the part relating to his or her responsibility, incorrect and incomplete information and functioning of the computer system, failure to achieve information or utilise computer system consistently or in

knowledge and understanding of the general law governing professional practices. Directors, managers and persons with power of management who are responsible for the work unit relating to the functioning as

those mentioned above, penetration testing shall be carried out at least once every six years. (b) carry out vulnerability assessments with all critical information systems at least once a year and upon

UNOFFICIAL TRANSLATION Readers should be aware that only the original Thai text has legal force and that this English translation is strictly for reference. 30 Notification of the Office of the Securities and Exchange Commission No. Nor Por. 3/2559 Re: Guidelines for Establishment of Information Technology System ______________________ Whereas the Notification of the Capital Market Supervisory Board No. Tor Thor. 35/2556 Re: Standard Conduct of Business, Management Arrangement, Operating Systems...

accordance with the Good Corporate Governance Guidelines for listed companies in 2017 to support assessments such as Corporate Governance Report, ASEAN CG Scorecard and the Shareholders’ Meeting Quality

order of importance; 6.3.3 The Company may disclose action in other matters in accordance with the corporate governance principles in preparation for assessments, for example, Corporate Governance Report