SIA, ISR,

ADSIC and ADHICS

Multiple Mandated Regulations –
One Cyber Security Partner

SIA – Signals Intelligence Agency

Consulting To Help Sync With SIA Mandates

The Signals Intelligence Agency (SIA), earlier known as National Electronic Security Authority (NESA), as authorized by the United Arab Emirates (UAE) government, is responsible for improving national cyber security by protecting its information and communications infrastructure. As part of this mandate, NESA has developed Information Assurance (IA) standards to provide security compliance requirements for entities that support critical national services across all sectors to have a minimum level of security.

At Green Method, we ensure that companies in UAE match up to the standards set by SIA, by delivering diverse consulting services around security assessments, testing, technology-based mitigations, etc.

  • SIA Gap Assessment
  • SIA Risk Assessment
  • SIA Risk Treatment Plan
  • SIA Policies & Procedures
  • Security Testing – Security Awareness
  • Technology Implementations
  • SIA Progress Reviews
  • SIA Internal Audits

ISR – Information Security Regulation

Guiding Government Entities To A Secured Tomorrow

Dubai Government Information Security Regulation (ISR) provides knowledge of key practices in information security, to be adopted by all Dubai Government Entities (DGEs). The regulation is to encourage the employees to adopt information security best practices and ensure the deployment of effective techniques to respond to security incidents.

ISR’s Purpose

  • To provide all DGEs with the standards and minimize information security-related risks and damages by preventing and/or minimizing threat incidents.
  • To preserve an appropriate level of confidentiality, integrity, and availability for information assets handling controls in DGEs.

The Goals

  • Establish a Government wide-regulatory approach to information security
  • Prescribe high-level mechanisms that help identify and prevent information security compromises to preserve the reputation of DGEs
  • Identify the responsibilities to maintain a good information security practice environment

The Green Method Role In ISR Readiness

At Green Method, we leverage the vast domain expertise in information security along with the regional track record (particularly in Dubai), assisting the DGEs to adhere to Standards prescribed by Dubai ISR. With a decade-plus knowledge of the city’s topology, we are the best-positioned partner for DGEs to be rapidly compliance-ready with the ISR standards.

ADSIC – Abu Dhabi Systems & Information Centre

Helping Fortify Information Security In The Zone

Abu Dhabi Systems & Information Centre (ADSIC) provides a holistic approach to enhance information security for the Abu Dhabi Government. This program’s goal is to ensure the security of sensitive government information throughout its lifecycle, within the service as well as the automated systems where the data is processed.

ADSIC vision, goals, and policies are derived from established standards, including ISO/IEC 27001 and 27002 – tailored to fit the specific requirements of the Abu Dhabi Government.

ADSIC Standards Inclusions

  • The Abu Dhabi Information Security Policy establishes the overall direction for the Government-wide Information Security Program and its roles and responsibilities.
  • Supporting the Information Security Policy is the Information Security Standards document, which provides the controls necessary to meet the Program management and functional policies. The controls in the Information Security Standards document relate to 51 control objectives, identifying the unique targets for each of the 14 policies. These objectives constitute major initiatives of the Information Security Program and are aligned with ISO 27002.

ADSIC procedural and functional guides on implementing management and functional control processes.

  • Abu Dhabi Risk Management Guide
  • Abu Dhabi Risk Assessment Guide
  • Abu Dhabi Information Security Planning Guide
  • Abu Dhabi Security Testing & Evaluation Guide
  • Abu Dhabi Certification & Accreditation Guide
  • Functional Guides
  • Abu Dhabi Information Security Technical Testing Guide
  • Abu Dhabi Policies and Procedures Guide

ADSIC Adoptions – The Steps We Take

Leveraging our depth of experience in providing ISMS Services over the years, we assist Abu Dhabi based organizations to comply with the ADSIC regulations.

  • Preparing for ADSIC Certification and Accreditation
  • Carrying out Risk Assessments
  • Developing the Information Security Plan
  • Configuration Reviews, Vulnerability Tests, Penetration Tests, and Application Assessments

A major differentiator is our simultaneous implementation services for ISO 27001/ISO 27002 and ADSIC. Since there is a significant overlap between the standards, a joint implementation with limited additional efforts would help the organizations to adhere to both the standards.

ADHICS – Abu Dhabi Healthcare Information & Cyber Security Standards

Abu Dhabi Healthcare Information & Cyber Security Standard (ADHICS) covers all DOH regulated health care entities and services within the Emirate of Abu Dhabi, and shall be applicable to all healthcare/medical facility(s), healthcare professional(s) and support staff who have access to patients’ health/diagnostic/personal information, diagnostic lab(s), pharmacy(s) and insurance provider(s).

The requirements of this Standard are based on governmental and industrial demands, and Information Security and Cyber Security international best practices. DOH has invested time and effort to understand the demands, define Abu Dhabi Health Sector-specific Information and Cyber Security requirements, and define timelines towards compliance.

The Standard focuses on the specifics of protecting and/or securing personal health information. It defines the controls applicable to healthcare entities based on their capability, maturity and risk environment. Compliance with this Standard increases Information assurance level between healthcare entities, public (citizens, residents and visitors) and governmental bodies.

Simplifying Adoption Stories
Of UAE & GCC Regulations