..: 30//3/21-3-14 13/14 14PROC001952276 2014-03-31...-... ISO27001 : (...-...) : 414.760,56 ( ) : 510.155,48 ( ) : 11.536,58 ( ) : 14.190,00 ( ) : 20 : 19/05/14.: 24/03/14 : 28/03/14 27/03/14 28/03/14 : 370535
«...-... ISO27001» : : ), : 1.. 2362/95. 2. 2004/18/ 31 2004,, 2005/51/ 2005/75/ 16 2005. 3. (). 213/2008 28 2007 (). 2195/2002 (CPV) 2004/17/ 2004/18/, CPV. 4. To..60/07 ( 64//07) «2004/18/,» 2005/51/ 2005/75/ 16 2005. 5. 1336/2013 2004/17/, 2004/18/ 2009/81/ 6. 118/07 ( 150//10-07/07),. 7..2741/99 ( 199//99) 8 «,». 8..3886/10 ( 173/30-09-2010) «89/665/ 21 1989 (L395) 92/13/ 25 1992 (L76), 2007/66/ 11 2007 (L335)». 9. ( 237/5-12-2012), 11.3886/10. 10..3588/2007 /153/10-7-2007. 03-01.03 2 7
«...-... ISO27001» : 11..3614/07 «, 2007-2013» ( 267/./03-12-07).3840/2010 «, () 2007-2013» (53//31-03-10). 12.. 2472/1997,. 3471/2006 «. 2472/97»,. 3783/2009. 3917/2011 «,». 13..3882/2010 ( 166//22-09-2010) «2007/2/ 14 2007». 14..3861/2010 (112//13-7-2010) «,». 15.. 4013/11 «. 3588/07 ( )». 16. 11. 4013/11 10.4038/12... 1/2380/2012 ( 3400). 17..4.3. 4013/11 (204/. /15-09-11,. 61,. 5. 4146/13 ( 90/./18-04-13). 18. 21.4111/2013 ( 18/25.01.2013) 19..4156/2013 ( 122/31.05.2013) 20. 26.4024/2011. 03-01.03 3 7
«...-... ISO27001» : 21. 21 3871/10. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 22. 5.861/79.. -. 23... 266/89 «-». ) : 24. 1108437/2565//15-11-05 (.1590//2005). 25. 1/1105/2-3-06 «2004/18/». 26... 4483/25-06-2012 : " «, -» MIS 370535 """ 690.104,48 ( ),. 27... 1576/16-07-2013 : "1 «, -», MIS 370535 "" 2007 2013", ( 2 3) 510.155,48 ( ) : - ISO27001 462.855,19, - 47.299,99 28... 23//35/3046/05.06.2013 - «2007-2013».. 29... 35//16/30-08-13 /.... : ) #510.155,48# /,, «03-01.03 4 7
«...-... ISO27001» : - ISO27001, -» ) #14.190,00# / - (3). 30. 149/32/05-09-13.. -. 31.. 3202/30-10-13 2: «- ISO27001» 3: «, -» «, -» «2007-2013» ( 370535). 32... /.43.4/3093/30-10-2013,,... - «- ISO27001» 510.155,48. 33. T.. 25693/438/10021/14-01-14, -. 34... 43283/419/12-02-14, - 2014 2015 35... 247/14-03-14 2014.,,, «- ISO27001» 03-01.03 5 7
«...-... ISO27001» : 2 3 «, -», MIS 370535.. «2007-2013» (, ). 524.345,48 / 426.297,14 (.1.2.). 52,, 16, 7, - 102 41, 19/5/2014 11:00..,. http://www.ika.gr/gr/infopages/supplies/diak.cfm.. : 1., (6), 20/11/2014.,. 2. : 2.1. 2.2. 3. : 1. : 2. : 3. : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 4., / 03-01.03 6 7
«...-... ISO27001» : & (. / 16-3. 5 ). -,. /.. 03-01.03 7 7
..: 30//3/21-3-14 13/14...-... ISO27001 (...-...) : 414.760,56 ( ) : 510.155,48 ( ) : 11.536,58 ( ) : 14.190,00 ( ) : 20 : 19/05/14.: 24/03/14 : 28/03/14 27/03/14 28/03/14 : 370535
«...-... ISO27001» : 1. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9...9 1.1... 9 1.1.1 (...-...)... 9 1.1.2 ( )...9 1.1.3...10 1.2 (...-...)...10 1.2.1...10 1.2.2... 11 1.2.2.1... 11 1.2.2.2... 13 1.2.3... 13 1.2.3.1... 13 1.2.3.2 -... 13 1.2.3.3...-...... 13 1.2.4...15 2.... 18 2.1 /...18 2.2 /... 19 2.2.1 (-)... 19 2.2.1.1... 19 2.2.1.2... 20 2.2.1.3... 24 2.2.1.4... 27 2.2.2 VPN...29 2.2.3 ( ) 31 2.2.3.1... 31 2.2.3.2... 31 2.2.3.3... 32 2.2.3.4... 34 2.2.4 (..)... 36 2.2.5 ( 1 Cluster)...36 2.2.6... 40 2.2.7 (S.L.A) -, 24 42 2.2.8 3... 43 2.2.8.1 43 2.2.8.2...-... 46 2.2.8.3...-...... 48 2.3... 51 2.3.1 -... 51 2.3.2... 55 2.4.. 2007-2013...56 2.4.1 -...56 2.4.2...-.....56 2.4.3 -... 57 2.4.4...57 03-01.03 2 92
«...-... ISO27001» : 2.4.5...-... (MIS)... 57 2.4.6 ()... 58 3.,... 59 3.1...59 3.2... 60 3.3...61 3.4...62 4.... 65 4.1... 65 4.2... 65 4.3...66 4.4...67 4.5...69 4.6 69 4.7...73 4.8...... ISO 27001.74 4.9 ( 3)... 75 4.9.1 ()... 75 4.9.2... 75 4.9.3...77 5.... 78 5.1...78 5.2...79 5.2.1 1:... 79 5.2.2 2:...79 5.2.3 3:...80 5.2.4 4:, &...80 5.2.5 5:...81 5.2.6 6:...81 5.2.7 7:... 82 5.2.8 8:... 82 5.3...83 5.4... 84 6.... 86 6.1... 86 6.1.1...87 6.1.2 (Senior Experts)... 87 6.1.3 (key experts)... 88 6.1.4 (non-key experts)... 88 6.1.5...88 6.2... 89 6.3... 89 6.4... 90 6.5... 91 6.6...91 03-01.03 3 92
«...-... ISO27001» : : 370535 :,. 2 3, 510.155,48 ( : 414.760,56, (23 %): 95.394,92). : 3, 14.190,00 / ( :11.536,58 + (23%): 2.653,42 = 14.190,00) 524.345,48 / ( : 426.297,14 + (23 %):98.048,34). CPV: CPV : 72222300-0 72268000-1 30237300-2,,. : 19/5/2014 11:00.... ( ) 24/3/2014 27/3/2014 & 28/3/2014 28/3/2014 03-01.03 4 92
«...-... ISO27001» : : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 DMZ IKANET IKASEC ISO SAN VPN S.L.A. LAN DSL ISDN ATM ULL PoP Ό ρ ο ς Ε π ε ξ ή γ η σ η...-....... Demilitarised Zone,,,...-..., Disaster Recovery Site, (3) International Organization for Standardization Storage Area Network Virtual Private Network Service Level Agreement Local Area Network Digital Subscriber Line Integrated Services Digital Network Asynchronous Transfer Mode Unbundling Local Loop Point of Presence 03-01.03 5 92
«...-... ISO27001» : Ό ρ ο ς Ε π ε ξ ή γ η σ η DNS Domain Name System........ 03-01.03 6 92
«...-... ISO27001» :,, :... (...-...). 16,.. 102 41,. / & 3. 16, 10241,. :, :, :. ( ).,.,.,. ( ).. () 03-01.03 7 92
«...-... ISO27001» : -. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9. -.,,,,,,.,. 03-01.03 8 92
«...-... ISO27001» : 1. 1.1 :..... www.epdm.gr...-..... 1.1.1 & www.ydmed.gov.gr...-..... 1.1.1...-..... 1.1.1 -.. 1.1.2 -.. 1.1.2 -.. 1.1.2 -.. 1.1.3 1.1.1 (...-...) (http://www.ika.gr). 1.1.2 ( ), ().,,,,... (),.4024/2011.,. 03-01.03 9 92
«...-... ISO27001» :.,,.. 1.1.3 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9, (project audits).,... 1.2 (...-...) 1.2.1...-... : 1.....-.... 2. o...-... ( )....-..., 03-01.03 10 92
«...-... ISO27001» : /. 3....-.... 4.,,. 5. (e-learning)....-...,,,.,...-... (-), / /, (.....)....-.... 1.2.2 1.2.2.1 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9.. (2007 2013), :...-...,...-......, 03-01.03 11 92
«...-... ISO27001» :. ( ) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 : 1: 3863/2010,,. /....-......,....-... 03-01.03 12 92
«...-... ISO27001» : 1.2.2.2,...-....- (2007-2013), : 1....-... (...-... ). 2.,, - 3. 4. 5.. 1.2.3 1.2.3.1 14/01/2013, 57 8. 1.2.3.2 - ( / 14/01/2013) 2.2.1.1, -, : / = 156 / = 70 1.2.3.3...-......-... 75, : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9. 03-01.03 13 92
