With this certification, the Kingdom of Bahrain is the first country in the Middle East to have received the ISO certification in the eGovernment field.
The eGovernment Authority is one of the few entities in Bahrain to receive such a certification on the performance of all its directorates, operations and services provided to the public. The ISO is a set of international standards to assess various industries and services, the ISO 27001 certification is an auditable international standards that have been specifically developed to evaluate the Information Security Management Systems (ISMS) and data protection.
The Belgium Group, Bureau Veritas (BVQI), which is specialized in auditing, testing and certification licensing , conducted the assessment and based on international standards and requirements of the quality of information security and protection; the Group awarded the eGovernment Authority the ISO certification after fulfilling the requirements and specifications of security standards.
The eGovernment Authority successfully accomplished all ISMS applications for ISO 27001, which included the development of services that provides support for citizens, residents and businesses in the Kingdom of Bahrain through its various channels such as eGovernment portal "bahrain.bh", mobile portal, eKiosks and eService Centers in an addition to other related infrastructures.
The CEO of eGovernment Authority, Mr. Mohammed Ali Al Qaed stated, "Receiving this certification is a clear demonstration of eGovernment Authority keenness to protect the security of information. Protecting sensitive information is a priority in our work and securing our clients' data is the measurement of our success."
He confirmed that this certification reinforces the confidence of our partners, clients, and all stakeholders who interact with the eGovernment.
"We, at the eGovernment Authority, believe that the protection of personal information is the exclusive right for everyone whether being a citizen, resident, visitor or business owner. To this end, we always seek to apply the best international practices and first class standards in the security field," Mr. Al Qaed added.
He pointed out that this certificate is an important milestone for the eGovernment Authority efforts, which inspires us to carry on maintaining the quality standards of the government services offered for all.
Mr. Al Qaed explained that the systems adopted by the eGovernment Authority receive masses of personal data entered by online users (citizens, residents, visitors and businesses). While continuously working to add more eServices for the benefit of its clients, the eGovernment Authority is keen to protect such information to the highest level of effectiveness and in compliance with the best professional standards.
The ISO 27001 standards include 10 categories: Information security policy, security organization, staff security, accessibility control elements, physical security, assets classification controls, continuous planning, telecommunication management and compliance. The eGovernment Authority was able to satisfy all these areas across all directorates and in all of its operations and service channels.
The eGovernment Authority has always based its work on three Principals; "Confidentiality/privacy" which ensures protection of information and prevents unauthorized persons from accessing or disclosing such information, Data "Integrity" that enables clients and stakeholders from outside the Authority to rely on the data; information through service channels provided by eGovernment Authority, and "Availability" to ensure that all eGovernment Authority services are accessible to public with the least possible effort.
It is worth mentioning that ISO has robust standards launched by the International Organization for Standardization ¡V commonly known as ISO- to audit information security and management systems related to products and services. ISO 27001is designed to protect the Confidentiality, Integrity, and Availability of data.
---
Autor(en)/Author(s): Rana Mesbah
Quelle/Source: AME Info, 21.11.2010
Bitte besuchen Sie/Please visit:
