management arrangement for the organization of information security in accordance with the following criteria: (1) define and document information security roles and responsibilities and establish operating

) Having backup system and measures for emergency situation to prevent the extended discontinuing of operation. 1.1.2 Document and Information Security Having adequate security system for document and

information security in accordance with the following criteria: (1) define and document information security roles and responsibilities and establish operating guidelines for the personnel of the intermediary

No. OrThor/Nor. 5/2547 Re: Operational Control and Security of the Information Technology of Securities Company For the purpose of rendering the securities companies to efficiently comply with the

control and information technology security as specified in the notification of the SEC Office. Clause 8. Derivatives broker shall arrange to have independent director of at least one out of four directors

is using the online service; 2. the management company has an operating system to verify the identity of the investor; (d) security system for customer information and other important information

security of information technology in accordance with the criteria prescribed and notified by the SEC Office. Clause 9 The derivatives broker shall ensure that at least one-quarter of the company’s directors

maintain sufficient security system to prevent unauthorized persons from accessing or amending the information relating to its securities business operation. Clause 9. A securities company shall retain

continuity and Market Intermediary Business Continuity and Recovery Planning document http://www.iosco.org/ List of contact persons, including employee list, telephone number and contact chart, whereby each

security system to prevent unauthorized persons from accessing or amending information relating to its business operation. Clause 12 A securities company shall provide evidence on securities trading and