Last Revised Date: 21 June 2013

Notice 127 Technology Risk Management

Requirements on technology risk management for insurers.

This notice applies to all licensed insurers, except captive insurers and marine mutual insurers.

It sets out requirements for the identification of critical systems, and for insurers to maintain high availability and recovery time objective for critical systems. Insurers are also required to notify MAS of relevant incidents according to the prescribed timeline and format.

Insurers must also implement IT controls to protect customer information from unauthorised access or disclosure.

See also:

Amendment Notes

There are no amendment notes for this notice.