The Cyber Security Agency of Singapore (CSA) has published the Codes of Practice for the regulation of owners of Critical Information Infrastructure (CII) in accordance with the Cybersecurity Act. With the rapid changes in technology and new regulatory requirement, the CII owners are required to ensure their cybersecurity resilience. 

What is Cybersecurity Code of Practice (CCoP) for Critical Information Infrastructure? 

image background

Talk to our experts

soc-logo_certification-rvb_hex_blanc

SCS Contact

Main contact

Main contact

certints@singnet.com.sg

The Cybersecurity Bill was passed on 5 February 2018 and received the President’s assent on 2 March 2018 to become the Cybersecurity Act. The Act establishes a legal framework for the oversight and maintenance of national cybersecurity in Singapore. With this, the Cyber Security Agency of Singapore (CSA) has published the Codes of Practice for the regulation of owners of Critical Information Infrastructure (CII).  

CII are computer systems directly involved in the provision of essential services/ sectors such as Energy, Water, Banking and Finance, Healthcare, Transport (which includes Land, Maritime, and Aviation), Infocomm, Media, Security and Emergency Services, and Government. With the rapid changes in technology and new regulatory requirements, the CII owners are required to ensure their cybersecurity resilience and proactively protect their CII from cyber-attacks.  

Therefore, CSA has introduced Cybersecurity Code of Practice (CCoP) Compliance Audit to help CII owners to meet the requirements and achieve compliance.  

Second Edition of the Cybersecurity Code of Practice (CCoP) 

The second edition of the Cybersecurity Code of Practice (CCoP) was issued by CSA and came into effect from 4 July 2022. The new edition seeks to level up new cybersecurity capabilities in CII sectors in view of the evolving cyber threat landscape with threat actors using sophisticated tactics, techniques and procedures to attack.  

The CCoP 2.0 addresses the key requirements for CII below:  

  • Governance,  

  • Identification, 

  • Protection, 

  • Detection, 

  • Response and Recovery, 

  • Cyber Resiliency, 

  • Cybersecurity Training and Awareness, 

  • Operational Technology (OT) Security. 

image background

Our Expertise

Why get audited with SOCOTEC Certification Singapore? 

cybersecurity-code-practice-infrastructure

Why get audited with SOCOTEC Certification Singapore? 

SOCOTEC Certification Singapore has conducted audits since 1994 for various schemes and our auditors are qualified for various standards with national and international accreditations.

 

Therefore, we are pleased to extend our value-added audit services as well as other relevant international or national accredited management systems certification to you.

Why get audited with SOCOTEC Certification Singapore? 

SOCOTEC Certification Singapore has conducted audits since 1994 for various schemes and our auditors are qualified for various standards with national and international accreditations.

 

Therefore, we are pleased to extend our value-added audit services as well as other relevant international or national accredited management systems certification to you.

Would you like to know more about our Audit offers?

image background

Talk to our experts

soc-logo_certification-rvb_hex_blanc

SCS Contact

Main contact

Main contact

certints@singnet.com.sg