First National Information Assurance certificate of compliance issued

Doha: Within the National Information Security Compliance framework (NICSF), the National Governance and Assurance Affairs at the National Cyber Security Agency has issued the first National Information Assurance (NIA) certificate of compliance to the Public Prosecution which was later awarded to Microsoft. 

The NIA Certification for organisations’ Information Management Systems is granted upon demonstrating compliance with NIA Policy and NIA Manual requirements.

All organisations that have information infrastructure that is critical to Qatar are required to obtain certification of compliance. 

This came during a conference entitled ‘Cyberspace in the State of Qatar: Compliance and Assurance’ to promote and raise awareness about the role of the Agency around the topic of Compliance and Assurance organised by National Cyber Security Agency at the Sheraton Doha Hotel yesterday.

Minister of Transport H E Jassim Saif Ahmed Al Sulaiti and President of the National Cyber Security Agency H E Eng Abdulrahman bin Ali Al Malki attended the conference.

Al Malki said that in the past decade, Qatar has witnessed a great development in the field of cybersecurity, as the country with its various parties worked to raise the readiness of institutions to address cyberattacks and create awareness about various threats.

He said that the State has made various efforts in strengthening the role of the private sector, service providers and the supply chain as key partners in ensuring cybersecurity.

Al Malki said that on top of these efforts was joining the common criteria scheme in 2015, which is considered one of the most important global systems in examining and evaluating devices and applications. 

Director of National Governance and Assurance Affairs at the National Cyber Security Agency Eng. Dana Al Abdullah said: “Qatar is keen to be proactive and keep pace with the continuous changes in the cybersecurity landscape, as we have adopted the approach of shared responsibility and involve the private sector and the supply chain in this responsibility through multiple programs.”

She added: “The accreditation programmes for cyber service providers were the first step to open bridges of mutual cooperation, and this resulted in knowing the readiness of the Qatari market for this type of partnership between the public sector and the private sector, as well as knowledge of the need of the public sector for this type of activity based on mutual trust and enhancing the importance of governance and assurance.”

Director of the Information Systems Department at the Public Prosecution, Mariam Haji said: “The Public Prosecution has embarked on the project of complying with the national information assurance standards. This initiative was sponsored, supervised and followed up by the senior administration represented by His Excellency the Attorney General. Thus, the Public Prosecution is the first entity in the country to attain the certification in order to support the national trends in the transition to a secure digital society.”

Under the Qatar Common Criteria scheme (QCCS) The National Cyber Security Agency recognized the IT security vetting labs of: TUV Informationstechniik GmbH- Germany, Beam Teknoloji- Turkey and the National Testing and Vetting Laboratory. In addition, Advisory Accreditations were awarded to Deloitte & Touche Qatar and PricewaterhouseCoopers-Qatar. DERMALOG Identification Systems-GmbH Germany and Huawei Technologies Co. Ltd-China were awarded with certificates of compliance under QCCS. 

During the conference, the National Cyber Security Agency and Crest International signed a memorandum of understanding (MoU) which aimed at raising competencies and capabilities in the field of information security by offering international accreditation certificates for service providers and professional certificates for individuals working in this field.  The Cyber Security Agency aims to maintain and regulate the national cybersecurity and to promote and protect the vital interests of the state of Qatar in the face of cyberspace threats through programs and projects, most notably the programs of which are compliance with national information security standards and accreditations.