Improving Cyber Resilience

The Hong Kong Examinations and Assessment Authority (HKEAA) is a statutory body in Hong Kong which responsible for the arrangement and coordination of examinations and administers over 200 examinations on behalf of several overseas examination bodies and overseas/ local professional bodies.

The Government places great emphasis on information security and the protection of its information and computer assets. To reduce the information security risk of HKEAA’s web & mobile applications, systems, and networks, HKEAA invited TQM to conduct comprehensive Security Risk Assessment (SRA) services.

Project Scope

  • Conduct assessment for each system/ module/ network and analyse the potential risk
  • Provide HKEAA with detailed explanations and demonstrations of the security vulnerabilities and risks for each of the identified findings and their impact
  • Assist in the follow-up of remedial actions
  • Provide recommendations and corrective actions based on findings


  • Reviewed and Assessed information security status and submit detailed reports
  • Recommend appropriate security controls and measures
  • Ensure that these precautions are compatible with technological developments, industry best practices, and changes in the system, network or organizational environment
  • Provided a foundation for reducing the risk of information leakage and maintaining normal operations in the future