2026-06-02
Added · Updated
The Monetary Authority of Hong Kong issued this Code of Practice to establish cybersecurity standards for authorized institutions designated as critical infrastructure operators under the Protection of Critical Infrastructures (Computer Systems) Ordinance. The document mandates specific technology risk management and cybersecurity protocols to safeguard computer systems against threats. It includes annexes providing templates for notifications required under category 1 and category 2 obligations to ensure regulatory compliance.
COP
Current
Issue Date:
02 Jun 2026
20260527-25-EN.pdf (301.0 KB)
Topic:
Technology Risk Management - Cybersecurity
Group:
All Authorized Institutions
Directly related Document
Cross referenced Document
Version History
Superseded Document
Directly related Document
Annex
Current
02 Jun 2026
Annex - Templates for notifications required under category 1 and category 2 obligations
Annex
Current
02 Jun 2026
Annex - Templates for notifications required under category 1 and category 2 obligations
Cross referenced Document
Version History
Superseded Document
You may also be interested in
CIR
Current
24 May 2016
Cybersecurity Fortification Initiative
CIR
Current
21 Dec 2016
Cybersecurity Fortification Initiative
CIR
Current
03 Nov 2020
Cybersecurity Fortification Initiative 2.0