TR 106:2022

Tiered cybersecurity standards for enterprises


Organisations differ in terms of the nature of their business, size (which may be measured by parameters such as capital turnover or employment size) and the extent of digitalisation in their businesses. These have a corresponding impact on their cybersecurity risk profile. This TR takes on a tiered approach to address different business profiles and needs as follows:

– The mark of cyber hygiene takes on a baseline control approach and is intended to protect organisations against the most common cyberattacks; and

– The trust mark takes on a risk-based approach and is intended to enable organisations to put in place the relevant cybersecurity preparedness measures that commensurate with their cybersecurity risk profile.

Together, the mark of cyber hygiene and trust mark provide a cybersecurity risk management framework for organisations.




Status Current
Edition 2022
No. of Pages 67
ICS Classification 35.020 Information technology (IT) in general
35.030 IT Security
Committee Information Technology Standards Committee
Available for Purchase Global
Adoption -