Technology and Information Rulebook
This version shall take effect on 19 June 2025. To review the previous version, please click here.
This version shall take effect on 19 June 2025. To review the previous version, please click here. |
- Introduction
-
Part I – Technology Governance, Controls and Security
- A. Technology Governance and Risk Assessment Framework
- B. Cybersecurity Policy
- C. Cybersecurity – other Legal and Regulatory Obligations
- D. Cryptographic Keys and VA Wallets Management
- E. Testing and Audit
- F. Virtual Asset Transactions
- G. Algorithm Governance
- H. Business Continuity, Cybersecurity Events and Risk
- I. Chief Information Security Officer and Management
- J. Staff Competency
- K. Notification to VARA
- Part II – Personal Data Protection
- Part III – Confidential Information
- Schedule 1 – Guidance on Technology Governance and Risk Assessment Frameworks
- Schedule 2 – Definitions