À¶¾¨ÌåÓýº£Íâ

À¶¾¨ÌåÓýº£Íâ aims at maintaining and improving the security architecture of large-scale IT systems in the area of freedom, security and justice (Eurodac, SIS, VIS, and the future EES, ETIAS and ECRIS-TCN), as well as the communication network that connects the Member States to the central systems. The À¶¾¨ÌåÓýº£Íâ Security Unit strengthens the Agency's information management capabilities alongside the security and cybersecurity aspects of the IT systems and data carried therein. The Agency delivers added value to the Member States by creating a secure environment for the continuous operation of the IT systems it manages.

Responsibilities of the Agency in the operational management of large-scale IT systems

The  and specific requirements in the EU Regulations of several large-scale IT systems, complemented by requirements from the Agency's stakeholders, guide the À¶¾¨ÌåÓýº£Íâ Security Unit in its mission. The most prominent task for Security is to assure the 24/7 functioning of the systems, yet, it is also responsible for

• a continuous and secure exchange of data between national authorities and À¶¾¨ÌåÓýº£Íâ operators;
• high-quality efficient services and solutions in order to  become an acknowledged EU ICT centre of excellence with relevant technical security skills;
• the security requirements for the design, initiation, development and implementation of new systems and new pilot projects.

Additionally, the Security Unit supports the Agency in developing constant improvements in:

• service delivery;
• developing a modern, efficient and agile organisation;
• ensuring a constant appropriate level of data and physical security not only for the large-scale IT systems but also for the Agency and staff.

The Security Unit at À¶¾¨ÌåÓýº£Íâ focuses on implementing appropriate security measures that match the requirements at the Agency sites in four locations, in an innovative and efficient way for its systems operations, and in a close cooperation with its stakeholders. In addition, the objective within À¶¾¨ÌåÓýº£Íâ is to operate in a safe and secure environment, by providing levels of protection for persons, assets and information commensurate with identified risks, all in a timely manner. Decision of the Management Board on Security rules in À¶¾¨ÌåÓýº£Íâ 2016-133 Rev3 sets out the objectives, basic principles, organisation and responsibilities regarding security at À¶¾¨ÌåÓýº£Íâ.

With regard to information security, the Security Unit also coordinates the implementation of Decision of the Management Board on the Security Rules for Protecting Sensitive Non-classified Information at À¶¾¨ÌåÓýº£Íâ 2019-208 and Decision of the Management Board on the Security Rules for Protecting EU Classified Information in À¶¾¨ÌåÓýº£Íâ 2019-273. Handling instructions for Sensitive Non-classified information issued by À¶¾¨ÌåÓýº£Íâ are available here.