Skip to content
ZxR Cyber Sentinel 4.1 is available — Discover our AI models
Loi 05-20LawMarocMandatory

Loi 05-20

Authority : DGSSI
52 articles
Overview

What is Loi 05-20 ?

Law 05-20 on cybersecurity is the Moroccan legal framework defining obligations for public organizations, Operators of Vital Importance (OIV), and Essential Service Operators (OSE) regarding information system security. Published in the Official Gazette in 2020, it gives legal force to the DNSSI and defines penalties for non-compliance. The law establishes the institutional framework (DGSSI, Strategic Committee, maCERT) and mandates security incident notification, system accreditation, and cooperation with competent authorities.

Key Points

  • Legal framework giving legal force to the DNSSI and cybersecurity requirements
  • Mandatory security incident notification to maCERT
  • Mandatory system accreditation for OIV and OSE information systems
  • Penalties: fines from 100,000 to 1,000,000 MAD, imprisonment from 1 to 5 years
  • Institutional framework: DGSSI, Strategic SSI Committee, maCERT as national point of contact

Why Zaxyr

Zaxyr natively integrates Law 05-20 requirements alongside the DNSSI. The platform automates legal obligation tracking, facilitates accreditation preparation, and generates compliance reports in French and Arabic. Mapping to the DNSSI and ISO 27001 enables a unified approach to Moroccan regulatory compliance.

Start Your Compliance Journey

Get a personalized compliance assessment. Our team will guide you through.