational awareness information c. Collect and analyse data on Cyber Security issues d. Promote efficient Network and Informational Security management; and e. Raise awareness and promote local and international cooperation

9 Trinidad and Tobago Cyber Security Agency- Policy While the TTCSA will have the operational responsibility for cyber security, it is proposed that a Regulatory and Operational Oversight Committee be established, which will provide strategic policy oversight for the TTCSA, thereby ensuring the implementation of the NCSS and adherence to industry standards and regulations.

10 Trinidad and Tobago Cyber Security Agency- Policy The Committee will comprise of Government and key stakeholders in the areas relevant to cyber security and critical infrastructure protection.

11 Trinidad and Tobago Cyber Security Agency- Policy

12 Trinidad and Tobago Cyber Security Agency- Policy It is therefore proposed that the TTCSA will be responsible for coordinating and/or managing the following core functional areas of cyber security- 1. Identifying and engaging stakeholders 2. Housing the Trinidad and Tobago Cyber Security Incident Response Team (TT- CSIRT) 3. Develop a National Cyber Contingency Plan

13 Trinidad and Tobago Cyber Security Agency- Policy 4. Organise Cyber Security Exercises 5. Establish baseline security requirements 6. Public Awareness 7. Foster Research and Development 8. Strengthen training and educational programmes 9. Engage in Local/International Cooperation 10. Establish public-private partnerships

14 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses

15 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses 1. Short title 2. Commencement 3. Interpretation Part 1- Preliminary

16 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses Part 2- Establishment of the Agency 4. Establishment and incorporation of the Agency 5. Appointment of the Board 6. Tenure of Members 7. Removal of member 8. Remuneration of members 9. Meetings 10. Functions of the Agency* 11. Powers of the Agency* 12. Functions of the TT-CSIRT*

17 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses Part 3- Staff and Expert 13. Chief Executive Officer 14. Duties of Chief Executive Officer 15. Other Staff 16. Appointment and delegation to committees 17. Secondment from and to the services of the Agency

18 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses Part 4- Finance 18. Funds of the Agency 19. Accounts and audit 20. Exemptions 21. Financial year 22. Annual report

19 Trinidad and Tobago Cyber Security Agency Bill, 2014 List of Clauses 23. Confidentiality Part 5- Miscellaneous 24. Declaration of Interest 25. Protection of employees 26. Regulations

20 Trinidad and Tobago Cyber Security Agency Functions

21 Trinidad and Tobago Cyber Security Agency Functions Clause 10(1)- Functions of the Agency (a) act as the national point of contact for all cyber security related matters; (b) establish a national computer incident response team to be known as the Trinidad and Tobago Cyber Security Incident Response Team (hereinafter referred to as TT-CSIRT );

22 Trinidad and Tobago Cyber Security Agency Functions (c) prepare, review and update periodically and in any event at least annually a national cyber security strategy and prepare such plans necessary for the successful implementation of such strategy;

23 Trinidad and Tobago Cyber Security Agency Functions (d) collect relevant information which would facilitate the analysis of current and emerging risks including those risks which could produce an impact on the resilience and availability of data communications networks and on the authenticity, integrity and confidentiality of the information accessed and transmitted through such networks;

24 Trinidad and Tobago Cyber Security Agency Functions (e) provide advice on cyber security related matters, including situational awareness information, to the Minister, the Trinidad and Tobago Police Service or such other competent national bodies as are necessary; (f) enhance cooperation between different actors operating in the field of network and information security by holding consultations with, inter alia, various industries, universities, public sector bodies and private sector and civil society bodies;

25 Trinidad and Tobago Cyber Security Agency Functions (g) contribute to the awareness raising, and the availability of, current, objective and comprehensive information on network and information security by, inter alia, promoting exchanges of current best practices, including methods of alerting users and facilitating cooperation and collaboration between public and private sector initiatives; (h) develop and publish standards for products and services on network and information security;

26 Trinidad and Tobago Cyber Security Agency Functions (i) establish and publish baseline security requirements and standards for various sectors including operators of critical infrastructures; (j) conduct research and development in the area of cyber security and identify critical research and development needs, gaps and emerging trends for future research;

27 Trinidad and Tobago Cyber Security Agency Functions (k) promote the development of training and education programmes including the accreditation and certification of network and information security academic programmes; (l) advise the Minister on research in the area of network and information security as well as on the effective use and adoption of risk preventative technologies;

28 Trinidad and Tobago Cyber Security Agency Functions (m) promote risk assessment activities, interoperable risk management solutions and studies on information technology security management solutions within public and private sector bodies; (n) develop a National Cyber Security Contingency Plan; (o) coordinate cyber security exercises; and

29 Trinidad and Tobago Cyber Security Agency Functions (p) express independently its own conclusions and orientations and give advice in matters within its scope and objectives.

