2026-04-01

Added · Updated

Good practices for addressing vulnerabilities related to operational resilience

The Hong Kong Monetary Authority issues this Circular to establish good practices for addressing vulnerabilities related to operational resilience. It requires all authorized institutions to identify, assess, and mitigate operational risks to ensure business continuity and effective internal controls. The guidance integrates with existing supervisory approaches on cyber risk management and technology risk to strengthen institutional resilience.

Hong Kong Monetary Authority logo

Hong Kong

Hong Kong Monetary Authority

Click to view thumbnail

CIR

Current

Issue Date:

01 Apr 2026

20260401-2-EN.pdf (198.0 KB)

Topic:

Business Continuity Planning

Internal Controls - Insourcing/Outsourcing

Operational Risk Management - Others

Technology Risk Management - Cybersecurity

Technology Risk Management - Others

Group:

All Authorized Institutions

Directly related Document

Cross referenced Document

Version History

Superseded Document

Directly related Document

CIR

Current

01 Apr 2026

Good practices for addressing vulnerabilities related to operational resilience

SPM-SGL

Current

29 Nov 2024

TM-C-1 Supervisory Approach on Cyber Risk Management

CIR

Current

01 Apr 2026

Good practices for addressing vulnerabilities related to operational resilience

SPM-SGL

Current

29 Nov 2024

TM-C-1 Supervisory Approach on Cyber Risk Management

Version History

Superseded Document

You may also be interested in

CIR

Current

24 May 2016

Cybersecurity Fortification Initiative

CIR

Archive

31 Aug 2022

Guidance on Cloud Computing

CIR

Archive

31 Aug 2022

Guidance on Cloud Computing

Annex: Guidance on Cloud Computing