KSA Data Management and Personal Data Protection Standards Version 1.5 January 2021
Anil Sahore
Enabling organisations in the Middle East/Saudi Arabia to implement AI, Cyber Security, PDPL & Data Privacy and Data Management Frameworks
Authority: Saudi Authority for Data and Artificial Intelligence under Cabinet Resolution number (292) dating 27/04/1441H.
Objective: Implementing and governing effective data management practices across government entities. Through these standards, NDMO also aims to govern data management related efforts and initiatives across entities.
Scope:
-Public Entities, and business partners handling government data.
-All Government data regardless of form or type?,emails, data stored in electronic form, voice recordings, videos, maps, photos, scripts, handwritten documents, or any other form of recorded data.
Requirements:
???????Covers complete Data lifecycle from creation, storage, movement, usage, till retirement.
???????The standards including the controls and specifications spans across 15 Data Management & Privacy Domains.
???????Each of the domain breaks down to a set of controls that further break down into a list of related specifications.
?
Audit and Compliance Process:
SAMA Directives: Compliance to be completed by 31 March 2023
Periodic self-assessment, reviewed by NDMO and also NDMO may conduct ad-hoc Compliance Audits.