30 Trinidad and Tobago Cyber Security Agency Powers

31 Trinidad and Tobago Cyber Security Agency Powers Clause 11- Powers of the Agency The Agency may- (a) formulate principles for the guidance of the public and private sector concerning information communication technology security measures; (b) refer such matters to the Trinidad and Tobago Police Service when an offence under the Cybercrime Act, 2014 comes to its knowledge;

32 Trinidad and Tobago Cyber Security Agency Powers (c) enter into Memoranda of Understanding with key stakeholders and partners as necessary to execute its functions; (d) with the approval of the Minister, enter into Memoranda of Understanding with such foreign bodies or organisations performing functions relating to cyber security as it thinks fit; and

33 Trinidad and Tobago Cyber Security Agency Powers (e) do all things which may be necessary or expedient or are incidental or conducive to the discharge of any of its functions and powers under the Act.

34 Trinidad and Tobago Cyber Security Incident Response Team Functions

35 Trinidad and Tobago Cyber Security Incident Response Team Functions Clause 12- Functions of TT-CSIRT The functions of the TT-CSIRT established pursuant to section 10(1)(b) are to (a) be the first point of contact with reference to the handling of cyber incidents and communication between local, regional and international cyber security emergency response teams or cyber security incident response teams to address cyber incidents or incidents of a similar nature as it affects national critical information infrastructure;

36 Trinidad and Tobago Cyber Security Incident Response Team Functions (b) provide incident response and management services, in a coordinated manner, via established industry standard policies and procedures to manage threats associated with cyber incidents; (c) provide alerts and warnings on the latest cyber threats and vulnerabilities which can impact the national community;

37 Trinidad and Tobago Cyber Security Incident Response Team Functions (d) assess and analyse the impact of incidents such as, but not limited to network security breaches, website hackings, virus and network attacks, in order to develop strategies and measures to counteract these incidents; (e) provide to the national community, educational guidelines as to the appropriate use of the national cyber infrastructure;

38 Trinidad and Tobago Cyber Security Incident Response Team Functions (f) establish internal and joint procedures between the public and private sectors to manage the incidents and mitigate the threats associated with them; (g) provide appropriate strategic insights to policy and decision-makers to strengthen the national cyber infrastructure; (h) assess the work of incident response teams within the public and private sector;

39 Trinidad and Tobago Cyber Security Incident Response Team Functions (i) participate in trusted information sharing and disseminate information with international cyber security incident response teams and computer emergency response teams on the emerging threats to critical information infrastructure and Internet resources; and (j) participate in and be a member of regional and international computer emergency response team groups, for collaborative efforts to fight cyber incidents.

40 THANK YOU QUESTIONS?

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

Cybersecurity and Cybercrime. Ministry of National Security

Cybersecurity and Cybercrime. Ministry of National Security Cybersecurity and Cybercrime Ministry of National Security Objective of Presentation What is the nature of Cybersecurity and Cybercrime? Purpose of Legislation Potential Impact on business operations What

More information

ACCReDITATION COuNCIL OF TRINIDAD AND TOBAGO ACT

ACCReDITATION COuNCIL OF TRINIDAD AND TOBAGO ACT ACCReDITATION COuNCIL OF TRINIDAD AND TOBAGO ACT ChAPTeR 39:06 Act 16 of 2004 Amended by 16 of 2007 10 of 2008 Current Authorised Pages Pages Authorised (inclusive) by 1 8.. 9 16.. 17 19.. 2 Chap. 39:06

More information

立 法 會 Legislative Council

立 法 會 Legislative Council 立 法 會 Legislative Council LC Paper No. CB(4)1212/14-15(04) Ref. : CB4/PL/ITB Panel on Information Technology and Broadcasting Meeting on 17 July 2015 Updated background brief on information security Purpose

More information

Overview TECHIS60241. Carry out risk assessment and management activities

Overview TECHIS60241. Carry out risk assessment and management activities Overview Information in all its forms is a vital component of the digital environment in which we live and work. The protection of information in its physical form is well understood but the protection

