MFSA Guidance Principles

The MFSA has devised four principles which provide guidance and clarity of expectations of entities to maintain compliance, or to become compliant, with the ICT Guidance document

The MFSA has devised four Principles which provide guidance and clarity of expectations of entities to maintain compliance, or to become compliant with the Guidance document issued by the MFSA:

 

Principle 1 – Proportionality 

The nature of the Licence Holder’s operations and risk tolerance should be considered, as well as the service offered by the Licence Holder to efficiently achieve compliance. 

 

Principle 2 – Principles-based consistency of Outcomes 

The MFSA’s objective is to achieve a consistent level of compliance across all Licence Holders in all sectors, irrespective of the method of Technology Arrangement adopted. The Guidance does not favour one service model over another, however instead, objectively strives for meeting a standard level of compliance.

 

Principle 3 – Information Assurance (IA) in Technology Arrangements 

A Technology Arrangement design should ensure the inclusion and consideration of the 5 Pillars governing Information Assurance: Authentication, Availability, Confidentiality, Integrity and Non-repudiation.


MFSA ICT Guidance Principles

 

Principle 4 – Approach to Cloud Computing 

Adoption of Cloud Computing should be formed on sound governance and management. This should also consider the guidance principles as outlined in the ‘Guiding Principles for Cloud Computing Adoption and Use’ issued by ISACA: Enablement, Cost benefit, Enterprise Risk, Capability, Accountability and Trust.

 

Want to know more?

Key Contacts

Get in touch with our technology experts