Date: Oct 3, 2022, 9:56:06 PM
Date: Nov 28, 2019, 2:04:11 PM
Editor:
Editor: Juan
Name:
Name: NIS security measures for OES
Description:
Description: Network and Information Security (NIS) security measures for Operators of Essential Services (OES)

t1{}t1{
2    "label": "NIS security measures for OES",
3    "language": "EN",
4    "refs": [
5        "https://www.enisa.europa.eu/publications/mapping-of-oes-security-requirements-to-specific-sectors"
6    ],
7    "uuid": "3f4a2a67-a1f9-46e1-8d71-7f6486217bb7",
8    "values": [
9        {
10            "category": "Information System Security Governance & Risk Management",
11            "code": "1.1.1",
12            "label": "Information system security risk analysis",
13            "uuid": "030ef936-d0fe-4d6b-9238-e3004f58f7b6"
14        },
15        {
16            "category": "Information System Security Governance & Risk Management",
17            "code": "1.1.2",
18            "label": "Information system security policy",
19            "uuid": "02527779-a76f-42fc-b420-6726099d4241"
20        },
21        {
22            "category": "Information System Security Governance & Risk Management",
23            "code": "1.1.3",
24            "label": "Information system security accreditation",
25            "uuid": "8ead422e-2d73-48e8-82f9-b82fe363d072"
26        },
27        {
28            "category": "Information System Security Governance & Risk Management",
29            "code": "1.1.4",
30            "label": "Information system security indicators",
31            "uuid": "7d1e4532-ddb1-408c-8a9d-ffed0cef3821"
32        },
33        {
34            "category": "Information System Security Governance & Risk Management",
35            "code": "1.1.5",
36            "label": "Information system security audit",
37            "uuid": "d646a78e-68d8-4d60-a01f-455b1a0df4f1"
38        },
39        {
40            "category": "Information System Security Governance & Risk Management",
41            "code": "1.1.6",
42            "label": "Human resource security",
43            "uuid": "cfda8669-f42c-4917-833e-b873110b4380"
44        },
45        {
46            "category": "Information System Security Governance & Risk Management",
47            "code": "1.1.7",
48            "label": "Asset Management",
49            "uuid": "11c11899-6a4d-4937-ae09-fc3dcfdb26f9"
50        },
51        {
52            "category": "Ecosystem management",
53            "code": "1.2.1",
54            "label": "Ecosystem mapping",
55            "uuid": "66b045d6-77a5-426f-afe5-55cac81ac5c8"
56        },
57        {
58            "category": "Ecosystem management",
59            "code": "1.2.2",
60            "label": "Ecosystem relations",
61            "uuid": "26b54bed-01d5-4614-b0ed-907af072b8a9"
62        },
63        {
64            "category": "IT Security Architecture",
65            "code": "2.1.1",
66            "label": "Systems configuration",
67            "uuid": "8e6bf606-42cf-4f85-bedd-5e633d241183"
68        },
69        {
70            "category": "IT Security Architecture",
71            "code": "2.1.2",
72            "label": "System segregation",
73            "uuid": "a3f6ee47-de81-400a-a7dc-79e79fb73729"
74        },
75        {
76            "category": "IT Security Architecture",
77            "code": "2.1.3",
78            "label": "Traffic filtering",
79            "uuid": "7374508b-6114-4219-8834-7b87117fcbf9"
80        },
81        {
82            "category": "IT Security Architecture",
83            "code": "2.1.4",
84            "label": "Cryptography",
85            "uuid": "fd44edba-005b-447c-8612-c0a92cbb0ec6"
86        },
87        {
88            "category": "IT Security Administration",
89            "code": "2.2.1",
90            "label": "Administration accounts",
91            "uuid": "9fa537a3-efc0-4624-aeae-ab975076e1c0"
92        },
93        {
94            "category": "IT Security Administration",
95            "code": "2.2.2",
96            "label": "Administration information systems",
97            "uuid": "4baf165d-b157-4c19-bbd6-ad3ddd5dbe79"
98        },
99        {
100            "category": "Identity and access management",
101            "code": "2.3.1",
102            "label": "Authentication and identification",
103            "uuid": "f5f8ef4a-25f2-4169-b279-424081fc6125"
104        },
105        {
106            "category": "Identity and access management",
107            "code": "2.3.2",
108            "label": "Access rights",
109            "uuid": "6b327343-7f81-4a40-bc46-194cf5aa54df"
110        },
111        {
112            "category": "IT Security Maintenance",
113            "code": "2.4.1",
114            "label": "IT security maintenance procedure",
115            "uuid": "752f00ca-196b-4055-b660-4a09185ce3a7"
116        },
117        {
118            "category": "IT Security Maintenance",
119            "code": "2.4.2",
120            "label": "Remote access",
121            "uuid": "efcb645f-ca20-484d-a3b7-6ef98db907ff"
122        },
123        {
124            "category": "Physical and environmental security",
125            "code": "2.5.1",
126            "label": "Physical and environmental security",
127            "uuid": "157d5514-b3cd-4d31-9bff-560a1a436d96"
128        },
129        {
130            "category": "Detection",
131            "code": "3.1.1",
132            "label": "Detection",
133            "uuid": "725706a3-fa1d-48e1-8458-21974439b34b"
134        },
135        {
136            "category": "Detection",
137            "code": "3.1.2",
138            "label": "Logging",
139            "uuid": "1b9d05fc-e385-4fdb-aa44-54e069a9ea91"
140        },
141        {
142            "category": "Detection",
143            "code": "3.1.3",
144            "label": "Logs correlation and analysis",
145            "uuid": "957b42b2-b3c6-4d0c-b32e-fcc4bea29ffd"
146        },
147        {
148            "category": "Computer Security Incident Management",
149            "code": "3.2.1",
150            "label": "Information system security incident response",
151            "uuid": "f739cbb5-8ed4-4136-b4c0-4fd3edb84cd8"
152        },
153        {
154            "category": "Computer Security Incident Management",
155            "code": "3.2.2",
156            "label": "Incident Report",
157            "uuid": "ea405481-cbe2-4e15-b2a3-f45563e160cc"
158        },
159        {
160            "category": "Computer Security Incident Management",
161            "code": "3.2.3",
162            "label": "Communication with competent authorities and CSIRTs",
163            "uuid": "fbfa7c30-f131-4e9b-9e8a-53ad4b90b164"
164        },
165        {
166            "category": "Continuity of operations",
167            "code": "4.1.1",
168            "label": "Business continuity management",
169            "uuid": "b24b90b0-eeea-4a56-b5ef-2c484467c97a"
170        },
171        {
172            "category": "Continuity of operations",
173            "code": "4.1.2",
174            "label": "Disaster recovery management",
175            "uuid": "f87f15fe-0170-4164-90de-091d9519d140"
176        },
177        {
178            "category": "Crisis management",
179            "code": "4.2.1",
180            "label": "Crisis management organization",
181            "uuid": "0ca52ad9-4570-46be-88ce-d22efd4a145b"
182        },
183        {
184            "category": "Crisis management",
185            "code": "4.2.2",
186            "label": "Crisis management process",
187            "uuid": "e1a91f54-34e4-45c7-8eae-dfc6dee15854"
188        }
189    ],
190    "version": 1
191}