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

GOVERNMENT OF THE REPUBLIC OF LITHUANIA GOVERNMENT OF THE REPUBLIC OF LITHUANIA RESOLUTION NO 796 of 29 June 2011 ON THE APPROVAL OF THE PROGRAMME FOR THE DEVELOPMENT OF ELECTRONIC INFORMATION SECURITY (CYBER-SECURITY) FOR 20112019 Vilnius For

More information

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications

More information

REPUBLIC OF TRINIDAD AND TOBAGO. Act No. 16 of 2004

REPUBLIC OF TRINIDAD AND TOBAGO. Act No. 16 of 2004 Legal Supplement Part A to the Trinidad and Tobago Gazette, Vol. 43, No. 102, 17th June, 2004 Legal Supplement Part A to the Trinidad and Tobago Second Session Eighth Parliament Republic of Trinidad and

More information

Eighth Meeting of the REMJA Working Group on Cyber-Crime (Washington D.C. - Feb 27 & 28, 2014) Presented by Ministry of National Security

Eighth Meeting of the REMJA Working Group on Cyber-Crime (Washington D.C. - Feb 27 & 28, 2014) Presented by Ministry of National Security REPUBLIC OF TRINIDAD AND TOBAGO Eighth Meeting of the REMJA Working Group on Cyber-Crime (Washington D.C. - Feb 27 & 28, 2014) Presented by Ministry of National Security PRESENTATION OVERVIEW The ICT and

More information

Our Commitment to Information Security

Our Commitment to Information Security Our Commitment to Information Security What is HIPPA? Health Insurance Portability and Accountability Act 1996 The HIPAA Privacy regulations require health care providers and organizations, as well as

More information

Draft Model Legislative text on Privacy and Data Protection

Draft Model Legislative text on Privacy and Data Protection The views expressed in this presentation are those of the author and do not necessarily reflect the opinions of the ITU or its Membership. This document has been produced with the financial assistance

More information

THE NATIONAL DISASTER RISK REDUCTION AND MANAGEMENT BILL (No. II of 2016) Explanatory Memorandum. prevention and reduction of the risk of disasters;

THE NATIONAL DISASTER RISK REDUCTION AND MANAGEMENT BILL (No. II of 2016) Explanatory Memorandum. prevention and reduction of the risk of disasters; THE NATIONAL DISASTER RISK REDUCTION AND MANAGEMENT BILL (No. II of 2016) Explanatory Memorandum The main object of this Bill is to provide for prevention and reduction of the risk of disasters; mitigation

More information

Overview TECHIS60441. Carry out security testing activities

Overview TECHIS60441. Carry out security testing activities Overview Information, services and systems can be attacked in various ways. Understanding the technical and social perspectives, how attacks work, the technologies and approaches used are key to being

More information

Legislative Language

Legislative Language Legislative Language SECTION 1. DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY. Title II of the Homeland Security Act of 2002 (6 U.S.C. 121 et seq.) is amended (a) in section 201(c) by striking

More information

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Cyber Security Purpose This paper briefs Members on the global cyber security outlook facing governments of some

More information

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region CyberCrime@EAP EU/COE Eastern Partnership Council of Europe Facility: Cooperation against Cybercrime Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region Adopted

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Internal Audit Manual

Internal Audit Manual COMPTROLLER OF ACCOUNTS Ministry of Finance Government of the Republic of Trinidad Tobago Internal Audit Manual Prepared by the Financial Management Branch, Treasury Division, Ministry of Finance TABLE

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed

More information

Job Description. Radiography Services Manager

Job Description. Radiography Services Manager Job Description Radiography Services Manager Professionally accountable to: Head of Nursing and Clinical Services Key working relationships: Key reporting relationships: All Radiographers, Consultant Radiologists,

More information

The Trinidad and Tobago Securities and Exchange Commission: An Overview. Trinidad and Tobago Securities and Exchange Commission

The Trinidad and Tobago Securities and Exchange Commission: An Overview. Trinidad and Tobago Securities and Exchange Commission The Trinidad and Tobago Securities and Exchange Commission: An Overview Trinidad and Tobago Securities and Exchange Commission 23-06-16 DISCLAIMER The Trinidad and Tobago Securities and Exchange Commission,

More information

FORMAL LETTER OF APPOINTMENT FOR INDEPENDENT DIRECTORS

FORMAL LETTER OF APPOINTMENT FOR INDEPENDENT DIRECTORS FORMAL LETTER OF APPOINTMENT FOR INDEPENDENT DIRECTORS To, Sri., Pursuant to the decision of the Board of Directors in its meeting held on and the approval of the Shareholders, I am writing to confirm

