This is a site designed to make it easier to take the core of large published reports and allow anyone to comment on them.


A.2.6 The impact levels for a compromise of the confidentiality, integrity and availability of information assets are determined by the SIRO. For e-Government services, impact levels for a compromise of the identity registration, enrolment and authentication processes that support the service must also be determined. The impact levels should be determined in consultation with the Accreditor, supported by a ful risk assessment to set out the business impacts of compromise. Important factors in determining the countermeasures that must be in place and the level of residual risk to accept for information assets include the residual risk that the risk owner is prepared to accept, and any prerequisite requirements for envisaged onward connections.154

Email this to a friend.
Previous itemNext item.


(You must give a valid email address, but it will not be displayed to the public.)

We only allow the following html tags em strong blockquote p br. After posting, there may be a short delay before your comment appears on the site