Notification of the Office of Securities and Exchange Commission No. SorThor/Nor. 34/2547 Operational Control and Security of the Information Technology of Securities Company with the same level of standard. The

information or system. Clause 7. The securities company must provide a controlling measure which is sufficient for the developed or modified application software to have a correct, and complete data processing

such board of directors; (1) management of information technology risks which covers identification, assessment, and control of risks within the organization’s acceptable level; (2) allocation and

business operation and has the duty to convey the goals under the missions, strategies, policies, and operating plan at the enterprise level to the information technology-related goals under the supervision

documentation on an annual basis. 12 Has the firm developed or adopted other quality control materials? If “yes,” describe those materials: 28

consultants of the firm? 3 What are the CPD targets set for each staff level? : · Partners · Senior Managers · Manager · Audit Seniors · Audit Trainee · Consultants/Sub-Contractors · Temporary Staff 4 Is there

inspecting unit…………………………………………………………… (2) Period of inspection.……………………………………………………… ……… (3) Scope of inspection (3.1) Audit engagements level…………………………………….…………… (Please specify the names of the engagement

. ( - 2 the Certified Investment and Securities Analyst (CISA) Level 1, or the Chartered Financial Analyst (CFA) Level 1 Work experience in Thailand or foreign countries for a total period of not less than

holding of shares in each level exceeds 75 percent of the total number of outstanding shares of such company; (9) “Office” means the Office of the Securities and Exchange Commission. Clause 2. In cases

securities companies or provided by training institutes approved by the Office; or (ii) being a lecturer, instructor or full-time teacher or guest lecturer at university-level educational institutions accepted