All future assets used in the Trust Centre must conform to the following, as applicable:

Hardware

HSM OWI

Scope:

The purpose of this document is to provide full Operating Work Instructions for the use, maintenance and support of the HSM in place at CIO

Responsibility & Asset Ownership:

Operational Roles

1. Risk Assessment & PKI Manager
Adlin Hisyamuddin
Information Security Manager, Head PKI
+973 1 772-6732
+973 3 986-7661
adlinh@cio.gov.bh

2. Authorisation of Controls
Mubarak Abdulla Alhiddi
CSO/CIO

Appendix IV – Place Organizational Chart here

The Information Security Manager is the Owner of this document and is responsible for ensuring that this policy document is reviewed in line with the review requirements stated above.

A current version of this document is available to all members of staff on request.

Control objective: to avoid breaches of any law, statutory, regulatory or contractual obligations, and of any security requirements

15.1 Compliance With Legal Requirements

15.1.1 Identification of applicable legislation

14.1 Information Security Aspects of Business Continuity Management

Control objective: to counteract interruptions to business activities, to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption

Control objective: to ensure information security events and weaknesses associated with information systems are communicated in a manner allowing timely corrective action to be taken.

13.1 Reporting Information Security Events & Weaknesses

13.1.1 Reporting information security events

Information Systems Acquisition, Development & Maintenance

Control objective: to ensure that security is an integral party of information systems