Secure every administrative account against unauthorised access or use.
A relevant entity must ensure that every administrative account in respect of any operating system, database, application, security appliance or network device, is secured to prevent any unauthorised access to or use of such account.
MAS Notice FSM-N06 (Cyber Hygiene), paragraph 4.1, p. 3 (2024)
Non-compliance with this Notice may attract MAS supervisory and enforcement action; a MAS notice imposes legally binding requirements on the relevant entities.