«...-... ISO27001» :,...-...., ( ) ( ).,...-..., :....-.......-... 10.000 15.000.., ( )...-..., : = 11 (, ) = 120 ( ) = 71 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 ( ). 03-01.03 14 92
«...-... ISO27001» : (11) / (120) VPN. (71),, -, Internet. O...-...,...-.... 1.2.4...-... : ISO 9001:2008 1429:2008,,. ISO 9001:2008 1429:08...-...,.,,, ISO 27001:2005.,,....... : ) ) H/W & S/W ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 (,,..). 03-01.03 15 92
«...-... ISO27001» : ( ). - /...-... -: -. -........ - (system full backup). backup server, system backup hardware, full backup,. courier. - ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9...-...,,,...-...,...-......-..., (Master Plan),, -,......... 03-01.03 16 92
«...-... ISO27001» : (Helpdesk),., : -. : -. -.,...,,., computer room.,.. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9. 03-01.03 17 92
«...-... ISO27001» : 2. 2.1 / / / 1. (-) 2. 3. (S.L.A),, () ( ) www.ika.gr 4. (..) 5. (Help Desk) 6. 7. 8. 9. 10. 11. ( 1 Cluster)...-... (3) (Rollout) (S.L.A) -...-..., 24 :...-... 2009...-... 08/11/2011.. 2007-2013...-... 49/08 (SLA) (S.L.A) (49/08) 03-01.03 18 92
«...-... ISO27001» : / / (*) (*)...-... 12. 13. : / / ( ) (,,,, ) ad hoc (. /, Workflow,,,..)., S.L.A,,.....-... (*) -. : ". -,,." 2.2 / 2.2.1 (-) 2.2.1.1-300 ( 164 / 127 /) 9.000, 120.000. 03-01.03 19 92
«...-... ISO27001» : -,., 15.000 (,, triggers)....-..., 2. 2.2.1.2 (,,, ) (,,, ). (, ',. 65.2676/99). ( ). ( ). ( ) ( / ) / ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 / (,, ) ( ). (,,..). (,,..). 03-01.03 20 92
«...-... ISO27001» :,, (,, ), ) (, ( / ) ( / ). / (..)... / (.) / / () 03-01.03 21 92
«...-... ISO27001» : (,,,,.) -... (...-...) 1 2011,..,,, (...), (...), (...),. 3863/2010 (..),...-...,,,,. (..) :,. () : 1) i. ii. iii. iv.,... v.... 03-01.03 22 92
«...-... ISO27001» : vi. vii. (,,..) 2) i. ii. 3) 4) i. ii. iii. iv....... 5). ( - Web), -. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 23 92
«...-... ISO27001» : 6). ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 2.2.1.3.2.2.1.3.1, ( 87) ( 1 Cluster 1 ) Hardware / Servers SUN V890 SUN Solaris / - (OPS1, OPS2) 2 Servers SUN 6500 SUN Solaris / - (OPS3) 1 Servers SUN 3500 SUN Solaris / (OPS4) 1 Server SUN V490 SUN Solaris / Backup Server 1 Server SUN V490 SUN Solaris / - (OPS9) 1 SUN Storage Tek 6140 Storage Area Network 1 Server DELL R710 Server DELL R710 Red Hat Linux / DB Server Datawarehouse (OPS 10) Windows 2008 R2 Server / (OPS BI 11) 1 1 Intel Based Domain Servers Windows 2000 Server / Active Directory Microsoft Domain Servers, Line 13 Routers 28 Switches 30 12.2.2.1.3.2 LAN Servers (HP) Windows 2000 Server 70 LAN Servers (IBM) Windows 2000 Server 180 LAN Servers (Fujitsu Siemens) Windows 2000 Server 140 UPS (Liebert) 70 UPS (Meta Systems ALLY) 320 (HP) Windows 2000 Professional Greek 2.620 (IBM) Windows 2000 Professional Greek 3.900 (Fujitsu Siemens) Windows XP Professional Greek 2.712 DOT-MATRIX 80 () 6.051 1 Σ χ ε τ ι κ ά μ ε τ η ν α ν τ ι κ α τ ά σ τ α σ η τ ο υ 1ο υ τ Cluster η τ α Α 2.2.5 β λ.ε τν ηό ς π α ρ ο ύ σ α ς. 03-01.03 24 92
«...-... ISO27001» : DOT-MATRIX 132 Network (Compuprint) 500 DOT-MATRIX 132 Network () 1.130 LASER (HP 2200 Network) 250 LASER (OKI B6200 Network) 1.660 LASER (OKI B4400) 712.2.2.1.3.3 ( 12) Server,...-...,. : Servers (SUN) Sun Solaris 1 LAN Servers (HP) Windows 2000 Server 4 (HP) Windows 98 100 DOT-MATRIX 80 (OKI) 80 UPS (Liebert) 2 Router (Cisco) 1 Switch (Cisco) 8 ( ) ( 12) : Servers (SUN) Sun Solaris 2 LAN Servers (HP) Windows 2000 Server 4 (HP) Windows 2000 Professional Greek 100 Line (Tally) 1 DOT-MATRIX 132 (Compuprint SIGNUM) 5 03-01.03 25 92
«...-... ISO27001» : DOT-MATRIX 80 (OKI) 7 LASER (HP) 16 UPS (Liebert) 2 Router (Cisco) 4 Switch (Cisco) 39 ( 87) : Servers (SUN) Sun Solaris 1 LAN Servers (HP) Windows 2000 Server 4 UPS (Meta Systems ALLY) 4 (HP) Windows 2000 Professional Greek 300 DOT-MATRIX 80 (OKI) 167 DOT-MATRIX 132 Network (OKI) 31 LASER (HP) 44 -... -... : Servers (SUN) Sun Solaris 1 Firewalls (Cisco PIX) 2 (HELP DESK) ( 12) (Help Desk) : o o (REMEDY). /. 03-01.03 26 92
«...-... ISO27001» : o o o o o o /.... (bugs). ( ). Help Desk : HELP - DESK Servers (SUN) Sun Solaris 1 LAN Servers (HP) Windows 2000 Server 2 (HP) Windows 2000 Professional Greek 20 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 DOT-MATRIX 80 (OKI) 2 LASER (HP) 2 1 UPS (Liebert) 1 Switch (Cisco) 2 2.2.1.4 SUN SOLARIS 8 Database Servers -, (2) Servers, Server, Server, Server -.., Server Help Desk. SUN SOLARIS 9 Database Servers - (2) Database Servers... 03-01.03 27 92
«...-... ISO27001» : Windows 2000 Server Lan Servers, Servers. Windows 2008 Server R2 Servers. RDBMS Oracle 8.1.7 Enterprise Edition RDBMS Oracle 10g Enterprise Edition RDBMS Oracle 11g Enterprise Edition SQL Svr 2000 Standard Edition: Oracle Internet Application Server Oracle Web Logic Suite MS Internet Information Services (IIS) for Windows Server Oracle (2) (3) : ORACLE Oracle DB Oracle Internet Application Server Oracle Web Logic Suite Oracle tunning Pack Oracle diagnostics Pack Oracle partitioning 7500 named users + 4 per CPU 70 named users 130 per CPU 72 per CPU 72 per CPU 72 per CPU Oracle Developer 6i ( 42 named users) Oracle Developer 6i - Oracle Discoverer/2000 ( 42 named users) Oracle Discoverer/2000 - Macromedia COLDFUSION Server 4.5 Enterprise for Windows Macromedia COLDFUSION. Oracle Web Logic Suite Oracle Web Logic Suite : 03-01.03 28 92
«...-... ISO27001» : Oracle WebLogic Server 11g Enterprise Edition WebLogic Operations Control WebLogic RealTime (JRockit Real Time JRRT) Coherence Enterprise Edition Oracle Application Server Enterprise Edition µ OC4J, Oracle Portal, WebCache, Oracle Forms/Reports, Oracle Internet Directory,. Diagnostics Pack for Oracle Middleware 2.2.8 ( «-») Risk Analysis, Business Intelligence Datawarehouse : RDBMS Oracle 11g Enterprise Edition Oracle Web Logic Suite Oracle Business Intelligence Suite ESKORT RISK Analysis Engine ( ESKORT Selection Module). ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 MS Office: - (7890 ) FSecure Antivirus (PC). NORMAN Antivirus (PC). FIREWALL VPN-1 Enterprise Center. 2.2.2 VPN (S.L.A.), VPN (, ) 362,,. 03-01.03 29 92
