Regulation 11 National Strategy on the security of network and information systems
(1) The Minister shall prepare a national strategy on the security of net-work and information systems (the "national strategy").
(2) The national strategy shall set out strategic objectives and policy and regulatory measures intended to achieve and maintain a high level of security of network and information systems in not fewer than the sectors referred to in Schedule 1 and the services referred to in Schedule 2 and shall address the following:
(a) the objectives and priorities of the national strategy;
(b) the regulatory measures and enforcement framework required to achieve the objectives and priorities of the national strategy including setting out the roles and responsibilities of governmental bodies and other relevant persons;
(c) measures relating to preparedness, response and recovery in relation to risks and incidents, including co-operation between the public and private sectors;
(d) education, awareness-raising and training programmes relating to the national strategy;
(e) research and development plans relating to the national strategy;
(f) the development of a risk assessment plan to identify any risks relating to network and information systems;