The Department of Public Service and Administration (DPSA) is developing a strategy to deal with information security in the public sector.
Minister Lindiwe Sisulu, in response to a question at the National Assembly, said the department is working on a three-pronged strategy to deal with information security in the public service, which is synonymous with cyber security.
She explains that the first element is the DPSA working with the State Security Agency, the Special Investigations Unit and the State IT Agency to jointly develop a common vulnerability assessment methodology for the public service.
Policy plan
The second is that the department has identified the need for a common policy on information security across the public service.
“Using the ISO17799 standard on information security, the DPSA is currently developing the Public Service Information Security Policy, aimed at ensuring the protection of government, business and citizen information in its custody, or safekeeping by safeguarding its confidentiality, integrity and availability.”
Sisulu added that the policy is in its draft phase, and has been circulated widely for comment and review. It was envisaged that this policy would be presented to Cabinet for approval within the first quarter of the 2012/13 financial year.
The final prong in the strategy is that the policy will be complemented by an information security standards framework.
“The department is still consulting on both the public service information security policy and the minimum information security standards framework. Once this process has been completed and the policies finalised, I will approach Cabinet for concurrence,” said the minister.
Share