the use of cryptographic controls and key management for protection of sensitive and critical information; (3) policy on the transfer of information within organization’s networks and with external
sensitive information or the organization’s critical information systems, but excluding the clients; “ information processing facility ” means any equipment, operating systems, or infrastructure that are
intensity of the procedures mentioned in Clause 9 (1) and (2) for each client in accordance with the client’s level of risk associated with money laundering (risk-sensitive basis). Clause 11 . Securities
otherwise entitled. Clause 3 Intermediaries shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising
during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the client; (c) to
following actions during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the
securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising from major operational
Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency
นิยามดังกล่าวกำหนดเพิ่มเติมไว้ใน บทนิยาม guideline ด้วย 4 มีมาตรการป้องกันข้อมูลที่เป็นความลับหรือมีความสำคัญ (sensitive data) กรณีที่อุปกรณ์คอมพิวเตอร์ประเภทพกพา สูญหาย เช่น การกำหนดให้ใส่รหัสผ่านก่อนใช้
communicating the results of each engagement. It should also cover consultation during the course of engagement. Following is the checklist that will help to assess engagement performance of the firm. Particulars