Skip to Content

Guideline for Basic Information Security Controls


Date Published: 30 July 2017

Digital Transformation

This guideline outlines essential security controls for protecting information assets within Omani government entities. It includes 12 key areas such as access control, incident response, network security, and risk evaluation.

The guideline serves as a national reference to implement basic information security controls in government institutions across Oman. Its objective is to unify and strengthen protection practices by:

  • Enforcing access control policies

  • Promoting security awareness and training

  • Managing security incidents and recovery plans

  • Securing data storage, systems, and communications

  • Applying environmental and physical safeguards

  • Conducting risk assessments and internal audits

The document identifies 12 foundational domains every entity should implement to ensure minimum security standards. It also provides a comprehensive checklist for internal review and compliance.