Download our factsheet "epSOS - Technical Aspects"! To access other epSOS documents and print materials, please visit the Download Area.

Risk Analysis

With reference to the ISO/IEC TR 13335-3 (ISO/IEC 27005) guidance, the decision was made to apply a “combined approach” to the Risk Analysis: an “informal approach” carried out by security experts at a higher level, to evaluate the risk of the epSOS LSP and to define  its security  requirements. A “baseline approach” (ref. to vulnerabilities and threats ISO/IEC 27005 catalogue) to evaluate the risk of each proposed Security Service, in order to select the best solution and also, if applicable, to identify specific security constraints of the selected solution.