encryption of information transmitted through computer network system, the prevention of distributed denial of service (DDoS) attack, the intrusion from malware, the protection against threats advanced

who provide back office service for securities company; “Back office” means operation, accounting and finance, information technology concerning to client information, internal audit, compliance or

Office of the Securities and Exchange Commission No. SorThor. 20/2549 Re: Rules for Derivatives Broker on Using of Derivatives Investor Contact Service and Back Office Service from Service Provider By

regulatory authority for information technology, and the service provider that supports the operation of the organization’s information systems, and update contacts of each channel. Clause 11 An intermediary

approved person shall take the following actions during the period of operation: (1) compiling and assessing the information of the service user for the following purposes: (a) to know the service user; (b

procedure for providing services by considering the following matters: (a) disclosure of accurate, complete, necessary and sufficient information in order for the service user to choose a service or make an

for rendering the securities company get service of information technology from other provider efficiently, acceptable and able to control a risk and having a content cover guideline for selection and

system provider specifically to only those who have granted approval under the notification concerning support system provider ; (5) service provider managing payment information for securities trading

guideline for risk assessment according to the degree of importance of the outsourced function; (6) information security system of a service provider for protecting the information of the intermediary and the

before making a decision to use the services and [ii] possible risks arising from using the services: (1) general information of the intermediary ; (2) characteristic, scope and condition of a service