GRC Stack
GRC Stack
NESA
National Electronic Security Authority (NESA) UAE information assurance standards provide requirements to implement information security controls to ensure protection of information assets and supporting systems across all entities in the UAE.
Prioritization of Controls
Meeting compliance obligations remains a pain point for companies in a variety of sectors. The GRC tool delivers your organization's compliance status in easy-to-use solution. The tool follows a way to organize the NESA Prioritization standards. The concept of Prioritization relates to grouping the UAE IA Standards security controls.
UAE IAS lists 188 security controls in a prioritized approach. There are 4 priorities defined and the controls are grouped into these 4 priorities. NESA expects the entities to implement the Priority 1 controls at the earliest. Controls from P2 to P4 to follow. Even though there are no fixed dates listed in the NESA documents, our experience indicates that the P1 dates are nearby.
The GRC tool indicated the controls as per their priorities in an easy and intuitive way.