«...-... ISO27001» :...-... (,, )...-... IP-VPN., : (backbone) (Distribution) (Access). : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 2: IKA-NET...-......-... Ethernet switches,. /...-... switches s ( STM-1, nxe1 Frame Relay E1/.21),. 26Ghz. DSL ULL HellasCom 03-01.03 30 92
«...-... ISO27001» : ISDN. (SLA) (MRTD, Packet Delivery) 99,9%. 2.2.3 ( 2.2.3.1 ) Internet ( 12) ( 2001),...-.... : 2.2.3.2... ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 Internet (RDBMS) SQL Server Standard SP1 (version 2000) Microsoft Coldfusion version 5 Enterprise Macromedia. 24,,. :,, Internet. (R.D.B.M.S) Oracle, 11g, Oracle Web Logic Suite. 03-01.03 31 92
«...-... ISO27001» : 2.2.3.3, : 1., /,,, (.., ), (),,,, e-mail,,,,,... -,...-..., (184), ISO 9001:2005,.. 2 2. (,,, ), [..,, (,,, )..] Web Web Services., 3 :... / ( ) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 2 3 β λ. www.ika.gr Γ ι α π ε ρ ι σ σ ό τ ε ρ ε ς λ ε π τ ο μ έ ρ ε ι ε ς β λ. www.ika.gr/ ο ν ι κ έ ς η υ λ π ε ηκ ρτ ερ σ ί ε ς 03-01.03 32 92
«...-... ISO27001» : (... ) e-. (web services). o o o o o o o 03-01.03 33 92
«...-... ISO27001» : o o o o. (web services & web application) Web Service (). Web Service authentication (). Web Service (). Web Service (). Web Service (). Web Service ( ). Web Service ( ). Web Service Client. Web Services. Web Service ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 Web Service Web Application. 2.2.3.4.2.2.3.4.1 Internet. Internet: 03-01.03 34 92
Ω Ω Ω Ω HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LC II SD SD SD SD HEWLETT PACKARD NetServer E 40 Ω SD Ω HEWLETT PACKARD NetServer LC II SD HEWLETT PACKARD NetServer E 40 Ω SD ETHERNET 1X 2X 3X 4X OUTΚ Κ Κ Κ STACKCONNECTΚ Κ Κ Κ IN CONSOLE MDIΚ Κ Κ Κ MDI-X 5X 6X 7X 8X 14 VDC 14 VDC CISCOSYSTEMS OUTΚ Κ Κ Κ STACKCONNECTΚ Κ Κ Κ IN CONSOLE MDIΚ Κ Κ Κ MDI-X 5X 6X 7X 8X Ω HEWLETT PACKARD NetServer LCII ETHERNET 1X 2X 3X 4X SD Cisco 3600 SERIES 14 VDC HEWLETT PACKARD NetServer E 40 Ω SD Ω HEWLETT PACKARD NetServer LC II Ω SD HEWLETT PACKARD NetServer E 40 SD OUTΚ Κ Κ Κ STACKCONNECTΚ Κ Κ Κ IN CONSOLE MDIΚ Κ Κ Κ MDI-X 5X 6X 7X 8X Ω SD ETHERNET 1X 2X 3X 4X HEWLETT PACKARD NetServer LC II SD SD SD SD ETHERNET 1X 2X 3X 4X OUTΚ Κ Κ Κ STACKCONNECTΚ Κ Κ Κ IN CONSOLE MDIΚ Κ Κ Κ MDI-X 5X 6X 7X 8X Ω 14 VDC Ω HEWLETT PACKARD NetServer LCII HEWLETT PACKARD NetServer LC II SD 14 VDC Ω HEWLETT PACKARD NetServer LC II Ω HEWLETT PACKARD NetServer LCII SD Ω HEWLETT PACKARD NetServer LC II Ω Ω HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LCII SD Ω HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II SD ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9! «...-... ISO27001» : ETHERNET 1X 2X 3X 4X OUTΚ Κ Κ Κ STACKCONNECTΚ Κ Κ Κ IN CONSOLE MDIΚ Κ Κ Κ MDI-X 5X 6X 7X 8X 3: Internet.2.2.3.4.2, 12 (-2): INTERNET LAN Servers (HP) Windows 2000 Server 13 LAN Servers (DELL) Windows 2008 Server R2 11 (HP) Windows 2000 Professional Greek 5 LASER 3 1 UPS (Liebert) 2 Firewall(Cisco) ASA 5550 2 Router (Cisco) 2 Switch (Cisco) Catalyst 6500 2 Switch (Cisco) Catalyst 2900 XL 4 03-01.03 35 92
" «...-... ISO27001» : 2.2.4 (..)...-...,, " (.)"... 7/05/2007..., : 1. 2... "Workflow" ( ). 2.2.5 ( 1 Cluster) 2009, Cluster-1 -, Storage Area Network (SAN). : 1 Cluster -, 07/03/2009 8/03/2009. 9/3/2009, -...-... 1 Cluster {ops1 & ops2},, : (2) Sun Fire V890, Sun E6500 (cluster), : 8 x 1.8 GHz UltraSPARC IV+ processors (32MB cache), 64GB DRAM memory, 4 x 146GB 15Krpm FC-AL hard disks () 1 x DAT 72 tape drive + 1 x PCI 2-port Ultra320 SCSI LVD HBA Redundant cluster interconnect, LAN GbE storage HBAs. DVD R/W, 9 x PCI slots, 3 power supplies & redundant cooling fan trays. 1 x 10/100/1000 Ethernet Port (on board) + 2 Quad GbE PCI-X adapters ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 36 92
# «...-... ISO27001» : 2 x PCI 2-port 4Gbps FC HBAs StorageTek 6140 Solaris 9 (1) Sun Fire V490, Sun E450 (Backup Server), : 2 x 1.8 GHz UltraSPARC IV+ processors, 8GB DRAM memory, 2 x 146GB 15Krpm FC-AL hard disks () 2 x 10/100/1000 Ethernet Port (on board) + 1 Quad GbE PCI-X adapter DVD R/W, 6 x PCI slots, 2 power supplies & redundant cooling fan trays. 2 x PCI 2-port Ultra320 SCSI LVD HBAs SL48 tape library (1) Sun StorageTek 6140 array, (2) StorEdge A3500, : 4GB cache 8 host ports, 24 x 300GB 15 K rpm 4Gb FC-AL Drives, Raid level 0, 1, 3, 5, 1+0, 6 support 4 Storage Domain licenses Redundant FC RAID Controller, Redundant power supplies and cooling fans (1) Sun StorageTek SL48, Tape Library L100. Sun StorageTek SL48 3 LTO-4 drives half height SCSI 48 slots Redundant power supplies and cooling fans 3 x 20-pack LTO4 data cartridges & 5-pack LTO cleaning cartridges backup (VERITAS Netbackup 6.5) network (offline) backup Database servers backup window. 1 x Veritas NetBackup Server license Tier 1 (V490 server) 3 x Veritas NetBackup Server tape drive option licenses (for SL48 tape drives) 2 x Veritas NetBackup Server standard client licenses (for V890 servers) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 37 92
$ «...-... ISO27001» :, - : 03-01.03 38 92
% «...-... ISO27001» : 4: Central Computer Room 03-01.03 39 92
& «...-... ISO27001» : 2.2.6 (5/09/04-01-2011 ) 08/11/2011. " ", :. [, ( )] ( :,, )...-... ( ),. [...-... ( )] :,...-...,.,,. " ". " ",,.,,. :,,. 03-01.03 40 92
' «...-... ISO27001» :.,,. : - (Disaster Recovery Plan). Disaster Recovery Plan, Disaster Recovery Site. /, : 1. ( ) 2. ( ) 3. (Risk Analysis) ( ) 4. (Business Impact Analysis) ( ) 5. (Vulnerability assessment) ( ) 6. (,,,,..) ( ) 7. (,,,..) ( ) 8. (Disaster Recovery Plan Disaster Recovery Site) ( ) 9.,, (IKASEC), Disaster Recovery Site, (3). 10. 11. / 12. / ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 41 92
( «...-... ISO27001» : 13. 14.....-.... 2.2.7 (S.L.A) -, 24 : 1. -/ Oracle Database Administration Unix (Sun Solaris Administration). Microsoft Windows. (Operations) 2. ( ). : off-line (resource planning) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 (logging) 03-01.03 42 92
