T he UNFCCC Secretariat has published a note by the international transaction log (ITL) administrator, titled ‘Options for, and road map to, further implementation of information security controls in systems supporting emissions trading under the Kyoto Protocol’ (FCCC/SBI/2014/INF.6), reads an institution’s press release. The note reports on the Security Working Group’s (SWG) assessment of the impact of managing information security and options for implementing security controls in national registry systems, for consideration at the 40th session of the Subsidiary Body for Implementation (SBI 40).wall07

The SWG identified relevant assets and associated information security requirements; reviewed information security threats and selected controls to manage risks; and applied a valuation scale to evaluate assets based on confidentiality, integrity and availability criteria.

On threats and vulnerabilities, the SWG identified known sources of threats, assessed the nature of threats as deliberate, accidental or environmental, and identified vulnerabilities related to, inter alia: absent, insufficient or incorrect use of information security policies, procedures and processes.

On risks and consequences, the SWG assessed possible impacts from the interruption or loss of confidentiality, integrity or availability of assets and identified risks originating from, inter alia: sources that can impair access to emissions trading systems, resulting in the retrieval, modification or disclosure of sensitive or restricted data. The SWG also identified the following consequences of emerging threats: financial loss due to theft of Kyoto Protocol units; and unplanned interruption of services leading to an inability to trade emissions and fulfill compliance obligations, among others.

The SWG identified two options to facilitate information security management system (ISMS) implementation in emissions trading systems: business as usual and further implementation. Business as usual refers to a normal execution of standard information security operations within emissions trading systems. Further implementation refers to a structured and planned extension of the current ISMS, which would require developing methods to monitor and measure progress towards achieving planned milestones and improving security awareness, and monitoring progress and costs on an ongoing basis to allow for mid-course corrections.

The note also includes: a roadmap with key performance indicators (KPIs) on ISMS implementation progress and effectiveness; and a section on monitoring.

advert

A Forest Is A Levee

River Dora Riparia in Susa Valley is alpine however with particularities of plain running waters. “We are basically on a […]

Merano, A History Carved with Water

  In an unusual rain pouring cold morning Mayor Paul Rüsch, a rather non-political bonhomme, guided us through the history […]

How Hydropower Turned Hohe Tauern into a National Park

  Nature protection history and ecological hotspots started in the 1970s, says Florian Jurgeit, planner with the Hohe Tauern National […]

Is There Life after Skiing?

  Why do we have to ski all the time?, asks Dominik Siegrist, an actual avid skier and leader of […]

Schladming against Floods

  Following the rains and massive floods of Elba and Danube in 2002, EU decided to take action. In 2007 […]

Governments commit to strengthening cooperation on carbon markets

On 1 September 2017, high-level government officials from 25 national and subnational governments, including EU Member States, Mexico, the Republic […]