Singapore iDA (Infocomm Development Authority of Singapore)
- Singapore iDA - A Study of Singapore’s Certification Authority Scheme
- Singapore iDA - Singapore National Authentication Framework (NAF)
In October 2016 The Info-communications Development Authority of Singapore (IDA) and the Media Development Authority of Singapore (MDA) have been restructured to form the Info-communications Media Development Authority of Singapore (IMDA) and the Government Technology Agency (GovTech).
Singapore iDA - A Study of Singapore’s Certification Authority Scheme
Galexia successfully joined a consortium to review the compliance auditing framework for Certification Authority (CA) candidates for the Singapore Infocomm Development Authority (iDA).
The existing framework consists of audit standards and updated security management best practice guidelines. The objective was to update the guidelines to align them with international best practices, and to provide clarity for CAs and auditors on security audit requirements for CAs. The project also provided a ‘gap analysis’ of the present set of guidelines and audit requirements concerning internationally recognised security standards and best practices.
Singapore iDA - Singapore National Authentication Framework (NAF)
The Infocomm Development Authority of Singapore (iDA) developed a National Authentication Framework (NAF) programme under their 10 year Intelligent Nation Masterplan. NAF aims to implement a nationwide infrastructure for strong authentication through the development of appropriate business, technical and operational frameworks. A NAF steering committee and four NAF sub-committees (Finance, Telecommunications, Government and Technical) comprising of industry captains and government will provide sponsorship and inputs to the developmental works under NAF.
Galexia was chosen as part of a consortium (also including KPMG, Baker & McKenzie, Wong & Leow) to drive and guide the establishment of the NAF. Galexia’s work included the proposal of a model to deploy the NAF, and the development of supporting components needed to realise the deployments:
- Governance Framework and Regulatory Requirements;
- Accreditation Audit Criteria for Authentication Operators (‘AOs’);
- Reference Business Agreement; and
- Reference Technical Standards and Protocols.