REGLEMENTAREA EXERCITĂRII PROFESIEI DE AUDITOR DE SECURITATE CIBERNETICĂ ÎN ROMÂNIA
REGULATION OF THE PROFESSION OF CYBER SECURITY AUDITOR IN ROMANIA

Summary/Abstract: The sharp digitalization of the last decade, in the private sector, but also in the public sector, have determined the special concern for the security of information systems, including by adopting legal rules to ensure the appropriate legal framework for conducting activities under the new conditions. In view of these trends, but also assuming its obligations as a member state of the European Union, Romania has established the National Cyber Security Strategy and the National Cyber Security Directorate, adopted legal rules for the security of computer networks and systems, for cyber security auditing and auditors. Regulation of March 22, 2021 for the attestation and verification of cyber security auditors, approved by Order no. 559/2021, adopted by the General Secretariat of the Government and published in the Official Monitor of Romania no. 387 of April 14, 2021, Part I, provides the regulatory framework for a professional, fair, objective and impartial audit. This normative act regulates the attestation, suspension and revocation of the cyber security auditor certificate, the conduct of auditors, its verification and the application of sanctions, as well as the evidence of the auditors through the National Register of Cyber Security Auditors. It should be noted that the Regulation applies only to the attestation and verification of cyber security auditors who ensure the audit of networks and computer systems that support essential services or provide digital services, while the cyber security audit at other institutions may be performed without this attestation, the existence of a certification of this specialization, issued by a trainer from the public or private sector, being sufficient.

• Details
• Contents