Abu Dhabi e-Government launches the 'Information Security Program'

"Launching the Information Security Program is in the context of Abu Dhabi Government commitment to achieve its vision of being one of the top five governments in the world, through the continuous improvement of the quality and efficiency of government services and the transition from a conventional government to an online government"

said the Secretary General of the Abu Dhabi Executive Council H.E. Mohamed Ahmed Al Bawardi.

"The Abu Dhabi Government Information Security Program is the most comprehensive in the Middle East with respect to information security governance at the government level".

"The guidance of His Highness Sheikh Khalifa Bin Zayed Al Nahyan, Ruler of Abu Dhabi and President of the United Arab Emirates, as well as the support and follow-up of His Highness General Sheikh Mohammed Bin Zayed Al Nahyan, Crown Prince of Abu Dhabi, Deputy Supreme Commander of the UAE Armed Forces, and Chairman of the Abu Dhabi Executive Council, to guarantee the security of government services and ensure government information confidentiality, accuracy and availability, constituted the major stimulus to develop a comprehensive information security program", added Al Bawardi.

Abu Dhabi Systems and Information Centre (ADSIC) successfully realized this comprehensive strategy which provides a complete framework to manage information security from both an administrative and functional point of view, in order to achieve the world's best practices in this domain.

H.E. Rashed Lahej Al Mansoori, ADSIC Director General stated during the opening session of the event that: "Information security is an integral part of the modernization of government services in Abu Dhabi. It is a necessity imposed by the provision of government services through telecommunications and services delivery channels, whether they be modern such as the internet, or traditional such as service counters. Information is available today online in all its forms, whether personal, government, economic, or other. Moreover, this information is stored in databases connected to various information systems, which imposes a real challenge in guaranteeing the confidentiality of information, preserving privacy, and ensuring smooth and secure access".

Going forward, ADSIC will play the role of guiding, supporting, and coordinating the program, by developing the necessary standards and guides to implement security standards in government entities. Effective cooperation and collaboration with all parties concerned with information security in the government has and will remain key to ADSIC's success in this regards.

The workshop held reflects the importance that ADSIC gives to the contribution of all stakeholders to the success of the program and raising the awareness of all concerned government entities on information security. The agenda of the workshop attended by IT managers and information security experts from more than 60 government entities included an overview of information security management operations at the government level, and an explanation of information security implementation measures in government entities.

In this context, ADSIC collaborated with the UAE Telecommunications Regulatory Authority (TRA) to leverage the services of Computer Emergency Response Team (aeCERT) accredited as a national team by the Ministerial Council for Services. TRA explained during the workshop the team's services as well as the coordination mechanism to exchange information and warn government entities against cyber space risks including attacks and viruses, in addition to information security incident response services.

As part of the program, ADSIC developed a set of documents related to information security based on world's best practices and tailored to Abu Dhabi special needs. It also announced a number of orientation and select training sessions to be held for a number of government entities to enhance the awareness and understanding of procedures, policies, and standards.

Al Mansoori concluded his speech by stating that: "The success of the Information Security Program depends in general on its implementation by Abu Dhabi Government Entities and the continuous coordination amongst them. Therefore, ADSIC provided - and will always provide - tools that can be adopted for each level of readiness of concerned entities and also applied to the actual information security risk environment".

It should be noted that ADSIC published a set of information security documents including general information security policy and standards, and risk management procedural guides on risk assessment, information security planning, security testing and evaluation, certification and accreditation.

As such, the Abu Dhabi Government Information Security Program is the most comprehensive in the Middle East with respect to information security governance at the government level. It started with an ambitious vision as part of Abu Dhabi e-Government agenda to develop a high level strategy to guarantee information confidentiality, validity, and availability.

Then, the current situation for seven government entities were assessed and compared with benchmarks from pioneering countries. Based on the results, the program was developed and the general policy and security standards based on world's best practices were derived.