The Qatar National Cyber Security Agency (“NCSA”) recently launched the National Data Classification Policy (“Policy“), establishing a unified data classification system to facilitate the exchange of information throughout the country and to ensure the security of such data. The Policy is part of the national information assurance standards and other national policies regulating data classifications used in Qatar.
In addition to unifying data classifications, the Policy also seeks to enhance the role of the NCSA in developing national policies, governance mechanisms, standards, controls, and guidelines aimed at increasing cybersecurity within government entities and institutions.
The Policy provides relevant entities with a unified reference to data classifications based on their respective exposure risks. The risks are ranked as low, medium, and high. The assigned risk rating will, in turn, determine the technical and administrative controls that must be implemented to protect data assets. The Policy will also determine the safeguards required when sharing certain data with third parties.
The policy is available on the NCSA website.