On February 28, 2025, Vietnam’s Ministry of Public Security (MPS) officially assumed state management responsibilities for cybersecurity from the Ministry of Information and Communications (MIC). This transition was formalized in a handover ceremony between the two ministries, marking a significant shift in cybersecurity regulation.
Important Changes in Cybersecurity Management
With this transfer, the MPS now oversees cybersecurity assurance responsibilities at both national and provincial levels. This means that provincial police departments have also taken over cybersecurity management from local Departments of Information and Communications.
The MPS is now responsible for handling ten administrative procedures across three key categories of public services. This includes issuing, reissuing, extending, modifying, and supplementing business licenses for cybersecurity products and services. Additionally, the MPS will oversee the issuance and reissuance of import licenses for cybersecurity products. Another key function under its authority is the certification of brand identifiers.
Legal and Administrative Implications
Despite this transition, Vietnam’s Law on Cybersecurity (No. 86/2015/QH13) still designates the MIC as the authority for cybersecurity licensing. However, starting March 1, 2025, the MIC and the Authority of Information Security will no longer manage cybersecurity-related state functions.
This shift is expected to impact businesses involved in the import and export of cybersecurity products. Regulatory adjustments anticipated in the coming months include amendments to the Law on Cybersecurity to officially designate the MPS as the cybersecurity authority. Additionally, all pending cybersecurity licensing applications previously submitted to the MIC will now be transferred to the MPS for further processing.
Expected Timeline for Legal Updates
According to Vietnam’s Law on the Promulgation of Legal Documents, amending laws, decrees, and issuing new circulars can take between three to six months. Businesses operating in IT and cybersecurity sectors should monitor further regulatory updates and plan accordingly for potential impacts on product certification and market entry requirements.
For this article’s source information and any product certification guidance, please contact Global Validity.
Quick Country Facts
Vietnam
Certification Body: Ministry of Information and Communications (MIC)
Certification Type: Mandatory
License Validity: 36 Months
Application Language: English
Legal License Holder: Local Representative
In-Country Testing Requirement: In-Country Testing
Access in-depth regulatory knowledge on over 200 countries and territories with Global Validity’s free proprietary product certification management software, Access Manager. Learn more about the platform here or fill our quick contact form!
Global Validity is your partner for global certification success
Want to learn more about regulatory compliance and how we can help? Simply fill out the form below and we’ll be in touch!