business operation and has the duty to convey the goals under the missions, strategies, policies, and operating plan at the enterprise level to the information technology-related goals under the supervision
plan on information systems in accordance with the results of risk assessment; (b) define the scope of technical audit on information systems to cover key assessed risks, provided that such audit shall
persons whose duties are to contact, solicit, advise or plan investment for investors or a securities company’s client and are divided into two categories: Category A Investor Contact who is authorized to
business continuity plan (Business Continuity Plan: BCP) which is consistent with the policy stipulated in (1) approved by senior management and board of directors or working group that is assigned in
, there shall not be any person taking responsibility of the entire process which may render him or her an opportunity to illegally modify or amend the information or operation of computer system. Clause 5
representative office abroad .................................................................................................................................................... 3.2 Having a work plan for
undertaking; and; (c) allow its business to be conducted with fiduciary duties. (2) determine clearly and harmoniously the mission, strategy, policy and operational plan of the company and its business units
plan covering all critical functions which at minimum shall include the following components: (1) Operational procedures for maintaining or recovery of business operations which contain sufficient
สารสนเทศ (เช่น กรณีบุคลากรสำคัญด้าน IT ลาออก / งบประมาณไม่เพียงพอ / ความต้องการ ใช้งานเกินกว่าที่กำหนดไว้ใน capacity plan) (5) การกำหนดหน้าที่และความรับผิดชอบของผู้รับผิดชอบ (accountable person) และผู้ทำ
of Intermediary to Handle Clients’ Complaints and participation in the SEC Office’s project to resolve disputes by arbitration. 4.3 Having a business plan and an operating system for establishing a