The complexity of the security of information systems calls for the development of strategies to enable the free movement of information whilst ensuring the security of the use of information systems throughout the Community. The decision in question is intended to create a plan of action in the area of information security, as well as a committee responsible for advising the Commission of any actions to be taken in this area.
Council Decision 92/242/EEC of 31 March 1992 in the field of information security.
This decision approves action in the field of security of information systems. This action includes two components:
- setting up an action plan for an initial 24-month period. An amount of ECU 12 million is considered necessary to implement the action for an initial period of twenty-four months;
- setting up a Senior Officials Committee with a long-term mandate to advise the Commission on action to be undertaken in the field of the security of information systems.
The action plan shall have as its objective the development of overall strategies aiming to provide users and producers of electronically stored, processed or transmitted information with appropriate protection of information systems against accidental or deliberate threats.
The action plan shall be implemented in close collaboration with the sector actors. It shall take into account and complement the world-wide standardisation activities under way in this field.
It shall include the following lines of action:
- development of an information security strategy framework;
- identification of user and service provider requirements for the security of information systems;
- solutions for immediate and interim needs of users, suppliers and service providers;
- specifications, standardisation and verification of information security;
- technological and operational developments for information security within a general strategy;
- provision of security of information systems.
Details of the action plan are set out in the annex to the Decision.
The Committee is consulted by the Commission systematically on issues relating to the security of the information systems for the various activities carried out by the Community, in particular on the definition of work strategies and programmes.
|Act||Entry into force||Deadline for transposition in the Member States||Official Journal|
|Decision 92/242/EC||31.03.1992||-||OJ L 123 of 31.03.1992|
For further information on measures employed to ensure security in an information society, please consult the Commission's web site on Europe's Information Society.