) «...-... ISO27001» : 3....-... Microsoft Windows / NT Servers Microsoft SQL/Server Site. Web Servers, Application Servers..... 4. (Help Desk)..... (Remedy) (traceability),,,. 2.2.8 3 2.2.8.1...-......-..., 1. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 : 03-01.03 43 92
* «...-... ISO27001» : 1. Α ν ά λ υ σ η Ε π ι κ ι ν δ υ ν ό τ η τ α ς - Σ τ ό χ ε υ σ η Ε λ έ γ χ ω ν 2. Δ ι α χ ε ί ρ ι σ η Ε λ έ γ χ ω ν 3. Δ ι ε ν έ ρ γ ε ι α Ε π ι τ oπ ί ω ν Ε λ έ γ χ ω ν 5:...-......-..., 1.,. (Risk analysis) (profile) -.,, : (Database Server, Storage Array, Backup System, Application / Web Server, Oracle) ESKORT Selecion Module (: Risk Analysis Engine / Analysis Server, Designer),.. Profiles, (data warehouse) ( )...-...,. 03-01.03 44 92
+ «...-... ISO27001» :,,,,,,,,,,,,,,,, /,,.., : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 6:, (scoring).,,....-...,,. (risk rule) : (.. 40.000) (risk points). 03-01.03 45 92
, «...-... ISO27001» :,, profile, (scoring). profile., ESKORT SELECTION MODULE, ESCORT COMPLIANCE SOLUTION., : /...-..., : Data Warehouse profile Data Warehouse profile ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9...-... 2.2.8.2...-..., -,,., : i.. ii.. 03-01.03 46 92
- «...-... ISO27001» :. (Risk analysis) (profile) -. - (,,,, 184, ) i & ii.. : Profile - ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9, (dataa warehouse) ( )...-..... 7: (scoring).,,. 03-01.03 47 92
. «...-... ISO27001» :,. (risk rule) (.. 60 ) (risk points) (.. 4 1 10), profile (scoring). profile. ESKORT COMPLIANCE SOLUTION. -. : 2.2.8.3 Data Warehouse profile ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9...-......-......-... - 61. 2010 03-01.03 48 92
/ «...-... ISO27001» : 1.231.860 ( ) 1.385...-......-.... : Λ Ε Ι Τ Ο Υ Ρ Γ Ι Κ Ε Σ Ρ Ο Ε Σ Η Λ Ε Κ Τ Ρ Ο Ν Ι Κ Η Σ Ε Κ Κ Α Θ Α Ρ Ι Σ Η Σ ( e-claims) Δ ι α δ ι κ τ υ α κ ό ς Τ ό π ο ς Ο Π Σ 4 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 Η λ ε κ τ ρ ο ν ι κ ή Υ π ο β ο λ ή Δ Α Π Υ μ έ σ ω Π ρ ο μ η θ ε υ τ ή ς Web Κ λ ε ι σ τ ή ς & Α ν ο ι κ τ ή ς Π ε ρ ί θ α λ ψ η ς 1 2 Έ λ ε γ χ ο ς Υ π ο β ο λ ή ς & Ο ρ ι σ τ ι κ ή Υ π ο β ο λ ή Έ κ δ ο σ η Α π ο δ ε ι κ τ ι κ ο ύ Υ π ο β ο λ ή ς Α π ο σ τ ο λ ή Υ π ο β ο λ ή ς Σ τ ο Ο Π Σ Υ π ο β ο λ ή Χ ε ι ρ ο γ ρ ά φ ω ν Π α ρ α σ τ α τ ι κ ώ ν 3 Π α ρ α λ α β ή Χ ε ι ρ ο γ ρ ά φ ω ν Π α ρ α σ τ α τ ι κ ώ ν Π α ρ α λ α β ή Η λ ε κ τ ρ ο ν ι κ ο ύ Δ Α Π Υ α π ό Ο Π Σ Έ λ ε γ χ ο ς & Ε κ κ α θ ά ρ ι σ η Η λ ε κ τ ρ ο ν ι κ ή Ε ν η μ έ ρ ω σ η Π ρ ο μ η θ ε υ τ ή Α π ο τ ε λ έ σ μ α τ ο ς Ε κ κ α θ ά ρ ι σ η ς 5 Η λ ε κ τ ρ ο ν ι κ ή Α π ο σ τ ο λ ή Α π ο τ ε λ έ σ μ α τ ο ς Ε κ κ α θ ά ρ ι σ η ς Σ υ μ β ά σ ε ι ς & Κ ω δ ι κ ο π ο ί η σ η Σ υ μ β ά σ ε ι ς & Κ ω δ ι κ ο π ο ί η σ η Π ρ ο μ η θ ε υ τ ώ ν Υ γ ε ί α ς 8: (e-claims)...-......-.......-... www.ika.gr....-.......-... -...-... 03-01.03 49 92
0 «...-... ISO27001» : -...-... (interfaces). -. (BROWSING) / (login)...-... WEB (,..) www.ika.gr......-........-... HL7....,...-.... ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 -.. 03-01.03 50 92
1 «...-... ISO27001» :.,. -, -...-......-......-... -.., ( ) ( ) -...-.... -. 2.3 2.3.1 - ( ) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 (2009) 2.2.5. Cluster-2,,, 2005., 03-01.03 51 92
2 «...-... ISO27001» : Cluster-2 Solaris 8, Oracle 8.1.7. backup,. Cluster2 ( ),,.,, Cluster 2, End of Life Sun., (3500 Cluster -2) Sustaining Support Date.,, Solaris (version 8) Cluster-2., Solaris, (racle Enterprise Edition 8.1.7.)., Oracle 6.i, -,,.., () - /. :...-... (n-tier architecture)......-... ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 52 92
3 «...-... ISO27001» :,...-... Cluster-2,....-..., : 03-01.03 53 92
4 «...-... ISO27001» : 9: Central Computer Room 03-01.03 54 92
Ω HEWLETT PACKARD NetServer LC II SD HEWLETT PACKARD NetServer E 40 Ω SD Ω HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II SD Ω SD HEWLETT PACKARD NetServer LC II SD SD SD SD Ω HEWLETT PACKARD NetServer LC II SD Ω Ω HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II Ω HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II Ω Ω HEWLETT PACKARD NetServer LC II HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II SD Ω Ω HEWLETT PACKARD NetServer LC II SD HEWLETT PACKARD NetServer LC II SD Ω HEWLETT PACKARD NetServer LC II SD ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 5 «...-... ISO27001» : 2.3.2...-... ( ) 10:...-... : (4) (database server), : 2 Intel X 86-64 quad core 2,4 GHZ RAM 16 GB 1333 Mhz HDD 300 GB LAN: 4 GBit Lan Interfaces 03-01.03 55 92
6 «...-... ISO27001» : Operating System: Windows 2008 Server R2 (2) : Host interface 6 Gb/sec SAS Drivers 12 X 450 GB Capacity 5.4 TB (8) (Fiber Channel Adapter) 8GB Transfer rate. (2) (Rack),. 2.4.. 2007-2013 2.4.1 - (MIS = 370535) 4 (3). 1:. [ 1,. 2.2.6] 2: -, ISO 27001. 3: -. ( ). 2.4.2...-... (MIS = 370537) : 1. 2. ( server 500 clients). 3. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 4 03-01.03 56 92
7 «...-... ISO27001» : 4. 5.. : 1:...-... 2:. 2.4.3 - (MIS = 370541) (*) 1:...-... 2:, -. (*). ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 2.4.4 (MIS = 377120) (3) : 1:...-... 2: 3:. 2.4.5...-... (MIS) (MIS = 370533) (*) (3) : -1: «-» 03-01.03 57 92
8 «...-... ISO27001» : -2: «(MIS)...-...» - 3:. (*). ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 2.4.6 () (MIS = 370540) (2) : 1: 2:. 03-01.03 58 92
9 «...-... ISO27001» : 3., 3.1 ()...-..., ISO 27001:2005,...-...,...-... ISO 27001:2005. 2 5, : 2: - ISO 27001. 3:, -., 2 : ISO 27001:2005.,,,,,, ISO 27001:2005.,,.. 3,,.,, 5 1, (. 2.2.6) 03-01.03 59 92
: «...-... ISO27001» :...-... 01/2011 10/2011, : 3.2,, (Disaster Recovery Plan). ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9., ().. : :. :. :.,...-...,,...-...,. -,,,.. :...-..., 03-01.03 60 92
; «...-... ISO27001» :...-...,...-...,,,,, (,, ).,...-...,,,,.,,,...-... /.,,...-...,.,...-... (,,..)...-...,. 3.3,,, /,, /,.. : 03-01.03 61 92
< «...-... ISO27001» : ISO 27001,,,,,,. ISO 27001: 2005,...-.... ISO 27001....-...,. ISO 27001....-... ISO 27001 1, (. 2.2.6 2.4.1)., ISO 9001 1429. 3.4 03-01.03 62 92
= «...-... ISO27001» : 6 7,...-......-......-... /...-..., /...-.......-......-.......-......-.......-......-... 6 7 = /, =, =, = 03-01.03 63 92
