External Auditor Service in the Field of Personal Data Protection
Target Audience: External Auditors
This service aims to ensure the efficiency and credibility of external auditors in assessing organizations’ compliance with the provisions of the Personal Data Protection Law (6/2022) and its Implementing Regulation (34/2024).
Standards for Accreditation of External Auditors in the Field of Personal Data Protection the Standards
Checklist for Accreditation of External Auditors in the Field of Personal Data Protection the Checklist
New Accreditation Application Form the Form
المعايير :معايير اعتماد المدقق الخارجي في مجال حماية البيانات الشخصية
قائمة التحقق:قائمة التحقق اعتماد المدقق الخارجي في مجال حماية البيانات الشخصية
الاستمارة :استمارة طلب اعتماد جديد
Requirements for External Auditors:
- A valid Commercial Registration (CR) that includes external auditing activities in the field of personal data protection.
- Holding ISO/IEC 27001 and ISO/IEC 27701 certifications.
- Availability of a qualified technical team and a certified lead auditor, with an Omanisation rate of not less than 30% of the technical team.
- Full documentation of audit processes and a records retention policy for a minimum period of five (5) years.
- Full compliance with applicable national laws, along with a clear data protection and confidentiality policy.
- This document is subject to periodic review by the Ministry and is based on international standards in information security and privacy.
Steps for Obtaining Accreditation
Related Services
Discover NowCloud Hosting and Data Center Services
Target Audience: Categories Covered by Cloud Computing and Data Center Services
Security Assessment Services
Target Audience: Data Centers and Technology & Cloud Service Providers
Managed Security Services
Target Audience: Government and Corporate Entities
New Accreditation Request for IT Service Providers
Target Audience: Business Sector
