Municipality of Abu Dhabi City Achieves Information Security Certification ISO/IEC 27001:2005

The Municipality of Abu Dhabi City has been awarded the ISO 27001/2005 certification by the British Standards Institute (BSI), in recognition of its information security system management. The certification is the highest award in the world in the field of information security protection and is concerned with data safety and confidentiality through hi-tech security systems. It is normally awarded following a methodological study of information security risk management, designing & implementing necessary controls and adoption of sustainable procedures.

His Excellency Khalifa Al Mazroui, General Manager of the Municipality of Abu Dhabi City, stated that attaining the ISO certification on information security applications constituted a challenge to the Municipality prompting it to achieve further development in the field of information technology and exert greater efforts for the benefit of the community and the Municipality’s customers. He pointed out that the award tantamount to an international recognition of the Municipality’s successful endeavours and mechanisms in the storage of information and adoption of best-in-class international standards of performance and efficiency of information security system management.

Al Mazroui expressed his delight with this certification obtained by the Municipality which he described as another success added to the previous successes made in information technology area. “The Municipality has placed customers’ service on top of its priorities and rallied all technical tools and human cadres behind this objective, and was keen on diversifying the channels through which these services are delivered, most chief of which are the internet and website; which offers an integrated package of customer services as part of a strategy aimed at prompt delivery and customer centricity,” he added.

Under the same context and upon receiving the certification, Dr. Sabri Hamid Al Azaazi, Senior IT Advisor, Municipality of Abu Dhabi City, pointed out that the achievement was a clear illustration of the adoption by the Municipality of the best international standards relating to the management, follow-up and enhancement of information security systems, which included upgrading the performance of IT Division, augmenting security awareness, improving response to IT-related security requirements and incidents and committing to regular revisions of the approved policies as part of a continuing improvement process.

“Before the certification award, the process went through several steps carried out the evaluation body for more than four months during which the assessment body made several steps including the revision and assessment of the current situation through matching it with set targets, compiling a report showing whether there were loopholes required to be addressed, developing a working plan to upgrade and implement policies and processes to bring them in line with the approved specifications, carrying out an initial verification to come out with the required observations, and finally auditing all the certification-related requirements.

“The procedures adopted by the team entrusted with the verification of the Municipality’s business processes included verifying the evolution of information security concept, examining the tools adopted in planning and technology management, and scrutinizing employees’ data along with the universal information and benchmarking them to the international standards and specifications. They also included verification of information security programs, technological issues and protection programs put in place by the Division to deny access and block circulation of any undesirable information, and the evaluation and review of document and information saving programs along with handy retrieval and storage programs in line with an enhanced services pattern that meets the needs of customers and employees alike.

“The Information Security Section at the Municipality, in collaboration with the internal working team, has launched the information security management scheme through which the Municipality has been awarded the ISO certification, had relied in all its procedures on transparency, clarity and objectivity in evaluating and presenting the facts that reflected the Municipality’s achievements in information technology.

“The achievement by the Municipality of the ISO Information Security Certification serves customers’ objectives, particularly in storing and maintaining their information and documents and delivering rapid, civilized and modern services whether in terms of access to information or through information security and safety applications; which is a basic component of the Municipality’s mission of providing the highest quality services to the best international parameters and standards,” said Al Azaazi.

“The Municipality had made significant strides towards dedicating a largely populated information base hinged to the best international standards with the aim of providing maximum protection to the information stock relating to the Municipality’s customers and employees alike. This certification is a high-level recognition by an international organization concerned with the evaluation of information security applications in entities entrusted with social and service responsibilities. It will mark the beginning of achieving yet further ISO certifications in all services of planning and technology management”, concluded the Senior IT Advisor, Municipality of Abu Dhabi City.

It is noteworthy that the Municipality of Abu Dhabi City has recently upgraded the e-services system to the best possible standards for the comfort of customers by way of streamlining the procedures and prompt processing of transactions according to the international standards to meet the needs and requirements of customers, broaden their electronic interaction and enable them deliver and receive their transactions online through the e-gate in a safe environment that maintains the privacy and security of customers and strategic partners.

Mr. Ahmad Al Khatib, General Manager of BSI Abu Dhabi congratulated The Municipality of Abu Dhabi City top management and employees on achieving this remarkable milestone. Mr. Al Khatib commended the distinguished gathering during the certificate hand over on the road ahead and benefits of adopting ISO 27001:2005 standard. Mr. Al Khatib also stated that adopting and effectively implementing ISO 27001:2005 helps organisations protect their information assets and give confidence to any interested parties, especially customers. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your Information Security Management System ISMS.

BSI in Abu Dhabi have been recently working closely with several key government entities and municipalities in adopting ISO 27001:2005 Standard for their Information Security frameworks. This close collaboration resulted in certifying many key government entitles in Abu Dhabi, including The Municipality of Abu Dhabi City.