Skip to main content
Version status: In force | Document consolidation status: Updated to reflect all known changes
Version date: 9 June 2023 - onwards
Version 2 of 2

5. Interpretation (Part 2)

In this Part -

"CSIRT" means the unit of the Department of the Environment, Climate and Communications known as the computer security incident response team;

"ENISA" means the European Union Agency for Network and Information Security;

"provider" means a provider of public electronic communications networks or of publicly available electronic communications services;

"security audit" means the process of examining and evaluating, by such means as are necessary, a provider's overall ability to appropriately manage the risks posed to the security of networks and services, including the provider's ability to prevent and minimise the impact of security incidents on users and on other networks and services;

"security incident" means any action that compromises the availability, authenticity, integrity or confidentiality of networks and services, of stored or transmitted or processed data, or of the related services offered by, or accessible via, those electronic communications networks or services;

"security measures guidelines" has the meaning given to it by section 7;