Kazakhstan: Financial Regulator publishes approved methodology for assessing risks of critical information systems
The Agency of the Republic of Kazakhstan for Regulation and Development of Financial Market ('the Financial Regulator') published, on 28 September 2020, its approved methodology for assessing information security risks in financial organisations. In particular, the Financial Regulator noted that the methodology sets out the procedure for ranking different risks that exist within an organisation, assessing the level and probability of the risk, and the level of material loss probable. Furthermore, the methodology provides for an assessment for risks, including the identification of existing and future risks for the financial organisation depending on the use of hardware or software.
You can access the Methodology, only available in Kazakh and Russian, here.