Rangka Kerja Keselamatan Siber Sektor Awam (RAKKSSA) | INTERNAL AUDIT DEPARTMENT
» ARTICLE » Rangka Kerja Keselamatan Siber Sektor Awam (RAKKSSA)

List of Articles
Rangka Kerja Keselamatan Siber Sektor Awam (RAKKSSA)

Search by : En. Mohd Azis Abdullah

Source : National Cyber Security Agency (NACSA)

 

Rangka Kerja Keselamatan Siber Sektor Awam (RAKKSSA) issued by the National Cyber Security Agency (NACSA) in April 2016 aims to provide basic guidance on the components of cyber security that need to be paid attention to by ministries and public sector agencies to protect government information and digital infrastructure from cyber threats.

This framework is built on an existing framework that is improved by the project team resulting in a local cyber security framework that is specific to Malaysian Public Sector agencies. The eight (8) main components of this cyber security framework and the objectives of the components are as follows:

  • Identify which aims to identify the Department's functional environment, policies and governance structure as well as assets that need to be protected, related risks and risk management;
  • Protect requires safety principles, technology, processes and human competence to be determined to mitigate identified risks;
  • Detect brings the objective of detecting malicious code threats by emphasizing the abnormalities in the use and form of network traffic;
  • Response on the other hand ensures that action against the threat of this malicious code is taken and reported to bet holders and the public (if required);
  • Recover takes into account the ability to ensure the availability of information, will perform recovery due to damage resulting from the threat of malicious code and system failure;
  • Procurement is to ensure security control and requirements enforced in the entire system life cycle both for external procurement and procurement for internal development. This component is an important component that covers procurement specifications, supplier company management, resource footprint, system development life cycle, commissioning and decommissioning as well as system disposal;
  • Security Audit and Enforcement across all components to outline the scope of audits and enforcement carried out by audit agencies and enforcement authorities.

This framework also explains the procedures for handling Official Secret Information and the need to refer to the Office of the Chief Government Security Officer (CGSO) for matters related to the creation, classification, handling, storage, premises, and disposal of information. An important aspect of this framework is to ensure that appropriate security principles are met based on risk assessment and the necessary risk treatment.

RAKKSSA's objective is to ensure the safety of Public Sector service delivery while increasing the level of confidence for stakeholders (Government agencies, industry and the public). The enabling environment for RAKKSSA includes collaboration between RAKKSSA's strategic partners namely MAMPU, CGSO, CSM and MIMOS, governance and change management to ensure that this framework is implemented smoothly and maintained. An overview of the public sector cyber security framework is as follows:-

Date of Input: 21/08/2023 | Updated: 30/08/2023 | muhammad.isam

MEDIA SHARING

SEE ALSO
Opportunities, High Rewards Make Efforts to Eradicate Corruption of Civil Servants Difficult
Addicted In Social Media
Kenali Simptom Rasuah
INTERNAL AUDIT DEPARTMENT
Universiti Putra Malaysia
43400 UPM Serdang
Selangor Darul Ehsan
03-9769 1346
03-9769 6176
audit_dalam@upm.edu.my
SXFELA2~