Certification for the Cyber Trust mark

Organisations seeking certification may refer to the following:
(Note: Documents were last updated in October 2023)

The Cyber Trust mark is published as Technical Reference 106 (TR 106) under the Singapore Standardisation Programme Organisations may obtain a copy of TR 106:2022 “Tiered cybersecurity standards for enterprises” from the Singapore Standards e-shop.

a. Certified Organisations

Small and Medium Enterprises (SMEs) that are certified are also eligible to apply for the SME Cybersecurity Excellence award that CSA is collaborating with Association of Trade & Commerce (ATC) on.

b. Appointed Certification Bodies

The certification process is undertaken by certification bodies that have been appointed by CSA. Organisations may select any of the following certification bodies, please click here for contact details.

c. Certification Duration and Mode of Assessment

Cyber Trust certification is valid for a duration of 3 years, with a yearly audit. The mode of assessment will involve both review and verification of documents, as well as implementation and effectiveness. The organisation’s certification audit will be carried out by an independent assessor from the appointed certification body.

Certification charges and time needed for certification may differ according to the scope of certification. Organisations may visit the websites of the certification bodies to find out more.

d. Funding Support for the Cyber Trust mark certification

To encourage organisations to adopt the Cyber Trust mark, CSA has worked with the appointed certification bodies to offer funding support for Cyber Trust mark certification. Organisations that are successfully certified can enjoy the following funding support, which will be deducted from the certification fees charged by the certification bodies:

• Applicable only from now to 6 February 2026
• Applicable only for the first successful certification per organisation
• Only Singapore-registered businesses and Non-Profit Organisations (NPO) incorporated in Singapore are eligible
• Organisations shall submit their completed application forms to their selected certification bodies

e. Cybersecurity Health Plan delivered by CISO as-a-Service (CISOaaS) Consultants

If you have already implemented good cyber hygiene, or already achieved CSA Cyber Essentials mark, you are ready to progress towards adopting a risk-based approach to cybersecurity.

Develop a cybersecurity health plan tailored for your needs and work towards national cybersecurity certification such as attaining CSA’s Cyber Trust mark. 

Develop your cybersecurity health plan with your appointed CISOaaS consultant now.

f. Cybersecurity toolkits and guidance to support certification 

Need help with the cybersecurity measures you can implement to improve your organisation’s cybersecurity? Check out our cybersecurity toolkits for guiding questions, templates and more.

Added Benefit For Certified Organisations 

• Cyber Insurance
  Cyber Trust certified organisations are eligible for discounted rates when they apply for cyber insurance with the following:
  • QBE Insurance (Singapore) Pte Ltd 
    

Please contact the companies listed for details.

• Google Cybersecurity Certificate Scholarship
  Organisations that have already appointed a certification body for Cyber Trust certification are eligible to be offered scholarships for the Google Cybersecurity Certificate. Please approach your appointed certification body for more information.

Additional information

• Interested in the Cyber Essentials mark instead? Click here to learn more.
• Unsure about the different codes, cybersecurity or data certifications required for your organisation? Click here to learn more.
• If your organisation is using cloud services, get help with implementing cloud security for Software-as-a-Service (SaaS) and other cloud computing service models.