Singapore legislation
Clause 70
Clause 70
Incident management framework
(1)
A relevant person must establish and implement an incident management framework that provides for —
mechanisms and processes to detect and respond to any cybersecurity incident or data breach; and
processes to identify and resolve the cause or causes of any cybersecurity incident or data breach, and prevent the recurrence of the cybersecurity incident or data breach or the occurrence of a similar cybersecurity incident or data breach.
(2)
Without limiting subsection (1), a relevant person must ensure that the incident management framework mentioned in that subsection provides for any prescribed matter relating to the mechanisms and processes mentioned in subsection (1)(a) or the processes in subsection (1)(b).
(3)
For the purposes of subsection (2), the Minister may prescribe different matters relating to the mechanisms and processes mentioned in subsection (1)(a) or the processes in subsection (1)(b) for different relevant persons.
(4)
A person who contravenes subsection (1) or (2) shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $100,000 or to imprisonment for a term not exceeding 12 months or to both.