More information

Echo Entertainment Group Limited (ABN 85 149 629 023) Risk and Compliance Committee Terms of Reference

Echo Entertainment Group Limited (ABN 85 149 629 023) Risk and Compliance Committee Terms of Reference (ABN 85 149 629 023) Terms of Reference Contents 1 Introduction to the Terms of Reference 1 1.1 General 1 1.2 Authorities 1 1.3 Board approval 1 1.4 Definitions 1 2 Role of the Committee 1 3 Duties and

More information

TOURISM ACT LAWS OF KENYA. No. 28 of 2011

TOURISM ACT LAWS OF KENYA. No. 28 of 2011 LAWS OF KENYA TOURISM ACT No. 28 of 2011 Revised Edition 2012 [2011] Published by the National Council for Law Reporting with the Authority of the Attorney-General www.kenyalaw.org [Rev. 2012] No. 28

More information

NHS Commissioning Board: Information governance policy

NHS Commissioning Board: Information governance policy NHS Commissioning Board: Information governance policy DOCUMENT STATUS: To be approved / Approved DOCUMENT RATIFIED BY: DATE ISSUED: October 2012 DATE TO BE REVIEWED: April 2013 2 AMENDMENT HISTORY: VERSION

More information

Information Security Management System (ISMS) Policy

Information Security Management System (ISMS) Policy Information Security Management System (ISMS) Policy April 2015 Version 1.0 Version History Version Date Detail Author 0.1 18/02/2015 First draft Andy Turton 0.2 20/02/2015 Updated following feedback from

More information

Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board

Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board www.cert-mu.org.mu Vijay Mauree Manager Planning, Research & Development and CERT-MU National Computer Board Presentation Outline Introduction Enforcement National Co-ordination for Cyber Security Information

More information

THE POLICE SERVICE (AMENDMENT) ACT, 2007

THE POLICE SERVICE (AMENDMENT) ACT, 2007 THE POLICE SERVICE (AMENDMENT) ACT, 2007 Arrangement of Sections Section 1. Short title 1A. Act inconsistent with Constitution 2. Interpretation 3. Section 4 amended 4. Section 16 amended 5. Sections 17,

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

1. This report outlines the Force s current position in relation to the Policing of Cyber Crime.

1. This report outlines the Force s current position in relation to the Policing of Cyber Crime. Agenda Item No. 5 COMMUNITY OUTCOMES MEETING SUBJECT: CYBER CRIME 4 August 2015 Report of the Chief Constable PURPOSE OF THE REPORT 1. This report outlines the Force s current position in relation to the

More information

DRAFT NATIONAL SOCIAL PROTECTION COUNCIL BILL, 2014

DRAFT NATIONAL SOCIAL PROTECTION COUNCIL BILL, 2014 DRAFT NATIONAL SOCIAL PROTECTION COUNCIL BILL, 2014 1 Short title. 2 Interpretation. PART I PRELIMINARY PART II DEFINITION AND OBJECTIVES OF SOCIAL PROTECTION 3 Meaning of social protection. 4 Principles

More information

CHAPTER 2016-138. Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033

CHAPTER 2016-138. Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033 CHAPTER 2016-138 Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033 An act relating to information technology security; amending s. 20.61, F.S.; revising the

More information

AS TABLED IN THE HOUSE OF ASSEMBLY

AS TABLED IN THE HOUSE OF ASSEMBLY AS TABLED IN THE HOUSE OF ASSEMBLY A BILL entitled INSURANCE AMENDMENT ACT 2014 TABLE OF CONTENTS 1 2 3 4 5 6 7 8 9 10 11 12 13 Citation Inserts section 15A Amends section 17A Amends section 30JA Amends

More information

Vijay Pal Dalmia, Advocate Delhi High Court & Supreme Court of India

Vijay Pal Dalmia, Advocate Delhi High Court & Supreme Court of India Intellectual Property & Information Technology Laws Division Flat No 903, Indra Prakash Building, 21, Barakhamba Road, New Delhi 110001 (India) Phone: +91 11 42492532 (Direct) Phone: +91 11 42492525 Ext

More information

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS INTER-AMERICAN COMMITTEE AGAINST TERRORISM (CICTE) TWELFTH REGULAR SESSION OEA/Ser.L/X.2.12 7 March, 2012 CICTE/DEC.1/12 rev. 1 Washington, D.C.

