T he UNFCCC Secretariat has published a note by the international transaction log (ITL) administrator, titled ‘Options for, and road map to, further implementation of information security controls in systems supporting emissions trading under the Kyoto Protocol’ (FCCC/SBI/2014/INF.6), reads an institution’s press release. The note reports on the Security Working Group’s (SWG) assessment of the impact of managing information security and options for implementing security controls in national registry systems, for consideration at the 40th session of the Subsidiary Body for Implementation (SBI 40).wall07

The SWG identified relevant assets and associated information security requirements; reviewed information security threats and selected controls to manage risks; and applied a valuation scale to evaluate assets based on confidentiality, integrity and availability criteria.

On threats and vulnerabilities, the SWG identified known sources of threats, assessed the nature of threats as deliberate, accidental or environmental, and identified vulnerabilities related to, inter alia: absent, insufficient or incorrect use of information security policies, procedures and processes.

On risks and consequences, the SWG assessed possible impacts from the interruption or loss of confidentiality, integrity or availability of assets and identified risks originating from, inter alia: sources that can impair access to emissions trading systems, resulting in the retrieval, modification or disclosure of sensitive or restricted data. The SWG also identified the following consequences of emerging threats: financial loss due to theft of Kyoto Protocol units; and unplanned interruption of services leading to an inability to trade emissions and fulfill compliance obligations, among others.

The SWG identified two options to facilitate information security management system (ISMS) implementation in emissions trading systems: business as usual and further implementation. Business as usual refers to a normal execution of standard information security operations within emissions trading systems. Further implementation refers to a structured and planned extension of the current ISMS, which would require developing methods to monitor and measure progress towards achieving planned milestones and improving security awareness, and monitoring progress and costs on an ongoing basis to allow for mid-course corrections.

The note also includes: a roadmap with key performance indicators (KPIs) on ISMS implementation progress and effectiveness; and a section on monitoring.


Governments commit to strengthening cooperation on carbon markets

On 1 September 2017, high-level government officials from 25 national and subnational governments, including EU Member States, Mexico, the Republic […]


It is time to really implement territorial cohesion and pay special attention to mountain areas, as emphasised in the article […]

Will the Empire strike back in the next Dieselgate fight?

by Julia Poliscanova The battle over the EU’s response to the Dieselgate scandal is drawing to a close. It pits […]

Naomi Klein in Eastern Europe: Green tech leans towards decentralization away from state socialism

In the wake of the heated talks on the CETA signing, Naomi Klein, at a short online meeting with her […]

Governments demand new EU vehicle safety rules to cut road deaths

Transport ministers from eight countries have united to demand new EU-wide standards for vehicle safety. Safer vehicles, such as trucks […]

Climate change dispels plants and humans to mountain heights

Thistle is invading mountain clearings; little pines are growing amongst the high alpine rocks; flocks of cattle need to climb […]