UAE IA

UAE-Information Assurance Standard

UAE IA

UAE-Information Assurance Standard (UAE-IAS) is a curated set of information security standards and guidelines developed with the intent to protect the UAE’s critical infrastructure from Cyber Security Threats. All government, semi-government and business organizations which are considered as critical infrastructure assets comes under the purview of NESA UAE-IAS.

Development of the UAE-IAS is based on several regional and global information security standards and best practices like:

  • ISO/IEC 27001:2005

    Information technology – Security techniques -Information security management systems-Requirements

  • ISO/IEC 27002:2005

    Information technology -Security techniques -Code of practice for Information security management

  • ISO/IEC 27005:2005

    Information technology -Security Techniques-Information security risk management

  • ISO/IEC 27010:2012

    Information technology – Security techniques -Information security management for inter-sector and inter-organizational communications

  • ISO/IEC 27032:2012

    Information technology -Security techniques – Guidelines for cybersecurity

  • NIST 800-53 Revision 4

    Security and Privacy Controls for Federal Information Systems and Organizations

  • Abu Dhabi Information Security Standards Version 1 and Version 2

    Abu Dhabi Information Security Standards Version 1 and Version 2 developed by Abu Dhabi Systems and Information Centre (ADSIC).

  • SANS 20

    SANS 20 Critical Security Controls for Effective Cyber Defence Version 4.1

There are a total of 188 security controls grouped into 4 different tiers based on priority from P1(Highest) to P4(Lowest). There are a total of 24 specific threats NESA UAE-IAS targeting to address with its 188 set of controls. The total set of P1 controls (39) addresses 80% of the possible threats identified by NESA. The first step in achieving compliance for any organization is with the implementation of the P1 controls. Out of 188 controls 60 are management and 128 are technical in nature.

We at Netfence Technologies help organisations in implementing the Technical and Management controls of UAE IAS.