+973 3729 0137   Manama, Kingdom of Bahrain

NCSC Compliance Bahrain

Deverra is a leading Risk & Compliance service provider in Bahrain, helping companies achieve NCSC Compliance using National Risk Management Framework.


What is NCSC?

NCSC is the abbreviation for National Cyber Security Center is authorised by the Bahrain government and is responsible for improving national cyber security by protecting its information and communications infrastructure.

As part of this mandate, NCSC has developed Information Assurance (IA) standards to provide security compliance requirements for entities that support critical national services across all sectors to have a minimum level of security. Deverra’s team of NCSC compliance experts helps organizations comply with the regulatory requirements of NCSC with ease.

NCSC GAP Assessment
Evaluate the current state of your NCSC Compliance using the NCSC IAS gap assessment methodology.
NCSC Risk Assessment
We perform ISMS Risk Assessments based on the Bahrain National Cyber Risk Management Framework (RMF).
NCSC Risk Treatment Plan
We help you develop Risk Treatment Plans that remediate the gaps and risks identified to acceptable levels sticking to NCSC standards.
NCSC Policies & Procedures
Our security analysts will design and develop the required Information Security policies and procedures for you.
Security Testing
Perform periodic vulnerability assessments and penetration testing
Security Awareness
All your employees receive security awareness through the cloud portal helping you improve the human side of security.
Technology Implementations
Advisory on remediation of technology gaps and implementation of technical controls
NCSC Progress Reviews
Perform periodic NCSC Implementation progress reviews to measure the maturity level
NCSC Internal Audits
Internal audits help you identify deviations from the defined NCSC policies and procedures

Phase 1 – Assessment

The first phase of a NCSC Compliance project is to assess the current state of compliance.
Identify Critical Assets
  • Project Initiation
  • Understand the organization
  • Identify critical business services
  • Identify information infrastructure
Gap & Risk Assessment
  • Assessment of current state and mapping it to NCSC Standard
  • Identification of threats and vulnerabilities exploiting the gaps resulting in risk.
NCSC Controls Identification
  • Identify cybersecurity controls that can mitigate the risks and thereby result in NCSC Compliance.
  • Define NCSC Risk treatment plan
NCSC Compliance Reports
  • Develop the NCSC compliance reports

Phase 2 – Control Development

This second phase of the project is to develop the controls to treat the risks identified. NCSC Risk Treatment Plan provides the directions for this phase of the implementation.

Policies & Procedures
Policies and procedures provide the basis for implementing cybersecurity within the organization.
Security Awareness
Humans are often considered the weakest link in cyber security. Security awareness improves the cyber security posture.
Technology Controls
  • Security Architecture
  • Technology gaps
  • Configuration advisory
Management Controls
  • Operational controls
  • Physical Security
  • Managerial Controls

Phase 3 – Security Services

This phase of the engagement supplements existing security practices in the organization. Some of the key service performed by Deverra team are:

Periodic Security Testing
  • Vulnerability Assessments
  • Penetration Testing
  • Security configuration reviews
SIEM & Incident Response
  • SIEM Solution deployment
  • 24×7 Security Monitoring
  • Security Device Management
Managed Network Security
  • Next-Gen Firewalls, UTMs
  • URL Filter, Web Security
  • Wi-Fi Security
  • VPN and remote access security
Data & Endpoint Security
  • DLP Solutions
  • Patch Management
  • Endpoint security
  • Mobile Device Management

Phase 4 – Compliance Review

Periodic review of the NCSC Compliance status is critical for the success of the Information Security Management System.

ISMS Performance Review
Assess the performance of the ISMS against the defined metrics. This is a key measure towards continual improvement of the ISMS
NCSC Internal Audits
Perform periodic ISMS audits to assess the compliance to the defined policies and procedures
Mock Compliance Audit
Perform mock compliance audits help you identify the weak areas of ISMS implementation.
External Audit Support

Assist the customer during the compliance audit to meet the required NCSC requirements.

Would you like to speak to a security analyst?

We understand the importance of approaching each work integrally and believe in the power of simple.

Grow your business with our expertise

We understand the importance of approaching each work integrally and believe in the power of simple.