...
View Organisation | View Transactions | Certificate ID and validity | Certificate Site/Scope/Material | |
EC Admin/User | Y | Y (authorised personnel only) | Y | Y |
MS Lead User & User | Y | Y (authorised personnel only) | Y | Y |
VS Lead User & User | Y | N | Y | Y |
EO Lead User & User | Y | Y | Y | Y |
Other EO Lead user & user | N | N | Y(planned) | N |
TSO/DSO/LSO | N | N | Y | N |
CB Lead User & User | Y | Y ( As part of audit) | Y | Y ( As part of audit) |
Service Provider | Y (SP appointed by EO only) | Y (SP appointed by EO only) | Y (No restrictions, for all EO) | Y (SP appointed by EO only) |
...
Requirement | Implementation (M=mandatory, R=recommended) |
Access to system functionalities and data shall be restricted to authorized users on the basis of the ‘need to know’ principle. | M |
Authorization mechanisms in the system shall ensure that access is:
| M |
The system owner shall determine access rights associated with differentiated levels of authorization to access the system data and functionalities. | M |
The access rights shall be determined on the basis of a risk assessment that considers at least: Information sensitivity and level of classification – the need to limit access to system data, in line with data classification, general data sensitivity and applicable regulation; and | M |
Determined access rights shall be reviewed periodically to check that they continue to ensure the protection of sensitive non-classified information, the enforcement of process controls and the segregation of incompatible duties. | M |
Access decisions (both positive and negative) following a user access request during a login process shall be logged in order to provide an audit trail. | M |
User & system authenticationAuthentication service: EU Login Login