Connectivity to MAGNET (Malta Government Network) Policy

Similar documents
Third party Web hosting services security Policy

Network Resource Management Policy

Information Security Policy

Government of India Ministry of Communications & Information Technology Department of Electronics & Information Technology (DeitY)

INFORMATION TECHNOLOGY SECURITY STANDARDS

IAF Mandatory Document for the Transfer of Accredited Certification of Management Systems

ClOP CHAPTER Departmental Information Technology Governance Policy TABLE OF CONTENTS. Section 39.1

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

Information Governance Strategy :

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

The Electronic Transactions Law Chapter I Title and Definition

Information Governance Strategy. Version No 2.1

NSW Government Digital Information Security Policy

ehealth Architecture Principles

Remote Access Policy

THE ANTI-SPAM REGULATORY POLICY FRAMEWORK FOR THE KINGDOM OF SAUDI ARABIA

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

NSW Government Digital Information Security Policy

SECURITY and MANAGEMENT CONTROL OUTSOURCING STANDARD For NON-CHANNELERS

MEMORANDUM OF UNDERSTANDING THE INDEPENDENT ELECTRICITY SYSTEM OPERATOR THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

How To Respect The Agreement On Trade In Cyberspace

Information Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET

LICENSING OF INTERNET SERVICE PROVIDERS

Preparing for the HIPAA Security Rule

CONTENT OF THE AUDIT LAW

ACT ON ELECTRONIC SIGNATURES AND CERTIFICATION BUSINESS Act No. 102 of May 31 of 2000

University of Sunderland Business Assurance Information Security Policy

Challenges and Role of Standards in Building Interoperable e-governance Solutions

A Summary of the National NGO Policy July 2012

Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.

/ BROCHURE / CHECKLIST: PCI/ISO COMPLIANCE. By Melbourne IT Enterprise Services

Compliance Management of Company Law Compliances Approach and Technology Perspective

Smart Meters Programme Schedule 2.5. (Security Management Plan) (CSP South version)

Law No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA)

Law No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA)

How To Protect Decd Information From Harm

IT Governance Charter

DELHI ELECTRICITY REGULATORY COMMISSION

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

E-signature in the Austrian cadastral process

HP Laptop & Apple ipads

European best practice regarding to the licensing in the energy sector

An article on PCI Compliance for the Not-For-Profit Sector

How to set up a company in South Africa

Newcastle University Information Security Procedures Version 3

NSW Data & Information Custodianship Policy. June 2013 v1.0

Information Security Program

Summary of Information Technology General Control Environment Findings for the year ended 30 June 2015

Electronic Documents Law

10 Steps for Managing Sub-Grants

DATA PROTECTION LAWS OF THE WORLD. India

LAW ON ELECTRONIC TRANSACTIONS

ING Public Key Infrastructure Technical Certificate Policy

TOTAL QUALITY MANAGEMENT II QUALITY AUDIT

Office of the President Annual Plan 2012/2013

Digital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie

An Alternative Method for Maintaining ISO 9001/2/3 Certification / Registration

Information & ICT Security Policy Framework

F. No. 1(3)/2014 EG II. Ministry of Communication & Information Technology. Department of Electronics & Information Technology POLICY

Casablanca Stock Exchange Reforms : Achievements and Challenges Content

ISO 9001:2015 Overview of the Revised International Standard

HIPAA BUSINESS ASSOCIATE AGREEMENT

Version: 3.0. Effective From: 19/06/2014

FSIS DIRECTIVE

COUNCIL POLICY R180 RECORDS MANAGEMENT

TERMS & CONDITIONS FOR INTERNET ACCESS. Service Provided by Fast Telecommunication Company W.L.L. (hereinafter referred to as FAST Telco )

A Framework of Quality Assurance for Responsible Officers and Revalidation

Release: 1. ICT40510 Certificate IV in Telecommunications Network Planning

ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

Estate Agents Authority

Information Governance Strategy. Version No 2.0

TABLE OF CONTENTS Information Systems Security Handbook Information Systems Security program elements. 7

THE REPUBLIC OF UGANDA DPP

Law Concerning Electronic Signatures and Certification Services (Unofficial Translation)

Standard conditions of the Electricity Distribution Licence

The Executive Regulations Governing the Online Trading System on the Tehran Stock Exchange and on the Iran Fara Bourse

TG TRANSITIONAL GUIDELINES FOR ISO/IEC :2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES

Heads of Schools: Appointment Process and Job Description

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

GUIDE FOR APPLICANTS GRANTS PROGRAMME 2016/2017 TRAINING IN CONFERENCE INTERPRETING

Please read through these Terms and Conditions carefully, these Terms and Conditions apply to all services with us, unless otherwise stated.