> «...-... ISO27001» : 6 7 /. /,. /.,, ( ) /. 03-01.03 64 92
? «...-... ISO27001» : 4. 4.1,,,,.,.,, ISO 27001...,...-...,. 4.2,...-... 2011.,, (Disaster Recovery Plan).,,,,, ISO 27001:2005.,,...-...,. (Assets),,, 03-01.03 65 92
@ «...-... ISO27001» :., /...-...,, : 1. /...-... 2..,, : ISO 27001,...-...,,...-..., ISO 27001.. ISO 9001,,. 4.3 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9,...-...,.,...-...,..,.,. 03-01.03 66 92
A «...-... ISO27001» :,,., - /...-..., ISO 27001.,,...-....,,...-... ISO 9001, ISO 27001. ISO 27001,...-... (,, ). 4.4 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9, 3,,. () (assets),, (,,,,..).,., : :, DNS server. 03-01.03 67 92
B «...-... ISO27001» : (Hardware):,,,.. (Software): (system software). :,. :,,.. :...-...,..,, (..,,,,..)., /....-..., (.. /,, /, ), ISO 27001 (.. ). 3 () () (servers).,,...-.... C3.1 C, C3.2.,.,. 03-01.03 68 92
C «...-... ISO27001» : 4.5 /...... : 1. 2. 3. 4. (records) ( )., 4.4.....-..., :...-... (software) (hardware),.,,, ISO 27001,. 4.6,, ISO 27001 03-01.03 69 92
D «...-... ISO27001» :...-...,., ( SCOR 1.2 SCOR 2004) (40),,.. () (20).,...-...,. : 1....-.... : ISO 27000 ( ISO 27001) ISO 27001 2. /-...-... : ISO 27001,, (Statement of Applicability) ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9, (,, ) 03-01.03 70 92
E «...-... ISO27001» :,,. 3....-..., ISO 27001. : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9,. 4.. : 03-01.03 71 92
F «...-... ISO27001» : ISO 27001 ISO 27001 ISO 27001 (,,,,, ),....-..., :...-......-.......-..., /,,. (train-the-trainers)...-......-..., -...-...,,. 25 5 1 10 30 1 25 18 2 25 18 2 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 03-01.03 72 92
G «...-... ISO27001» : 10 18 1,,. ( )...-... (, ). ( projectors,..). (6) 09:00 15:00. 4.7, (6),...-...,. (Plan Do Check Act)...-...,...,...-...,,,,,, /.,, /,.,,,,....-... on-the-job training, /,...-... 03-01.03 73 92
H «...-... ISO27001» :.,...-... (2) (6 ),.,...-....,.,,,,,,.,...-... /.,, /.,,.,...-... ISO 27001:2005,. 4.8...... ISO 27001, ISO 27001:2005.....-....,,,...-..., 03-01.03 74 92
I «...-... ISO27001» :..,,,. /...-...,...-...,,...,, «8:»....-... ISO 27001. (1). 4.9 ( 3) 4.9.1 (), (5). (2)..,,,. 1:. 2:,. 4.9.2 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9,, 03-01.03 75 92
J «...-... ISO27001» :, (2)., 6.5.,, :, 9.00-17.00 GMT ( ),,., fax (voice mail), 24. (bug fixing).,. /. :,,. ' : o (CPU, -,..) o server,,,... o,. o tuning. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 : ( ) (hardware). 03-01.03 76 92
K «...-... ISO27001» : :. 4.9.3 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9.,., 1.2., 10% 3, (3).,.,,,....-..., (3), C4.3.1, C4.3.2 C4.5., 4.9.2. 03-01.03 77 92
L «...-... ISO27001» : 5. 5.1 (20)., : / () 1. 1 1 2 2. 2 4 2 3. 5 8 2 4., & 9 12 3 5. 11 12 2 6. 13 14 2 7. 15 20 2 8. 20 20 2 1:. 1 2 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 1 2 3 4 5 6 03-01.03 78 92
M «...-... ISO27001» : 1 2 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 7 8, ( / ),.,,.,. 5.2 5.2.1 1: 1 ( ) 1 2 :, 4.1. : 1: 1 5.2.2 2: 2 4 03-01.03 79 92
N «...-... ISO27001» : 2 :...-... ISO 27001:2005, 4.2. : 2: 4 5.2.3 3: 5 8 2 :, 4.3. : 3: () 8 5.2.4 4:, & 9 12 3 03-01.03 80 92
O «...-... ISO27001» :, & :,,, 4.4. : 4.1: 12 4.2: (server) (2) 9 5.2.5 5: 11 12 2 :, 4.5. : 5: 12 5.2.6 6: 13 14 2 03-01.03 81 92
P «...-... ISO27001» : :...-..., 4.6. ( 14 ): 6.1: 6.2: 6.3.x: ( / ) 6.4: ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 5.2.7 7: 15 20 2 :, 4.7. : 7: 19 5.2.8 8: 19 20 03-01.03 82 92
Q «...-... ISO27001» : 2 :...-... ISO 27001:2005, 4.8. : 8:. 5.3. / 8 9 1. 1: 1 2 2. 3. 4. 5. 6. 2: 3: () 4.1: 4.2: (server) 5: 4 2 8 2 12 3 9 3 12 2 7. 6.1: 14 2 8 : (), (), (), (/), (), (), () 9 (.. 1, 2,...) 1 (. ) 03-01.03 83 92
R «...-... ISO27001» : / 8. 6.2: 8 9 14 2 9. 6.3: 14 2 10. 11. 12. 6.4: 7: 8: 2: 14 2 19 2 20 2 5.4,. / % 1. 0-0 30 2. 3. ISO 27001 4. 1 M4 8 1 2 3 5. 12 5 6. 14 6.1 6.4 7. 19 - - 0 25-40 - 03-01.03 84 92
S «...-... ISO27001» : / 8....-... ISO 27001 20 7 3: % 03-01.03 85 92
T «...-... ISO27001» : 6. 6.1,,. / /,, /.,,..:, ( ), -, M (progress reports), :,,..,.,.. 03-01.03 86 92
U «...-... ISO27001» :,., : (),. (). (Senior Experts). (Key Experts). (Non-Key Experts).. 6.1.1 :. : /., (/ ) ( - senior experts,,, ), /. 6.1.2 (Senior Experts) senior experts ( ), / -, 3, 3.1 3.2, B.2.6,,, 03-01.03 87 92
V «...-... ISO27001» : /. senior experts B.2.6,,. 6.1.3 (key experts) (key experts), 4, 4.1 4.3, B.2.6, : /. (key experts) B.2.6,,. 6.1.4 (non-key experts) (non-key experts), 5, 5.1 5.2, B.2.6, : /. (non-key experts) B.2.6,,. 6.1.5 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9, (.. / ). 03-01.03 88 92
W «...-... ISO27001» :,,, ( ) (.. ),. /. 6.2 (. 5.1), ( ),,, ( ) ( / - ). 6.3,..:,, ( ),, (progress reports), : ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9,,. 03-01.03 89 92
X «...-... ISO27001» :.,.,..,,. 6.4 / (assumptions and risks),, / /..,.,. /, /.,,. : (- -).. ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 (..,,..).. 03-01.03 90 92
Y «...-... ISO27001» :, (contingency plan) /. /. (.. ). 6.5,.,, 4.6.,,. 6.6 ΑΔΑ: ΒΙΞΕ4691ΩΓ-4Λ9 (),,., ().,,,.., : 1. ( 12 2 ),. (2) format 03-01.03 91 92
Z «...-... ISO27001» :.. 2., - /,,. 3., - (15) -, (15). 4. (2),, (. 5.1).,.,,..,,.,.,.,,, (15).,,.,.. 03-01.03 92 92
[\[..: 30//3/21-3-14 13/14...-... ISO27001 (...-...) : 414.760,56 ( ) : 510.155,48 ( ) : 11.536,58 ( ) : 14.190,00 ( ) : 20 : 19/05/14.: 24/03/14 : 28/03/14 27/03/14 28/03/14 : 370535
] «...-... ISO27001» B: B: Ό ρ ο ς Ε π ε ξ ή γ η σ η...-... 03-01.03 2 71
^ «...-... ISO27001» B: :... 5 1.... 5 1.1... 5 1.2...5 1.3...6 1.4...6 1.5...6 1.6...7 1.7...7 1.8...8 2.... 9 3. 4. 2.1...9 2.2...9 2.3...10 2.4...17 2.4.1...17 2.4.2... 20 2.4.3...23 2.4.4...27 2.4.5...30 2.4.6 -...34 2.5 /...34 2.6...35 2.7...42 -...43 3.1...43 3.2... 44 3.2.1...46 3.2.2...47 3.2.3...49 3.2.4...49 3.3...49 3.4... 49 3.5 -...50...51 4.1,...51 4.1.1 -...51 4.1.2...53 4.1.3...54 4.1.4...54 4.1.5...55 4.1.6...56 4.2...56 4.3...58 4.4...58 5....59 5.1,,...59 5.2...61 03-01.03 3 71
_ «...-... ISO27001» B: 5.3...63 5.4...63 5.5...64 5.6...65 5.7...68 5.8...69 5.9... 70 5.10...71 03-01.03 4 71
