eu-LISA aims at maintaining and improving the security architecture of the three large-scale IT systems in the area of freedom, justice and security (SIS II, VIS and EURODAC), as well as the communication network that connects the Member States to the Central Systems. The eu-LISA Security governance and operations (afterwards only Security) strengthen the Agency's information management capabilities alongside of security and cybersecurity of the IT systems and data carried within. The Agency delivers added value to the Member States by creating a secure environment for the continuous operation of the IT systems.
Responsibilities of the Agency in the operational management of large-scale IT systems
The Agency's establishing regulation as well as the specific requirements of the regulations of the three large-scale IT systems, complemented by the requirements from the Agency's stakeholders guide the eu-LISA Security in its mission. The most anticipated task of the Security is to assure the 24/7 functioning of the systems, yet, it is responsible also for:
a continuous and secure exchange of data between national authorities and eu-LISA operators;
high-quality efficient services and solutions in order to become an acknowledged EU ICT centre of excellence with relevant technical security skills;
the security requirements for the design, development, initiation and implementation of new systems and new pilot projects;
data protection safeguards for the data of citizens carriedin the IT systems.
Additionally, the Security supports the Agency in developing the culture for a constant improvement in:
developing a modern, efficient and agile organisation;
assuring a constant appropriate level of data and physical security not only of the large-scale IT systems but also of the Agency.
The Security at eu-LISA focuses on implementing the appropriate security measures that match the security requirements at the Agency sites in three locations, in an innovative and efficient way for its systems operations, and in a close cooperation with its stakeholders.