More information

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY APPENDIX A A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY INTRODUCTION The Internet and related networks

More information

EU policy on Network and Information Security and Critical Information Infrastructure Protection

EU policy on Network and Information Security and Critical Information Infrastructure Protection EU policy on Network and Information Security and Critical Information Infrastructure Protection Andrea SERVIDA European Commission Directorate General Information Society and Media - DG INFSO Unit A3

More information

Financial Advisers (Amendment) Bill

Financial Advisers (Amendment) Bill Financial Advisers (Amendment) Bill Bill No. 15/2015. Read the first time on 11 May 2015. A BILL intituled An Act to amend the Financial Advisers Act (Chapter 110 of the 2007 Revised Edition). Be it enacted

More information

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014 WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles

More information

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company

More information

Management and Use of Information & Information Technology (I&IT) Directive. Management Board of Cabinet

Management and Use of Information & Information Technology (I&IT) Directive. Management Board of Cabinet Management and Use of Information & Information Technology (I&IT) Directive Management Board of Cabinet February 28, 2014 TABLE OF CONTENTS PURPOSE... 1 APPLICATION AND SCOPE... 1 PRINCIPLES... 1 ENABLE

More information

Legislative Language

Legislative Language Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting

More information

Information security policy

Information security policy Information security policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM001 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review of IS Policy\Current

More information

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Sec. 1. Department of Homeland Security Cybersecurity Authority Section 1(a) amends Title II of the Homeland

More information

LAWS OF TRINIDAD AND TOBAGO TREASURY BILLS ACT CHAPTER 71:40. Act 28 of 1960 Amended by 14 of 1995

LAWS OF TRINIDAD AND TOBAGO TREASURY BILLS ACT CHAPTER 71:40. Act 28 of 1960 Amended by 14 of 1995 TREASURY BILLS ACT CHAPTER 71:40 Act 28 of 1960 Amended by 14 of 1995 Current Authorised Pages Pages Authorised (inclusive) by L.R.O. 1 6.. L.R.O. 2 Chap. 71:40 Treasury Bills Index of Subsidiary Legislation

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Presidency conclusions on establishing a strategy to combat the manipulation of sport results

Presidency conclusions on establishing a strategy to combat the manipulation of sport results COU CIL OF THE EUROPEA U IO EN Presidency conclusions on establishing a strategy to combat the manipulation of sport results 3201st EDUCATIO, YOUTH, CULTURE and SPORT Council meeting Brussels, 26 and 27

More information

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010 European Union / Council of Europe Project on Cybercrime in Georgia Tbilisi-2 March 2010 How to create a specialized cyber crime unit Recommendations Priorities How to create a specialized cyber crime

More information

Making our Cyber Space Safe

Making our Cyber Space Safe Making our Cyber Space Safe Ghana s Emerging Cyber Security Policy & Strategy William Tevie Director General 5/28/2014 1 Agenda Cyber Security Issues Background to Policy Target Audience for Framework

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...

More information

NHS Business Services Authority Information Security Policy

NHS Business Services Authority Information Security Policy NHS Business Services Authority Information Security Policy NHS Business Services Authority Corporate Secretariat NHSBSAIS001 Issue Sheet Document reference NHSBSARM001 Document location F:\CEO\IGM\IS\BSA

More information

Queensland Training Assets Management Authority Bill 2014 Explanatory Notes

Queensland Training Assets Management Authority Bill 2014 Explanatory Notes Queensland Training Assets Management Authority Bill 2014 Explanatory Notes Short Title The short title of the Bill is the Queensland Training Assets Management Authority Bill 2014. Policy objectives and

More information

Chair Cabinet Committee on State Sector Reform and Expenditure Control

Chair Cabinet Committee on State Sector Reform and Expenditure Control Office of the Minister of State Services Chair Cabinet Committee on State Sector Reform and Expenditure Control REPORT OF THE GOVERNMENT CHIEF INFORMATION OFFICER ON THE REVIEW OF PUBLICLY ACCESSIBLE INFORMATION

More information

Spillemyndigheden s change management programme. Version 1.3.0 of 1 July 2012

Spillemyndigheden s change management programme. Version 1.3.0 of 1 July 2012 Version 1.3.0 of 1 July 2012 Contents 1 Introduction... 3 1.1 Authority... 3 1.2 Objective... 3 1.3 Target audience... 3 1.4 Version... 3 1.5 Enquiries... 3 2. Framework for managing system changes...

