close
Advertisement
Can't connect right now! retry

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!

add The News to homescreen

tap to bring up your browser menu and select 'Add to homescreen' to pin the The News web app

Got it!
December 31, 2020

Ehsaas to invite hackers to identify digital security vulnerabilities

Islamabad

December 31, 2020

Islamabad : Ehsaas will be organising a hackers’ competition, inviting ethical hackers to outline its vulnerabilities as part of implementation of a Vulnerability Disclosure Policy (VDP) that is intended to give ethical hackers clear guidelines for submitting potentially unknown and harmful security vulnerabilities.

The PM’s Special Assistant Dr. Sania Nishtar shared this information Wednesday as chair of the joint meeting of the Risk Assurance and Management and Audit Committees of BISP Board, where a number of agenda items were discussed.

“Since Ehsaas’ operations are largely digital, it is critical to ensure that IT safety measures are in place; more than 100 steps have been taken to secure the IT system in that regard over the last two years since she took over,” Dr. Sania informed.

The discussion of the Risk Committee mainly centered on internal and external audits, Ehsaas Risk Registry, Error Fraud and Corruption Framework, implementation of security safeguards within the organization and setting up of the Cyber Control Wing. Also under observation were Ehsaas Governance and Integrity Policy and Observatory and how the organization was faring against 23 indicators of the policy and observatory to gauge the performance of BISP.

Dr. Sania gave directions to internal audit division to present quarterly reports to board meetings and instructed the finance division to submit quarterly reports on accrual accounting to the board meetings as well. She also instructed the management to complete the departmental audit committees’ process in time. She also advised to make changes to the risk register and map the key actions emanating from the risk register into departmental workplans and to use the parameters for performance assessment.

The Director General IT gave presentation on the progress underway to set up Cyber Control Wing. He explained that extensive consultations had happened which led to definition of the scope of work of the Wing and terms of reference of individuals who are to be hired. An expression of interest in this regard has already been floated to solicit applications.