Kuwait, Kuwait City: The Cybersecurity Framework for Kuwaiti Banking Sector, released by Central Bank of Kuwait in February 2020, aims at establishing an integrated framework for improving cyber resilience. Based on the Framework, all local banks should engage an independent third-party firm to audit the cybersecurity controls to validate their compliance with the Framework.
Baker Tilly in Kuwait, an independent member firm of Baker Tilly international, explained that pursuant to the CBK Circular dated 1 February 2021 to local banks, the permitted term of engagement of the independent third-party auditor to provide Cybersecurity Audit services to the same bank shall be two years. The Cybersecurity Audit Report should be issued on a quarterly basis.
According to Baker Tilly in Kuwait, the following are the four domains regarding baselines covered under Cybersecurity Framework:
- Governance, Risk Management, and Compliance
- Technology and Operations
- Third Party Security
- Protection of Electronic Payment Systems
Considering the criticality of cybersecurity, CBK requires that cybersecurity audits shall be performed by an independent third-party firm. The audits will include checking and verifying security controls in place in the regulated entities with view to ensuring availability, integrity and privacy of information. These will cover all controls, management practices, governance, risk, and compliance adopted with these entities. In addition, the audits should o encompass third parties bound by contracts with audit rights.
It is worth mentioning that Baker Tilly Kuwait is a registered firm with CBK to render the cybersecurity audit service, meeting all requirements of the independent third-party firm, including qualified team with academic and professional certifications as well as previous experience in the field of cybersecurity audits.
-Ends-
About Baker Tilly Kuwait
Baker Tilly Kuwait is one of the top international firms operating in the State of Kuwait, which has world-class laboratories equipped with state-of-the-art tools used for vulnerability assessment and cyberattack exposures. It also has updated databases of automated systems enabling the cybersecurity audit of any technology environment that a client adopts.
Further, Baker Tilly Kuwait has updated databases of new methods employed in cyberattacks and the processes to prevent them.
Baker Tilly has well established local experience under an umbrella of a global network comprising more than 250 cybersecurity experts.
For more information: www.bakertilly.com.kw
Address: 25 February Tower, Floor 19, Khalid Ibn Al Waleed St, Kuwait City
P.O. Box 1486, Safat 13015, State of Kuwait
Email: info@bakertilly.com.kw
