ASEAN PQC Readiness
The Isidore Quantum Implementation Work Plan for ASEAN PQC Readiness provides a structured, twelve-month roadmap that guides governments and enterprises through seven phases of PQC adoption. The Playbook outlines each phase—from governance planning and cryptographic inventory to full-scale deployment and continuous readiness auditing—defining objectives, timelines, metrics, and alignment with Singapore’s QRI and CSA 2025 framework. By following this work plan, ASEAN member states and organizations can achieve measurable, standards-based quantum resilience through coordinated governance, proven technology integration, and sustained capability development.
Establish a national or enterprise-level PQC governance framework that integrates with cybersecurity and digital trust policies
0–3 months
• PQC Steering Committee formed
• National/enterprise PQC policy draft completed
Governance framework formally approved by leadership and aligned with digital resilience strategies.
Establishes top-level leadership oversight and accountability
Defines PQC governance and roles
Use Cassian™ to inventory all cryptographic systems, dependencies, and data flows that rely on RSA/ECC or other legacy algorithms. Establish Objectives for Proof Of Concept (PoC) Pilots. Execute One Page PoC Documentation (PoCDoc).
1–4 months (overlaps with Phase 1)
• 100% of critical systems inventoried
• Cryptographic dependencies mapped
• Inventory report completed and validated
• Critical assets prioritized by sensitivity and exposure
• Objectives for Proof Of Concept (PoC) Pilots established
• One Page PoC Documentation (PoCDoc) executed
Enables quantum-risk profiling
Supports algorithm replacement planning
Deploy Isidore Quantum devices with QRNG in a controlled environment to validate key management, and performance. Generate simulations for workforce training.
1 week
• Pilot with ≥10 nodes (servers, IoT, OT, gateways)
• <1ms latency confirmed
• 100% uptime during testing
Successful pilot demonstrating PQC integration without disruption to existing operations.
Tests readiness for PQC deployment
Reduces cryptographic exposure
Implement Cassian or comparable programs AI-driven orchestration for automated fleet management (generation, rekeying, zeroization)
1 week
• Fleet-wide rekeying automated
• Zeroization and compliance logging enabled
Autonomous key management active across all nodes with AI anomaly detection confirmed.
Enables continuous compliance
Enforces cryptographic agility
Upskill cybersecurity teams on PQC operations, AI-driven management, and compliance tracking. Use PoC simulations to train workforce.
5–8 months
• 100% of key personnel trained
• PQC certification achieved for operators
• Training completion and certification documented
• Staff demonstrate operational proficiency
Builds sustainable PQC expertise
Ensures skill continuity
Transition Isidore Quantum to operational environments across national or enterprise infrastructure
9–12 months
100% of prioritized systems migrated- PQC integration success rate ≥95%
• Deployment completed across all critical systems
• Quantum-safe state validated
Achieves “Adaptive” readiness tier
Operationalizes quantum-safe migration
Maintain PQC readiness through AI-driven monitoring, cryptographic inventory updates, and quarterly readiness scoring
12+ months (ongoing)
• Zero PQC configuration drift
• Quarterly QRI reassessments
• <0.5% cryptographic failures
• Continuous compliance reports generated
• Readiness tier maintained or improved
Enables long-term assurance
Supports cross-border trust and reporting