Experience with SAMA
In my previous job, I was instructed to monitor security risks and immediately report them. As it is required by Cyber Security Framework Saudi Arabian Monetary Authority, all potential risks were documented. However, in some cases, they could be accepted if they did not contradict the regulations. My duties required me to constantly check for risk identification documents as they provided information on whether a certain risk was accepted or not.
Experience with Cyber Security & Data Privacy
Another one of my duties was the obligation to preserve the confidentiality of customers’ information assets. As I had access to a large amount of data regarding deposits and customers’ accounts, I was also exposed to the personal information of the bank’s clients. Under no circumstance was I allowed to disclose this information. Failure to do so was perceived as a severe violation and could result in fines and further penalties.
I was also contractually obligated to prevent cyber security threats. An important part of the job was done on computers and other devices, which were connected by a network. All-access had to be authorized in order to prevent any unidentified foreign presence. In order to eliminate the risk of virus exposure or data theft, I was required to ensure that every device I used for work was authorized and trustworthy.
Experience with ISO 27001
Knowing the ISO 27001 standard was essential for safely operating with customers’ accounts and deposits. As such, I have knowledge of such control measures as physical access controls and firewall policies. Subsequently, I am skilled at risk identification since I am aware of the types of possible cyber threats, monitoring procedures, and incident management. As a result, I am fully eligible for ISO 27001 certification if such a need arises.
Work Cited
“Cyber Security Framework Saudi Arabian Monetary Authority.” Saudi Central Bank, Web.