Operational Resilience OR-2 | HKMA

The OR-2 module sets out the HKMA’s supervisory expectations for authorised institutions to maintain operational resilience in the event of a disruption. Further reading OR-2 SPM Module | HKMA (PDF) Operational Resilience: A new SPM module from HKMA | Deloitte Operational Resilience | KPMG The HKMA proposes new standards for operational resilience | Herbert Smith Freehills Fostering operational resilience | PwC Hong Kong SFC issues operational resilience standards and recommended techniques and procedures in the age of remote working | Herbert Smith Freehills Operational resilience and remote working | SFC Circular Related pages Operational Resilience (wiki) SPM TM-G-1 General Principles for Technology Risk Management SPM TM-G-2 Business Continuity Planning OR-1 Operational Risk Management SA-2 Outsourcing Cyber Resilience Assessment Framework 2.0

1 min

OR-1 Operational Risk Management | HKMA

0 min

Outputs from a Threat modelling exercise

Threat modelling is a critical component of an organisation’s cybersecurity and risk management framework. The process will identify potential threats, assess vulnerabilities, and implement effective controls. Key outputs of a threat modelling exercise in a large organisation will include: 1. Threat Model Diagram. A visual representation of systems, data flows, and trust boundaries. Common formats include Data Flow Diagrams (DFDs) or Process Flow Diagrams, highlighting how data moves through the system and where risks may emerge. ...

2 min

OWASP

OWASP (Open Web Application Security Project) is a non-profit organisation and online community dedicated to providing open-source solutions to help build secure web applications. Further reading OWASP Top Ten

1 min

Patching

Patching is a process in software development and ongoing maintenance where updates are applied to software to fix problems with the original code such as fixing vulnerabilities, improving functionality, or to enhance performance and speed. These updates, known as patches, are essential for maintaining the security and efficiency of software systems. Further reading Patching - Wikipedia

1 min