` «...-... ISO27001» B: : 1. 1.1,....-... : 370535., 2 3, 3.1. (.. ). 1.2,,. ( ),, () 201203480474.,. 2 3, 510.155,48 ( : 414.760,56, (23 %): 95.394,92).: 2, 462.855, 49 ( : 376.305,28, (23%): 86.550,21) 3, 47.299,99 ( : 38.455,28, (23%): 8.844,71)., C,. 03-01.03 5 71
a «...-... ISO27001» B: 3, 14.190,00 / ( :11.536,58 + (23%): 2.653,42 = 14.190,00). 524.345,48 / ( : 426.297,14 + (23 %):98.048,34). ( -)., () : ( )... 23% ( ) ( )... 23% ( ) 2 376.305,28 86.550,21 462.855,49 - - - 3 38.455,28 8.844,71 47.299,99 11.536,58 2.653,42 14.190,00 414.760,56 95.394,92 510.155,48 11.536,58 2.653,42 14.190,00 1.3...-... 1.4 :. 16, 102 41 : 00 30 210 5213710 Fax: 00 30 213 5221507 E-mail: xilogiannitheo@ika.gr : /, / &, 3 ( )........ 1.5 : 03-01.03 6 71
b «...-... ISO27001» B: 1. 24/3/2014. 2. 24/3/2014 28/3/2014. 3. 24/3/2014 27/3/2014 28/3/2014 (http://www.ika.gr/gr/infopages/supplies/diak.cfm) 31/3/2014 1.6, 19/5/2014 10:30.., / &....-... (. 16, 102 41, 3, 5).,. 1.7, / &....-... (. 16, 102 41, 3, 5), (courier). (courier),. (,,,, ),,.,.. http://www.ika.gr/gr/infopages/supplies/diak.cfm. 03-01.03 7 71
c «...-... ISO27001» B: (,,,,,,,, ) fax : 210 52.21.507 (e-mail) /..1.3,,.,. 1.8, (8) 15.2... 118/07, (3)., (6), 15.. 2.., / &..., (e-mail) : xilogiannitheo@ika.gr, ( ),.., (http://www.ika.gr/gr/infopages/supplies/diak.cfm)., / &. 03-01.03 8 71
d «...-... ISO27001» B: 2. 2.1 /, : (..) () (...),. 2513/97 ( 139)............ 2.3 2.6..,,,,,,., 118/07. 2.2 : 2.3 03-01.03 9 71
e «...-... ISO27001» B: 2.6 43.1 60/2007,,, : i., 2 1 98/773/ ii. iii. iv., 3 26 1997 3 1 98/742/, 1, 1 91/308/EOK, 10 1991, v.,,,.,,,. 2.3 ( ),,.,, ( ), /: 03-01.03 10 71
f «...-... ISO27001» B: 1. 2., 3. / 4. 5., 1. / 1. 2.7 2.. 1599/1986 / / / : : 1. 43 60/2007. 2.,,,,, ( 1 «,,,,...» ( 237 /5.12.2012 3, 5) 03-01.03 11 71
g «...-... ISO27001» B: / / ),,,, ( / ). 3.. 4. ( ). 5., (20) 25. 3614/2007. 6.,. 7. O/ / / (.:....,...,..,, ), : i. 03-01.03 12 71
h «...-... ISO27001» B: / ii. 1 43 60/2007, : ), 2 1 98/773/ ), 3 26 1997 3 1 98/742/, ), 1, ), 1 91/308/, 10 1991,,,,,,. : 1.. 2.. 3. : 1. 03-01.03 13 71
i «...-... ISO27001» B: / :. 2.,,. 18 118/07. / / / (.:..,..,...,..,, ),. 3., :.,..: 1., 2. ( ), 3., 4.., 03-01.03 14 71
j «...-... ISO27001» B: / ( ), 5. /, (3)..,.: 1., 2..,,., : 1.., : 1. /, (/, /, ). 2. 03-01.03 15 71
k «...-... ISO27001» B: / / : /, 3. / : /, ( ) /, / (leader), (, ) / /.,,,,.. 03-01.03 16 71
l «...-... ISO27001» B: 2.4,, (20),., ( ), /: 1.. 2.,. 3. /. 4.. 2.4.1 / 1.,,,,,, 43. 1.. 60/2007 ( 64// 16.03.2007) 2004/18/. (3). 03-01.03 17 71
m «...-... ISO27001» B: / 2.,. (6). 3.,. (6). 4.,. (6). 5.,. (6). 6.,. (6). 03-01.03 18 71
n «...-... ISO27001» B: / 7.,. (6). 8. /,,. 9.. 1599/1986,. 10., ( ). 11.,. 03-01.03 19 71
o «...-... ISO27001» B: / 12. 2,.. 2.4.2 / 1.,,,,,,, 43. 1.. 60/2007 ( 64// 16.03.2007) 2004/18/. (3). 2., 2. 03-01.03 20 71
p «...-... ISO27001» B: /. (6). 3.,. (6). 4.,. (6). 5.,. (6). 6.,. 03-01.03 21 71
q «...-... ISO27001» B: / (6). 7.,. (6). 8., /,, 9.. 1599/1986,,,,. 10., 03-01.03 22 71
r «...-... ISO27001» B: /. 11.. 12.. 3,,.,,,,.. 2.4.3 / 3. 03-01.03 23 71
s «...-... ISO27001» B: 1. ).... )... ).. ),,,,, 43. 1.. 60/2007 ( 64// 16.03.2007) 2004/18/. (3). 2., (.. ). 3.,. (6). 4.,. (6). 03-01.03 24 71
t «...-... ISO27001» B: 5.,. (6). 6.,. (6). 7.,. (6). 8.,. (6). 9.,. (6). 03-01.03 25 71
u «...-... ISO27001» B: 10. /,, 11.. 1599/1986,. 12.,. 13.,. 14..,. 03-01.03 26 71
v «...-... ISO27001» B:. 2.4.4 / 1.,,,,, 43. 1.. 60/2007 ( 64// 16.03.2007) 2004/18/. (3). 2., (.. ). 3.,. 4.,. (6). 5.,. 03-01.03 27 71
w «...-... ISO27001» B: / (6). 6.,. (6). 7.,. (6). 8.,. (6). 9.,.. (6). 10., 03-01.03 28 71
x «...-... ISO27001» B: /.. (6). 11., /,,. 12.. 1599/1986,. 13., ( ). 14., NAI 03-01.03 29 71
y «...-... ISO27001» B: / 15.. 4,.. 2.4.5 / 1.,,,,,, 43. 1.. 60/2007 ( 64// 16.03.2007) 2004/18/. (3). 4. 03-01.03 30 71
z «...-... ISO27001» B: 2., (.. ). 3.,. (6). 4.,. (6). 5.,. (6). 03-01.03 31 71
{ «...-... ISO27001» B: 6.,. (6). 7.,. (6). 8.,.. (6). 9.,... (6). 03-01.03 32 71
«...-... ISO27001» B: 10., /,,. 11.. 1599/1986,,,, ( ). 12. 13. 14., ( ).,.. 03-01.03 33 71
} «...-... ISO27001» B:,,.,,,,.. 2.4.6 - / 1. /, (/, /, ). 2.5 / / 1.,,. / / 1..,,,,,,., 118/07.. 03-01.03 34 71
~ «...-... ISO27001» B: 2.6 2. /. /,. 3.,,. 4., / /, /,.,.. O,.,,, : i) 1. 450% ( ).,, 150% ( ). 1.1,,,,. ii) 03-01.03 35 71
«...-... ISO27001» B: 1.,,,,,., :,, (,..)., ( ) : 1.1 : - (,,..),,, - - -, (..,, ). 1.2, /., ISO 9001,. 1.3,. 03-01.03 36 71
«...-... ISO27001» B: 2.. (3) 2 (1) 180.000,00, ( ): / / / / / / / / :,., ( ) : 2.1 (3). : / - ( ) ( ) ( & / : - : - : :,, 03-01.03 37 71
«...-... ISO27001» B: - o. o,,., (1),,,. 3.,,. : 1. (project manager), (8),. 2. (deputy project manager), (5),. 3. (senior experts,. A.6.1.2),,, : 3.1. (1) 8- (1) CISA, CISM, CISSP, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor. 3.2. (1) 8- / / / / / 3- ( 03-01.03 38 71
«...-... ISO27001» B: ). 4. (key experts,. A.6.1.3),,, : 4.1. (1) 5-4.2. (1) 5- / / / / / 4.3. (1) 5-, (2) 5. (non-key experts,. A.6.1.4) 3- : 5.1. ( / / / / ) [ (risk assessment),..] 5.2. (/ / / / / / / / )., ( ) (, senior experts, key experts, non-key experts) 3.1, : / ( ) - * (%) 03-01.03 39 71
ƒ «...-... ISO27001» B: (3.1) 3.2, : / *(%) (3.2) 3.3, : / * (%) (3.3) * ( 3.1, 3.2, 3.3),,. 3.4 ( C.2 C ),, ( ). 03-01.03 40 71
«...-... ISO27001» B: 1., (3). 2.,. 3. : - /, - 4. (3),. 5.,,. 45. 2 3. 46. 3 4 60/2007,,, : (). 1599/86 ( /),,. () [ ( ) ], / / 03-01.03 41 71
«...-... ISO27001» B:. (),,, /,,. () ( ). 1599/86,. () (i) (ii) 2.6,. (), (.. ). 6.,,. 2.7, () 5% ( )., 26.217,27. 1. -, -. -. 2.,. 03-01.03 42 71
«...-... ISO27001» B: 3. C.1.1. 4.,,, 4.1.6,,, 34 118/07,. 5. (1), :.) 10.) 25. 3614/2007. 1. 4156/2013.. 6.. / /. 3. - 3.1.,,., (courier), / &....-... (. 16, 102 41, 3, 5).. 1.6.,,. 03-01.03 43 71
«...-... ISO27001» B:,.. 3.2.,,. (3),,, :.,, 3.2.1...,,. 3.2.2.,,. 3.2.3 :. : : - (1) - (1). : - (1), - (1), - (1) (CD),,. 1: CD,. 2:. 60. x 03-01.03 44 71
ˆ «...-... ISO27001» B: 80. : - (1), - (1), - (1) (CD),. : «...-... ISO27001» A :...-... : 19/05/2014,,,. /,,..,,.,.,..,. 03-01.03 45 71
