Vietnam Law on Cybersecurity (No. 24/2018/QH14)
Vietnam's Law on Cybersecurity (No. 24/2018/QH14), effective January 1, 2019, and its implementing Decree 13/2023/ND-CP, establish cybersecurity requirements for information systems in Vietnam. Key provisions include data localization for certain data categories, mandatory local office requirements for specified service providers, content moderation obligations, and cybersecurity incident reporting. Applies to foreign and domestic service providers operating in Vietnam.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (4)
Data Localization
| Code | Title |
|---|---|
| VIETNAMCYBER-3 | Data Localization and Cross-Border |
Incident Reporting
| Code | Title |
|---|---|
| VIETNAMCYBER-4 | Incident Reporting and Cooperation |
Prohibited Acts
| Code | Title |
|---|---|
| VIETNAMCYBER-2 | Prohibited Acts (Access, Interception, Forgery, Content) |
Scope
| Code | Title |
|---|---|
| VIETNAMCYBER-1 | Scope, Critical Information Systems, Designation |
Your Compliance Coverage
If you comply with Vietnam Law on Cybersecurity (No. 24/2018/QH14), you already cover:
POPIA
75%
3 controls mapped
Compare →Indiana Consumer Data Protection Act
75%
3 controls mapped
Compare →Iowa Consumer Data Protection Act
75%
3 controls mapped
Compare →+ 207 more: MTCS (Singapore) (75%), Albania Law on Protection of Personal Data (Law No. 9887, 2008, amended 2014) (75%)
See all 210 mapped frameworks ↓Maps to 210 other frameworks
Frequently Asked Questions
What is Vietnam Law on Cybersecurity (No. 24/2018/QH14)?
Vietnam Law on Cybersecurity (No. 24/2018/QH14) is a compliance framework from Vietnam with 4 domains and 4 controls. Vietnam's Law on Cybersecurity (No. 24/2018/QH14), effective January 1, 2019, and its implementing Decree 13/2023/ND-CP, establish cybersecurity requirements for information systems in Vietnam. Key provisions include data localization for certain data categories, mandatory local office requirements for specified service providers, content moderation obligations, and cybersecurity incident reporting. Applies to foreign and domestic service providers operating in Vietnam. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Vietnam Law on Cybersecurity (No. 24/2018/QH14) have?
Vietnam Law on Cybersecurity (No. 24/2018/QH14) has 4 controls organised across 4 domains. The largest domains are Data Localization (1 controls), Incident Reporting (1 controls), Prohibited Acts (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Vietnam Law on Cybersecurity (No. 24/2018/QH14) map to?
Vietnam Law on Cybersecurity (No. 24/2018/QH14) maps to 210 other compliance frameworks. The top mapping partners are POPIA (75% coverage), Indiana Consumer Data Protection Act (75% coverage), Iowa Consumer Data Protection Act (75% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Vietnam Law on Cybersecurity (No. 24/2018/QH14) compliance?
Start your Vietnam Law on Cybersecurity (No. 24/2018/QH14) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Vietnam Law on Cybersecurity (No. 24/2018/QH14) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 4 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.
Get Started Free →Free forever — no credit card required