institution, the securities company may comply with the policy of security of the information technology of such financial institution. [M] · Reviewing and modify updatable by having a risk assessment once a
been a change in the necessary circumstances as provided in the first paragraph, the Minister upon the recommendation of the SEC may modify or change the conditions already specified.
modify the rules concerning the preparation of reports on provident fund management and the calculation of investment limits of provident funds in respect of the provident funds with multiple investment
, there shall not be any person taking responsibility of the entire process which may render him or her an opportunity to illegally modify or amend the information or operation of computer system. Clause 5
otherwise entitled. Clause 3 Intermediaries shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising
during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the client; (c) to
following actions during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the
securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising from major operational
Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency
against any employee who has committed an IT security breach. Chapter 3 Management of IT Assets and Access Control _______________________ Clause 14 In managing IT assets and assess control of data and