Security Audit of the Judicial System

Full description of the project

The support project for the modernization of the judicial system of the Republic of Tunisia has provided for the development of an integrated Information System covering all the needs of the jurisdictions and the central services that supervise their activities.

A security audit mission of the existing Judicial Information System has been identified jointly by the Technical Assistance

The general objective of this mission is to define the policy of securing access to the Tunisian judicial information system.

The specific objectives are :

  • Raising awareness of decision-makers and MJDH staff on computer security;
  • Organizational and physical audit covering organizational security structures, the physical component, and possible management vulnerabilities;
  • Review of existing security policy documentation;
  • Methodical analysis for the identification of vulnerabilities and risk assessment;
  • The study of the procedures for defining, implementing, and monitoring the existing security policy;
  • The technical audit corresponds to the audit of the architecture and the survey of the network services, the audit of the systems, and the audit of the vulnerabilities;
  • The audit of the existing security architecture;
  • Verification of compliance with the technical aspects of the existing security policy;
  • Internal and external intrusive audits to determine the level of resistance of the system to a possible internal or external attack;
  • The delivery of recommendations on the organizational, physical, and technical aspects;
  • The delivery of a model of the security policy to be implemented;
  • The delivery of a security action plan model adapted to the MJDH system and a disaster recovery plan model to be implemented in the short, medium, and long term with a budget estimate of the recommended solutions.

The result of the security audit mission must essentially lead to improving the security level of the information system, defining the organizational structure involved in IT security, and raising the awareness of decision-makers and staff in order to ensure the application of the security policy when contributing to the development, operation, management and maintenance process of the newly deployed information system.

Pays

Tunisia

Bénéficiaire

Ministry of Justice and Human Rights

Organisme de financement

European Union (EU)

Full description of the project

The support project for the modernization of the judicial system of the Republic of Tunisia has provided for the development of an integrated Information System covering all the needs of the jurisdictions and the central services that supervise their activities.

A security audit mission of the existing Judicial Information System has been identified jointly by the Technical Assistance

The general objective of this mission is to define the policy of securing access to the Tunisian judicial information system.

The specific objectives are :

  • Raising awareness of decision-makers and MJDH staff on computer security;
  • Organizational and physical audit covering organizational security structures, the physical component, and possible management vulnerabilities;
  • Review of existing security policy documentation;
  • Methodical analysis for the identification of vulnerabilities and risk assessment;
  • The study of the procedures for defining, implementing, and monitoring the existing security policy;
  • The technical audit corresponds to the audit of the architecture and the survey of the network services, the audit of the systems, and the audit of the vulnerabilities;
  • The audit of the existing security architecture;
  • Verification of compliance with the technical aspects of the existing security policy;
  • Internal and external intrusive audits to determine the level of resistance of the system to a possible internal or external attack;
  • The delivery of recommendations on the organizational, physical, and technical aspects;
  • The delivery of a model of the security policy to be implemented;
  • The delivery of a security action plan model adapted to the MJDH system and a disaster recovery plan model to be implemented in the short, medium, and long term with a budget estimate of the recommended solutions.

The result of the security audit mission must essentially lead to improving the security level of the information system, defining the organizational structure involved in IT security, and raising the awareness of decision-makers and staff in order to ensure the application of the security policy when contributing to the development, operation, management and maintenance process of the newly deployed information system.

Country

Tunisia

Recipient

Ministry of Justice and Human Rights

Funding organization

European Union (EU)