T he UNFCCC Secretariat has published a note by the international transaction log (ITL) administrator, titled ‘Options for, and road map to, further implementation of information security controls in systems supporting emissions trading under the Kyoto Protocol’ (FCCC/SBI/2014/INF.6), reads an institution’s press release. The note reports on the Security Working Group’s (SWG) assessment of the impact of managing information security and options for implementing security controls in national registry systems, for consideration at the 40th session of the Subsidiary Body for Implementation (SBI 40).wall07

The SWG identified relevant assets and associated information security requirements; reviewed information security threats and selected controls to manage risks; and applied a valuation scale to evaluate assets based on confidentiality, integrity and availability criteria.

On threats and vulnerabilities, the SWG identified known sources of threats, assessed the nature of threats as deliberate, accidental or environmental, and identified vulnerabilities related to, inter alia: absent, insufficient or incorrect use of information security policies, procedures and processes.

On risks and consequences, the SWG assessed possible impacts from the interruption or loss of confidentiality, integrity or availability of assets and identified risks originating from, inter alia: sources that can impair access to emissions trading systems, resulting in the retrieval, modification or disclosure of sensitive or restricted data. The SWG also identified the following consequences of emerging threats: financial loss due to theft of Kyoto Protocol units; and unplanned interruption of services leading to an inability to trade emissions and fulfill compliance obligations, among others.

The SWG identified two options to facilitate information security management system (ISMS) implementation in emissions trading systems: business as usual and further implementation. Business as usual refers to a normal execution of standard information security operations within emissions trading systems. Further implementation refers to a structured and planned extension of the current ISMS, which would require developing methods to monitor and measure progress towards achieving planned milestones and improving security awareness, and monitoring progress and costs on an ongoing basis to allow for mid-course corrections.

The note also includes: a roadmap with key performance indicators (KPIs) on ISMS implementation progress and effectiveness; and a section on monitoring.

advert

A recent history of biomass. Poland and Romania

In the name of EU climate policies, deforestation is sold as a green solution. This is not happening in far […]

A Recent History of Biomass in Poland and Romania (multimedia and glossary)

In the name of EU climate policies, deforestation is sold as a green solution. This is not happening in far […]

Over 200 Indonesian community leaders speak out against palm oil for biofuels

Hundreds of Indonesian leaders of indigenous communities, farmers’ unions, smallholder organizations, human rights groups and environmental NGOs have signed an […]

PEOPLE’S CLIMATE CASE: EU taken to Court for failing to impose a robust emission reduction plan

A Carpathian shepherd together with other families from Europe and outside are taking the European Parliament and the Council of […]

A Forest Is A Levee

River Dora Riparia in Susa Valley is alpine however with particularities of plain running waters. “We are basically on a […]

Merano, A History Carved with Water

  In an unusual rain pouring cold morning Mayor Paul Rüsch, a rather non-political bonhomme, guided us through the history […]