with Chapter 1; (2) establishment of policies, measures, and management arrangement concerning information security in accordance with Chapter 2; (3) management of IT assets and the access control to

No. OrThor/Nor. 5/2547 Re: Operational Control and Security of the Information Technology of Securities Company For the purpose of rendering the securities companies to efficiently comply with the

) Chapter 2: IT Security with the following details: 2.1 Information Security Policy; 2.2 Organization of Information Security; 2.3 Human Resource Security; 2.4 Asset Management; 2.5 Access Control 2.6

3.2 Investment management system 3.3 Back office supporting system 3.4 Compliance system 3.5 Documentary preparation and record keeping system Chapter 4 Internal Control System Chapter 1 Organisational

) being able to show that an internal control system capable of preventing wrongful acts that may cause damage to securities issuers or securities holders will be put in place. Clause 4 The application for

of other companies with a purpose to gain control in such companies rather than to invest for ordinary returns; (8) “Subsidiary company” means (a) Any company whose 75 percent or more of its total

structure 11. Corporate governance 12. Social responsibility 13. Internal control and risk management 14. Related party transactions 2.4 Financial position and operating results 15. Important financial

custodian: (a) System for separating the private fund assets from the custodian’s assets, system for safe keeping of such assets, and internal control system to prevent the misuse of its client’s assets; (b

. Corporate social responsibility 11. Internal control and risk management 12. Related transactions Part 3: Financial Position and Operating Results 13. Significant financial information 14. Management

, executives, employees and others 8. Report on key operating results related to corporate governance 28 9. Internal control and related party transactions 33 Part 3: Financial Statements 36 Part 4