a year or when there is a significant change affecting the risks and impacts as such. In doing so, it shall be complied with the following approaches: 3.1 Defining Critical Business Function Companies
defining responsible personnel to report and deal with malware threats; (4) regular reviews of the software and data content of systems supporting critical activities . The presence of any unapproved