Content library
Encryption
Encryption key inventory and management system
Technical cyber security
Encryption

Encryption key inventory and management system

Start free trial

Task description

Encryption key inventory and management system

The Encryption Key Management System (CKMS) handles, manages, stores, and monitors encryption keys. The management system can be implemented as an automated tool or as a more manual implementation.

The organization must have the means to monitor and report on all encryption materials and their status using an encryption key management system. The cryptographic key management system should be used at least to:

  • Track changes to cryptographic states
  • Generate and distribute cryptographic keys
  • Generate public-key certificates
  • For monitoring unidentified encrypted assets
  • For cataloging, archiving, and backing up encryption keys
  • Maintains a database of connections to an organization's certificate and encryption key structures

Requirements connected to the task

10.1.2: Key management
ISO 27017
14.5.9): Kriptografijos ir šifravimo
Kibernetinio Saugumo Įstatymas (Lithuania)
2.7.1: Establish crypto strategy in the organisation
NSM ICT Security Principles (Norway)
21.2.h: Encryption
NIS2 Directive
27.(e): Dublējumi un šifrēšana
Nacionālās kiberdrošības likums (Latvia)
30 § 3.8°: La cryptographie et du chiffrement
La loi NIS2 (Belgique)
9.8 §: Salaus
Kyberturvallisuuslaki (NIS2)
CC6.1c: Technical security for protected information assets
SOC 2 (Systems and Organization Controls)
Članak 30.1.h: Kriptografije
Zakon o kibernetičkoj sigurnosti (Croatia)

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Verifying achieved protection level from used cryptographic procedures
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

5.1.1: Cryptography management
TISAX
See all related requirements and other information from tasks own page.
Go to >
Verifying achieved protection level from used cryptographic procedures
Encryption of backup data
Critical
High
Normal
Low
Encryption
20
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
5.2.9: Backup and recovery management
TISAX
30 § 3.8°: La cryptographie et du chiffrement
NIS2 Belgium
2.9.4: Protect backups against intentional and unintentional deletion, manipulation and reading
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Encryption of backup data
Encryption of laptops
Critical
High
Normal
Low
Encryption
21
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
3.1.4: Management of IT and mobile data storage devices
TISAX
30 § 3.8°: La cryptographie et du chiffrement
NIS2 Belgium
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromised
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Encryption of laptops
Encryption key inventory and management system
Critical
High
Normal
Low
Encryption
12
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
30 § 3.8°: La cryptographie et du chiffrement
NIS2 Belgium
2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
14.5.9): Kriptografijos ir šifravimo
NIS2 Lithuania
See all related requirements and other information from tasks own page.
Go to >
Encryption key inventory and management system
Protection of data at rest
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

PR.DS-01: Data-at-rest is protected
NIST 2.0
PR.DS-1: Data-at-rest is protected.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Protection of data at rest
Defining technical rules for encryption of information
Critical
High
Normal
Low
Encryption
3
requirements

Examples of other requirements this task affects

5.1.1: Cryptography management
TISAX
14.5.9): Kriptografijos ir šifravimo
NIS2 Lithuania
30 § 3.8°: La cryptographie et du chiffrement
NIS2 Belgium
See all related requirements and other information from tasks own page.
Go to >
Defining technical rules for encryption of information
Encryption and addressing protections for secure data transfer
Critical
High
Normal
Low
Encryption
3
requirements

Examples of other requirements this task affects

5.1.2: Information transfer
TISAX
3.10: Encrypt Sensitive Data in Transit
CIS 18
Article 35: Data, system and network security
DORA simplified RMF
See all related requirements and other information from tasks own page.
Go to >
Encryption and addressing protections for secure data transfer
Viranomaishyväksyttyjen salausratkaisuijen käyttö
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUT
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Viranomaishyväksyttyjen salausratkaisuijen käyttö
Good encryption key management practices
Critical
High
Normal
Low
Encryption
16
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUT
Katakri 2020
6.6.3: Tekniset vaatimukset
Omavalvontasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Good encryption key management practices
Encryption of portable media
Critical
High
Normal
Low
Encryption
23
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromised
NSM ICT-SP
PR.PT-2: Removable media is protected, and its use restricted according to policy.
CyberFundamentals
PR.PT-2: Removable media
NIST
See all related requirements and other information from tasks own page.
Go to >
Encryption of portable media
Smartphone and tablet encryption
Critical
High
Normal
Low
Encryption
4
requirements

