Insurance Authority Guideline on Cybersecurity

Insurance Authority Guideline on Cybersecurity

Executive summary of Hong Kong Insurance Authority’s industry consultation draft Guideline on Cybersecurity released on 21 November 2018

Insurance risk protection security

On 21 November 2018, Hong Kong’s Insurance Authority released an industry consultation draft of its Guideline on Cybersecurity. The Guideline introduces baseline cybersecurity requirements for authorised insurers (AIs). AIs are expected to comply with the guidelines starting from 1 July 2019.

Our three-page executive summary of the Guideline covers the new benchmarks for AIs outlined in the document’s six focus areas – including cybersecurity strategy and framework; governance; identification, risk assessment and control; and continuous monitoring.

It also includes key questions for AIs to assess their cybersecurity readiness as well as how KPMG can help clients plan and execute a comprehensive cybersecurity strategy.

© 2024 KPMG Huazhen LLP, a People's Republic of China partnership, KPMG Advisory (China) Limited, a limited liability company in Chinese Mainland, KPMG, a Macau (SAR) partnership, and KPMG, a Hong Kong (SAR) partnership, are member firms of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

The KPMG name and logo are trademarks used under license by the
independent member firms of the KPMG global organisation.

For more detail about the structure of the KPMG global organisation please visit


Connect with us