Did you know?


SKMM is the regulator for postal services in Malaysia.

The Postal Services Act  2012 seeks SKMM to ensure the high quality conveyance of Postal articles and to protect the interest of users of postal services.


The National Postal Strategy sets out a roadmap for the Malaysian postal and courier sector 

to maintain the relevance of the sector in the overall development of the nation.

Make a complaint here.

Register of Assignments

Magic Map

Want to know what's around you? Check out Magic Map

Event Calendar

  • MCMC
  • KKMM
  • MCMC Regional
  • Public Holidays

Frequently Asked Questions

Frequently Asked Questions

Why the need for certification?
Direction from the Malaysian Government requires the CNIIs to implement adequate security measures to ensure that the delivery of critical services and products are not disrupted because of problems with the information assets and information systems that are used to manage, control or deliver such services and products.

Is my organization a CNII entity?
If the services or products delivered to the public and the nation fall under the description explained as Critical Services or Products. The Critical Services or Products are those that are delivered to the external organization or the organization’s consumers and satisfy the critical services or product availability needs of the external organizations or consumers i.e industry, public, the economy and the nation. This external organization or consumers may be other CNII entities.
However intra-services or products, i.e services from one department that serves other departments in the same organization e.g. Human Resources, Procurement and Finance, are NOT considered critical UNLESS those intra-services or products delivered to the external organization.

What is the difference between Adopting, Complying and Certified ISMS?
The terms adoption, compliance and certification or certified has occasionally been used interchangeably and warrants clarification in order to ensure that all the parties involved have the same understanding.
If an organization claims that it is Adopting ISMS, it is merely a statement of intent of that organization expresses. It does not necessarily mean that the organization has actually implemented ISMS or in the process of implementing ISMS.
If an organization claims that it is Complying to ISMS, it is a statement of claim that it is adopting and has implemented ISMS. It does not mean that its implementation is ‘really’ in compliance as verified by an independent party.
If an organization claims to have been Certified ISMS, it means that an accredited certifying body has independently certified the organization’s ISMS implementation to the satisfaction of the standard.

What scope of the organization’s ISMS implement needs to be reported to MCMC?
An organization may implement one or more ISMS covering different scopes. These ISMS may be implemented concurrently or in sequence and some of the deliverable documents may be applicable across ISMS boundaries.
In brief, the scope of ISMS and the progress of the ISMS implementation that must be reported to MCMC are those that cover the delivery of critical services and products.

What sorts of disruptions to services are considered critical?
In general points to assist CNII entities:-
a. The interruption is immediate and no gradual or deferred or delayed,

b. The services performance level deteriorates significantly from the norm,

c. The quality of service deviates from the normal or acceptable quality of services, and

d. The impact of disruption or compromise has significant and noticeable effect to industry or commerce, government operations, image, safety or defence.


Will MCMC Fund the Cost of ISMS Implementation?
ISMS implementation is similar to the Quality Management System (QMS) in many respects. Essentially it is aimed to benefit the organization in its operations. Both the management systems (ISMS and QMS) will result in a verified and auditable process that will give assurance to the Management of the organization that the appropriate policies, procedures, and controls are in place.
In line with good Corporate Governance therefore, it is expected that the entity will take the necessary steps to ensure that ISMS is in place for the good of the organization.

MCMC will provide CNII entities under purview with training, workshop and seminar initiative in supporting government decision on the ISMS certification.

SKMM Contact

Digital Security Management Department
Malaysian Communications and Multimedia Commission
Off Persiaran Multimedia
63000 Cyberjaya
Selangor DarulEhsan

Tel: +603-8688 8000
Fax: +603-8688 1003

Share this article

Associate

It is the quality of the human capital that will determine if we can meet our aspirations of achieving a high value, and high income, economy by 2020. As we progress towards becoming a developed nation, we must do our part to equip fellow Malaysians with the skills and knowledge to succeed as a productive member of the knowledge-led economy.

Associate Links :

The listed links are for MCMC Staff ONLY

Industry

Malaysians are now more exposed to the various media platforms than in previous years. As the authority and custodian of the Communications and Multimedia Act 1998, Postal Services Act 2001 and Digital Signature Act 1997, the Commission’s functions and responsibilities are becoming increasingly more apparent and significant.


Back To Top