2026-06-02

Added · Updated

Code of Practice Pursuant to the Protection of Critical Infrastructures (Computer Systems) Ordinance for Authorized Institutions Designated as Critical Infrastructure Operators

The Monetary Authority of Hong Kong issued this Code of Practice to establish cybersecurity standards for authorized institutions designated as critical infrastructure operators. The document mandates compliance with the Protection of Critical Infrastructures (Computer Systems) Ordinance to safeguard essential computer systems against cyber threats. It includes annexes providing templates for notifications required under category 1 and category 2 obligations to ensure timely reporting of incidents.

Hong Kong Monetary Authority logo

Hong Kong

Hong Kong Monetary Authority

Click to view full text