EY Achieves Two National Trust Marks in Cyber, Data Protection
Strengthening EY’s Governance, Safeguards, and Protection Standards

EY member firms in Singapore have been awarded the Data Protection Trustmark (DPTM) and the Cyber Trust Mark, both valid for three years from April 2026.
Liew Nam Soon, Singapore Managing Partner, Ernst & Young Solutions LLP, also EY Asia East Deputy Regional Managing Partner and ASEAN Managing Partner, said:
“In today’s data‑driven economy, organisations have a responsibility to continually strengthen their data protection and cyber practices, as Singapore seeks to reinforce its position as a trusted global business and data hub. Data protection and cyber security cannot be an afterthought—it should be a key part of business resilience.”
Data Protection Trustmark (DPTM) for EY
The DPTM is a voluntary, enterprise‑wide certification administered by the Infocomm Media Development Authority (IMDA) to demonstrate accountable data protection practices. EY received certification across six entities:
- Ernst & Young Solutions LLP
- Ernst & Young LLP
- EY Corporate Services Pte Ltd
- Ernst & Young Advisory Pte Ltd
- EY Corporate Advisors Pte Ltd
- Ernst & Young Corporate Finance Pte Ltd
These entities underwent independent audit and validation of their data protection practices, strengthening EY’s governance, safeguards, and protection standards.
Nam Soon added: “Trust is the foundation of our business and we are proud to be DPTM‑certified, demonstrating the rigour of our data governance and commitment to high standards of data protection. It affirms our investments and continual efforts in embedding data protection and security in the way we operate and serve our clients, and builds confidence with stakeholders in an increasingly digital‑first world. Beyond compliance, responsible data stewardship is key to growth, innovation, and resilience. The certification process has helped to raise enterprise‑wide awareness of the importance of data protection and firmly anchors it as part of our culture.”
Cyber Trust Mark for EY
Additionally, Ernst & Young Advisory Pte Ltd received the Cyber Trust Mark as a Cyber Trust Advocate.
The Cyber Trust Mark is a national certification programme by the Cyber Security Agency of Singapore (CSA), designed to help organisations demonstrate a high level of cyber resilience and governance. The Advocate tier—the highest level—is conferred on large organisations, those with leading digital maturity, or those operating in regulated sectors.
As a licensed cybersecurity service provider in Singapore, EY’s certification provides independent assurance that robust controls are in place across governance, risk management, technology, and operations.
On achieving the highest tier, Soon said: “Achieving the Cyber Trust Mark as a Cyber Trust Advocate is the result of the collective efforts of our Singapore and globally managed services teams. This certification is an independent validation of EY’s cyber security posture against the highest standard. It demonstrates our differentiated strength in working with clients on sensitive or regulated projects, providing greater confidence in our ability to deliver large‑scale and complex engagements. It reflects our secure operating environment with clear accountability and consistent security practices, supporting higher‑quality work and enabling teams to operate confidently in trust‑critical and regulated contexts.”



