Public Administration News
||Bahrain: The eGovernment Authority Receives the ISO 27001:2005 Information Security Certification
||Sunday, November 21, 2010
Knowledge Management in Government
||Nov 22, 2010
Due to its continues initiatives
towards constant performance development in accordance with
international standards and specifications, the eGovernment Authority
received the ISO 27001:2005 Information Security Certification, which is
the international standard for the quality of information security.
With this certification, the Kingdom of Bahrain is the first country in
the Middle East to have received the ISO certification in the
The eGovernment Authority is one of the few
entities in Bahrain to receive such a certification on the performance
of all its directorates, operations and services provided to the public.
The ISO is a set of international standards to assess various
industries and services, the ISO 27001 certification is an auditable
international standards that have been specifically developed to
evaluate the Information Security Management Systems (ISMS) and data
The Belgium Group, Bureau Veritas (BVQI), which is
specialized in auditing, testing and certification licensing , conducted
the assessment and based on international standards and requirements of
the quality of information security and protection; the Group awarded
the eGovernment Authority the ISO certification after fulfilling the
requirements and specifications of security standards.
eGovernment Authority successfully accomplished all ISMS applications
for ISO 27001, which included the development of services that provides
support for citizens, residents and businesses in the Kingdom of Bahrain
through its various channels such as eGovernment portal "bahrain.bh",
mobile portal, eKiosks and eService Centers in an addition to other
The CEO of eGovernment Authority, Mr.
Mohammed Ali Al Qaed stated, "Receiving this certification is a clear
demonstration of eGovernment Authority keenness to protect the security
of information. Protecting sensitive information is a priority in our
work and securing our clients' data is the measurement of our success."
confirmed that this certification reinforces the confidence of our
partners, clients, and all stakeholders who interact with the
"We, at the eGovernment Authority, believe that the
protection of personal information is the exclusive right for everyone
whether being a citizen, resident, visitor or business owner. To this
end, we always seek to apply the best international practices and first
class standards in the security field," Mr. Al Qaed added.
pointed out that this certificate is an important milestone for the
eGovernment Authority efforts, which inspires us to carry on maintaining
the quality standards of the government services offered for all.
Al Qaed explained that the systems adopted by the eGovernment Authority
receive masses of personal data entered by online users (citizens,
residents, visitors and businesses). While continuously working to add
more eServices for the benefit of its clients, the eGovernment Authority
is keen to protect such information to the highest level of
effectiveness and in compliance with the best professional standards.
ISO 27001 standards include 10 categories: Information security policy,
security organization, staff security, accessibility control elements,
physical security, assets classification controls, continuous planning,
telecommunication management and compliance. The eGovernment Authority
was able to satisfy all these areas across all directorates and in all
of its operations and service channels.
Authority has always based its work on three Principals;
"Confidentiality/privacy" which ensures protection of information and
prevents unauthorized persons from accessing or disclosing such
information, Data "Integrity" that enables clients and stakeholders from
outside the Authority to rely on the data; information through service
channels provided by eGovernment Authority, and "Availability" to ensure
that all eGovernment Authority services are accessible to public with
the least possible effort.
It is worth mentioning that ISO
has robust standards launched by the International Organization for
Standardization ¡V commonly known as ISO- to audit information security
and management systems related to products and services. ISO 27001is
designed to protect the Confidentiality, Integrity, and Availability of