during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the client; (c) to

following actions during the period of providing services: (1) compile and assess the information of the service-receiving client for the following purposes: (a) to know the client; (b) to categorize the

the use of cryptographic controls and key management for protection of sensitive and critical information; (3) policy on the transfer of information within organization’s networks and with external

[Referring to Item 4.2]; - backup [Reference to Item 8.3]; - cryptographic control [Referring to Item 6]. 3. Supervision of the operating personnel: - end user controls, for example: - protection of unattended

) to categorize the service user; (c) to assess suitability for providing services to the service user; (d) to consider the ability of the service user to comply with the agreement for service provision

dated 3 November 1998; (2) Notification of the Office of the Securities and Exchange Commission No. SorNor. 18/2542 Re: Rules on Protection of Conflict of Interest on Investment or Holding of Securities

where the securities company encounters financial problems, the clients’ money under custody of the securities company shall not be protected under the Deposit Protection Agency Act; (3)2 provide a

otherwise entitled. Clause 3 Intermediaries shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising

securities company shall identify its critical functions, assess their risks of major operational disruptions, conduct business impact analysis and assess potential damages arising from major operational

Communications with relevant persons (7) Division 7 Cross-border communication (8) Division 8 Companies shall test and assess the BCP (Training, Exercising and Auditing) (9) Division 9 Examples of emergency