, how does the firm inform its personnel or what kind of process that the firm use to ensure that its staff evaluate clients risk? 5 Regarding integrity checks does the firm’s conduct, for example
ภาคผนวก 1 ภาคผนวก 1 กลุ่มประเทศ Organization for Economic Co-operation and Development (OECD) และประเทศที่มีฐานะการเงินเทียบเท่า ออสเตรเลีย เกาหลีใต้ ออสเตรีย ลักเซมเบิร์ก เบลเยียม เม็กซิโก แคนาดา
· Forms 2 Does the firm have policies and procedures for the retention of firm’s documentation for a period of time sufficient to permit those performing monitoring and review procedures to evaluate the
); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
inspection to evaluate its compliance with its policies and procedures? – Monitoring Process If yes, please specify 1) Who perform such function e.g. in-house, outsource, network firm? 2) How often the firm
Cryptographic Control; 2.7 Physical and Environmental Security; 2.8 Operations Security; 2.9 Communications Security; 2.10 System Acquisition, Development and Maintenance; 2.11 IT Outsourcing; 2.12 Information
Quality Control policies and procedures properly covered in induction, professional training and Continuing Professional Development for all principals and staff? 8 Do these written policies and procedures
applicable, mutatis mutandis. The operating plan of the SEC Office under the first paragraph shall be prepared in the form of a three-year plan to promote the supervision and development of the capital market
Financial Institution Development Fund; (7) a juristic person having total assets of five hundred million Baht or more, according to the latest financial statement audited by an auditor; (8) a juristic person