In 2016, the Algerian Ministry of Post, Telecommunication, Information technology and Digitalization (MPTTN) developed the National Information Security Guideline (Fr: Référentiel National de la Sécurité de l’Information - RNSI), which was the first document grouping together the guidelines and good practices of information systems security. It covers several areas of information security to ensure adequate protection for the informational assets of the government sector and public enterprises.However, with the diversification of cybernetic threats as well as the requirements of Algerian legislation and regulations in force regarding information security, it was important to update the RNSI version 2016 that covers new risks to provide the required assurance levels to the digital transformation efforts initiated by several key government sectors (transition to e-government).The guideline contains 20 security domains in which the governance controls were considered in details compare to 2016 version. Those controls comply with the Algerian legal and regulatory requirements such as the Algerian Personal data protection regulation of 2018 (Fr : Protection des données à caractère personnel) as well as international standards and frameworks. A toolkit of essential controls will be developed to help on the adoption of the framework and provide organizations with compliance tool that will monitor their maturity.
https://www.eadn.dz
Completed
2019
2020
The RNSI 2019 aims to provide a framework and a set of prerequisites that will enable the development and implementation of the information system security policy in public organisations. All the recommendations in this guideline document provide an approach to implement information security based on risk management with respect to confidentiality, integrity, and availability of information. The main objectives of this project are: • Increase the level of security of information systems and the protection of information of organisations by implementing adequate security controls, • Adopt risk-based approach when implementing security controls, • Define appropriate roles and responsibilities within organisations for the protection of information.
Ministry of Post,Telecommunications,Tecvhnologies and Digitalization (MPTTN)
Algeria — Government
Submit New Project
ITU, Place des Nations, 1211 Geneva 20, Switzerland