the Office of the Securities and Exchange Commission No. OrThor. 7/2549 Re: Guidelines and Conditions for Securities Company Relating to the Using of Back Office Service from Service Provider Whereas
Office of the Securities and Exchange Commission No. SorThor. 20/2549 Re: Rules for Derivatives Broker on Using of Derivatives Investor Contact Service and Back Office Service from Service Provider By
encryption of information transmitted through computer network system, the prevention of distributed denial of service (DDoS) attack, the intrusion from malware, the protection against threats advanced
to ensure efficient control and supervision of the service provider’s operation and management of the risks associated with the outsource; (6) consider the selection of a service provider with care as
of Contents Page 1. Audit Firm profile 1 2. Network firms of the Audit Firm 4 3. Internal management of the Audit Firm 5 4. Inspection results on quality control system by other agencies (if any) 5 5
control system; (c) information security system to prevent unauthorized and unrelated persons from accessing or amending information as well as from ascertaining non-public information between the service
managing potential risks from service provision; (c) having a work procedure and an internal control system with details covering the operation as specified in Clause 4. In this regard, the applicant for a
Exchange Commission No. Kor Thor. 21/2563 Re: Determination of Types of Operation of Person Approved to Participate in Regulatory Sandbox to Experiment and Develop Innovation in Support of Service Provision
with Chapter 1; (2) establishment of policies, measures, and management arrangement concerning information security in accordance with Chapter 2; (3) management of IT assets and the access control to
for rendering the securities company get service of information technology from other provider efficiently, acceptable and able to control a risk and having a content cover guideline for selection and