The Security Expert Group (SEG) has been tasked with reviewing and developing potential system, process and governance enhancements to ensure security of the data held within the MRASCo systems is maintained.
SEG last met on 3rd July 2015 and reviewed the proposed ECOES user audit questions for both the compliance based and risk based approaches. The questions were approved and recommended to the MRA Executive Committee with the inclusion of an additional question regarding the ECOES Consolidated Monthly report.
The ECOES Consolidated Monthly Report Encryption Request For Information (RFI) responses were reviewed, which resulted in SEG agreeing to review the use of secure File Transfer Protocols (sFTPs) as a distribution method. The Expert Group agreed that two Change Proposals regarding the distribution method of the ECOES Consolidated Monthly Report should be raised as alternatives for consideration by the MRA Development Board (MDB).
Finally, SEG reviewed the drafting proposals in relation to Information Security. Both the MAP15 drafting regarding ECOES and the MAP18 drafting regarding the GDCC have been signed off in principle.
If you have any questions, or if you would like to attend the next SEG meeting on 4th August 2015, please contact the team at MRAHelpdesk@Gemserv.com