«...-... ISO27001» B:.,,..,,,..,..,,. (abbreviations),,.,,,....,...,,. 3.2.1, : 2.3, 2.6, 03-01.03 46 71
Š «...-... ISO27001» B: 2.7. 3.2.2 : 1. 1.1..4.1 1.2..4.2 1.3..4.3 : 1.4..4.4, C.3.1 C.3.2 1.5..4.5 1.6..4.6 1.7..4.7 1.8....... ISO 27001.4.8 1.9..4.9 2. : 2.1..6.1 2.2. 2.3..5.1,.5.2,.5.3,.5.4.6.2,.6.3,.6.4 3. C.3 4., /. /, / C.4 03-01.03 47 71
«...-... ISO27001» B: ( ). : - (,,..) -, / /,,. ( ),..,,.,. /. (.,,..,.., (.. 3,. 4 4,..).,, (... 4.18).. 03-01.03 48 71
Œ «...-... ISO27001» B:.,,. 3.2.3 (. C.4, C ). /, /. 3.2.4,, 2.4. 3.3 (6)..,,.,., : - -. 3.4.,.,, 03-01.03 49 71
«...-... ISO27001» B:.,,.. 3.5 -.,,,,,.,.. (, )..,..,,.,..,.. (. C.4). 03-01.03 50 71
Ž «...-... ISO27001» B:.,,,.,. 4. 4.1,,. 4.1.1 - (. 16, 102 41, 7 ),,,,,.. : 1.,,,,,.,. 2.,.,. 03-01.03 51 71
«...-... ISO27001» B: 3.,, (. ).,,. 4.,,,.,,.,. 5., - -,.,.. 6.,,,. 7.,,,,,. 8.. 9., (, ),. 10.., 03-01.03 52 71
«...-... ISO27001» B: ( ). 4.1.2,,. 11.,,.... 12. (2). : (cds) :,. (cd),,, (2),. 4.1.2. : - - ( ) 03-01.03 53 71
«...-... ISO27001» B: - : i = 75 * ( i / max ) + 25 * (K min /K i ) : max i K min i i i i 2..,,,, (2). 4.1.3, 4.1.4. 100 120. : - 100 / [ ], - 120 [ ], /., 2,. 4.1.4,, :. 03-01.03 54 71
«...-... ISO27001» B: (%) & 1. 80 1.1. 13.4.2 1.2. 25.4.3 1.3. ( 3) 10.4.4, C.3.1 C.3.2 1.4. 15.4.6 1.5. 10.4.7 1.6....... ISO 27001 5.4.8 1.7. 2 A.4.9 2. 2.1. 2.2. (,,, ) 20 : 10.6.1,.6.2,.6.3,.6.4 10.5.1,.5.2,.5.3,.5.4 100 4.1.5 :, (. C4.4, ) 1, [. C4.5, 3 ( )].. 03-01.03 55 71
«...-... ISO27001» B: :,, 5%. 4.1.6,,,, (20), (. 2.4),.,,..,.,,,..,. 4.2,. : 1.. 2.2. 03-01.03 56 71
«...-... ISO27001» B: 2. /. 2.3. 3.. 2.6. 4.. 5.. 6.,, /. 7.. 8.. 9.,. 10.. 11. /. 12. 3 (. C4.5, 3) 7% 10% 3. 7%, (.. / / / ).,. 13. : (. 4.1.5) 85% (median). (.. / / / / ).,. 03-01.03 57 71
«...-... ISO27001» B: 14.,,. 15.. 16.. 17.. 18. ( C4.4), 1.2.,,,. 4.3,. 3886/2010 ( 173) 2007/66/ 11 2007 89/665/ 92/13/.,.,. 4.4. 51. 1 60/2007. 118/07. 03-01.03 58 71
«...-... ISO27001» B:...,.., : (i) (ii) (iii) (iv),,,,.,.,,,,. 5. 5.1,, 1.. 2.,. 3.,.., - 03-01.03 59 71
«...-... ISO27001» B:,,,. 4. (10),, 10%. 5. (10),,,,,.,.. 6. (. C.1.2). 7. (1), :.) 10.) 25. 3614/2007. 1. 4156/2013.. 8. ( ),.. 4156/2013 4. 1 25. 3614/2007 «,,,.,». 03-01.03 60 71
«...-... ISO27001» B:,. 9. /,, /,,,,,. 10.,. 5.2 : 1. ) (30%) ( ), (20%) ( ), (. C.1.3), (10%) ( ) 10%. 2362/95 " " ".. 12 0,25.. ) (40%), (1),, 03-01.03 61 71
«...-... ISO27001» B: (.5). ), (1). 2. 1) (25%).2 2:. 2) (40%) (.5). 3)..,... 2238/94 ( 151//94). 0,10%,,,. 3%, 0,003% 20%, 0,0006% 0,1036% 03-01.03 62 71
š «...-... ISO27001» B:,,,,,,. 5.3,,.,. 5.4 3,, (. C.1.4), 2,5%., (2,5%) (1)., 3. 4.9.1.,.,., (. C.1.5) 10%,,. 3. ( ),. 03-01.03 63 71
«...-... ISO27001» B:,. 5.5. : 1., : 0,2%, 0,02%,. /, /. 2.. 3.,. 4., ( ). 5.,. 6., 03-01.03 64 71
œ «...-... ISO27001» B:. 7..,. 8.,.. 9.,,,,. 5.6 1.,,. 2. ( ),. 3.,.. 4.,,,,,,.,,,.,,,. 03-01.03 65 71
«...-... ISO27001» B: (15). 5.,,,,. 6.,,. 7.,,,,,,.,..,.,.,,,, (,,,,,..). 8., /,,. 9.,, (10). 10.,. 03-01.03 66 71
ž «...-... ISO27001» B: 11... 12.. 13. /, /,.. 14. /, /,,,. 15.,,,,..,.,,..,,.,,,.. 16., /, 03-01.03 67 71
Ÿ «...-... ISO27001» B:,. 17..3310/05. 3414/05. 18. 1083/2006 ( 69) 1828/2006 ( 2-10) ( : / / / / / /, ). 19.. 20. ( ). 5.7 /, / /,.,. 2.2,.,,. 03-01.03 68 71
«...-... ISO27001» B: 5.8 (8),,.. : 1.. 2..,.. 3.,,..,.. 4.,,,,. 5. / /. 03-01.03 69 71
«...-... ISO27001» B:,.,. 6. (2).. 7.,,,. 5.9,,,,,, ( ),.,,., /.,,,,,,,,,. 03-01.03 70 71
«...-... ISO27001» B: 5.10,.,,.,,,,,.,. 03-01.03 71 71
..: 30//3/21-3-14 13/14...-... ISO27001 (...-...) : 414.760,56 ( ) : 510.155,48 ( ) : 11.536,58 ( ) : 14.190,00 ( ) : 20 : 19/05/14.: 24/03/14 : 28/03/14 27/03/14 28/03/14 : 370535
«...-... ISO27001» C: C: C:...3 C1....3 C1.1... 3 C1.2...5 C1.3...7 C1.4...9 C1.5...11 C2....13 C3....15 C3.1 ( 3)...15 C3.2 ( 3)...17 C3.3 ( 2)...21 C4....22 C4.1 / (, )...22 C4.2 2...22 C4.2.1 (. 4.1, 4.2, 4.3, 4.5, 4.7, 4.8, C3.3)...22 C4.2.2 (. 4.6, C3.3)...23 C4.2.3 ( 2)...23 C4.3 3...23 C4.3.1 (. 4.4)... 23 C4.3.2 (. A4.4)...24 C4.3.3 ( 3)...24 C4.4...24 C4.5...25 C4.6...25 C4.6.1...25 03-01.03 2 25
«...-... ISO27001» C: C: C1. C1.1...... : - (...-...). 16, 102 41......,, { :.....,} { : )......... )........ )........,,}..., ( ).. ( ).. ( )...,.... 03-01.03 3 25
«...-... ISO27001» C: { :.} { :.},, (3). ( : (1) ).,,.,. ( ) 03-01.03 4 25
ª «...-... ISO27001» C: C1.2...... : - (...-...). 16, 102 41......,, { :.... } { : )..... )..... )....., },...,... ( ). ( )... ( )...,....,, (3). 03-01.03 5 25
««...-... ISO27001» C:.,. ( ) 03-01.03 6 25
«...-... ISO27001» C: C1.3...... : - (...-...). 16, 102 41...... { :..... } { : )..... )..... ).....,.} %,...., ( ). ( ) ( )..., ( )... 03-01.03 7 25
«...-... ISO27001» C:,,,,.,, (3)..,. ( ) 03-01.03 8 25
±² «...-... ISO27001» C: C1.4...... : - (...-...). 16, 102 41.......,, { :.... } { : )..... )..... )....., },...,...,, (3). 03-01.03 9 25
³ «...-... ISO27001» C:.,.,,......,,. ( ) 03-01.03 10 25
µ «...-... ISO27001» C: C1.5...... : - (...-...). 16, 102 41....... { :.... } { : )..... )..... )....., },...,.........,., 03-01.03 11 25
«...-... ISO27001» C:, (3)..,.,,......,,. ( ) 03-01.03 12 25
¹º «...-... ISO27001» C: C2. : : : : Fax: : / / : : : E-mail: (,, ) ( ) 1 ( ) 2 ( ) / / - / / 1 : manager, senior consultant, consultant, business expert. 2,. 03-01.03 13 25
»¼ «...-... ISO27001» C: / / - / / / / - / / 03-01.03 14 25
½¾ «...-... ISO27001» C: C3.. C3.1 ( 3) / 1. 1.1 1.2 : 1.2.1 / (application blueprint) 1.2.2 (module, component, subsystem, procedures, databases, DB tables..) 1.2.3 (Hardware) (,,,,,,..) 1.2.4 (,..) 1.2.5 (,,..) 1.2.6 1.2.7 / 1.3,.. 1.4 1.5 03-01.03 15 25
À «...-... ISO27001» C: / / 1.6 1.7 / : 1.7.1 1.7.2 1.7.3 ( ) 1.7.4 1.7.5 1.7.6 (recovery options) 1.8 / 1.9,.. /,,,.. 1.10 (gap analysis) 1.11 (Business Impact Analysis) 1.12 /, (,, ) 1.13 / (.. ISO 27001, CMM, COBIT) 1.14 1.15 / 03-01.03 16 25
ÁÂ «...-... ISO27001» C: / (custom) / 1.16 ISO 27001 1.17 on-line 2. 2.1 (Graphical User Interface) (common look and feel) 2.2 (menu system),,. 2.3...-... 2.4 CMDB (configuration Management Data Base) 2.5 /, (.txt,.xls,.csv,.xml), 2.6 2.7, 2.8 (server licenses) 1 2.9 (user licenses) 5 2.10 2.11 (role-based access) C3.2 ( 3) / 1. 1.1 1 1.2. 03-01.03 17 25
