RM-9.1.13

Entire section

Custom print

Link

Text Only

Rich Text

Print

Location:

Versions

Apr 01 2019 - Dec 31 2021
Jan 01 2022

An organisation-wide cyber security strategy must be defined and documented to include:

(a) The position and importance of cyber security at the licensee;

(b) The primary cyber security threats and challenges facing the licensee;

(c) The licensee’s approach to cyber security risk management;

(d) The key elements of the cyber security strategy including objectives, principles of operation and implementation approach;

(e) Scope of risk identification and assessment, which must include the dependencies on third party service providers;

(f) Approach to planning response and recovery activities; and

(g) Approach to communication with internal and external stakeholders including sharing of information on identified threats and other intelligence among industry participants.

Amended: January 2022
Added: April 2019