More information

Ministry of Science and Technology Strategy and Research Division

Ministry of Science and Technology Strategy and Research Division Job Title: Director, Strategy and Research The Job: A three (3) year contract position. Job Summary: The incumbent is responsible, at an Executive level, for the technical, operational and administrative

More information

Senior Managers Regime. Payment Systems Regulator Ltd Statements of Responsibility

Senior Managers Regime. Payment Systems Regulator Ltd Statements of Responsibility Senior Managers Regime Payment Systems Regulator Ltd Statements of Responsibility Statements of Responsibility Senior Manager Regime Contents 1 Chair 2 2. Managing Director 4 3. Executive team 6 4. Other

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

PUBLIC ADMINISTRATION ACT (CAP. 497) Sustainable Energy and Water Conservation Unit (Establishment as an Agency) (Amendment) Order, 2016

PUBLIC ADMINISTRATION ACT (CAP. 497) Sustainable Energy and Water Conservation Unit (Establishment as an Agency) (Amendment) Order, 2016 B 4092 L.N. 340 of 2016 PUBLIC ADMINISTRATION ACT (CAP. 497) Sustainable Energy and Water Conservation Unit (Establishment as an Agency) (Amendment) Order, 2016 IN exercise of the powers conferred by article

More information

POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES

POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES POLICY FRAMEWORK AND STANDARDS INFORMATION SHARING BETWEEN GOVERNMENT AGENCIES January 2003 CONTENTS Page 1. POLICY FRAMEWORK 1.1 Introduction 1 1.2 Policy Statement 1 1.3 Aims of the Policy 1 1.4 Principles

More information

www.pwc.com Developing a robust cyber security governance framework 16 April 2015

www.pwc.com Developing a robust cyber security governance framework 16 April 2015 www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October

More information

Public Audit (Wales) Act 2004

Public Audit (Wales) Act 2004 Public Audit (Wales) Act 2004 CHAPTER 23 CONTENTS PART 1 AUDITOR GENERAL FOR WALES New functions of the Auditor General for Wales 1 Transfer of functions of Assembly 2 Additional functions of Auditor General

More information

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy Not Protectively Marked Item 6 Appendix B DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Management Policy The Dorset & Wiltshire Fire and Rescue Authority () is the combined fire and rescue authority for

More information

CONCLUSIONS AND RECOMMENDATIONS OF THE 48 TH SESSION OF THE INTERNATIONAL CONFERENCE ON EDUCATION (ICE)

CONCLUSIONS AND RECOMMENDATIONS OF THE 48 TH SESSION OF THE INTERNATIONAL CONFERENCE ON EDUCATION (ICE) Distribution: limited ED/BIE/CONFINTED 48/5 Geneva, 28 November 2008 Original: English UNITED NATIONS EDUCATIONAL, SCIENTIFIC AND CULTURAL ORGANIZATION INTERNATIONAL CONFERENCE ON EDUCATION Forty eighth

More information

Cybersecurity Strategy of the Republic of Cyprus

Cybersecurity Strategy of the Republic of Cyprus Policy Document Cybersecurity Strategy of the Republic of Cyprus Network and Information Security and Protection of Critical Information Infrastructures Version 1.0 23 April 2012 TABLE OF CONTENTS EXECUTIVE

More information

BOARD OF DIRECTORS CHARTER

BOARD OF DIRECTORS CHARTER BOARD OF DIRECTORS CHARTER AMENDED MARCH 2016 1 BOARD OF DIRECTORS CHARTER OF WSP GLOBAL INC. (THE "CORPORATION") AMENDED MARCH 2016 A. PURPOSE The role of the board of directors of the Corporation (the

More information

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM

ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY AND DEFENCE SECTOR REFORM Information & Security: An International Journal Valentyn Petrov, vol.31, 2014, 73-77 http://dx.doi.org/10.11610/isij.3104 ESTABLISHING A NATIONAL CYBERSECURITY SYSTEM IN THE CONTEXT OF NATIONAL SECURITY

More information

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013 2016 South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013-2016 1 1 Context 3 SCOPE 3 WHAT IS RISK MANAGEMENT? 3 LOCAL AND NATIONAL DRIVERS 3 Business

More information

Gladstone Ports Corporation Limited

Gladstone Ports Corporation Limited Gladstone Ports Corporation Limited Human Resources Committee Charter #159378v5 Adopted by Board 17/7/07 1 Table of Contents 1. TERMS OF REFERENCE... 3 2. ROLE AND RESPONSIBILITIES... 3 3. RELATIONSHIP

More information

ORDINANCE 22 UNIVERSITY OF LONDON RISK MANAGEMENT POLICY

ORDINANCE 22 UNIVERSITY OF LONDON RISK MANAGEMENT POLICY UNIVERSITY OF LONDON RISK MANAGEMENT POLICY Introduction 2 Guide to Risk Management 2 Underlying approach to Risk Management 2 Components of the Risk Management Framework 3 Role and Responsibilities of

More information

IM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction...3. 2. Policy Statement...3. 3. Purpose...

