top of page
Banner.png

GL20 is a crucial initiative aimed at enhancing the cybersecurity framework for insurers, particularly in light of evolving threats and regulatory requirements.  Insurers must provide assessment results, including Inherent Risk Assessments (IRA), Maturity Assessments (MA), and Remedial Plans (RP), based on their risk levels—high-risk insurers by January 31, 2026, and low or medium-risk insurers by July 31, 2026.

At IGS, our assessment methodologies are designed to help organizations meet the HKIA GL20 Cyber Resilience Assessment Framework (CRAF) requirements effectively. We invite you to partner with us to navigate these requirements seamlessly and secure your operations.

IGS Solutions Highlight

  • Conducting Inherent Risk Assessments (IRA)

  • Pre-assessment of Maturity Assessment (MA)

  • Conducting Maturity Assessments (MA)

  • Threat Intelligence Based Attack Simulation (TIBAS)

  • SIEM (Open source) Implementation

  • Privileged Access Management (PAM) Implementation

  • Managed Security Services

Project Experience

  • VCISO Project for Implementation of ISO 27001 and NIST Cybersecurity Framework

  • HKMA CRAF Implementation and Assessments

  • Security Policy Review for GL20 and Gap Analysis 

  • HKMA Intelligence-led Cyber Attack Simulation Testing (iCAST)

Professional Certifications

  • Certified Information Systems Security Professionals (CISSP)

  • Certified Information Security Manager (CISM)

  • Certified Information Systems Auditor (CISA)

  • Certified ISO 27001 Lead Auditor

  • Certified Ethical Hackers (C|EH)

  • Offensive Security Certified Professional (OSCP)

  • GIAC Web Application Penetration Tester (GWAPT)

For more information, feel free to reach out to Mr. Tsang at (852) 7010 6469 or via email.

Diagram 1.png

(Appendix 1) Project Schedule

(Appendix 2) Team Structure

Diagram 2.png
Industry
Register Now
bottom of page