Local Regulations and Global Guidelines

  • Home
  • >
  • Local Regulations and Global Guidelines
Regulations for NTP
Authority
Country
Description
Document
DEPARTMENT OF HEALTH
UAE
Regulation: Guidelines for the Implementation of the ADHICS
  • All systems clocks shall be synchronized using Network Time Protocol (NTP) to ensure the accuracy of audit logs.
  • Users shall be restricted from changing the systems time.
SECURITY INDUSTRY REGULATORY AGENCY

UAE
Regulation: Standard and Technical Specifications of the Security Systems (of Law No. 12 of 2016)
  • Security Systems shall support the Central Time feature (Network Time Protocol -NTP).
ISO 27001:2022

International
Regulation: ISO 27001 standard-section 8.17
  • Clock synchronization is a critical component in ensuring the accuracy and integrity of system data. Proper synchronization across all devices and systems is essential for maintaining the security and reliability of information.
PCI-DSS v4

International
Regulation: PCI DSS v4-Section 10.6
  • 10.6.1 System clocks and time are synchronized using time-synchronization technology.
  • 10.6.2 Systems are configured to the correct and consistent time
  • Time synchronization settings and data are protected
Public Works Authority State of Qatar
Qatar
Intelligent Transportation System (ITS) Specifications
  • The Multiprotocol Access Node shall support configuration of at least two NTP servers for time synchronization.
Qatar Central Bank
Qatar
Information and Cyber Security Regulation for Payment Service Providers
  • 8.23. The Payment Service Provider shall synchronize all device to the NTP server which shall be synchroized with the ISP or universal atomic clock time servers.
Qatar Legal Portal
Qatar
Electronics Transactions and Commerce Law
  • Electronics Signature- Article 28: Having the correct time to signing is important as electronic signature & its time of singing is acceptable in the Supreme Council
Electricity and Water Authority
Bahrain
Inspection & Testing Guidelines
  • When multiple data acquisition units are involved that each independently apply timestamps the clocks of the units shall be synchronized, preferably by an automated mechanism such as global positioning system (GPS) or network time protocol (NTP).
Economic Development Board Bahrain
Bahrain
Electronic Communications and Transactions Law
  • Legislative Decree No. 54 of 2018 Promulgating the Electronic Communications and Transactions Law
  • Evidential Presumptions- Where a secure electronic time stamp is placed on an electronic record
Ministry of Interior Bahrain
Bahrain
National Cyber Security Center
  • Events must be recorded with time stamps indicating the exact time events have occurred.
  • Without accurately synchronized timestamps, the entity cannot find out which event occurred before the other.
Telecommunications Regulatory Authority-

Bahrain
Bahrain
Guidelines Telecommunications Sector Cybersecurity Controls
  • Control 5.1.8 Centralized timing must be used for all systems (for example, NTP)
  • Generated from an authoritative and secure internal source (for example, atomic clock)
  • Where supported, at least two different time sources are used to ensure that the timestamps in logs are consistent.
Telecommunications And Digital Government Regulatory Authority

UAE
Guidelines for trust service practice statements
  • 6.7 Network security controls. Shall follow guidance from [RFC 3647] and state the corresponding practices that are used, referring to the applicable Certificate Security Policy
  • 6.8. Timestamping. Shall follow guidance from [RFC 3647] and describe in particular how the CA sources accurate time for activities such as certificate issuance or logging, certificate issuance.