Supply Chain Toolbox Resources

You can use the filter menu below using the relevant criteria.


European Electronic Communications Code (EECC)


Tuesday 11 Dec 2018 | Build | Concept | Deployment | Design and Development |

The European Electronic Communications Code Directive (EECC) updates the regulatory framework to reflect evolving technologies and developments in the way people communicate. The EECC introduces a renewed focus on increasing regulatory ...

NCSC Supply chain security guidance


Friday 16 Nov 2018 | Build | Decommissioning | Delivery | Deployment | Design and Development | Operational | Procurement |

This guidance outlines a series of 12 principles designed to help establish effective control and oversight of a supply chain. It recognises that most organisations are reliant upon suppliers to deliver products, systems and services ...

GSMA IoT Security Assessment Checklist


Sunday 30 Sep 2018 | Build | Concept | Decommissioning | Delivery | Deployment | Design and Development | Operational | Procurement |

Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain. The GSMA, together with ...

ANSSI Transposition of NIS


Saturday 15 Sep 2018 | Operational |

Regulatory framework for Operators of Essential Services (OESs) and Digital Service Providers (DSPs) to enhance cybersecurity that is essential to the functioning of the economy and society. N.b. mobile Operators are not specified in ...

TOGAF Standard Version 9.2


Monday 16 Apr 2018 | Operational |

The Open Group Architecture Framework (TOGAF) is an enterprise architecture methodology and framework. A key part of TOGAF is the iterative Architecture Development Method (ADM) for developing and refining and ...

IR.34 Guidelines for IPX Provider networks


Monday 18 Dec 2017 | Operational |

The document provides a brief introduction to the requirements for IP interworking and the IPX network including technical architectures, high-level technical requirements including Security, Quality of Service and Traffic applications ...

FS.07 SS7 and SIGTRAN Network Security


Thursday 9 Nov 2017 | Deployment | Operational |

This document provides an overview of SS7 and SIGTRAN and how to handle SS7 messages on the edge of the network. It includes an SS7 and SIGTRAN security analysis and provides a set of countermeasures that can be deployed e.g. filtering ...

SG.22 SMS Firewall Best Practices and Policies


Tuesday 8 Aug 2017 | Operational |

SMS Firewalls provide a mechanism to combat SMS spoofing and faking by unauthorised parties. This document provides high level guidelines to help Operators implement and manage policies for SMS firewalls and to provide suggestions, ...

FS.25 Requirements for Mobile Device Software Security Updates


Tuesday 8 Aug 2017 | Decommissioning | Operational |

Establishes high level requirements on device manufacturers and mobile Operators to manage security updates to mobile device software, with a particular focus on critical security updates which need to be deployed widely and quickly ...

IR.82 SS7 Security Network Implementation Guidelines


Thursday 3 Nov 2016 | Deployment | Operational |

This document outlines general SS7 security measures (MAP and CAP signalling), including measures specific to SMS security, and the possible enforcement point for each measure. For maximum benefit, It should be read in conjunction with ...

ISO 2700 Series: Information Security Management


Tuesday 1 Nov 2016 | Operational |

Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the ...

IMEI Security Technical Design Principles


Monday 1 Aug 2016 | Build | Design and Development | Operational |

This document helps device manufacturers develop a comprehensive security architecture that facilitates the deployment of a range of solutions to protect the platform on which the IMEI mechanism is ...

BNetzA Catalogue of Security Requirements


Thursday 7 Jan 2016 | Operational |

Security requirements and recommendations for the operation of telecommunications and data processing systems as well as for the processing of personal data. Audience: Risk practitioner, Legal, Technical security ...

SG.15 Guidance for operators on the use of security mechanisms


Friday 12 Dec 2014 | Operational |

This document provides guidance on how Operators use the GSM and GPRS systems, above simple adherence to the 3GPP technical standards, to indicate best working practice. It includes a number of aspects such as Subscriber Identity ...