2019-01-10

Added · Updated

Guide to Enhanced Competency Framework on Cybersecurity

The Hong Kong Monetary Authority issued this guide to establish the Enhanced Competency Framework on Cybersecurity (ECF-C), a non-statutory framework designed to develop a sustainable talent pool and raise professional competence among cybersecurity practitioners in the banking sector. The framework defines 'Relevant Practitioners' across three lines of defense—IT Security Operations and Delivery, IT Risk Management and Control, and IT Audit—and structures qualifications into Core and Professional levels based on work experience. Authorized institutions are encouraged to adopt the ECF-C to benchmark employee competence, support training, and ensure staff maintain continuing professional development requirements of at least 20 hours annually.

Hong Kong Monetary Authority logo

Hong Kong

Hong Kong Monetary Authority

Click to view full text