to the IT Standard Rules this time are summarized as follows: (1) Establishing IT-related risk assessment criteria to define the entity’s risk level and to specify standards of IT security controls
. The securities company shall provide a physical security system which is sufficient for preventing any unauthorised person from accessing to significant computer devices stored in the information centre
of computer system. Clause 5. The securities company shall provide a physical security system which is sufficient for preventing any unauthorised person from accessing to significant computer devices
data and information system in accordance with Chapter 3; (4) information communications security via computer network systems and operations security with respect to information systems in accordance
. Computer Operation. 8. IT Outsourcing. Policy of Security of the Information Technology. Objective Providing a policy of security of the information technology has an objective for the user and the concerned
Information Technology of a Securities Company. 2. Segregation of Duties. 3. Physical Security. 4. Information and Network Security. 5. Change Management. 6. Backup and IT Contingency Plan. 7. Computer
; 4. Online job application; 5. Acceptances and referral of cases; 6. Processes relating to security management of computer and information center and management of SEC internal security; 7. Profiles of
security 6 8.2.4 Readiness of computer systems, network, equipments and backing up and recovery of important data, whereby it is able to recover the latest data as specified from equipments or storing