OECD Reviews of Risk Management Policies

ISSN :
1993-4106 (online)
ISSN :
1993-4092 (print)
DOI :
10.1787/19934106
Hide / Show Abstract
This series presents a series of books examining the management of risk by governments in such areas as natural disasters, climate change, information security, nuclear energy, biotechnology and financial services.
 
OECD Reviews of Risk Management Policies: Norway 2006

OECD Reviews of Risk Management Policies: Norway 2006

Information Security You do not have access to this content

Authors:
OECD
Publication Date :
11 Apr 2006
Pages :
132
ISBN :
9789264025516 (PDF) ; 9789264025509 (print)
DOI :
10.1787/9789264025516-en

Hide / Show Abstract

The development of information and communication technologies and networks, and in particular that of the Internet, has gone hand in hand with the emergence of new types of malevolent actions called cyber-crime: viruses, worms, Trojan horses, and the like. While a number of factors make a strong case for governmental action in the area of information security, there are also important limits to what governments can achieve. This review, the first in a series of risk management policy reviews being conducted by the OECD, identifies areas of good practice in Norway's policies for information security, as well as areas where improvements could be made. For areas that could benefit from improvement, it proposes opportunities for action and, when possible, suggests alternatives.
Related links placeholder

Table of Contents

Summary of Findings and Recommendations
Chapter 1. The Norwegian Strategy for Information Security
Chapter 2. Assessing Information Security Risks
-Risk Assessment in the Government
-Risk Assessment in Critical Infrastructures
Chapter 3. Protecting Information Systems
-Protection of Government Systems
-Protection of Critical Infrastructure Systems
Chapter 4. Managing Incidents, Emergencies, and Crises
-Incident Management
-Contingency and Preparedness Planning
-Emergency and Crisis Management
Chapter 5. Strengthening the Foundations of Security
-Awareness-Raising
-Information-Sharing
-Education and R&D
Bibliography