risks to be of significance, which are: accessing to the information and computer system by an unauthorised person, an authorised person is unable to access to the information in the computer system in

comprising of, at least, the following particulars: (1) organisational structure of the company; (2) availability of competent personnel; (3) fund management operation system; (4) internal control system

etc. [M] · Providing an oversee system the operation of officer under the policy strictly [M] · providing an inspection and assessment of the sufficiency of policy and internal control information

custodian: (a) System for separating the private fund assets from the custodian’s assets, system for safe keeping of such assets, and internal control system to prevent the misuse of its client’s assets; (b

securities dealing which is not limited to debt instruments. Clause 2 A securities company should arrange a risk management system according to the following guidelines: (1) determining a policy and an

securities company has prescribed securities company to have efficient internal control system, adequate securities system that is adequate for preventing unauthorized person to know or amend information

of Contents Page 1. Audit Firm profile 1 2. Network firms of the Audit Firm 4 3. Internal management of the Audit Firm 5 4. Inspection results on quality control system by other agencies (if any) 5 5

keeping system of such assets, and internal control system to prevent the misuse of client’s assets; □ (3.2) System for preventing damages to client’s assets, as well as related information and documents

of information which should not be disclosed between units and personnel (Chinese wall), a system for internal audit and internal control. Such policies, rules and practices shall be prepared in

strictly for reference. 2 Notification of the Office of the Securities and Exchange Commission No. Sor Thor. 34/2556 Re. Arrangement in Operating System of Securities or Derivatives Investment for Business