Certifications

Three schemes, one standard of assurance

DESC certifies the providers Dubai government entities depend on — across cloud hosting, security operations, and offensive-security services. Each scheme is audited by its accredited authority; the platform then keeps assurance live between those audits.

Compare the schemes

  CSP Standard SOC Standard Dubai Cyber Force
Who it's for Cloud service providers SOC / managed-detection providers Pen-test & incident-response firms and individuals
Must be held by CSPs serving Dubai government & semi-government SOC providers serving Dubai government Firms & testers in the Dubai Cyber Force scheme
Formal authority BSI BSI CREST
Authority's role Accredited audit authority Accredited audit authority Accreditation partner
Validity 3 years + annual surveillance 3 years + annual surveillance 2 years
Continuous assurance Included Included Included
Detail CSP scheme → SOC scheme → Cyber Force →

Across all three, the audit remains the basis for certification and DESC holds the final decision. What's shared is the continuous-assurance layer that watches for drift and change once a certificate is live — turning a yearly snapshot into an ongoing picture.