· Forms 2 Does the firm have policies and procedures for the retention of firm’s documentation for a period of time sufficient to permit those performing monitoring and review procedures to evaluate the
); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
inspection to evaluate its compliance with its policies and procedures? – Monitoring Process If yes, please specify 1) Who perform such function e.g. in-house, outsource, network firm? 2) How often the firm
internal control is rectified as follows: (1) monitor, inspect and evaluate the effectiveness of the operating procedures of the work unit responsible for the following functions by an independent auditor
, how does the firm inform its personnel or what kind of process that the firm use to ensure that its staff evaluate clients risk? 5 Regarding integrity checks does the firm’s conduct, for example
securities company shall provide an operation control measure for the regular computer operation in order to render the computer system and data processing to be capable of operating continuously, correctly
pursue skill and knowledge enhancement on a regular basis to be able to handle ever-increasing innovations in the securities business. This will not only benefit investor contacts in their performance of
substitute personnel at operational level and management level, financing source, office equipments and information technology systems, as well as, should evaluate on a usage of finance and accesibility to
be an official under the Criminal Code. SECTION 30. The SEC Office shall establish an accounting system suitable for the operation of the SEC Office and shall have a regular internal audit. SECTION 31
assets in writing. 2. Regular assessment of the internal control system to prevent the misuse of the client’s assets, in accordance with Chapter 2, to ensure that the system is suitable and effective. 3