View the Standard
This paper is a follow-up to the Issues Paper on Cyber Risk to the Insurance Sector, published in August 2016, which recommended that the IAIS develop and publish one or more Application Papers further exploring cyber risk, cybersecurity, and cyber resilience and proposed supervisory practices for the insurance sector.
The Application Paper is principles-based and builds on frameworks and guidance such as the G7 Fundamental Elements of Cybersecurity for the Financial Sector, the related G-7 Fundamental Elements for Effective Assessment of Cybersecurity in the Financial Sector and the CPMI-IOSCO Guidance on Cyber Resilience for Financial Market Infrastructures. The paper is intended to provide further guidance primarily to supervisors seeking to develop or enhance their approach to supervising the cyber risk, cyber security, and cyber resilience of insurers.