In daily business and as an objective testing and certification basis, A-SIT applies both formal standards as well as recognized and established standards. Moreover, A-SIT verifies their practical implementation in particular as a subject of the expert’s work to determine profound opinions and issue official certificates.
A-SIT-Portfolio. In addition, A-SIT contributes its expertise to standardisation processes. A-SIT’s know-how is both collected and helps partners in addition to specialists from industry and research, the consumer side as well as delegations from the government sector. A-SIT’s tasks include services in the area of the development from scratch as well as the updating or expanding of existing standards. Furthermore, A-SIT conducts assessments and executes investigations of existing services or products to evaluate if they meet the specified requirements.
IT-Security and Standardisation. Because of this always forward-looking strategic decision, we can introduce objective and neutral ideas and integrate our know-how to co-create coordinated security guidelines. As a result, the contributions provide an added value in our social environment. Here, A-SIT’s focus in the matter of IT security concerns is primarily assigned to:
- Smart cards and secure elements
- Digital identities
- Electronic identification
- Cryptography and encryption technology
- Service management and IT governance
- Technical and organizational IT security concerns
- Payment systems and settlement systems
Contributions in Standardisation. Thanks to our efforts in terms of standardisation in advanced future sectors, we are gaining a profound know-how. We apply our findings to the projects and sustainably reduce the uncertainty for A-SIT’s project partners. This knowledge is a central factor in our society today. A brief extract from memberships and working groups in relevant standardisation bodies of the Austrian Standards Institute (ASI):
- Committee 001 (Information technology)
- Working Group 001.27 (IT Security, Service Management and IT Governance)
- Working Group 001.17 (Cards and personal identification, Biometrics)
Feasibility. The developed and applied standards that are used represent the national, regional and international state of the art. Besides, such standards are therefore based on international best practices. In particular, this includes national legal requirements (e.g. SVG, SVV), European legal Standards (eIDAS, GDPR, NIS-Directive etc.) or standards concerning frameworks about the state of the art in terms of technical-organizational requirements (CEN, Common Criteria for Information Technology, DIN, EESSI, ETSI, IETF, ISO, ITSEC, NIST, ÖNORM, Protection Profiles, SOG-IS, WebTrust for CA etc.).