10852: Efforts/routines for administrating the ICT security, by employment group (Central government) 2013 - 2019
Mark your selections and choose between table on screen and file format. Marking tips

For variables marked Select at least one value you need to select at least one value

contents Select at least one value

Total 12 Selected

Search

employment group

Total 5 Selected

Search

year Select at least one value

Total 7 Selected

Search


Number of selected data cells are:(maximum number allowed is 300 000)

Presentation on screen is limited to 1 000 rows and 30 columns


Number of selected cells exceeds the maximum allowed 300 000
Contact and information

Information

Latest update
2019-04-29
Contact
Øystein Åmelfot Dyngen, Statistics Norway
+47 409 02 357
dyn@ssb.no

Ole Røgeberg, Statistics Norway
+47 409 02 358
olr@ssb.no

Unit
Have a written information security policy which is rooted in the management:
per cent
A formal appointed person is responsible for the information security:
per cent
An emergency plan is updated within the last two years:
per cent
Emergency exercise is implemented not less than once a year:
per cent
Have routines for handling security incidents:
per cent
Have documented methodology and template for risk evaluations:
per cent
Acceptable risk is made clear by the management, and is communicated to the staff:
per cent
Risk evaluations are implemented systematical and periodical:
per cent
Required security efforts are implemented at new risk evaluations:
per cent
Have annually internal auditing of the information security control system:
per cent
The management has review of the information security control system annually:
per cent
Activities for training and awareness for employees and leaders are carried out at least once per year:
per cent
Reference time
Have a written information security policy which is rooted in the management:
1. quarter
A formal appointed person is responsible for the information security:
1. quarter
An emergency plan is updated within the last two years:
1. quarter
Emergency exercise is implemented not less than once a year:
1. quarter
Have routines for handling security incidents:
1. quarter
Have documented methodology and template for risk evaluations:
1. quarter
Acceptable risk is made clear by the management, and is communicated to the staff:
1. quarter
Risk evaluations are implemented systematical and periodical:
1. quarter
Required security efforts are implemented at new risk evaluations:
1. quarter
Have annually internal auditing of the information security control system:
1. quarter
The management has review of the information security control system annually:
1. quarter
Activities for training and awareness for employees and leaders are carried out at least once per year:
1. quarter
Basetime
Have a written information security policy which is rooted in the management:
per cent
A formal appointed person is responsible for the information security:
per cent
An emergency plan is updated within the last two years:
per cent
Emergency exercise is implemented not less than once a year:
per cent
Have routines for handling security incidents:
per cent
Have documented methodology and template for risk evaluations:
per cent
Acceptable risk is made clear by the management, and is communicated to the staff:
per cent
Risk evaluations are implemented systematical and periodical:
per cent
Required security efforts are implemented at new risk evaluations:
per cent
Have annually internal auditing of the information security control system:
per cent
The management has review of the information security control system annually:
per cent
Activities for training and awareness for employees and leaders are carried out at least once per year:
per cent
Source
Statistics Norway
Database
External PROD
Footnotes

Footnotes

contents
Required security efforts are implemented at new risk evaluations
Indepented of new or changed ICT systems

User manual for StatBank