General Information
Cases/Enablers
OOP Enabling Infrastructure
Appetizer
The goal of implementing ISKE is to ensure a security level sufficient for the data processed in IT systems. The necessary security level is achieved by implementing the standard organisational, infrastructural/physical and technical security measures.
Short summary
The goal of implementing ISKE is to ensure a security level sufficient for the data processed in IT systems. The necessary security level is achieved by implementing the standard organisational, infrastructural/physical and technical security measures.
A three-level baseline system means three different sets of security measures for three different security requirements have been developed (different databases and information systems may have different security levels).
A three-level baseline system means three different sets of security measures for three different security requirements have been developed (different databases and information systems may have different security levels).
Focus
Government
Start date
Scope
National/Federal
Country
Estonia
Nature and status of project
Rolled Out
Is the OOP case/enabler mandatory?
Mandatory
ENABLING ASSETS OR COMPONENTS
Political commitment
Infoturbe koosvõime raamistik, Degree of ministry, https://www.mkm.ee/sites/default/files/infoturbe_raamistik.pdf
Legal interoperability
Infosüsteemide turvameetmete süsteem, https://www.riigiteataja.ee/akt/13125331?leiaKehtiv
The system of security measures for information systems (unofficial translation : https://www.ria.ee/public/ISKE/Regulation-the-system-of-security-measures-forinformation-systems-2007-12-20.pdf )
---------
Infoturbe juhtimise süsteem, https://www.riigiteataja.ee/akt/119032012004
---------
Public Information Act, https://www.riigiteataja.ee/en/eli/518012016001/consolide
The system of security measures for information systems (unofficial translation : https://www.ria.ee/public/ISKE/Regulation-the-system-of-security-measures-forinformation-systems-2007-12-20.pdf )
---------
Infoturbe juhtimise süsteem, https://www.riigiteataja.ee/akt/119032012004
---------
Public Information Act, https://www.riigiteataja.ee/en/eli/518012016001/consolide
DATA HANDLING / DATA EXCHANGE
Data handler
Stakeholder name
Information System Authority
Stakeholder category
Government
Stakeholder Role
Data controller
Kind of data
NA
Stakeholder name
Data owners
Stakeholder category
Government
Stakeholder Role
Database owner
Kind of data
NA
Stakeholder name
Developers
Stakeholder category
Business
Stakeholder Role
Data consumer
Kind of data
NA
Stakeholder name
Public
Stakeholder category
Citizen
Stakeholder Role
Data subject
Kind of data
NA
Architecture
Simplified process for the implementation of ISKE
Mapping databases
Mapping information systems and other information assets
Identifying links between databases, information systems and other information assets
Identifying the required security class and level for databases
Identifying the required security class and level for information systems and other information assets
Identifying the typical modules, which comply with information systems, and other information assets
Identifying the required security measures for information systems and other information assets.
Information security is an ongoing process, which is aimed at ensuring the confidentiality, integrity and availability of data and assets. The goal is to find a balance between these three components.
https://www.ria.ee/public/ISKE/ISKE_english_2012.pdf
Mapping databases
Mapping information systems and other information assets
Identifying links between databases, information systems and other information assets
Identifying the required security class and level for databases
Identifying the required security class and level for information systems and other information assets
Identifying the typical modules, which comply with information systems, and other information assets
Identifying the required security measures for information systems and other information assets.
Information security is an ongoing process, which is aimed at ensuring the confidentiality, integrity and availability of data and assets. The goal is to find a balance between these three components.
https://www.ria.ee/public/ISKE/ISKE_english_2012.pdf