Digital Policy Alert logo

Republic of Korea: Adopted Amendment to Cloud Security Assurance Program including data localisation requirements

Go to policy change overview
Share

Compare with different regulatory event:

Description

Adopted Amendment to Cloud Security Assurance Program including data localisation requirements

On 19 January 2023, the Korean Ministry of Science and Technology Information and Communication issued a notice of implementation and adopted an amendment to the Cloud Security Assurance Program (CSAP). Under the amendment, to obtain a CSAP certification by the Korea Internet and Security Agency (KISA), the service provider's cloud computing system and associated data, backup systems, and management and operating personnel must be located in Korea.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data localisation requirement
Regulated Economic Activity
infrastructure provider: cloud computing, storage and databases
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2023-01-19
adopted

On 19 January 2023, the Korean Ministry of Science and Technology Information and Communication iss…

2023-01-31
in force

On 31 January 2023, the amendment to the Cloud Computing Service Security Certification (CSAP) ente…