Information security requirements

A list (requirement libraries) of non-functional requirements to start from when an IT procurement is to be carried out within Umeå municipality. This dataset covers information security requirements. The different levels 1, 2 and 3 represent the level of any damage that may occur if any of the aspects Confidentiality, Reality or Availability are not maintained.Level 1: Moderate Injury — It is enough that one of the following are fulfilled: None appreciable major difficulties in achieving the objectives. None impact on essential functions at your own or other organisation. Individuals individuals or other authorities and organisations may note the disturbance or experience mild inconvenience but without demonstrable economic impact. Isolated personal data of a non-sensitive nature may be disseminated and cause moderate harm to privacy Level 2: Significant damage — It is sufficient that one of the the following are fulfilled: Activities can complete their assignments, but with a likely risk of severe influence (economic or through the need to take extraordinary measures). Other public authorities and organisations may be affected (financially or through: the need to take extraordinary measures). Essential functions of your own organisation or other organisation is unlikely to be affected. Individuals individuals may experience consequences, such as major inconveniences or great economic impact, of the disruption. Personal data may spread and cause significant harm to privacy Level 3: Serious injury. It is enough that one of the the following are fulfilled: Creates major difficulties for the organisation’s activities. Impossible or almost impossible to complete the mission. Essential functions of own or other organisation are likely to be affected. Individuals life and health are compromised. Sensitive personal data can be widely disseminated and cause serious harm to it privacy The list of requirements is updated at least once a year, possibly more frequently. If you have any questions, please contact: [email protected].