|
Audit of computer security for public organizations and for also some private ones see Decree No. 2004-1250 of May 25, 2004 , fixing the computer systems and networks of organizations audited submited under mandatory periodic computer security and the
criteria related to the nature of the audit and its periodicity and procedures for monitoring the implementation of recommendations
contained in the audit report.
 The obligation of audit concerns :
-
Computer systems and networks within public organizations,
-
The public network operators and ISP's,
-
The companies whose networks are interconnected through external networks,
-
The companies that carry out automatic processing of personal data of their customers.
The only persons authorized to perform these audit missions are the auditors certified by the National Agency for
Computer Security in accordance with Decree No. 2004-1249 of 25 May 2004, laying down the conditions and procedures
for certification of auditors in the field of computer security.
Other Tunisian laws and decrees |
