D2.1 Audit Information

Deliverable D.2.1 reports on the audit and traceable information required for trust in the supply chain and certification.

Auditing and traceability in ICT systems is an issue of paramount importance for getting the trust of a certain product or service and for certification purposes. This task will deal with defining the needed information for creating a blueprint that severs for checking security, privacy, and accountability requirements, as well as for continuous controls monitoring. The blueprint is a critical step to guarantee more transparency, security and privacy-centered, better inform and protect the end-user of an ICT system. With this information, a buyer can examine the status on matters of cybersecurity, privacy and accountability in a certain product or service, and at the same time, this information can be used for maintaining and improving security issues. Furthermore, this information can be used for security claims for certification.