The Sultanate's E-government initiatives have made major strides with announcement on the operator of the common gateway Ubar portal expected within a week. "The Ubar portal will provide e-services of the government and the selected partner will be announced within a week," Dr. Salim Sultan al Ruzaiqi, Chief Executive Officer of Information Technology Authority (ITA) at the Ministry of National Economy, said.
The forum was attended by representatives from various ministries and government departments. "This marks an important milestone, launching a working relationship between various government departments on IT network security," Dr Al Ruzaiqi said. The forum marked the beginning of formal training for security professionals who will be responsible and accountable for security in government IT networks. "The IT security professionals will play a key role in the e-Oman scenario. We have to give them the right tools through training," Dr Al Ruzaiqi noted.
The physical security of IT networks also requires attention in line with internationals standards as more than 65 per cent of problems are physical compared to breaking encryptions and other system problems, the ITA chief said. While the Ubar portal will deliver e-services of various government departments, the IT network will link all ministries and government departments to interact and co-ordinate on various services. A pilot run is presently under way in which about 30 government units from five ministries are interlinked in the IT network. In due course, all government ministries and departments will be an integral part of the IT network. The third important link in Oman's IT infrastructure will be a data centre or the government common secure facility.
"The Sultanate has approached the e-government implementation in a different and unique way. We are integrating all government departments and doing it as a whole. Our approach is unique to provide a complete framework. The government has earmarked RO 70 million for IT infrastructure projects in the Seventh Plan," Dr Al Ruzaiqi said. Ensuring information security is not a technical issue but a business and governance challenge. An information security management system (ISMS) is a framework for managing and continually improving an organisation's policies, procedures and processes to ensure the protection of information assets. An ISMS includes all of the elements that organisations use to manage and control their information security risks. An ISMS is part of a larger management system and corporate governance framework.
The ISO 270001 standard provides a model for establishing and managing an ISMS. The standard follows a process-based approach in establishing and managing an ISMS. The security and audit office aims at establishing ITA as a pioneer in achieving the ISO 270001 standard and setting an example for all the government entities to follow. The first step towards propagating the knowledge of information security amongst the various government entities is to identify appropriate candidates for the role of information security practitioners (ISP) from the respective entities and create a forum of competence development for the ISPs and walk them through a maturity process in the form of formal training sessions and workshops.
The security policy framework has been derived based on a structured collection of independent guidelines, processes and practices. The framework aims to ensure the protection of information assets from unauthorised access to or modification information, whether in storage, processing or transit. It also aims to protect against the denial of service to unauthorised users or the provision of service to unauthorised users, including those measures necessary to detect, document and counter such threats. The framework is based on existing, accepted standards, guidelines and collections of practices and reflects the behaviour of an initial community of high performing organisations. Both business and government organisations can implement the framework with practices they choose or are required to use for their market sector and country.
Autor(en)/Author(s): Ebby Chacko George
Quelle/Source: Zawya, 21.09.2006
