written by such board of directors. In case of any material amendment, change or modification to such policy and plan, intermediaries shall comply with the requirement set out in the first paragraph (1) or
sufficient resources to support the implementation of the policy. Clause 5. A securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business
against any employee who has committed an IT security breach. Chapter 3 Management of IT Assets and Access Control _______________________ Clause 14 In managing IT assets and assess control of data and
rating process. IOSCO members recognize that credit ratings, despite their numerous other uses, exist primarily to help investors and other users of credit ratings assess credit risks. Maintaining the
use of cloud computing under Clause 8(1) which contains at least the following matters: (1) assess risks relating to the use of cloud computing services; (2) define areas or function the cloud computing
investors and other users of credit ratings assess credit risks. Maintaining the independence of CRAs vis- à-vis the entities and obligations they rate is vital to achieving this goal. Provisions of the IOSCO
asset such as customer’s information or information of investment units incorrect because of computer system assessment or modification by the unauthorised person”etc. (Translation) -4- Segregation of