Inception

*️⃣ As new information may be available since the drafting of the Terms of Reference, the inception period is dedicated to updating the project work plan and allocation of resources and report accordingly in the Inception Report.

*️⃣ Monitoring and reporting will be carried out during the whole implementation period. *️⃣ At the end of each month, a Progress Report will be drafted and presented to the Beneficiary and Contracting Authority.

*️⃣ In order to support the Serbian successful alignment with the EU acquis, a comprehensive analysis of legal framework will be provided. *️⃣ It will be mainly focused on providing gap analysis on the compliance of national legislation with EU acquis related to information security and overview of best comparative European legal practices. *️⃣ The analysis will identify requirements needed for successful transposition of key directives as well as for effective application of other relevant hard and soft law Union acquis.

ITE Assessment

*️⃣ The activity of the Office for IT and eGovernment (ITE) will be assessed against the provisions of ISO 27001 and ISO 20000 standards. *️⃣ The assessment will reveal the needed remediation actions that needs to be further implemented as precondition for achieving the certifications.

*️⃣ Following the assessment, the Office for IT and eGovernment will be assisted for the implementation of the remediation actions revealed by the assessment. *️⃣ At the end of this phase, ITE will be ready to start the certification process for ISO 27001 and ISO 20000.

ITE Certification

*️⃣ An independent auditor will perform the ISO 27001 and ISO 20000 certification audits after ITE would have implemented the remediations actions. *️⃣ At the end of these audits ITE will be certified for delivering e-services in full compliance with information security and service management standards.

PAI Assessments

*️⃣ A number of 91 Public Administration Institutions (PAI) will be assessed against the provisions of ISO 27001 standard. *️⃣ Following the assessment, each institution will receive a remediation plan for the actions needed to be implemented in order to achieve further ISO 27001 certification. *️⃣ They will also receive a clear roadmap towards the certification. *️⃣ From these 91 public administration institutions, the ones that will be directly involved in providing eGovernment services will be selected, proposed for ISO 20000 certification and will receive a clear roadmap towards ISO 20000 certification.

*️⃣ The last activity of the assignment will be the Project Closing. *️⃣ The Final Report will be produced and approved and this will mark the official end of the assignment.