2026-06-02
Added · Updated
The Monetary Authority of Hong Kong issued this Code of Practice to establish cybersecurity standards for authorized institutions designated as critical infrastructure operators. The document mandates compliance with the Protection of Critical Infrastructures (Computer Systems) Ordinance to safeguard essential computer systems against cyber threats. It includes annexes providing templates for notifications required under category 1 and category 2 obligations to ensure timely reporting of incidents.
COP
Current
Issue Date:
02 Jun 2026
20260527-26-EN.pdf (215.6 KB)
Topic:
Technology Risk Management - Cybersecurity
Group:
All Authorized Institutions
Directly related Document
Cross referenced Document
Version History
Superseded Document
Directly related Document
COP
Current
02 Jun 2026
Code of Practice Pursuant to the Protection of Critical Infrastructures (Computer Systems) Ordinance (for Authorized Institutions designated by the Monetary Authority as Critical Infrastructure Operators)
COP
Current
02 Jun 2026
Code of Practice Pursuant to the Protection of Critical Infrastructures (Computer Systems) Ordinance (for Authorized Institutions designated by the Monetary Authority as Critical Infrastructure Operators)
Cross referenced Document
Version History
Superseded Document
You may also be interested in
CIR
Current
24 May 2016
Cybersecurity Fortification Initiative
CIR
Current
21 Dec 2016
Cybersecurity Fortification Initiative
CIR
Current
03 Nov 2020
Cybersecurity Fortification Initiative 2.0