IM&T Infrastructure Security Policy. Document author Assured by Review cycle. 1. Introduction...3. 2. Policy Statement...3. 3. Purpose... IM&T Infrastructure Security Policy Board library reference Document author Assured by Review cycle P070 Information Security and Technical Assurance Manager Finance and Planning Committee 3 Years This

More information

Resolution adopted by the Human Rights Council: Human rights and transnational corporations and other business enterprises

Resolution adopted by the Human Rights Council: Human rights and transnational corporations and other business enterprises Text No. 11 Human Rights Prof. Dr. Christine Kaufmann Resolution adopted by the Human Rights Council: Human rights and transnational corporations and other business enterprises 6 July 2011, A/HRC/RES/17/4

More information

Commodity Trading (Amendment) Bill

Commodity Trading (Amendment) Bill Commodity Trading (Amendment) Bill Bill No. 23/07. Read the first time on 21st May 07. A BILL i n t i t u l e d An Act to amend the Commodity Trading Act (Chapter 48A of the 1993 Revised Edition) and to

More information

New Zealand Cyber Security Summit 2016 Report

New Zealand Cyber Security Summit 2016 Report New Zealand Cyber Security Summit 2016 Report KEEPING NEW ZEALAND S ECONOMY CYBER SECURE On 5 May 2016, 300 chief executives, board chairs, directors and senior business leaders took part in New Zealand

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency

The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency The Policy Approaches to Strengthen Cyber Security in the Financial Sector (Summary) July 2, 2015 Financial Services Agency 1 Challenge for Cyber Security in Financial Sector (1) Necessity to Strengthen

More information

RULES FOR THE BOARD OF DIRECTORS WRIGHT MEDICAL GROUP N.V. ST\ASD\13635703.1

RULES FOR THE BOARD OF DIRECTORS WRIGHT MEDICAL GROUP N.V. ST\ASD\13635703.1 RULES FOR THE BOARD OF DIRECTORS OF WRIGHT MEDICAL GROUP N.V. These Rules were adopted by the Board of Directors on 26 August 2010 and have been amended on 30 April 2013, 29 October 2013 and 1 October

More information

NATIONAL LIBRARY AND INFORMATION SYSTEM ACT

NATIONAL LIBRARY AND INFORMATION SYSTEM ACT NATIONAL LIBRARY AND INFORMATION SYSTEM ACT CHAPTER 40:01 Act 18 of 1998 Amended by 11 of 2007 Current Authorised Pages Pages Authorised (inclusive) by L.R.O. 1 22.. L.R.O. 2 Chap. 40:01 National Library

More information

Business Continuity Management Policy

Business Continuity Management Policy Business Continuity Management Policy Policy Holder: Authoriser: Caroline Gover, Head of Business Continuity Caroline Thomson, Chief Operating Officer Reviewed on: Feb 08 Reviewed on: Feb 08 Next Review

More information

Corporate Information Security Management Policy

Corporate Information Security Management Policy Corporate Information Security Management Policy Signed: Chief Executive. 1. Definition of Information Security 1.1. Information security means safeguarding information from unauthorised access or modification

More information

The National Government Co-ordination Bill, 2012 THE NATIONAL GOVERNMENT CO-ORDINATION BILL, 2012 ARRANGEMENT OF CLAUSES PART I PRELIMINARY

The National Government Co-ordination Bill, 2012 THE NATIONAL GOVERNMENT CO-ORDINATION BILL, 2012 ARRANGEMENT OF CLAUSES PART I PRELIMINARY THE NATIONAL GOVERNMENT CO-ORDINATION BILL, 2012 ARRANGEMENT OF CLAUSES PART I PRELIMINARY 1 Short title and commencement. 2 Interpretation. 3 Object of the Act. 4 Guiding principles. 5 Accessibility of

More information

Emergency Management and Business Continuity Policy

Emergency Management and Business Continuity Policy www.surreycc.gov.uk Making Surrey a better place Emergency Management and Business Continuity Policy 4 TH EDITION June 2011 Title Emergency Management and Business Continuity Policy Version 4.0 Policy