ÃÄ «...-... ISO27001» C: /,. 2. - 2.1 ( cpus / cores,..) 2.2 x86 64bit x86_64 (x86 ISAInstruction Set Architecture) 2.3 (W) 2.4 (.. PCI/PCI Express). 2.5 hot-plug hot-swap (.., ) 2.6 benchmarks SPECint_rate2006 SPECfp_rate2006. : (Standard Performance Evaluation Corporation - SPEC). (Standard Performance Evaluation Corporation - SPEC) 2.7 hardware assisted x86 virtualization ( processor extensions,.. AMD-V, Intel VT-x..) 3. 03-01.03 18 25
ÅÆ «...-... ISO27001» C: / (CPU) 3.1. / 1 3.2. 2 3.3 : 3.3.1 2 3.3.2 (GHz) 3.3.3 Cache ( Level 1, 2 3) 3.3.4 (multithreading).. 3.4 RAM : 3.4.1 (GB) 8 3.4.2 (GB) ( 32 ) 3.4.3 DDR3 3.4.4 RAM (MHz) 1333 3.4.5 (.. latency ) 3.4.6 (.. -ECC) 3.5 (FSB) 3.6 DVD RW 3.7 VGA 4. ( ) 4.1 Ethernet Gigabit 10/100/1000 BaseT ( 1 ) 4.2 802.3ad link aggregation 4.3 active-active 4.4 Auto Sense speed/duplex mode 4.5 vlan tagging 802.1Q 4.6 IEEE quality of service 802.1p 4.7 USB ( ) 5. ( 03-01.03 19 25
ÇÈ «...-... ISO27001» C: / ) 5.1 RAID-1.. 5.2 2 5.3 Hot-Swap 5.4 250 GB 5.5 Serial Attached SCSI (SAS) 5.6 (rpm) 5.7 Cache (MB) 5.8 (GB/s) 6. 6.1 6.2 7. 7.1 (, RDBMS ) 7.2 (.. open source, unlimited use, per server, per cpu, per named user..). 7.3,. 7.4 (administration reference manuals) 8. - 8.1 / (remote power on/off) reboot stand-by. 8.2 Remote Wake on LAN 8.3 SNMP, ( email ) 8.4 03-01.03 20 25
ÉÊ «...-... ISO27001» C: / () (). 8.5 : 8.6 : C3.3 ( 2) / 1. 2. 3. 4. 5. 6. 7. 8..4.1.4.2.4.3.4.5.4.6.4.7.4.8 «...... ISO 27001».4.9 03-01.03 21 25
ËÌ «...-... ISO27001» C: C4. :,. C4.1 / (, ) (unified rate). / ( ). / (.., ), /. / 1. 3 / 2. (Senior Experts) / 3. (key experts) / 4. (non-key experts) / 5. / [] C4.2 2 C4.2.1 (. 4.1, 4.2, 4.3, 4.5, 4.7, 4.8, C3.3) / 1. 1.1. 1 1.2. 2 1.3. [] * [] [] 2. 3, (.. ) 03-01.03 22 25
ÍÎ «...-... ISO27001» C: 2.1. 1 2.2. 2 2.3. 3. N 3.1. 3.2. N * C4.1. C4.2.2 (. 4.6, C3.3) / [] * [] [] * C4.1. C4.2.3 ( 2) / [] * [] [] C4.3 3 C4.3.1 (. 4.4) / [] [] [] * [] 1 2 3 * (. 4.9.1). 03-01.03 23 25
ÏÐ «...-... ISO27001» C: C4.3.2 (. A4.4) / [] [] [] * [] 1 2 3 * (. 4.9.1). C4.3.3 ( 3) / [] [] [] C4.4 / 1 ( C4.2.1) ( 2 C4.2.2) 2 3 ( C4.2.3) 2 [] [] [] 4 ( C4.3.1) 5 ( C4.3.2) 6 3 ( C4.3.3) 3 03-01.03 24 25
ÑÒ «...-... ISO27001» C: C4.5 * 1 2 3 ( ) [] ( ) [] 3 ( ) [] [] 3 ( ) [] 3** * : ** ( C4.5) «3 ( )» «3» «( )» C4.4. C4.6 C4.6.1 03-01.03 25 25
«μ ε τ η σ υ γ χ ρ η μ α τ ο δ ό τ η σ η τ η ς Ε λ λ ά δ α ς κ α ι τ η ς Ε υ ρ ω π α ϊ κ ή ς Έ ν ω σ η ς» / / /. ÓÔÕÖ (... ) "...-... ISO27001" «, -» 2007-2013 (.. : 370535) * (30//3/21-3-14.) "...-... ISO27001"
-...3 1...7 1. 2...9 2. - 3......11 3. 4......11 4. 5. 5......12 6. 6......12 7. 8. - 9. 10. 11. 7......14 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 03-01.03 2 20
24. 25. - 26. 1: - 2: 3: 4: 5:. : /..2013..,.. : ) - (. 8), «-», )..,.. :., : 1.. 2362/95. 2. 2004/18/ 31 2004,, 2005/51/ 2005/75/ 16 2005. 3. (). 213/2008 28 2007 (). 2195/2002 (CPV) 2004/17/ 2004/18/, CPV. 03-01.03 3 20
4. To..60/07 ( 64//07) «2004/18/,» 2005/51/ 2005/75/ 16 2005. 5. 1336/2013 2004/17/, 2004/18/ 2009/81/ 6. 118/07 ( 150//10-07/07),. 7..2741/99 ( 199//99) 8 «,». 8..3886/10 ( 173/30-09-2010) «89/665/ 21 1989 (L395) 92/13/ 25 1992 (L76), 2007/66/ 11 2007 (L335)». 9. ( 237/5-12-2012), 11.3886/10. 10..3588/2007 /153/10-7-2007. 11..3614/07 «, 2007-2013» ( 267/./03-12-07).3840/2010 «, () 2007-2013» (53//31-03-10). 12.. 2472/1997,. 3471/2006 «. 2472/97»,. 3783/2009. 3917/2011 «,». 13..3882/2010 ( 166//22-09-2010) «2007/2/ 14 2007». 03-01.03 4 20
14..3861/2010 (112//13-7-2010) «,». 15.. 4013/11 «. 3588/07 ( )». 16. 11. 4013/11 10.4038/12... 1/2380/2012 ( 3400). 17..4.3. 4013/11 (204/. /15-09-11,. 61,. 5. 4146/13 ( 90/./18-04-13). 18. 21.4111/2013 ( 18/25.01.2013) 19..4156/2013 ( 122/31.05.2013) 20. 26.4024/2011. 21. 21 3871/10. 22. 5.861/79.. -. 23... 266/89 «-». ) : 24. 1108437/2565//15-11-05 (.1590//2005). 25. 1/1105/2-3-06 «2004/18/». 26... 4483/25-06-2012 : " «, -» MIS 370535 """ 690.104,48 ( ),. 27... 1576/16-07-2013 : "1 «, 03-01.03 5 20
-», MIS 370535 "" 2007 2013", ( 2 3) 510.155,48 ( ) : - ISO27001 462.855,19, - 47.299,99 28... 23//35/3046/05.06.2013 - «2007-2013».. 29... 35//16/30-08-13 /.... : ) #510.155,48# /,, «- ISO27001, -» ) #14.190,00# / - (3). 30. 149/32/05-09-13.. -. 31.. 3202/30-10-13 2: «- ISO27001» 3: «, -» «, -» «2007-2013» ( 370535). 32... /.43.4/3093/30-10-2013,,... - «- 03-01.03 6 20
ISO27001» 510.155,48. 33. T.. 25693/438/10021/14-01-14, -. 34... 43283/419/12-02-14, - 2014 2015 35... 247/14-03-14 2014.... -... 30//3/21-3-14 -, "...-... ISO27001" ( )., : 1 1:,,, : :... (...-...). 8,.. 102 41,. / & 3. 16, 10241,. : 36//../.. -. : :, :, : : 03-01.03 7 20
/ :...-... ISO27001, 2,,. : -,. : 36///.. -. : -,,,,. (...):,,,,,. :, -. :. (....., -) :. - 03-01.03 8 20
2 2 : "...-... ISO27001", 30//3/21-3-14 -,.... -,... 2.1.,. ()...-..., ISO 27001:2005,...-...,...-... ISO 27001:2005.. 2, : 2: - ISO 27001. 3:, -., 2 : ISO 27001:2005.,,,,,, ISO 27001:2005.,,.. 03-01.03 9 20
3,,. 2.2., (ØÙ ÚÛÜ )....-... ISO 27001:2005. ISO 27001:2005..,...-... ISO 27001:2005,,...-.... 2.3., -,,. 2.4. 2.4.1, ( ),. 2.4.2, 03-01.03 10 20
. 3 3 -,,.,.2.6.,, -. : 1.. 2.. 3. ( ) 4. 4 4.1. "...-... ISO27001",.5.1.,. 4.2.,. 03-01.03 11 20
,,,. 4.3.,,,,. 5 To IKA-ETAM..,,. 5 6-6.1.,.6.6. 6.2.,,, '. 6 7 -,. 03-01.03 12 20
8 -, ( ),.5.2.... 2238/94 ( 151//94). 0,10%,,,. 3%, 0,003% 20%, 0,0006% 0,1036%,,,,,,.. 2, 2.1. 35... (..118/07). 9. 10.5.5 11.,. 10%., 03-01.03 13 20
. ( ).,.. 118/07.,.5.4. 7 12 12.1 ( ) IKA. - -,.. -. 12.2 ( ) ( ), :. -.,,,,.,. 03-01.03 14 20
, -., -,. -,,, -,.,,. 13 -,,,,,,,..,,,,,,,.,.5.9. 14 - - - -, :, -. 03-01.03 15 20
,,,.., -,,. -, - -,,.,.5.8 15 ( ).,..,, - (20),. - (20). 16 - (),, (,, ),,. 17-03-01.03 16 20
..,,,. 18. ( ) IKA. /, -,,. - : - 28 12, :.. : Fax: - :... 19 -., 03-01.03 17 20
,.,. 20 - -.,. 21 - - :. -.,,,.. -., -,,, ( ),, -., -:,,,.,,, ( ) ( ). 03-01.03 18 20
,,.. 118/07. 22 -,,,. 23 -... 24.6.5. 25 -, -,...-... 01/2011 10/2011, :,, (Disaster Recovery Plan). 26 -. :. 36/../........ 30//3/21-3-14.. 03-01.03 19 20
, (2)...-... 1: - 2: 3: 4: 5:. : /..2013 03-01.03 20 20