Skip to main content
Entire section Custom print Text Only Rich Text Print / Save as PDF
Download Original PDF

Appendix E – How to Request a Waiver from the Framework

No: 000044021528 Date(g): 11/10/2022 | Date(h): 16/3/1444 Status: In-Force

Below is an illustration of the process for requesting a waiver from the Framework. 

  • Detail description about the reasons that the member organisation could not meet the required control.
  •  Detail description about the available or suggested compensating controls.
  • The waiver request should first be approved by the Head of Counter-Fraud before submitting to the Counter-Fraud Governance Committee (CFGC).
  • The waiver request should be approved by the members of Member Organisation’s Counter-Fraud Governance Committee.
  • The waiver request should be signed by the Head of Counter-Fraud and relevant (business) owner.
  • The waiver request should be formally issued in writing to the manager of ‘General Department of Cyber Risk Control’ via the Member Organisation’s CEO or managing director.
  • ‘General Department of Cyber Risk Control’ will evaluate the waiver request and inform the Member Organisation.

The current Framework remains applicable while the requested waiver is being evaluated and processed, until the moment of granting the waiver.