At the February 2015 Panel meeting, the Panel approved the establishment of the Security Sub-Committee (SSC). The Panel have established the SSC to oversee, review and advise on SEC security arrangements.
Section G7 sets out the functions of the Security Sub-Committee, which include:
- Document Development and Maintenance:
- Development and maintenance of various pieces of Security documentation, including the Security Controls Framework and the Risk Treatment Plan;
- Security Assurance:
- At least annually review the Security Obligations and Assurance Arrangements to ensure they remain fit for purpose;
- Review the Commercial Products Assurance Scheme to ensure it remains fit for purpose;
- Monitoring and Advice:
- Provide assistance to the DCC and Users in relation to the causes of security incidents and management of any vulnerabilities; and
- Monitor Anomaly Detection Thresholds and provide opinions on means of detecting Compromises to the DCC.
The list above is not inclusive of all of the SSC’s duties.
The Terms of Reference (ToR) for the SSC can be downloaded from the documents section on this page.