28/1/2021 | Hong Kong

On 28 Jan 2021, new format of ISO/IEC DIS 27002 (Information security, cybersecurity and privacy protection - Information security controls) is available and released that it has been technically revised. This third edition mainly focus and suit with the emerging and marketing trends in information technology of cybersecurity and privacy protection.

ISO/IEC 27002 recommends information security controls addressing information security control objectives arising from risks to the confidentiality, integrity and availability of information.
➤ The phrase "Code of Practice" has been dropped from the title of this document to better reflect its purpose of being a reference set of information security controls.
➤ The structure of the document has been updated and amended to avoid overlaps and duplications, presenting the controls using a simple taxonomy and associated attributes.
➤ Some controls have been merged, some deleted and several new controls have been introduced.

22/5/2020 | Macau

CASSOLUTION Macao Limited officially became the supplier of the Financial Services Bureau supplier database of the Government of the Macao Special Administrative Region on May 11, 2020. The included supplier classification is 015-003 ISO Consultant. (website: http://www.dsf.gov.mo/supplierDB/), please browse for it.

18/5/2020 | Hong Kong

Under the second round of the Anti-epidemic Fund, the Government has launched the Distance Business (D-Biz) Programme to support enterprises to continue their business and services during the epidemic, the Programme provides funding support through fast-track processing for enterprises to adopt IT solutions for developing distance business.

For each IT solution and services and the relevant training expenses for the employees, the funding ceiling per each application is HK$100,000. Each enterprise may receive total funding of up to HK$300,000 to undertake projects to be completed within six months.

Corporate and Security Solution Limited, being a “Suppliers for Quality Professional Services 4 (SOA QPS4)” by OGCIO of HKSARG and IT Service Provider Reference List under this D-Biz Programme, offers IT security consulting and assessment one stop solution. Please feel free to contact us by enquiry@cassolution.com.

14/5/2020 | Mainland China

Effective June 1, 2020, the Measures for the Security Review is an implementation of article 59 of the national security act and article 35 of the network security act, which regulates the security review mechanism for procurement of network products and services by Critical information infrastructure operators (" CII operators "). The objective is to identify and prevent the procurement of network products and services from causing risks and hazards to the operation of CII through network security review, so as to ensure the security of CII supply chain and safeguard national security.

10/3/2020 | Hong Kong and Macau

What is ISO 13485 standard?

ISO 13485 (Medical devices - Quality management systems - Requirements for regulatory purposes) is an internationally recognized standard that addresses the development, implementation and maintenance of a quality management system in the medical device industry. It specifies requirements for a quality management system where an organisation needs to demonstrate its ability to provide medical devices, and that related services in the life cycle of medical devices, consistently meet customer requirements and applicable regulatory requirements. The relevant life cycle can include design, production, installation, servicing and sales of medical devices.

1/1/2020 | Mainland China

On October 26, 2019, approved by the 14th meeting of the Standing Committee of the 13th National People's Congress, the first comprehensive law in the field of password management, the "Cryptography Law of the People's Republic of China was finally adopted and effective at January 1, 2020. The password are divided into core passwords, ordinary passwords and commercial passwords. Core passwords and ordinary passwords shall be used to protect state secret information. Core passwords shall be used to protect information of up to secret level and ordinary passwords shall be used to protect information of up to confidential level. Commercial passwords shall be used to protect ordinary commercial information rather than the state secret.

6/11/2019 | Mainland China

The Cybersecurity Multi-level Protection Scheme (“MLPS 2.0”) is set to come into effect on December 1, 2019 in Mainland China. This scheme constitutes with three new national standards include (1) the GB/T 22239-2019 Basic Requirements for the Multi-level Protection of Information Security Technology, (2) the GB/T 25070-2019 Information Security Technology Cybersecurity Multi-level Protection Security Design Technical Requirements, and (3) the GB/T 28448-2019 Information Security Technology Cybersecurity Multi-level Protection Assessment Requirements, together with the drafted New Regulation and other regulations and national standards that will be released.

1/8/2019 | Macau

The Cybersecurity Law No.13/2019 was published on 24 June 2019 and will come into force on 22 December 2019 in the Macau Special Administrative Region. The Cybersecurity Law applies to public, and private critical information infrastructure (‘CII’) operators including domestic or foreign companies qualified running a business in areas such as banking, finance, insurance, gambling, telecommunication, or healthcare, among other things. The Cybersecurity Law requires Private CII operators to establish internal cybersecurity management units, to carry out routine self-assessments and to submit an annual report to the relevant supervisory authority.

22/3/2019 | Hong Kong

Building a Sustainable Smart City via Big Data Analytics and Internet of Things (IoT). By using the Internet of Things and Big Data to innovate and deploy smart services that create smart living, we can create a smarter city. The concept of Smart City is able to use and analyze big data for patterns, behavior and potential crisis that make life better and easier. As Hong Kong is moving towards a Smart City vision, itSMF can play a vital role to provide the enablers with the right IT strategies and tactics, the best practices, talent development, innovation and solutions to streamline IT service delivery processes during the transformation.

11/3/2019 | Hong Kong

On 25th May 2018, General Data Protection Regulation (GDPR) will replace the existing European Data Protection Directive.