Национален регистър на издаваните книги в България

The main tasks of the Cyber Security Programme are as follows:

1.       To assist the Client's top management in defining and reviewing priorities for quality assurance management of:

a)       Quality management and protection of the digital processes and products;

b)       Cyber security and privacy protection;

c)       Crisis management and business continuity.

2.       Identify and/or refine strategies related to security and business continuity management;

3.       Assist in reviewing the key characteristics of information assets; analyses and risks assessment and vulnerabilities to them;

4.       Support the review and improvement of plans to assess, mitigate and manage risks to information assets;

5.       Assist in the review of legal, contractual and other specific requirements related to security, safety, data protection, business continuity;

6.       Identify and analyses stakeholder needs and expectations regarding security; data protection and business continuity;

7.       To generate and test new ideas, controls, organizational and technological solutions for information security and data protection;

8.       To improve the quality of the human factor in the Cyber Security System;

9.       To analyze the results of corrective actions taken and actions to continuously improve security; data protection and business continuity;

10.    Assess the Client's capability and level of compliance with critical infrastructure protection requirements;

11.    To contribute to the improvement of:

a)      The Quality Management Systems (ISO 9001; ISO 90003; AQAP 2110; AQAP 2210; ISO/IEC 20000; ISO 90003; ISO 19443 etc.);

b)      The Information Security Management System (ISO/IEC 27001 Series Standard's);

c)       The Data Protection Management System (ISO/IEC 277001 and GDPR);

d)      The Business Continuity Management System (ISO 22301);

e)      The Anti-Bribery Management System (ISO 37001);

f)        The IT Service Management Systems (ISO/IEC 20000-1);

g)      The Cyber Security Management Systems - Industrial Automation and Control System (IACS) – (ISA/IEC 62443 Series Standards);

h)      The Risk Management System (ISO 31000);

i)        Other management systems.

12.    To identify areas for improvement in security; data protection and business continuity;

13.    Evaluate the appropriateness and scope of long-term and short-term security, data protection and business continuity objectives;

14.    Provide input data to the Review Management process for the Security and Privacy Management System and Business Continuity Management System.