Decision No 1/2024 of the Joint Committee established by the Agreement between th... (22025D0908)
INHALT
Decision No 1/2024 of the Joint Committee established by the Agreement between the European Union and the Swiss Confederation on the linking of their greenhouse gas emissions trading systems of 4 December 2024 as regards the amendment of Annex II to the Agreement and of the Common Operational Procedures and the Linking Technical Standards [2025/908]
- DECISION No 1/2024 OF THE JOINT COMMITTEE ESTABLISHED BY THE AGREEMENT BETWEEN THE EUROPEAN UNION AND THE SWISS CONFEDERATION ON THE LINKING OF THEIR GREENHOUSE GAS EMISSIONS TRADING SYSTEMS
- of 4 December 2024
- as regards the amendment of Annex II to the Agreement and of the Common Operational Procedures and the Linking Technical Standards [2025/908]
- Article 1
- Article 2
- ANNEX I
- ANNEX II
- COMMON OPERATIONAL PROCEDURES (COP) PURSUANT TO ARTICLE 3(6) OF THE AGREEMENT BETWEEN THE EUROPEAN UNION AND THE SWISS CONFEDERATION ON THE LINKING OF THEIR GREENHOUSE GAS EMISSIONS TRADING SYSTEMS
- Procedures for permanent registry link
- 1. GLOSSARY
- 2. INTRODUCTION
- 2.1. Scope
- 2.2. Addressees
- 3. APPROACH AND STANDARDS
- 4. INCIDENT MANAGEMENT
- 4.1. Incident detection and recording
- 4.2. Classification and initial support
- 4.3. Investigation and diagnosis
- 4.4. Resolution and recovery
- 4.5. Incident closure
- 5. PROBLEM MANAGEMENT
- 5.1. Problem identification and recording
- 5.2. Problem prioritisation
- 5.3. Problem investigation and diagnosis
- 5.4. Resolution
- 5.5. Problem closure
- 6. REQUEST FULFILMENT
- 6.1. Initiate Request
- 6.2. Request Logging and Analysis
- 6.3. Request Approval
- 6.4. Request fulfilment
- 6.5. Request Escalation
- 6.6. Request Fulfilment Review
- 6.7. Request Closure
- 7. CHANGE MANAGEMENT
- 7.1. Request for Change
- 7.2. Change Evaluation and Planning
- 7.3. Change approvals
- 7.4. Change implementation
- 8. RELEASE MANAGEMENT
- 8.1. Plan the release
- 8.2. Build and Test Release Package
- 8.3. Prepare deployment
- 8.4. Roll back the release
- 8.5. Review and close release
- 9. SECURITY INCIDENT MANAGEMENT
- 9.1. Information Security Incident Categorisation
- 9.2. Information Security Incident Handling
- 9.3. Security Incident Identification
- 9.4. Security Incident Analysis
- 9.5. Security Incident Severity assessment, Escalation and Reporting
- 9.6. Security Response Reporting
- 9.7. Monitoring, Capacity Building and Continuous Improvement
- 10. INFORMATION SECURITY MANAGEMENT
- 10.1. Sensitive information identification
- 10.2. Sensitivity levels of Information Assets
- 10.3. Assignment of Information Assets Owner
- 10.4. Registration of sensitive information
- 10.5. Handling of sensitive information
- 10.6. Access Management
- 10.7. Certificate/Key Management
- ANNEX III
- LINKING TECHNICAL STANDARDS (LTS) PURSUANT TO ARTICLE 3(7) OF THE AGREEMENT BETWEEN THE EUROPEAN UNION AND THE SWISS CONFEDERATION ON THE LINKING OF THEIR GREENHOUSE GAS EMISSIONS TRADING SYSTEMS
- Standards for permanent registry link
- 1. GLOSSARY
- 2. INTRODUCTION
- 2.1. Scope
- 2.2. Addressees
- 3. GENERAL PROVISIONS
- 3.1. Architecture of the communication link
- 3.1.1. Message exchange
- 3.1.2. XML Message – High level description
- 3.1.3. Ingestion windows
- 3.1.4. Transaction Message Flows
- Outgoing transactions
- Incoming Transactions
- Protocol
- Transaction status
- 3.2. Data Transfer Security
- 3.2.1. Firewall and Network Interconnection
- 3.2.2. Virtual Private Network (VPN)
- 3.2.3. IPSec Implementation
- 3.2.4. Secure message exchange transfer protocol
- 3.2.5. XML Encryption and signature
- 3.2.6. Cryptographic Keys
- 3.3. List of Functions under the link
- 3.3.1. Business transactions
- 3.3.2. Reconciliation protocol
- 3.3.3. Test message
- 3.4. Data Logging Requirements
- Transaction logs
- Reconciliation logs
- Message archive
- Internal audit logs
- 3.5. Operational Requirements
- 4. AVAILABILITY PROVISIONS
- 4.1. Communication Availability Design
- ICT infrastructure resilience
- Custom Software resilience
- Service resilience
- 4.2. Initialisation, Communication re-activation and testing plan
- 4.2.1. Internal ICT infrastructure tests
- 4.2.2. Communication tests
- 4.2.3. Full system (end-to-end) tests
- 4.2.4. Security tests
- Testing resources
- 4.3. Acceptance/Testing environments
- 5. CONFIDENTIALITY AND INTEGRITY PROVISIONS
- 5.1 Security Testing Infrastructure
- 5.2 Link Suspension and Reactivation Provisions
- Suspensions
- Communication Reactivation
- 5.3 Security Breach Provisions
- 5.4 Security Testing Guidelines
- 5.4.1 Software
- 5.4.2 Infrastructure
- 5.5 Risk Assessment provisions
Feedback