Head of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2

Release: 1. ICTNWK607 Design and implement wireless network security

CHAPTER E12 - ENVIRONMENTAL IMPACT ASSESSMENT ACT

Web Content Management System, Migration and Maintenance Services for ECDC Web Portal

Transcription:

Office of the Prime Minister Policy document CIMU P 0011:2002 Version: 1.0 Effective date: 30.07.2002 Connectivity to MAGNET (Malta Government Network) Policy 1. Policy statement i) General The MAGNET is a mission critical component, acting as an ICT Backbone, connecting together the different Information Systems across the whole of the Government of Malta (the Government). To this effect, the Government intends to utilise the MAGNET, as its ICT Backbone for networking and consequently: (i) obligates Public Sector entities to connect to the MAGNET and (ii) gives confidence and encourages Maltese registered - non Public Sector entities located in Malta, to make mandatory use of the MAGNET as the Maltese Information Highway, through which any such entity shall interconnect. Connectivity to the MAGNET shall be granted primarily in instances were an entity requires to conduct business in electronic form with the Government, primarily for the purposes of the e-government initiatives. The (CIMU) is the sole Government regulatory body empowered to issue, certify and revise e-government connectivity requests, standards and compliance mechanisms. It is Policy that any entity seeking to connect to the MAGNET and thereby utilise resources already connected to the MAGNET, must seek explicit authorisation from the business owners of such resource prior to seeking a connection with the MAGNET. At all times, the Government will retain governance on any connection in operation. Thus, (i) any connection either established or in the process of being established, must conform and operate with the Laws of Malta and any regulations and/or standards issued by relevant statutory organisations; (ii) every entity is responsible to secure it s own network and conform to security policies, standards and directives issued by the Government that are applicable to any connection and information being transmitted through such connection. Page 1

ii) Implementation The prime target population are all entities in the Public Sector. Any Maltese entity located in Malta can apply for connectivity to MAGNET on a G2B basis 1. In order to maintain governance upon connections established, every such connection must be registered with the CIMU. The following are the key principles underpinning connectivity to the MAGNET: (i) to define service levels, (ii) to secure and protect, (iii) to operate within a defined Architecture, with access anytime and anywhere, (iv) to operate in conformity with the Laws of Malta and regulations by statutory bodies. Elements of (ii) and (iii) above are subject to the respective entity s connectivity needs. iii) Policy violations Connections not operated according to this Policy shall be suspended from operation and than terminated depending on the outcome of audits. 2. Purpose This Policy primarily provides direction and subsequently defines the characteristics that will govern connectivity to the MAGNET by any entity in connection with the e- Government programme. The primary objectives of this Policy are to ensure that Connectivity to the MAGNET is provided in a secure and cost effective manner. This Policy, and supporting documents, are based on the directives of circular; OPM/463/99 Exploiting the e-government Initiative, dated 7 August 2001. 3. Who should know this Policy Knowledge of this Policy should extend up and down the organisations concerned and be wide spread within them. CIMU Head CIMU Communications Officer Ministry for Justice and Local Government Head of Agent Head of Public Sector entity Directors (Office of Review) 1 For the purpose of this Policy, all entities connected to the MAGNET will be referred to under one common name; Public Sector entities. Page 2

4. Scope of applicability This Policy applies to all new connection requests by Public Sector entities as from the date this Policy comes into force. Current connections in operation will be required to comply with the provisions of this Policy within 1 year as from the date this Policy comes into force. The Policy and supporting documents issued prior to this release, governing Connections to the MAGNET by Public Sector Public Sector entities alone are now superseded by this Policy and supporting documents. 5. Definitions Agent the entity that has a mandate to provide a service to the Government of Malta. Connectivity - the provision of data communication technologies and systems to satisfy the transmission of data between two networks. Entity - any Maltese registered - non Public Service - organisation, formally established to achieve a mission. G2B - (Government to Business) is defined as one form of relationship within the e- Government context. Head of Public Sector entity - the person responsible with the headship of the department or entity in scope of the connection to the MAGNET. Internet - a global network connecting millions of computers. MAGNET - the Government of Malta network connecting all computers and networking systems together for the conduct of the Government of Malta business operations. Network - a group of two or more computer systems linked together. Service Level Agreement (SLA) - is a contractual obligation between CIMU and Agent, which stipulates and commits the Agent to a required level of service. An SLA should contain a numerically quantified level of service, support options, enforcement or penalty provisions for services not provided, a guaranteed level of system performance as relates to downtime or uptime, what software or hardware will be provided and for what fee, if applicable. Page 3

6. Roles and responsibilities For the purpose of this Policy, the following roles and succinct responsibilities have been identified. 1. CIMU 1. to promote the MAGNET as an Information Highway, 2. to maintain this Policy, 3. to accept and subsequent vet connection requests, 4. to define service level agreements, numerically quantified and publicly available, 5. to audit for compliance. 2. CIMU Communications Officer 6. to publish this Policy 3. Head of Agent 7. to instigate documented internal procedures that fully implement this Policy, 8. to establish authorised connections and subsequently operate them according to this Policy. 4. Head of Public Sector entity 1. to accept and subsequently consider requests for access to resources under direct responsibility. 2. to comply with the provisions found in this document. 7. Supporting Documents In support to this Policy, the following Standard and Directive will be issued: 1. Connectivity to MAGNET Standard. 2. Connectivity to MAGNET Directive. 8. References 1. Acts and Regulation a. Telecommunications Act http://www.justice.gov.mt b. Communications Authority Act http://www.justice.gov.mt c. Code of Practice for Internet Service Providers http://www.mca.org.mt Page 4

9. Modification history Version Date Changes 1.0 30.07.2002 Initial Release 10. Maintenance and review timetable Maintenance of this Policy is set for six months after the initial release as indicated in the effective date. Subsequent maintenance to this Policy will be based on a twelve month cycle. <Signature and stamp> Joseph R Grima Permanent Secretary, Office of the Prime Minister Page 5