least once a year. In case of the occurrence of any event which may significantly affect the governance of information technology, the policy on the governance of information technology shall be reviewed
to cover a disruption possibly occured in every incident and a case where an occurrence of emergency incidents lasts a long time or results in damage covering wide areas, such as epidamics or a failure
practical approach into the BCP to be suitable for size and complexity of business operation of companies and to cover a disruption possibly occured in every incident and a case where an occurrence of
parties and internal parties, for example, submission of incident reports to the SEC Office upon an occurrence of an event that affects the IT systems or monitoring of the service provider to ensure that
and internal parties, for example, submission of incident reports to the SEC Office upon an occurrence of an event that affects the IT systems or monitoring of the service provider to ensure that its
and reasons to the trust manager without delay upon any occurrence of an event or change that may affect the value of infrastructure assets; (3) in the case that an error or defect is found that may
business operators and low-risk operators, requiring submission every three years or upon occurrence of a widespread adverse incident; (2) To adjust submission of risk level assessment (RLA) forms and IT
three years or upon occurrence of a widespread adverse incident; (2) To adjust the submission schedule for the Risk Level Assessment (RLA) report and IT audit report to be within the same period (during