Κοινωνία της Πληροφορίας Μ.Α.Ε. – Κ.Τ.Π. Μ.Α.Ε.

PROJECTS

Sub-project 5 “ISO27001: 2013 certification preparation” of the operation “Central Computing Infrastructures of Information Society SA and G-Cloud node of GSIS – Phase B” of OP “COMPETITIVENESS, ENTREPRENEURSHIP AND INNOVATION” (EPANEK)”

KTP ERGA HEADER 1
ktp photo 6
DEVELOPER
General Secretariat of Public Administration Information Systems
PROJECT OPERATOR
Ministry of Digital Governance
BUDGET
60.000,00 € (PLUS VAT)
DEADLINE
October 1 2020
Financial Source
Operational Programme “Competitiveness, Entrepreneurship and Innovation” (EPAnEK)
Public Investment Program (PIP)
What is the object of the project?

The project “Preparation of G-Cloud certification according to ISO 27001: 2013” aims at providing specialized scientific services for the preparation and support of GSISPA with the objective of G-Cloud certification in accordance with the International Information Security Management Standard ISO/IEC 27001: 2013. The scope of the project includes the G Cloud, as well as all G-Cloud structures and functions of the GSISPA.

What are the purpose and objectives of the project?

The project aims at the integrated, methodical and systematic preparation of the GSISPA for the certification of G-Cloud and all G-Cloud structures and functions of GSISPA, in accordance with ISO/IEC 27001: 2013 and its supplements, or later version, by an independent and relatively accredited national/domestic or international certification body. Finally, it is self-understood that none of the accredited evaluators can be a member of the team of this project.

The main objectives that are expected to be achieved through the implementation of this Project are:

  • Ensuring confidentiality, integrity and availability of G-Cloud information systems
  • Compliance with relevant legislation and applicable international standards (including, of course, ISO/IEC 27001), for instance: ISO 27002:2013 Information technology — Security techniques — Code of practice for information security controls, ISO 27017:2015 Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services, 27018:2014 Information technology – Security techniques – Code of practice for protection of personally identifiable  Information (PII) in public clouds acting as PII processors, NIST SP800-144 Guidelines on Security and Privacy in Public Cloud Computing, BS 10012 Personal Information Management, etc.)
  • Minimising losses in the event of a safety incident
  • Informing and raising awareness of the human resources of GSISPA
  • Clarification and segregation of duties of GSISPA human resources involved

The certification of DSMS, in accordance with the requirements of ISO/IEC 27001 and its supplements, or later version, will ensure the following benefits and advantages for GSISPA:

  • Confirmation of implementation of relevant legislation and standardisation regulations.
  • Proof of satisfaction of the requirements of good governance and operational continuity.
  • Official proof of the existence and operation of an information security management system and, within its framework, application for a risk identification, assessment and management system.

 

SUBSCRIBE TO NEWSLETTER



*Indicates required fields. We process the personal data provided through this form for the sole purpose of sending newsletters regarding Information Society’s corporate news, events and implemented actions.
After submitting the subscription form, you will receive an e-mail confirming your subscription to Information Society’s Newsletter.
You can unsubscribe from our mailing list at any time by clicking the unsubscribe button, which can be found in all relevant communications or by sending an email to newsletter@ktpae.gr, taking into consideration that such withdrawal shall not affect the lawfulness of the processing based on the initially provided consent.

SUBSCRIBE TO NEWSLETTER



*Indicates required fields. We process the personal data provided through this form for the sole purpose of sending newsletters regarding Information Society’s corporate news, events and implemented actions.
After submitting the subscription form, you will receive an e-mail confirming your subscription to Information Society’s Newsletter.
You can unsubscribe from our mailing list at any time by clicking the unsubscribe button, which can be found in all relevant communications or by sending an email to newsletter@ktpae.gr, taking into consideration that such withdrawal shall not affect the lawfulness of the processing based on the initially provided consent.