operating results, the outcomes including the action plan (if any) related to other environmental management as the Company deems to be in accordance with the environmental policy and guidelines. In addition
required to report violations or any significant abnormality to the person responsible for the information security incident management without delay; (3) put in place a disciplinary process to take action
actions to alleviate the impact and whether the actual results over the past three years have complied with the law. In case of disputes or legal complaints on environmental issues, specify the details of
Cryptographic Control; 2.7 Physical and Environmental Security; 2.8 Operations Security; 2.9 Communications Security; 2.10 System Acquisition, Development and Maintenance; 2.11 IT Outsourcing; 2.12 Information
to alleviate the impact. (In case of expenses on environmental control incurred over the past three years or forecast, provide such information as well). Specify whether or not the actual results
indicate that the system of quality control is insufficient. 2) Systemic, repetitive or other significant deficiencies that require prompt corrective action 2 Does the firm communicate (Audit Compliance
rights, construct, purchase, provide, sell, dispose, rent lease, hire purchase, grant of hire purchase, borrow, lend accept pledge, accept mortgage, exchange, transfer, accept transfer, or take any action
operational procedure clearly with regard to granting a consent to a designated person to act on behalf of the securities company or to approve any action that will create an obligation for the securities
(cryptographic control) 2.7 การสร้างความมั่นคงปลอดภัยด้านกายภาพและสภาพแวดล้อม (physical and environmental security) 2.8 การรักษาความมั่นคงปลอดภัยในการปฏิบัติงานที่เกี่ยวข้องกับระบบสารสนเทศ (operations security
.; (b) the complicated nature of the action or the tools using for such action such as using a disguised name of other person or establishing a company for concealment; (c) the record of behaviour of