investment diversification; and (7) the asset management company will be required to evaluate risk profile of, and give proper advice to, each fund member (suitability) who has investment choices
find supporting evidence to satisfy the audit procedures due to limitation on scope of audit imposed by the company management in several matters including audit procedures to evaluate effectiveness of
Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency
) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency incidents which may cause major
); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
) establish conditions and controls relating to information security in an agreement signed by both parties; (2) monitor, evaluate, review and audit service delivery of the outsourcee regularly; (3) re-assess
, there shall not be any person taking responsibility of the entire process which may render him or her an opportunity to illegally modify or amend the information or operation of computer system. Clause 5
personnel in such units. However, there shall not be any person taking responsibility of the entire process which may render him or her an opportunity to illegally modify or amend the information or operation
for a project to modify machinery to increase production efficiency from the Board of Investment (BOI), which has set conditions for performance that must meet the criteria according to the indicators