Skip to main content

Information security management system

27001EN_cr.jpg

Ensuring the security of statistical information and state data, and the continuation of safe, uninterrupted and reliable services, the State Data Agency (Statistics Lithuania) follows the Law on Cyber Security of the Republic of Lithuania, IT security guidelines of the European Statistical System, other best practices.

On 24 August 2018, in order to ensure compliance with the ESS IT safety guidelines, the Information Security Management System of the State Data Agency was certified in accordance with standard LST EN ISO/IEC 27001:2017 for the first time. The external auditors assessed the Information Security Management System of the State Data Agency’s and determined that the Agency’s Information Security Management System complies with the requirements of standard of LST EN ISO IEC 27001:2017 in the field of production of official statistics of the country.

On 29 August 2024, for the purposes of ensuring an adequate level of information security, cyber security and privacy protection in the institution, the Information Security Management System of the State Data Agency was certified according to the requirements of the updated standard LST EN ISO/IEC 27001:2023 so that information security management practices are applied in the light of the latest changes in threats, technologies and legal requirements.

Standard LST EN ISO/IEC 27001:2023 is an international standard defining the requirements for the information security management system to enable the organization to assess risks and to put in place appropriate controls to protect the confidentiality, integrity and availability of information. Compliance with the requirements of this standard confirms that the authority and its information security management system is reliable.

LST EN ISO/IEC 27001:2023 standard covers all aspects of information management: from computer data to public speaking conversations, including physical protection and initial staff checking. LST EN ISO/IEC 27001:2023 standard helps to ensure business continuity in almost all possible circumstances: fire, flood, burglary, missing information, breach of confidentiality requirements or even terrorism. By implementing the information security management system, the State Data Agency has developed and implements the information security policy that covers all methods and aspects of data storage.

Advantages of standard LST EN ISO/IEC 27001:2023:

  • the reliability, availability and confidentiality of information is ensured;
  • the standard includes risk management, safety policy principles, physical and environmental safety, access control, communication and operations management, incident management, business and activity continuity, resource and asset management, compliance with legislation;
  • stakeholder confidence in the organization;
  • management of legal and other requirements is ensured.

 

Last updated: 17-09-2024