Custom print

RM-9.1.13

Past version: Effective from 01 Apr 2019 to 30 Sep 2021
To view other versions open the versions tab on the right

Licensees must conduct a periodic assessment of cyber defense controls. Cyber defense control assessment must include an analysis of the controls' current status vis-à-vis relevant cyber security risk threats, weaknesses and risks across the different activity segments, including:

a) Physical access, administration and organization;
b) Information system lifecycle in various operational environments;
c) Technology management and critical supporting systems;
d) Interaction with customers, devices used by customers;
e) Remote access, messaging and communication;
f) Identity and access management, business partners and suppliers, information and data exchange channels; and
g) Organisational culture and awareness, online presence, online activities and use of social networks, and business continuity.
Added: April 2019