UAE Information Assurance (IA) Assessment
By : 6clicks
The UAE Information Assurance (IA) Standards are designed to mitigate cyber threats and ensure the development of secure national information and communication infrastructure and cyberspace in the UAE.
In stock
Details
This download includes the UAE Information Assurance (IA) Standards and mapped questions that you can use to assess your organisation.
The UAE Information Assurance (IA) Standards is designed to mitigate cyber threats. and ensure the development of secure national information and communication infrastructure and cyberspace in the UAE.=
The UAE Information Assurance (IA) Standards includes 188 controls across the following 2 areas, 15 domains and 66 subdomains:
Management:
M1 STRATEGY AND PLANNING
- M1.1 ENTITY CONTEXT AND LEADERSHIP
- M1.2 INFORMATION SECURITY POLICY
- M1.3 ORGANIZATION OF INFORMATION SECURITY
- M1.4 SUPPORT
M2 INFORMATION SECURITY RISK MANAGEMENT
- M2.1 INFORMATION SECURITY RISK MANAGEMENT POLICY
- M2.2 INFORMATION SECURITY RISK ASSESSMENT
- M2.3 INFORMATION SECURITY RISK TREATMENT
- M2.4 ONGOING INFORMATION SECURITY RISK MANAGEMENT
M3 AWARENESS AND TRAINING
- M3.1 AWARENESS AND TRAINING POLICY
- M3.2 AWARENESS AND TRAINING PLANNING
- M3.3 SECURITY TRAINING
- M3.4 SECURITY AWARENESS
M4 HUMAN RESOURCES SECURITY
- M4.1 HUMAN RESOURCES SECURITY POLICY
- M4.2 PRIOR TO EMPLOYMENT
- M4.3 DURING EMPLOYMENT
- M4.4 TERMINATION OR CHANGE OF EMPLOYMENT
M5 COMPLIANCE
- M5.1 COMPLIANCE POLICY
- M5.2 COMPLIANCE WITH INFORMATION SECURITY LEGAL REQUIREMENTS
- M5.3 COMPLIANCE WITH NON-TECHNICAL REQUIREMENTS
- M5.4 COMPLIANCE WITH TECHNICAL REQUIREMENTS
- M5.5 INFORMATION SYSTEMS AUDIT CONSIDERATIONS
M6 PERFORMANCE EVALUATION AND IMPROVEMENT
- M6.1 PERFORMANCE EVALUATION POLICY
- M6.2 PERFORMANCE EVALUATION
- M6.3 IMPROVEMENT
Technology:
T1 ASSET MANAGEMENT
- T1.1 ASSET MANAGEMENT POLICY
- T1.2 RESPONSIBILITY FOR ASSETS
- T1.3 INFORMATION CLASSIFICATION
- T1.4 MEDIA HANDLING
T2 PHYSICAL AND ENVIRONMENTAL SECURITY
- T2.1 PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
- T2.2 SECURE AREAS
- T2.3 EQUIPMENT SECURITY
T3 OPERATIONS MANAGEMENT
- T3.1 OPERATIONS MANAGEMENT POLICY
- T3.2 OPERATIONAL PROCEDURES AND RESPONSIBILITIES
- T3.3 SYSTEM PLANNING AND ACCEPTANCE
- T3.4 PROTECTION FROM MALWARE
- T3.5 BACKUP
- T3.6 MONITORING
T4 COMMUNICATIONS
- T4.1 COMMUNICATIONS POLICY
- T4.2 INFORMATION TRANSFER
- T4.3 ELECTRONIC COMMERCE SERVICES
T4.4 INFORMATION SHARING PROTECTION
- T4.5 NETWORK SECURITY MANAGEMENT
T5 ACCESS CONTROL
- T5.1 ACCESS CONTROL POLICY
- T5.2 USER ACCESS MANAGEMENT
- T5.3 USER RESPONSIBILITIES
- T5.4 NETWORK ACCESS CONTROL
- T5.5 OPERATING SYSTEM ACCESS CONTROL
- T5.6 APPLICATION AND INFORMATION ACCESS CONTROL
- T5.7 MOBILE DEVICES ACCESS CONTROL
T6 THIRD-PARTY SECURITY
- T6.1 THIRD-PARTY SECURITY POLICY
- T6.2 THIRD-PARTY SERVICE DELIVERY MANAGEMENT
- T6.3 CLOUD COMPUTING
T7 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT, AND MAINTENANCE
- T7.1 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND MAINTENANCE POLICY
- T7.2 SECURITY REQUIREMENTS OF INFORMATION SYSTEMS
- T7.3 CORRECT PROCESSING IN APPLICATIONS
- T7.4 CRYPTOGRAPHIC CONTROLS
- T7.5 SECURITY OF SYSTEM FILES
- T7.6 SECURITY IN DEVELOPMENT AND SUPPORT PROCESSES
- T7.7 TECHNICAL VULNERABILITY MANAGEMENT
- T7.8 SUPPLY CHAIN MANAGEMENT
T8 INFORMATION SECURITY INCIDENT MANAGEMENT
- T8.1 INFORMATION SECURITY INCIDENT MANAGEMENT POLICY
- T8.2 MANAGEMENT OF INFORMATION SECURITY INCIDENTS AND IMPROVEMENTS
- T8.3 INFORMATION SECURITY EVENTS AND WEAKNESSES REPORTING
T9 INFORMATION SYSTEMS CONTINUITY MANAGEMENT
- T9.1 INFORMATION SYSTEMS CONTINUITY MANAGEMENT POLICY
- T9.2 INFORMATION SECURITY ASPECTS OF INFORMATION CONTINUITY MANAGEMENT
- T9.3 TESTING, MAINTAINING, AND REASSESSING PLANS
Getting Started
Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.More Information
Jurisdiction | United Arab Emirates |
---|---|
Type | Assessment |