Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency

); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under

written by such board of directors. In case of any material amendment, change or modification to such policy and plan, intermediaries shall comply with the requirement set out in the first paragraph (1) or

securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising from major operational

internal control is rectified as follows: (1) monitor, inspect and evaluate the effectiveness of the operating procedures of the work unit responsible for the following functions by an independent auditor

been a change in the necessary circumstances as provided in the first paragraph, the Minister upon the recommendation of the SEC may modify or change the conditions already specified.

of the Information Technology of a Securities Company. 2. Segregation of Duties. 3. Physical Security. 4. Information and Network Security. 5. Change Management. 6. Backup and IT Contingency Plan. 7

แบบแสดงราการข้อมูลประจำปี Notification of the change of the audit firm Date..... .........................…. Dear Secretary General of the Securities and Exchange Commission of Thailand I would like

assets (if any). In cases where the information under Paragraph 1 changes significantly, the securities company shall inform its clients of such change without delay; (2) inform its clients that in cases

institution’s clients. However, the securities company must, in case of cross-border omnibus accounts, assess the adequacy and effectiveness of the financial institutions’ KYC/CDD measures and controls prior to