Impact of National Data Classification Policy V3.0 & National Information Assurance (NIA) Standard V2.1 on Certification Program

Impact of the publishing of National Data Classification Policy V3.0 and National Information Assurance (NIA) Standard V2.1 on the Certification Program

The National Cyber Security Agency is launching the National Data Classification Policy V3.0, which aims to lay the foundation for data governance within government entities and vital sectors in the State of Qatar, as well as establishing a unified data classification scheme to facilitate the exchange of information within the country. National Information Assurance (NIA) Manual V2.0 has been also updated to become the National Information Assurance (NIA) Standard V2.1.

Based on the fact that:

• The approach to achieve organizational compliance was unchanged; 
• The Data Classification Model was unchanged;
• The limited changes to National Information Assurance (NIA) controls statements with no additional requirements; and 
• Negligible impact of the changes on existing National Information Assurance (NIA) Compliance achieved; 

Cyber Assurance Department decided to continue accepting applications for Certificate of Compliance against NIAP V2.0 until December 31, 2023. Previously issued certificates and/or certificates issued during this period against NIAP V2.0 will continue to be valid for their defined period of validity mentioned in the certificate. Certified entities against NIAP V2.0 could only request Re-Certification against National Information Assurance (NIA) Standard V2.1. 

Based on the facts stated above, the Cyber Assurance Department encourages and currently accept applications for its newly offered Certification against National Information Assurance (NIA) Standard V2.1.