The National Cyber Security Agency (NCSA) will soon launch the National Data Classification Policy in order to lay the foundation for data governance within government institutions and vital sectors' organisations in Qatar.
In a statement Saturday, NCSA said that this policy aims to create a unified scheme for data classification in order to facilitate the exchange of information within Qatar, standardise definitions of data classification, and create a unified concept and methodology between agencies and institutions in the country; to facilitate the adoption and implementation of projects and initiatives at institutional and national levels, in addition to guiding stakeholders (institutions) and helping them understand the basic principles of data classification, and applying this in their institutions in compliance with national policies.
The move comes to promote NCSA's role in developing and updating policies, governance mechanisms, standards, controls and guidelines necessary to enhance cybersecurity, disseminating them to the relevant authorities, and following up on compliance with them.
The policy is the basic building block of the National Information Assurance (NIA) standards and other national policies, standards and guidelines, which would help regulate and govern the levels of data classification used by the relevant institutions in Qatar.
Under the new policy, institutions will have a unified reference for the basis of classifying data based on the risks they may be exposed to, which vary between high, medium, or low, and thus this classification is used to determine the technical and administrative controls that must be taken into account in dealing with the assets through which data is used.
The policy also provides tags to facilitate the processing and sharing of data with other parties, and to identify the necessary level of protection from a procedural or technical point of view. The policy will also define a set of controls that must be taken into account to protect data, as well as the roles and responsibilities that institutions must take into account.
NCSA intends to organise an virtual workshop on Wednesday, May 10, to introduce the data classification policy and its importance at the national level, in addition to giving a detailed explanation of the most important articles and pillars of this policy.
