Security Framework for Trust Service Providers

This document proposes a security framework to achieve compliance with Article 19 of the eIDAS Regulation. As illustrated below, this security framework includes specific guidelines for TSP on: 1) Risk management related to the security of the eIDAS trust services and based on ISO/IEC 27005 general approach; 2) Security incident management by using the appropriate measures to efficiently detect, measure the impact, respond, report, and recover from security incidents as part of the eIDAS Regulation; 3) Security measures recommended to TSPs from “technical” standards and best practices to treat the risks and contribute to the security incident management. The level of security of these measures is to be selected by the TSP to be commensurate to the degree of risk bound to the context of the TSP (determined during the “context establishment”).


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies