SAB autonomy and independence

The autonomy and independence of the SAB rely on a combination of elements of different natures:

1. Autonomy and independence of people managing and involved in accreditation activities to support the decisions;
2. Information channels to report any circumstances that could hamper the SAB autonomy or independence and capability to take appropriate mitigation measures;
3. SAB decisions made by consensus as a standard rule;
4. SAB access to all the human and material resources required to perform its tasks independently.
5. Confidentiality rules as set out in the SAB Rules of Procedure;
6. Prevention and Management of the Conflict of Interest.

The SAB chairperson and deputy chairperson's autonomy and independence support the SAB in its tasks. Indeed, “the chairperson of the Security Accreditation Board shall ensure that the Board carries out its security accreditation activities independently” (Art. 83) and perform tasks supporting this independence. Among other things, the chairperson shall “manage the security accreditation activities under the supervision of the SAB” (Art. 83.1.a), “represent the Agency for the activities and decisions under Chapter II of Title V” (Art. 83.1.f), and exercise appointing authority powers with regard to the Agency’s staff involved in the activities under Chapter II of Title V (Art. 83.1.g) to ensure their independence in support to the SAB. 

A cooperation agreement is in place between the two appointing authorities of the Agency: the SAB chairperson and the Agency’s Executive Director [2]. The agreement implements the division of appointing authority power, recruitment planning, selection procedure, other staff and organizational matters, cooperation on administrative issues, prevention of conflict of interest and SAB independence.

In case circumstances may hamper the autonomy and independence of the SAB, several reporting and mitigation rules shall apply. The SAB Rules of Procedures [3], stipulates: “The Security

Accreditation Board shall immediately inform the Executive Director, the Administrative Board and the Commission of any circumstances that could hamper its autonomy or independence or that of staff performing the security accreditation activities”

To make decisions, the SAB Member States use the consensus as a standard rule and some decisions are prepared in SAB Member States only sessions to ensure they are made in a strictly independent manner following extensive exchanges with the Programme. They are then presented to the Programme for comments - if any - before being considered as final.

To support its independence, as stipulated in Regulation Article 82.1, “the Security Accreditation Board shall have access to all the human and material resources required to perform its tasks independently. It shall have access to any information useful for the performance of its tasks in

the possession of the other bodies of the Agency, without prejudice to the principles of autonomy and independence referred to in point (i) of Article 37.” In addition, the SAB with security checks such as audits or cyber penetration tests has its independent capabilities to access the information on the Programme status.

Every representative or person participating in SAB meetings shall submit a written Declaration of Commitments, Interest and Confidentiality as stated in article 15 of the SAB Rules of procedures. The Declaration shall be duly signed and indicate the absence or existence of any direct or indirect interest which might be considered prejudicial to the independence of the concerned person in performing the task in connection with the SAB activities. The Declarations are renewed annually.