Security Expert Group (SEG) September Update 2015

The Security Expert Group (SEG) has been tasked with reviewing and developing potential system, process and governance enhancements to ensure security of the data held within the MRASCo systems is maintained.

SEG last met on 14th September 2015 and reviewed the proposed GDCC user audit questions for Category 1 users. One minor amendment was made to the self-assessment questions, which have been provided to the MRA Executive Committee for further consideration.

In addition, the Group reviewed the draft Terms of Reference for a permanent Security Group as an enduring MRASCo Board sub-committee, which will be updated to include the feedback received and provided to the MRASCo Board for approval.

Finally, the secure distribution of ECOES and GDCC data was considered. A proposal to securely and flexibly distribute data with the appropriate security and access controls was approved and will be recommended to the MRA Executive Committee for further consideration. The proposal stipulates that Gemserv would receive master reports from the systems, which would be tailored to produce various reports for the industry. The output files would then be securely transferred to the recipients via a platform that would push notifications, in a similar way to Huddle, when a file is uploaded.

If you have any questions, or if you would like to attend the next SEG meeting, please contact MRAHelpdesk@Gemserv.com