UAE Information Assurance (IA) Standards

By : 6clicks
The UAE Information Assurance (IA) Standards are designed to mitigate cyber threats and ensure the development of secure national information and communication infrastructure and cyberspace in the UAE.
In stock

Details

The UAE Information Assurance (IA) Standards is designed to mitigate cyber threats. and ensure the development of secure national information and communication infrastructure and cyberspace in the UAE.=

The UAE Information Assurance (IA) Standards includes 188 controls across the following 2 areas, 15 domains and 66 subdomains:

Management:

M1 STRATEGY AND PLANNING

  • M1.1 ENTITY CONTEXT AND LEADERSHIP
  • M1.2 INFORMATION SECURITY POLICY
  • M1.3 ORGANIZATION OF INFORMATION SECURITY
  • M1.4 SUPPORT

M2 INFORMATION SECURITY RISK MANAGEMENT

  • M2.1 INFORMATION SECURITY RISK MANAGEMENT POLICY
  • M2.2 INFORMATION SECURITY RISK ASSESSMENT
  • M2.3 INFORMATION SECURITY RISK TREATMENT
  • M2.4 ONGOING INFORMATION SECURITY RISK MANAGEMENT

M3 AWARENESS AND TRAINING

  • M3.1 AWARENESS AND TRAINING POLICY
  • M3.2 AWARENESS AND TRAINING PLANNING
  • M3.3 SECURITY TRAINING
  • M3.4 SECURITY AWARENESS

M4 HUMAN RESOURCES SECURITY

  • M4.1 HUMAN RESOURCES SECURITY POLICY
  • M4.2 PRIOR TO EMPLOYMENT
  • M4.3 DURING EMPLOYMENT
  • M4.4 TERMINATION OR CHANGE OF EMPLOYMENT

M5 COMPLIANCE

  • M5.1 COMPLIANCE POLICY
  • M5.2 COMPLIANCE WITH INFORMATION SECURITY LEGAL REQUIREMENTS
  • M5.3 COMPLIANCE WITH NON-TECHNICAL REQUIREMENTS
  • M5.4 COMPLIANCE WITH TECHNICAL REQUIREMENTS
  • M5.5 INFORMATION SYSTEMS AUDIT CONSIDERATIONS

M6 PERFORMANCE EVALUATION AND IMPROVEMENT

  • M6.1 PERFORMANCE EVALUATION POLICY
  • M6.2 PERFORMANCE EVALUATION
  • M6.3 IMPROVEMENT

Technology:

T1 ASSET MANAGEMENT

  • T1.1 ASSET MANAGEMENT POLICY
  • T1.2 RESPONSIBILITY FOR ASSETS
  • T1.3 INFORMATION CLASSIFICATION
  • T1.4 MEDIA HANDLING

T2 PHYSICAL AND ENVIRONMENTAL SECURITY

  • T2.1 PHYSICAL AND ENVIRONMENTAL SECURITY POLICY
  • T2.2 SECURE AREAS
  • T2.3 EQUIPMENT SECURITY

T3 OPERATIONS MANAGEMENT

  • T3.1 OPERATIONS MANAGEMENT POLICY
  • T3.2 OPERATIONAL PROCEDURES AND RESPONSIBILITIES
  • T3.3 SYSTEM PLANNING AND ACCEPTANCE
  • T3.4 PROTECTION FROM MALWARE
  • T3.5 BACKUP
  • T3.6 MONITORING

T4 COMMUNICATIONS

  • T4.1 COMMUNICATIONS POLICY
  • T4.2 INFORMATION TRANSFER
  • T4.3 ELECTRONIC COMMERCE SERVICES

T4.4 INFORMATION SHARING PROTECTION

  • T4.5 NETWORK SECURITY MANAGEMENT

T5 ACCESS CONTROL

  • T5.1 ACCESS CONTROL POLICY
  • T5.2 USER ACCESS MANAGEMENT
  • T5.3 USER RESPONSIBILITIES
  • T5.4 NETWORK ACCESS CONTROL
  • T5.5 OPERATING SYSTEM ACCESS CONTROL
  • T5.6 APPLICATION AND INFORMATION ACCESS CONTROL
  • T5.7 MOBILE DEVICES ACCESS CONTROL

T6 THIRD-PARTY SECURITY

  • T6.1 THIRD-PARTY SECURITY POLICY
  • T6.2 THIRD-PARTY SERVICE DELIVERY MANAGEMENT
  • T6.3 CLOUD COMPUTING

T7 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT, AND MAINTENANCE

  • T7.1 INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND MAINTENANCE POLICY
  • T7.2 SECURITY REQUIREMENTS OF INFORMATION SYSTEMS
  • T7.3 CORRECT PROCESSING IN APPLICATIONS
  • T7.4 CRYPTOGRAPHIC CONTROLS
  • T7.5 SECURITY OF SYSTEM FILES
  • T7.6 SECURITY IN DEVELOPMENT AND SUPPORT PROCESSES
  • T7.7 TECHNICAL VULNERABILITY MANAGEMENT
  • T7.8 SUPPLY CHAIN MANAGEMENT

T8 INFORMATION SECURITY INCIDENT MANAGEMENT

  • T8.1 INFORMATION SECURITY INCIDENT MANAGEMENT POLICY
  • T8.2 MANAGEMENT OF INFORMATION SECURITY INCIDENTS AND IMPROVEMENTS
  • T8.3 INFORMATION SECURITY EVENTS AND WEAKNESSES REPORTING

T9 INFORMATION SYSTEMS CONTINUITY MANAGEMENT

  • T9.1 INFORMATION SYSTEMS CONTINUITY MANAGEMENT POLICY
  • T9.2 INFORMATION SECURITY ASPECTS OF INFORMATION CONTINUITY MANAGEMENT
  • T9.3 TESTING, MAINTAINING, AND REASSESSING PLANS

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction United Arab Emirates
Type Laws or related obligations