National Cyber Governance and Assurance Affairs

Based on Emiri Decree No 1 of year 2021, National Cyber Security Agency (NCSA) – National Cyber Governance and Assurance Affairs is responsible for proposing legislative tools and following-up their application and compliance, in addition to assessing cyber risks and threats and supporting and developing national capacities through programs, initiatives and events, as well as issuing certificates of compliance with national information security standards, granting accreditation to service providers and inspecting security vetting labs in addition to evaluating software and hardware devices.

These responsibilities are further details as below:

• Proposing and developing cybersecurity policies, legislations, standards and controls, and following-up on adherence and compliance in coordination with the concerned national authorities
• Developing and implementing national Cyber Risk Framework, identify, and classifying critical sectors and preparing the National Cyber Security Strategy
• Planning and executing National Cyber Security Drills to ensure readiness for business continuity and risk management and identify areas of improvements
• Issuing certificates of compliance with national standards and policies for information security, and reviewing and auditing them periodically
• Setting standards and controls for Accrediting cybersecurity service providers and issuing accreditation certificates
• Issuing cyber security assurance certificates for devices, systems, and applications in accordance with national and international frameworks and standards
• Personal Data Privacy Protection Law (PDPPL) regulator responsible for ensuring compliance to the law, developing, and publishing relevant guidelines, and engaging stakeholders