Examples of other requirements this task affects

10.1.1: Policy on the use of cryptographic controls
ISO 27001
Article 35: Data, system and network security
DORA simplified RMF
See all related requirements and other information from tasks own page.
Go to >
Smartphone and tablet encryption
General, risk-based encryption policy
Critical
High
Normal
Low
Encryption
13
requirements

Examples of other requirements this task affects

5.1.1: Cryptography management
TISAX
30 § 3.8°: La cryptographie et du chiffrement
NIS2 Belgium
14.5.9): Kriptografijos ir šifravimo
NIS2 Lithuania
I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUT
Katakri 2020
TEK-01.1: Verkon rakenteellinen turvallisuus - salaus yleisissä tietoverkoissa
Julkri
See all related requirements and other information from tasks own page.
Go to >
General, risk-based encryption policy
Secure transmission of confidential information over a data network
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

14 §: Tietojen siirtäminen tietoverkossa
TiHL
4.4: Salassa pidettävien tietojen siirtäminen yleisissä tietoverkoissa
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Secure transmission of confidential information over a data network
Aineiston sähköinen välitys (TL IV-II)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

I15: Aineiston sähköinen välitys
Katakri
I-15: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ – TIEDON SÄHKÖINEN VÄLITYS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Aineiston sähköinen välitys (TL IV-II)
Aineiston välitys postilla tai kuriirilla (TL IV)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

I16: Aineiston välitys postilla ja kuriirilla
Katakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLA
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Aineiston välitys postilla tai kuriirilla (TL IV)
Aineiston välitys postilla tai kuriirilla (TL III)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

I16: Aineiston välitys postilla ja kuriirilla
Katakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLA
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Aineiston välitys postilla tai kuriirilla (TL III)
Aineiston välitys postilla tai kuriirilla (TL II)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

I16: Aineiston välitys postilla ja kuriirilla
Katakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLA
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Aineiston välitys postilla tai kuriirilla (TL II)
Providing customers with encryption key management capabilities
Critical
High
Normal
Low
Encryption
4
requirements

Examples of other requirements this task affects

10: Cryptography
ISO 27017
10.1: Cryptographic controls
ISO 27017
10.1.2: Key management
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Providing customers with encryption key management capabilities
Regularly auditing encryption and encryption key management systems
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Regularly auditing encryption and encryption key management systems
Use of industry-approved cryptographic libraries
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Use of industry-approved cryptographic libraries
Encryption keys provisioned for unique purpose
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Encryption keys provisioned for unique purpose
Recycling encryption keys
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Recycling encryption keys
Revoking encryption keys
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Revoking encryption keys
Destruction of encryption keys
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Destruction of encryption keys
Activation of encryption keys
Critical
High
Normal
Low
Encryption
3
requirements

Examples of other requirements this task affects

2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
2.7.2: Activate encryption in services which offer such functionality
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Activation of encryption keys
Deactivating encryption keys
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Deactivating encryption keys
Encryption key temporary revocation
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Encryption key temporary revocation
Encryption key archival
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Encryption key archival
Encryption key recovery
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Encryption key recovery
Managing compromised encryption keys
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Managing compromised encryption keys
Considering encryption and cryptographic key management in risk management procedures
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Considering encryption and cryptographic key management in risk management procedures
Compliance of used cryptographic controls in relation to applicable requirements
Critical
High
Normal
Low
Encryption
4
requirements

Examples of other requirements this task affects

18.1.5: Regulation of cryptographic controls
ISO 27017
18.1.5: Regulation of cryptographic controls
ISO 27001
5.31: Legal, statutory, regulatory and contractual requirements
ISO 27001
2.7.1: Establish crypto strategy in the organisation
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Compliance of used cryptographic controls in relation to applicable requirements
Descriptions of used cryptography in relation to offered cloud services
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

18.1.5: Regulation of cryptographic controls
ISO 27017
See all related requirements and other information from tasks own page.
Go to >
Descriptions of used cryptography in relation to offered cloud services
Protection of data in transit
Critical
High
Normal
Low
Encryption
17
requirements

