​

The Electronic Government Authority (EGA) is committed to protect the confidentiality, integrity and availability of information and information processing assets by:

• Conducting risk assessment and implementing necessary controls to protect information assets against all internal, external, deliberate or accidental threats
• Complying with legislative, regulatory, sector and contractual requirements
• Establishing, documenting, implementing and continually improving its information security management system (ISMS)
• Developing, maintaining and testing business continuity plans
• Identifying and assigning clear roles and responsibilities to implement information security
• Conducting information security awareness and training programs to its employees and third party personnel, where relevant
• ​Reviewing and updating the policy yearly once or when significant changes occur​