TRA awarded ISO certification in Information Security Management

Muscat – Reinforcing its commitment to the highest international standards in information management and protection, the Telecommunications Regulatory Authority (TRA) has been awarded the ISO/IEC 27001:2022 certification for Information Security Management Systems.
The certification follows the successful completion of an external audit, during which the auditing firm recommended the accreditation after the TRA met all requirements and criteria set out in the international standard issued by the International Organisation for Standardisation (ISO).
This achievement highlights the TRA's dedication to enhancing information security through ensuring the confidentiality, integrity, and availability of data — thereby increasing the reliability of the services it provides. The certification also underlines the Authority's effective approach to managing information security risks and implementing preventative controls to mitigate cyber threats and data breaches.
Additionally, the TRA emphasised that the certification contributes to raising internal security awareness, fostering a culture of governance and compliance, and aligning with legal and regulatory obligations, including national data protection policies. It also boosts stakeholder confidence by demonstrating a continuous commitment to data protection and the ongoing improvement of information security-related processes and procedures.
It is worth noting that the TRA had previously obtained other international accreditations, including the ISO 22301:2019 certification for Business Continuity Management and the ISO 9001:2015 certification for Quality Management Systems, following rigorous internal and external assessments and full compliance with ISO standards.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Observer

5 days ago

• Observer

New personal data protection guidelines mandated for auditors

MUSCAT, JUNE 17 The Ministry of Transport, Communications and Information Technology (MoTCIT) has unveiled new standards and requirements for the accreditation of external personal data auditors in the Sultanate of Oman. The document, issued in April of 2025, aims to' establish clear standards for the accreditation of external auditors to ensure high-quality, ethical, and lawful data audit services in Oman.' 'In light of the increasing challenges of personal data protection in the digital age, the importance of ensuring private sector institutions' compliance with relevant laws and regulations grows,' the Ministry said in the document. This document provides the necessary technical and administrative standards for accrediting external auditors to ensure they possess the qualifications, methodology, and resources required to deliver high-quality and reliable audit services. This ensures their ability to conduct compliance audits for institutions (controllers and processors) to verify that personal data processing procedures are in accordance with the provisions of the Personal Data Protection Law and its executive regulations,' the Ministry added. In order to qualify as external auditors, companies must adhere to several administrative, security and compliance, and quality assurance requirements. In regards to administrative and technical standards, auditors are required to have an active commercial registration for no less than 12 months and possess the necessary licenses to operate in the Sultanate of Oman. In addition to holding essential certifications including ISO/IEC 27001 for Information Security Management and ISO/IEC 27701 for Privacy Information Management. Furthermore, external auditing companies must have a qualified technical team with practical experience and recognized certifications such as ISO 27000 Lead Auditor or CISA, and CIPP. In addition to previous auditing experience, with a demonstrated and credible track record in providing auditing services. Moreover, companies must maintain comprehensive documentation of procedures covering all audit phases (planning, execution, and reporting) in addition to a record retention policy of audit records, activities, results, and correspondence for no less than five years. Finally, the regulations require a minimum Omanisation rate of 30% within the technical teams of companies. In regards to security and compliance, the standard requires auditors to adhere to all laws and regulations related to personal data protection. Companies must also have comprehensive Data Protection and Confidentiality Policy, which outlines how data is managed and safeguarded against unauthorized access, modification, or disclosure Furthermore, companies must have the ability to conduct risk assessment audits and security gap assessments. They are also required to maintain an incident reporting policy, which clearly outlines the procedures for reporting any security incidents that occur during the audit process. Finally, auditors are required to implement defined standards to regularly assess performance and ensure adherence to the required quality levels .

Muscat Daily

6 days ago

• Muscat Daily

Forum to strengthen consumer safety in e-commerce in Oman

Muscat – Consumer Protection Authority (CPA), in cooperation with the Ministry of Commerce, Industry and Investment Promotion (MoCIIP), hosted a forum on Monday aimed at strengthening consumer protection in the sultanate's growing e-commerce sector. The event, titled 'E-commerce: Consumer Rights and Supplier Obligations', was held under the patronage of Omar bin Hamdan al Ismaili, Chairman of the Telecommunications Regulatory Authority. The forum brought together stakeholders from government institutions, the private sector and civil society to address key challenges facing digital commerce, including consumer rights, supplier obligations and legal frameworks governing the sector. Discussions also covered the risks of electronic fraud and the role of regulatory institutions in ensuring a secure online shopping environment. Mozna bint Rashid al Maamari, Director of Communications and Media at CPA, said the forum served as 'an open dialogue platform bringing together consumers, suppliers, regulatory bodies and others interested in the digital economy'. 'The goal is to develop Oman's e-commerce ecosystem by raising awareness and ensuring a safer digital marketplace,' she said. 'This gathering supports a future-oriented vision that promotes a robust digital economy, empowering consumers to make informed and safe purchasing decisions.' The day's programme was divided into two discussion sessions. The first included a presentation by Azza al Kindi from MoCIIP on the regulation of e-commerce in Oman. This was followed by a talk by Khalid al Siyabi from CPA on safe digital shopping practices, and a presentation from the Central Bank of Oman's Hajar bint Qambar al Ajmi on financial consumer protection. In the second session, Arwa bint Obaid al Zaabi from the Ministry of Economy, spoke about digital fraud from a behavioural economics perspective. This was followed by remarks from Hilal al Alawi of the Telecommunications Regulatory Authority on postal services and e-commerce, and a presentation by Rashid al Alawi from the Ministry of Transport and Communications on postal sector policy. The event concluded with an open discussion among attendees. The forum coincided with CPA's ongoing awareness campaign 'For Safe Shopping', which seeks to encourage secure online purchasing habits. The initiative aligns with Oman Vision 2040.

Times of Oman

6 days ago

• Times of Oman

E-commerce forum highlights consumer rights

Muscat: The Consumer Protection Authority (CPA) on Monday organised an e-commerce forum titled "E-commerce Amid Consumer Rights and Supplier Duties". The forum was held in cooperation with the Ministry of Commerce, Industry and Investment Promotion, under the auspices of Eng. Omar Hamdan Al Ismaili, Chairman of the Telecommunications Regulatory Authority (TRA). The forum highlighted e-consumer rights, the duties and obligations of e-commerce licensees, e-commerce legislation, commercial fraud and electronic fraud in the age of digital economy and the role of government institutions amid the e-commerce experience. The forum saw a large turnout of representatives of government and private establishments and an elite group of experts and specialists in the field of e-commerce, who underscored the significance of the forum in showcasing a safe and sound culture of e-commerce. The event included a visual introduction display, followed by a presentation on an e-shopping campaign. The presentation was made by Dr. Munira Al Fikry, a media specialist at the CPA. The forum included an exhibition featuring the authority's most important electronic systems and applications related to the e-shopping process. It also included the launch of an opinion poll to measure cognitive awareness. On the sidelines of the forum, a public awareness campaign was launched under the slogan "Safe Shopping". The campaign aims to promote the culture of safe shopping in the digital business environment, in line with the objectives of Oman Vision 2040, which places the economy and development at the heart of sustainable development strategies and technology-based economy. The forum was a link in range of activities that coincide with an ongoing 'Safe Online Shopping Campaign' aimed to raise community awareness, promote online shopping practices, ensure the establishment of a fair and transparent digital consumer environment and develop practical solutions to current challenges, as well as building a digital future that meets everyone's needs and aspirations.