); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
substitute personnel at operational level and management level, financing source, office equipments and information technology systems, as well as, should evaluate on a usage of finance and accesibility to
procurement or determination of substitute personnel at operational level and management level, financing source, office equipments and information technology systems, as well as, should evaluate on a usage of
implementation of appropriate risk management and resource allocation by their board of directors and executives that is practical and meets the standards established by an international organization concerning
board of directors to ensure that the use of information technology in the business operation facilitates the intermediaries in achieving the specified goals with appropriate use of resources and
of the board of directors to ensure that the use of information technology in the business operation facilitates the intermediaries in achieving the specified goals with appropriate use of resources
agencies evaluate the effectiveness of a law at least every five years from the effective date of the law or every other periods as specified in the governing ministerial regulations or upon occurrence of
should adopt reasonable measures designed to ensure that it has the appropriate knowledge and expertise, and that the information it uses in determining A-6 credit ratings is of sufficient quality and