Overview

Vision for Government Services Modernisation

To develop, drive and support the various initiatives within the Abu Dhabi Government service transformation programme, the Abu Dhabi Systems & Information Centre (ADSIC) was created as Committee in October 2005 by Executive Council Decree No. 33, and established as a Centre in December 2008 by Law No. 18. The Centre is considered as the governmental party that owns the IT agenda of the Emirate, and has the authority to practice the following competences:

• Supervise the implementation of the e-Government program in Abu Dhabi Government entities (ADGEs).
• Sponsor initiatives and mature assets and competencies that it deems of critical importance for the e-Government project.
• Propose policies and technology standards for government and relevant entities to achieve a comprehensive quality in reaching the highest levels of efficiency, confidentiality, and safety in the e-Government project.
• Issue rules and guidelines regarding the implementation of IT policies and the technical specifications, and communicate them to all the Government entities.
• Submit the guidelines to the Council regarding the IT sector and the e-Government.

The vision, goals, and policy statements of the Information Security Programme are based on a set of well known standards, including ISO/IEC 27001 and 27002. These standards have been tailored to fit the specific requirements of the Abu Dhabi Government. The ADSIC standards include the following components:

• The Abu Dhabi Information Security Policy establishes overall direction for the Government-wide Information Security Programme and its roles and responsibilities
• Supporting Information Security Policy is the Information Security Standards document, which provides the controls necessary to meet the Programme's management and functional policies. The controls in the Information Security Standards document relate to 51 control objectives that serve to identify the unique targets states for each of the 14 policies. These objectives constitute the major initiatives of the Information Security Programme, and are aligned with ISO 27002
• ADSIC has also developed a series of procedural and functional guides. These guides provide detailed instructions on how to implement management and functional control processes:

Procedural Guides Followed

• Abu Dhabi Risk Management Guide
• Abu Dhabi Risk Assessment Guide
• Abu Dhabi Information Security Planning Guide
• Abu Dhabi Security Testing & Evaluation Guide
• Abu Dhabi Certification & Accreditation Guide

Functional Guides

• Abu Dhabi Information Security Technical Testing Guide
• Abu Dhabi Policies and Procedures Guide

ADSIC Services

An important part of Nanjgel Solutions Strategic Security Services concentrate on the implementation of the ISMS standards, trainings relate to ISO/IEC 27001. Nanjgel Solution have tremendous experience in providing these services.

Nanjgel Solutions can assist
your organization in:

• Preparing for ADSIC Certification and Accreditation
• Carrying out Risk Assessment and Risk Treatment
• Developing the Information Security Plan
• Configuration Reviews, Vulnerability Tests, Penetration Tests and Application Assessments
• Joint ISO/IEC 27001 and ADSIC Implementation