Emirates Identity Authority receives ISO Certification for Information Security

H.E. Dr. Eng. Ali Mohamed Al Khouri, Emirates ID Director General, has received an ISO 27001:2500 Certification for Information Security from the British Standards Institution (BSI). The Emirates Identity Authority is one of the world’s top countries and is the first UAE federal organization to be awarded this certification.

While receiving the certification from Mr. Ahmed Al Khatib, General Manager of BSI Abu Dhabi, Al Khouri stressed the importance of this major achievement, which came as a fruit of the efforts of all Emirates Identity Authority employees as well as their constructive co-operation and their keenness on making this renewed achievement that enabled the Emirates Identity Authority to maintain an ISO certification for information security as a result of its abidance by the information security standards at the level of the different Emirates Identity Authority’s departments and sections.

Al Khouri explained that this certification is a significant indicator of the Emirates Identity Authority’s commitment to the world’s information security standards and is a continuation of its efforts for employing advanced technologies to ensure data confidentiality, particularly that the Emirates Identity Authority had fulfilled a number of strategic initiatives, which would be treated as the infrastructure for many projects in the UAE including the digital identity and electronic connection among the government organizations concerned with civil incidents.

The Emirates Identity Authority was awarded this certification, which is the top international standard for evaluating information security management systems, after succeeding in meeting the international standards required for obtaining this certification and ensuring that all major central systems operating the Emirates ID-adopted population register system and ID card apply to all mechanisms of work at the Department of Communications and Information Systems, not to mention the Emirates Identity Authority’s success in setting up, operating, monitoring, reviewing, maintaining and improving the information security and privacy management system as well as raising the employees’ security awareness level.

The positive results of the verification process, which was carried out by the evaluation authority and continued for around 2 months, confirmed that the Emirates Identity Authority had ensured that the information it kept was confidential, accurate and healthy. The evaluation authority praised the Emirates Identity Authority’s distinguished implementation of information security systems and its high-level abidance by the implementation standards of these systems. It also praised the keenness of the Emirates Identity Authority’s employees to ensure that this information should be kept confidential and that the use of this information should be limited to secure and electronically coded methodologies that might not be penetrated.

The Emirates Identity Authority also underwent a multi-phase verification process while all its documents and applications related to information security and the plans for dealing with hazards and testing the effectiveness of information security monitoring systems and the security system in general were reviewed comprehensively and in detail.

It is worthwhile that in early 2008 the Emirates Identity Authority was awarded an ISO certification for information security to be the only federal government entity to obtain such certification.