SIA, ISR
Multiple Mandated Regulations –
One Cyber Security Partner
SIA – Signals Intelligence Agency
Consulting To Help Sync With SIA Mandates
The Signals Intelligence Agency (SIA), earlier known as National Electronic Security Authority (NESA), as authorized by the United Arab Emirates (UAE) government, is responsible for improving national cyber security by protecting its information and communications infrastructure. As part of this mandate, NESA has developed Information Assurance (IA) standards to provide security compliance requirements for entities that support critical national services across all sectors to have a minimum level of security.
At Green Method, we ensure that companies in UAE match up to the standards set by SIA, by delivering diverse consulting services around security assessments, testing, technology-based mitigations, etc.
- SIA Gap Assessment
- SIA Risk Assessment
- SIA Risk Treatment Plan
- SIA Policies & Procedures
- Security Testing – Security Awareness
- Technology Implementations
- SIA Progress Reviews
- SIA Internal Audits
ISR – Information Security Regulation
Guiding Government Entities To A Secured Tomorrow
Dubai Government Information Security Regulation (ISR) provides knowledge of key practices in information security, to be adopted by all Dubai Government Entities (DGEs). The regulation is to encourage the employees to adopt information security best practices and ensure the deployment of effective techniques to respond to security incidents.
ISR’s Purpose
- To provide all DGEs with the standards and minimize information security-related risks and damages by preventing and/or minimizing threat incidents.
- To preserve an appropriate level of confidentiality, integrity, and availability for information assets handling controls in DGEs.
The Goals
- Establish a Government wide-regulatory approach to information security
- Prescribe high-level mechanisms that help identify and prevent information security compromises to preserve the reputation of DGEs
- Identify the responsibilities to maintain a good information security practice environment
The Green Method Role In ISR Readiness
At Green Method, we leverage the vast domain expertise in information security along with the regional track record (particularly in Dubai), assisting the DGEs to adhere to Standards prescribed by Dubai ISR. With a decade-plus knowledge of the city’s topology, we are the best-positioned partner for DGEs to be rapidly compliance-ready with the ISR standards.
ADSIC – Abu Dhabi Systems & Information Centre
Helping Fortify Information Security In The Zone
Abu Dhabi Systems & Information Centre (ADSIC) provides a holistic approach to enhance information security for the Abu Dhabi Government. This program’s goal is to ensure the security of sensitive government information throughout its lifecycle, within the service as well as the automated systems where the data is processed.
ADSIC vision, goals, and policies are derived from established standards, including ISO/IEC 27001 and 27002 – tailored to fit the specific requirements of the Abu Dhabi Government.
ADSIC Standards Inclusions
- The Abu Dhabi Information Security Policy establishes the overall direction for the Government-wide Information Security Program and its roles and responsibilities.
- Supporting the Information Security Policy is the Information Security Standards document, which provides the controls necessary to meet the Program management and functional policies. The controls in the Information Security Standards document relate to 51 control objectives, identifying the unique targets for each of the 14 policies. These objectives constitute major initiatives of the Information Security Program and are aligned with ISO 27002.
ADSIC procedural and functional guides on implementing management and functional control processes.
- Abu Dhabi Risk Management Guide
- Abu Dhabi Risk Assessment Guide
- Abu Dhabi Information Security Planning Guide
- Abu Dhabi Security Testing & Evaluation Guide
- Abu Dhabi Certification & Accreditation Guide
- Functional Guides
- Abu Dhabi Information Security Technical Testing Guide
- Abu Dhabi Policies and Procedures Guide
ADSIC Adoptions – The Steps We Take
Leveraging our depth of experience in providing ISMS Services over the years, we assist Abu Dhabi based organizations to comply with the ADSIC regulations.
- Preparing for ADSIC Certification and Accreditation
- Carrying out Risk Assessments
- Developing the Information Security Plan
- Configuration Reviews, Vulnerability Tests, Penetration Tests, and Application Assessments
A major differentiator is our simultaneous implementation services for ISO 27001/ISO 27002 and ADSIC. Since there is a significant overlap between the standards, a joint implementation with limited additional efforts would help the organizations to adhere to both the standards.