Examples of other requirements this task affects

PR.DS-2: Data-in-transit
NIST
21.2.h: Encryption
NIS2
Article 9a: Protection
DORA
5.1.2: Information transfer
TISAX
9.8 §: Salaus
Kyberturvallisuuslaki
See all related requirements and other information from tasks own page.
Go to >
Protection of data in transit
Salaus yleisissä tietoverkoissa
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-01.1: Verkon rakenteellinen turvallisuus - salaus yleisissä tietoverkoissa
Julkri
See all related requirements and other information from tasks own page.
Go to >
Salaus yleisissä tietoverkoissa
Salaaminen turva-alueiden ulkopuolella
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-01.4: Verkon rakenteellinen turvallisuus - salaaminen turva-alueiden ulkopuolella
Julkri
See all related requirements and other information from tasks own page.
Go to >
Salaaminen turva-alueiden ulkopuolella
Hallintayhteyksien salaaminen julkisessa verkossa
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-04.2: Hallintayhteydet - hallintayhteyksen salaaminen
Julkri
See all related requirements and other information from tasks own page.
Go to >
Hallintayhteyksien salaaminen julkisessa verkossa
Langattomien yhteyksien salaaminen
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-05: Langaton tiedonsiirto
Julkri
See all related requirements and other information from tasks own page.
Go to >
Langattomien yhteyksien salaaminen
Encryption solution and guidelines for personnel to encrypt transferred information
Critical
High
Normal
Low
Encryption
8
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
3.11: Encrypt Sensitive Data at Rest
CIS 18
27.(e): Dublējumi un šifrēšana
NIS2 Latvia
TEK-16: Tiedon salaaminen
Julkri
See all related requirements and other information from tasks own page.
Go to >
Encryption solution and guidelines for personnel to encrypt transferred information
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

TEK-04.6: Hallintayhteydet - turvallisuusluokiteltua tietoa sisältävät hallintayhteydet
Julkri
I-04: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – HALLINTAYHTEYDET
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

TEK-04.7: Hallintayhteydet - salaaminen turvallisuusluokan sisällä
Julkri
I-04: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – HALLINTAYHTEYDET
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Tiedon salaaminen langattomassa tiedonsiirrossa (TL IV)
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

TEK-05.1: Langaton tiedonsiirto - salaaminen
Julkri
I-05: SUOJATTAVIEN TIETOJEN SIIRTÄMINEN FYYSISESTI SUOJATTUJEN ALUEIDEN ULKOPUOLELLA - LANGATON TIEDONSIIRTO
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Tiedon salaaminen langattomassa tiedonsiirrossa (TL IV)
Turvallisuusluokiteltujen tietojen erottelu ja salaaminen (TL IV)
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-07.4: Pääsyoikeuksien hallinnointi - turvallisuusluokiteltujen tietojen erottelu
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokiteltujen tietojen erottelu ja salaaminen (TL IV)
Turvallisuusluokitellun tiedon salaaminen siirrettäessä turvallisuusalueiden ulkopuolelle (TL IV)
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-16.2: Tiedon salaaminen - turvallisuusluokitellun tiedon siirto turvallisuusalueiden ulkopuolella
Julkri
See all related requirements and other information from tasks own page.
Go to >
Turvallisuusluokitellun tiedon salaaminen siirrettäessä turvallisuusalueiden ulkopuolelle (TL IV)
Tiedon salaamisen lisävaatimukset (TL III)
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-16.4: Tiedon salaaminen - TL III
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tiedon salaamisen lisävaatimukset (TL III)
Tiedon salaamisen lisävaatimukset (TL I)
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

TEK-16.5: Tiedon salaaminen - TL I
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tiedon salaamisen lisävaatimukset (TL I)
Ensuring sovereignty of encryption keys
Critical
High
Normal
Low
Encryption
1
requirements

Examples of other requirements this task affects

5.1.1: Cryptography management
TISAX
See all related requirements and other information from tasks own page.
Go to >
Ensuring sovereignty of encryption keys
Management of encryption keys activation and end dates
Critical
High
Normal
Low
Encryption
2
requirements

Examples of other requirements this task affects

10.1.2: Key management
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Management of encryption keys activation and end dates
Revision of encryption methods and assessment of adequacy
Critical
High
Normal
Low
Encryption
13
requirements

Examples of other requirements this task affects

Članak 30.1.h: Kriptografije
NIS2 Croatia
9.8 §: Salaus
Kyberturvallisuuslaki
5.1.1: Cryptography management
TISAX
27.(e): Dublējumi un šifrēšana
NIS2 Latvia
21.2.h: Encryption
NIS2
See all related requirements and other information from tasks own page.
Go to >
Revision of encryption methods and assessment of adequacy
Encryption of server data
Critical
High
Normal
Low
Encryption
4
requirements

Examples of other requirements this task affects

10.1.1: Policy on the use of cryptographic controls
ISO 27001
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromised
NSM ICT-SP
PR.DS-10: Data-in-use is protected
NIST 2.0
3.11: Encrypt Sensitive Data at Rest
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Encryption of server data

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security