Security Risk Assessment and Management for ESOC’s Mission Operations Infrastructure Data Systems

ESA’s Space Operations Centre (ESOC) has established an Information Security Management System (ISMS) for the Missions Operation Infrastructure (MOI), achieving the ISO27001 certification April 2013. One key factor of the ISMS is the security risk assessment and the overall risk management, i.e. the methodology followed to identify, analyze and treat security risks. The paper presents the current risk management methodology which is based on lessons learned from previous risk assessments and aligned to the general corporate risk management.