top of page

APEC Cross Border Privacy Rules (CBPR) & Privacy Recognition for Processors (PRP)

ISOCert is an approved Assessment Body by Infocomm Media Development Authority (IMDA) to support organizations in assessing their data protection practices is conform to the APEC Privacy Framework. Singapore recognises the APEC CBPR and PRP certifications for overseas transfers of personal data under the PDPA. This means that organisations in Singapore can easily transfer personal data to the overseas certified recipient without meeting additional requirements.

About CBPR Certification

APEC CBPR System was developed by APEC economies to build consumer, business and regulator trust in cross-border flows of personal data. This requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework and helps to bridge differing national privacy laws within the APEC region, reducing barriers to the flow of information for global trade. CBPR System applies to organisations (data controllers) that control the collection, holding, processing, or use of personal data 

Working with Laptops

About PRP Certification

APEC Privacy Recognition for Processors (PRP) System was designed for organisations (data processors) who process data on behalf of client organisations (data controllers), to demonstrate their ability in providing effective implementation of a controller’s privacy requirements. The PRP certification is based on 2 of the 9 principles of APEC Privacy Framework: Security Safeguards and Accountability.


Government supports on consultancy and assessment fee.

Funding Support (applicable for DPTM, CBPR and PRP certifications)


Eligible organisations can consider applying to Enterprise Singapore (ESG) to seek support for some of the costs for DPTM/CBPR/PRP certification and consultancy services. Eligible organisations applying for the Enterprise Development Grant (EDG) are entitled up to 50% government support for qualified project.


For more information, visit


5 Flavors to Try This Weekend

ISOCert Introduction & Implementation Training for Integrated Information Security Management ISO 27001 ISMS, ISO 27701 & PDPA Compliance

ISMS & PIMS Training

🌐🔒With the implementation of the PDPA and the Data Protection Trustmark (IMDA), there has been a real leap in the field of privacy due to the introduction in the sector's legislative system of the key principle of accountability. Get your internationally recognized privacy certification

bottom of page