HKMA Cyber Resilience Assessment Framework (C-RAF)
HKMA Cyber Resilience Assessment Framework (C-RAF) is the Hong Kong Monetary Authority (HKMA) MANDATORY cybersecurity assessment + supervisory framework for all Authorised Institutions (AIs) in Hong Kong + part of the broader HKMA CYBERSECURITY FORTIFICATION INITIATIVE (CFI) launched 2016. KEY HISTORY: (a) CFI announced May 2016; (b) C-RAF v1.0 issued December 2016; (c) C-RAF v2.0 issued 6 May 2020 (Circular 20200506e1a1) - major revision incorporating lessons learned + international best practice + iCAST framework; (d) ongoing 2024-2025 enhancements + supervisory communications + threat-landscape evolution.
Domains
Compare HKMA Cyber Resilience Assessment Framework (C-RAF)
HKMA Cyber Resilience Assessment Framework (C-RAF) by Industry
HKMA Cyber Resilience Assessment Framework (C-RAF) by Role
Frequently Asked Questions
What is HKMA Cyber Resilience Assessment Framework?
How many controls does HKMA Cyber Resilience Assessment Framework have?
Where does HKMA Cyber Resilience Assessment Framework apply?
What frameworks does HKMA Cyber Resilience Assessment Framework map to?
How do I get started with HKMA Cyber Resilience Assessment Framework compliance?
How ready are you for HKMA Cyber Resilience Assessment Framework (C-RAF)?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.