person responsible for managing information security incidents; (3) report any information security events to the responsible person under (2) and the SEC Office without delay; (4) carry out testing of
Rehabilitation Plans and has submitted such plan to the Stock Exchange of Thailand. Clause 31 A company shall submit a report to the SEC Office immediately when one of the following incidents occurs: (1
technology resources which covers the allocation of resources to ensure sufficiency for business operation and establishment of guidelines to support incidents where the resources are insufficiently allocated
management of information technology resources which covers the allocation of resources to ensure sufficiency for business operation and establishment of guidelines to support incidents where the resources are
business continuity management (2) Division 2 Board of directors and senior management responsibility (3) Division 3 Impacts of emergency incidents which may cause major operational disruptions (4) Division
) Division 2 Board of directors and senior management responsibility (3) Division 3 Impacts of emergency incidents which may cause major operational disruptions (4) Division 4 Companies should determine a
security pitfalls previously causing IT incidents in the capital market, and (4) the updated IT rules and guidelines issued by other regulators in the financial sector. The intended outcome is to accomplish
convenient reporting of tips and incidents. In addition, the SEC is working with relevant agencies and social media platform providers to block investment scam contents on their channels. This collaborative
action is based on the authority granted by the SET and TFEX regulations, which have been approved by the SEC Board and the Capital Market Supervisory Board (CMSB) to address incidents that could impact
remediation plan to prevent recurrence of similar incidents. In any case, the detected deficiencies will be considered in detail when the SEC reviews KPMG’s audit quality control system