The General Data Protection regulation provides a uniform legal framework for data protection in the European Union. The implementation of the regulation does not change the Central Statistical Bureau (hereinafter – the CSB) activities in respect to the data processing, as it still complies with both statistical confidentiality and personal data protection requirements and develops its information security management system based on the international standard ISO 27001.
Compliance of the CSB information security management system with International Standard ISO/IEC 27001:2013
Mission: to provide users of statistical information with independent high-quality official statistics for decision making, research and discussion.
Vision: modern, innovative, central statistical institute providing high-quality national statistics.
To implement the mission and vision, CSB shall ensure compliance with the requirements specified in the regulatory enactments of the European Union and the Republic of Latvia on statistical confidentiality, information security and data protection as well as international standard ISO/IEC 27001:2013.
CSB introduced information security management system in 2008. All internal laws and regulations are adopted and improved within the framework of the system, moreover CSB is continuously working on the improvements thereof. The classification of information and technical resources as well as information security risk management are implemented in accordance with confidentiality, integrity, and accessibility requirements.
The information security requirements established in the CSB are binding on both CSB employees and third parties insofar as they are relevant to the type and nature of the cooperation between the both.
Aiming to ensure the widest coverage possible, the scope of the information security management system implemented by the CSB covers collection, accumulation, processing and storage of the information and data needed for the performance of the CSB functions as well as provision of data users with statistics.