MOTC’s Gov. Infrastructure Operation Dept. Achieves ISO/IEC 270001:2013 for All Gov. Shared Services

Wednesday, January 13, 2021
MOTC’s Gov. Infrastructure Operation Dept. Achieves ISO/IEC 270001:2013 for All Gov. Shared Services

Doha – Qatar

The Government Infrastructure Operation Department of the Information Technology Affairs at the Ministry of Transport and Communications has obtained the ISO/IEC 270001:2013 Information Security Management System certificate.

Information security is the protection of information to ensure confidentiality, integrity and availability. It is achieved by deploying a set of controls including in policies, processes, procedures, organizational structures, and software and hardware functions.

The department achieved that important international standard for all the Government Shared Services that MOTC provides to government entities across Qatar.

The ISO/IEC 270001:2013 is the international standard that is concerned with information security, where it ensures the adherence to strict security controls in accessing, storing, processing and reading encrypted and unencrypted data in IT environments and electronic services. It also guarantees secured procedures for the exchange of data between parties; either systems or individuals.

In addition, the ISO/IEC 270001:2013 international standard focuses on disaster recovery and business continuity of electronic services, confirming the adopted recovery procedures based on world best practices. It also examines the change management in an IT environment to ensure well governance of applying changes securely on networks, applications, systems and even personnel. Moreover, the international standard focuses on risk management and how organizations should identify all types of risks and put plans to avoid them and/or mitigate them once occurred. It is also about capacity management for technical resources such as servers, storage, computing power. All these areas should be managed and governed following the ISO/IEC 270001:2013 security controls.

“Obtaining this certificate is the culmination of the tireless work of the Government Infrastructure Operation Department’s team who didn’t stop at supporting all government entities to ensure their business continuity since COVID-19 began, but also prepared and completed all ISO/IEC 270001:2013 certificate requirements,” said MOTC’s Acting Assistant Undersecretary of Government Information Technology Ms. Mashael Ali Al-Hammadi, commenting on the achievement.

“The team have gone through 4 rounds of technical and security-related assessment over the past few months, successfully passed them all and obtained the certificate with no observations from the certified assessment firm. We are proud to be one of the very first government entities in Qatar to have achieved that important international standard from the first time.”

All Government Shared Services MOTC provides to several other government entities across Qatar have been found to conform to the Information Security Management System standard ISO/IEC 270001:2013.

These services are: Government Network, which currently links over 116 government websites, Government Data Center, which hosts the IT infrastructure such as servers of more than 37 government entities, Government Contact Center, which provides technical support and answer people’s inquiries in 9 languages 24/7 covering up to 36 government entities such as the hotlines 109 for government services, 107 for Primary Health Care Corp., 16000 for health sector and 155 for education sector, “SMS Gateway”, which serves 44 government entities to send notifications to the public and the users, the National Authentication System “Tawtheeq”, which serves 23 government entities, the e-Payment Gateway, which is now used by 32 government entities to collect fees for their services on their own individual websites, Government e-Correspondence System, which provides all government entities with a secure and robust system for sending and receiving official correspondences and is now used by 80 government entities, the Government Data Exchange System, which enables a safe data exchange among entities and which more than 38 government entities now use and Tasdeeq.