In this report, ENISA presents an overview of existing auditing frameworks. These auditing frameworks are used in different setting and across different sectors (energy, finance etc), and are aiming at ensuring that providers comply with specific cyber security requirements. This work is undertaken in the context of incident reporting and minimum security measures for the telecommunications sector.
All twelve schemes are described in detail, presenting
- the process,
- the roles and
- the features of each scheme also by providing comprehensive visuals.
The outcome of this report is a set of 7 recommendations and a single auditing model that captures the most common features, creating this way a preliminary meta-framework.
This report can be a good reference point, since it offers a complete overview of international auditing schemes.
For full report: Schemes for Auditing Security Measures
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!