T he UNFCCC Secretariat has published a note by the international transaction log (ITL) administrator, titled ‘Options for, and road map to, further implementation of information security controls in systems supporting emissions trading under the Kyoto Protocol’ (FCCC/SBI/2014/INF.6), reads an institution’s press release. The note reports on the Security Working Group’s (SWG) assessment of the impact of managing information security and options for implementing security controls in national registry systems, for consideration at the 40th session of the Subsidiary Body for Implementation (SBI 40).wall07

The SWG identified relevant assets and associated information security requirements; reviewed information security threats and selected controls to manage risks; and applied a valuation scale to evaluate assets based on confidentiality, integrity and availability criteria.

On threats and vulnerabilities, the SWG identified known sources of threats, assessed the nature of threats as deliberate, accidental or environmental, and identified vulnerabilities related to, inter alia: absent, insufficient or incorrect use of information security policies, procedures and processes.

On risks and consequences, the SWG assessed possible impacts from the interruption or loss of confidentiality, integrity or availability of assets and identified risks originating from, inter alia: sources that can impair access to emissions trading systems, resulting in the retrieval, modification or disclosure of sensitive or restricted data. The SWG also identified the following consequences of emerging threats: financial loss due to theft of Kyoto Protocol units; and unplanned interruption of services leading to an inability to trade emissions and fulfill compliance obligations, among others.

The SWG identified two options to facilitate information security management system (ISMS) implementation in emissions trading systems: business as usual and further implementation. Business as usual refers to a normal execution of standard information security operations within emissions trading systems. Further implementation refers to a structured and planned extension of the current ISMS, which would require developing methods to monitor and measure progress towards achieving planned milestones and improving security awareness, and monitoring progress and costs on an ongoing basis to allow for mid-course corrections.

The note also includes: a roadmap with key performance indicators (KPIs) on ISMS implementation progress and effectiveness; and a section on monitoring.

advert

Nature’s Dangerous Decline ‘Unprecedented’. Species Extinction Rates ‘Accelerating’

Nature is declining globally at rates unprecedented in human history — and the rate of species extinctions is accelerating, with […]

Pathological consumption and climate change in one photo

Initially I was in awe as my eye was moving over the picture’s pixels. Then it was fear. It looked […]

Mountain Dimension of Cooperation in Europe

  Rise in mean global temperature primarily affects plants and animals as they slowly “seek refuge” to higher altitudes. But […]

A recent history of biomass. Poland and Romania

In the name of EU climate policies, deforestation is sold as a green solution. This is not happening in far […]

A Recent History of Biomass in Poland and Romania (multimedia and glossary)

In the name of EU climate policies, deforestation is sold as a green solution. This is not happening in far […]

Over 200 Indonesian community leaders speak out against palm oil for biofuels

Hundreds of Indonesian leaders of indigenous communities, farmers’ unions, smallholder organizations, human rights groups and environmental NGOs have signed an […]