Alignment of National Security Standard with Localized Practice

As a wholly-owned subsidiary of the Assurance Company of Canada, the Hong Kong office was established since 1892. Today, the Company provides professional financial services to both individual and corporate clients through individual life and health, pensions and group pensions, and third party administration businesses in Hong Kong. The Company is focused on providing top-quality protection and wealth management products, and retirement planning to satisfy the clients’ evolving needs at different life stages.

At a Glance

International and national security requirements

Hong Kong Insurance Authority / ISO 27001 ISMS

ISO/IEC 27001

ISMS Implementation

Long term

Security advisory partner

What brings them to MXC

To cope with their business direction on enforcing the implementation of information security management and they are looking for long term security advisory partner to embedded Information Security Management and Risk Management for the assurance the business risk management, customer information protection as well as the compliance of security compliance requirements from their national security team and Hong Kong Insurance Authority by leveraging with international standard such as ISO27001 ISMS.  

Challenges

  • Lack of internal resources on implementing Information Security Management effectively.
  • Lack of experience and professionals to build the culture of security management within the company and promote the staff awareness on information management system
  • Complex and continuous needs on security requirement from their national team security team and the regulatory requirement from Hong Kong Insurance Authority.

Results

Maximus or MXC Compliance Advisory Team was appointed as their Information Security Consultant including the works like staff training, risk assessment process, internal audits, assistance on certification and other information security management system advisory.

Designed, Developed and Implemented a fit-for-purpose Information Security Management System or ISMS to in-line with the corporate requirements

Certified by Accredited Certification Body.

Creates an effective risk management system to evaluate their existing information security risk and advise the tailor-made risk treatment plan for continuous improvement.

To be able to demonstrate to their stakeholders, business partners and customers a “fit-for-purpose” assurance regarding information security

Continual improvement on information security management on both maturity and effectiveness

Contact

Need a kickstart with cyber security?

Knowledge, experience, and resources are the cornerstones of defending your business from cyber crime. Since 2003 MXC has been fighting cyber-crime with more hundreds of major corporations.
Contact Us