More information

HUMAN RESOURCES AND COMPENSATION COMMITTEE CHARTER

HUMAN RESOURCES AND COMPENSATION COMMITTEE CHARTER HUMAN RESOURCES AND COMPENSATION COMMITTEE CHARTER 1. Defined Terms In this Charter, the following terms have the meanings set out below. Audit Committee means the Audit, Finance and Risk Committee of

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

Corporate Finance Adviser. Code of Conduct

Corporate Finance Adviser. Code of Conduct Corporate Finance Adviser Code of Conduct Securities and Futures Commission Hong Kong December 2001 TABLE OF CONTENTS Page 1. Introduction 1 2. Conduct of business 4 3. Competence 6 4. Conflicts of interest

More information

Who s next after TalkTalk?

Who s next after TalkTalk? Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many

More information

Overview TECHIS60851. Manage information security business resilience activities

Overview TECHIS60851. Manage information security business resilience activities Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident,

More information

IRE-TEX CORPORATION BERHAD (Company No: A)

IRE-TEX CORPORATION BERHAD (Company No: A) IRE-TEX CORPORATION BERHAD (Company No: 576121-A) BOARD CHARTER 1. OVERVIEW The Board of Directors ( Board ) of Ire-Tex Corporation Berhad ( the Company ) is committed towards ensuring good corporate governance

More information

Government of Trinidad and Tobago

Government of Trinidad and Tobago Ref #: A007 Government of Trinidad and Tobago JOB DESCRIPTION CONTRACTUAL POSITION JOB TITLE: HEAD HUMAN RESOURCE JOB SUMMARY: The incumbent is required to provide overall management and coordination of

More information

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies IT Professional Standards Information Security Discipline Sub-discipline 605 Information Security Testing and Information Assurance Methodologies December 2012 Draft Version 0.6 DOCUMENT REVIEW Document

More information

NSERC SSHRC AUDIT OF IT SECURITY Corporate Internal Audit Division

NSERC SSHRC AUDIT OF IT SECURITY Corporate Internal Audit Division AUDIT OF IT SECURITY Corporate Internal Audit Division Natural Sciences and Engineering Research Council of Canada Social Sciences and Humanities Research Council of Canada September 20, 2012 Corporate

More information

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT Presenter: C. MASIGA Event: ICT PITSO 2015 Date: 25/08/15 PRESENTATION OUTLINE Current Situational Analysis Remedial Actions for CSA Expected Benefits

More information

THE ELECTRONIC SERVICE DELIVERY BILL, 2011

THE ELECTRONIC SERVICE DELIVERY BILL, 2011 THE ELECTRONIC SERVICE DELIVERY BILL, 2011 A BILL to provide for delivery of public services by the Government to all persons by electronic mode to enhance transparency, efficiency, accountability, accessibility

More information

Invitation of expressions of interest for the provision of insurance cover

Invitation of expressions of interest for the provision of insurance cover Invitation of expressions of interest for the provision of insurance cover 1. Context and Overview 1.1. The Authority The Irish Auditing and Accounting Supervisory Authority ( IAASA ) is the independent

More information

ESKISP6056.01 Direct security testing

ESKISP6056.01 Direct security testing Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being

More information

No. 33 February 19, 2013. The President

No. 33 February 19, 2013. The President Vol. 78 Tuesday, No. 33 February 19, 2013 Part III The President Executive Order 13636 Improving Critical Infrastructure Cybersecurity VerDate Mar2010 17:57 Feb 15, 2013 Jkt 229001 PO 00000 Frm 00001

More information

LAWS OF MALAYSIA ONLINE VERSION OF UPDATED HUMAN RIGHTS COMMISSION OF MALAYSIA ACT 1999

LAWS OF MALAYSIA ONLINE VERSION OF UPDATED HUMAN RIGHTS COMMISSION OF MALAYSIA ACT 1999 LAWS OF MALAYSIA ONLINE VERSION OF UPDATED TEXT OF REPRINT Act 597 HUMAN RIGHTS COMMISSION OF MALAYSIA ACT 1999 As at 1 December 2011 2 HUMAN RIGHTS COMMISSION OF MALAYSIA ACT 1999 Date of Royal Assent

More information

Justice and Other Information Disclosure Bill 2008

Justice and Other Information Disclosure Bill 2008 Justice and Other Information Disclosure Bill 2008 Explanatory Notes Objectives of the Bill To provide a statutory basis for the sharing of criminal justice information between the Department of Justice

More information

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event

More information