We use cookies on this site to improve your user experience.

What is CSAM ?

CSAM is a set of agreements and rules to organise identity and access management within e-government.

CSAM provides both citizens and companies :

  • identification ;
  • authentication ;
  • authorisation ;
  • mandate management ;

Furthermore CSAM allows companies to organise and structure the administration of access rights for their collaborators.
CSAM is evolving constantly. Improvements are on their way, and in the long run new services will be offered.

Joint initiative of government services

CSAM came about due to the cooperation between the following government services:

  • the National Social Security Office ;
  • the Federal Government Service - BOSA DG DT ;
  • the Federal Government Service - Finance ;
  • the Crossroads Bank for Social Security ;
  • the Federal Government Service - Economy, SMEs, Tradespeople and Energy ;
  • the Federal Government Service - Home Affairs.

In addition, CSAM is supported by a growing number of government services. They call upon CSAM to organise access to their e-government services. Among them are the social security services, the Federal Government Service - Mobility, several public health agencies, the Justice department, the regions, local administrations, …

Context

For a number of years government agencies have increasingly offered online services to citizens and companies. e-Administration services of municipalities, the multifunctional Social Security declaration for employers (DmfA), Tax-on-web and the various online healthcare services are the best known examples.

e-Government offers many benefits, but there are also a number of associated conditions. For example, it is important to know the identity of the users (identification) and to sufficiently check them (authentication). The electronic identity card (eID) is the most secure and reliable tool for this.

When a citizen acts under his own name, for instance when completing his tax return via Tax-on-web, a normal identity check is sufficient. In some cases a specific attribute, such as age or place of residence, is also checked. This is, for example, the case for the National Lottery online gambling games: the system checks whether the user who wants to log in is over the age of consent.

Citizens can also act on behalf of a company. In that case the system must not only check the identity and possible attributes; it must also verify whether that person may perform specific operations on behalf of the company. 

Companies can manage access themselves via access management systems.

Belgium has various authorities each with their own government services: the federal level, the provinces, the municipalities and regions and the local governments. CSAM offers one common solution for access to the online services of all these authorities. This solution saves citizens and companies a great amount of paperwork, time and frustration, while at the same time offering the government economies of scale.

Strategic management model

Management committee

The Management Committee is composed of the most senior officials from each sponsor (chairperson of the Executive Committee or his authorised representative/delegate) of CSAM and the chairpersons of the operational management group.

The Management Committee is responsible for the management and evolution of CSAM at strategic level, including:

  • the approval of new members to CSAM ;
  • the designation of the chairpersons(s) of the CSAM operational management group ;
  • the designation of the members of the CSAM operational management group ;
  • the approval of strategic plans, prepared by a working group or by the operational management group ;
  • the follow-up of legal and compliance requirements

Operational Management Group

Each member of the management committee whose organisation offers a service which is placed under common management, delegates a representative in the operational management group.

The operational management group coordinates, gives tactical support and is responsible for the tactical follow-up at the level of services, among others in the area of:

  • the operation and the further evolution of the services ;
  • the preparation of strategic plans ;
  • the preparation of reports concerning strategic files and decisions to obtain approval from the Management Committee ;
  • communication with regard to services ;
  • the follow-up of questions from various stakeholders at the level of services ;
  • the follow-up of legal and compliance requirements in respect of services ;
  • the follow-up of risk analysis and information security of services ;
  • the follow-up of the compliance of the general conceptual framework ;

Strategic User Committee

The strategic user committee unites representatives of e-government services providers. It gives shape to the strategic direction of CSAM on the basis of their requirements and their contact with the end users of online services.

Representative governments and the parties which are directly involved with CSAM - parties which use services from CSAM and respect the CSAM rules - can become members of the strategic user committee.

The strategic user committee is involved, for instance, with the following aspects:

  • the specific aspects of the service, via the stakeholder management of the service concerned. This stakeholder management is managed at the level of the service.
  • the generic aspects within CSAM. This stakeholder management falls under the responsibility of the management group.

Both aspects are approached in an integrated manner so that the members of the strategic user committee get a clear picture of CSAM and its services and all the services can take account of their comments (for example, this prevents the resolution of a problem by service A but which continues to affect service B).