, as follows: (1) Plans which have been used in the test; (2) Testing result summary; (3) Plan revision summary. 8.6 Companies should follow up and assess the BCP of the main service providers, by which

· Forms 2 Does the firm have policies and procedures for the retention of firm’s documentation for a period of time sufficient to permit those performing monitoring and review procedures to evaluate the

inspection to evaluate its compliance with its policies and procedures? – Monitoring Process If yes, please specify 1) Who perform such function e.g. in-house, outsource, network firm? 2) How often the firm

, how does the firm inform its personnel or what kind of process that the firm use to ensure that its staff evaluate clients risk? 5 Regarding integrity checks does the firm’s conduct, for example

); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under

internal control is rectified as follows: (1) monitor, inspect and evaluate the effectiveness of the operating procedures of the work unit responsible for the following functions by an independent auditor

and registered with the Office, whose main objective is to promote and develop securities businesses in the category of investment management; “Customer” means any person who authorizes a management

country, identify the name of such stock exchange and whether or not it is the main stock exchange. 5.5 Financial institution with regular contact (only in case of debt securities offeror) Part 2 Corporate

institution which is governed by a main regulator and later obtains a license to undertake securities business, but not including a financial institution licensed to undertake securities borrowing and lending

otherwise entitled. Clause 3 Intermediaries shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising