Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency

against any employee who has committed an IT security breach. Chapter 3 Management of IT Assets and Access Control _______________________ Clause 14 In managing IT assets and assess control of data and

written by such board of directors. In case of any material amendment, change or modification to such policy and plan, intermediaries shall comply with the requirement set out in the first paragraph (1) or

securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising from major operational

been a change in the necessary circumstances as provided in the first paragraph, the Minister upon the recommendation of the SEC may modify or change the conditions already specified.

regarding their Listed clients and if so, did this change the nature of services/fees charged? 11 Does the firm document its understanding with the client regarding the services to be performed by obtaining

แบบแสดงราการข้อมูลประจำปี Notification of the change of the audit firm Date..... .........................…. Dear Secretary General of the Securities and Exchange Commission of Thailand I would like

of cloud computing under Clause 8(1) which contains at least the following matters: (1) assess risks relating to the use of cloud computing services; (2) define areas or function the cloud computing

of the Information Technology of a Securities Company. 2. Segregation of Duties. 3. Physical Security. 4. Information and Network Security. 5. Change Management. 6. Backup and IT Contingency Plan. 7

assets (if any). In cases where the information under Paragraph 1 changes significantly, the securities company shall inform its clients of such change without delay; (2) inform its clients that in cases