Calculators

This set of calculators will assist the owners of critical information infrastructure and licensees of a cybersecurity service provider’s licence to determine the due dates to fulfil regulatory obligations under the Cybersecurity Act.

Last updated 20 January 2025

In the Cybersecurity Act (the “Act”), the owners of critical information infrastructure (CII) and licensees of a cybersecurity service provider’s licence must comply with different regulatory obligations with specific due dates. This set of calculators will assist these stakeholders to determine the due dates to fulfil such regulatory obligations under the Act. For avoidance of doubt, this set of calculators is not exhaustive and only covers a specific set of regulatory obligations under the Act.

Cybersecurity Audit Report / Risk Assessment Report Submission

To determine the due date to submit the report to the Commissioner of Cybersecurity after the Audit/ Risk Assessment is completed

Notification of Material Change(s)

To determine the due date to notify the Commissioner of Cybersecurity after any material change is made to the CII

Notification of Change in Ownership of Critical Information Infrastructure

To determine the due date to notify the Commissioner of Cybersecurity of any change in the beneficial of legal ownership

Cybersecurity Service Provider Licence Renewal

To determine the due date before the date of expiry of the Cybersecurity Service Provider Licence to submit a licence renewal application

Self-Help Checker and Document(s) required for submitting change(s) to existing...

To determine the due date in informing the Licensing Officer of the change and the necessary document(s) required for submitting changes to the Cybersecurity Service Provider's Licence.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.