OECD, Working Party on Information Security and Privacy, The Development of Policies for the Protection of Critical Information Infrastructures (CII) (STI Digital Economy Paper 130) (2006) (full-text).
The study offers an analysis of the critical information infrastructures (CII) security policies in four countries — Canada, Korea, the United Kingdom, and the United States &mdashl with a focus on the drivers for and challenges to their development. It examines each country’s definition of the CII, risk management strategies, frameworks and policies regarding the CII, challenges to information sharing, and cross-border co-operation for addressing the risk to the CII. The report also identifies commonalities and differences in policies for protecting the CII across the countries. The study was expanded in 2007 to three additional countries.