Information Security resolution “ISR”
Dubai Government Information Security Resolution “ISR” or simply known as ISR provides the necessary cyber framework for both private and government organization in the emirates of Dubai. This mandated regulation is implemented by the Dubai Electronic Security Center also known as “DESC”. Dubai Electronic Security Center Cyber Security Strategy includes 5 main domain as the principal framework. These domains are:
- Cyber Smart Society
- Cyber Security
- Cyber Resilience
- (Inter)National Collaboration
IT SEC Cybersecurity Risk and Compliance Audits are designed to meet industry standards compliance for Dubai Government ISR and assist your organization to achieve certification and maintain security standard life cycles.
Our Risk & Compliance experts will assess your organization current security posture through a detailed GAP Assessment and will design a detailed Security Roadmap toward securing your organization while meeting regulatory compliance.
Dubai Government ISR framework allows for ISO 27001 mapping in a localized applicable compliance for Dubai based organizations. These 12 mains are as follow:
- Information Security Management and Governance
- Information Asset Management
- Information Security Risk Assessment
- Incident Management
- Access Control
- Operations, Systems and Communication Management
- Business Continuity Planning
- Information Systems Acquisition, Development & Management
- Environmental and Physical Security
- Human Resource Security
- Compliance and Audit
- Information Security Assurance and Performance Measurement
We provide complete ISR Consultation, Implementation and Audit services for government and private organizations in Dubai.
How Our ISR Risk & Compliance Process Works?
Working with the customer to clearly define and document assessment objectives, scope, and rules of engagement to identify risks.
The identified vulnerabilities and risks must be assessed against each organizational asset and define impact values for each risk area.
Finding existing vulnerabilities, using both manual and automated techniques.
Providing a comprehensive report with deep analysis and recommendations on how to mitigate the discovered vulnerabilities