2020-10-01
Added · Updated
The Capital Markets Board issued this Communiqué to establish mandatory procedures and principles for the management of information systems within specified capital market entities. It requires senior management to implement comprehensive information security policies, conduct annual risk assessments and penetration tests, and maintain robust controls over data integrity, confidentiality, and availability. The regulation further mandates strict governance over asset management, segregation of duties, physical and network security, and the oversight of outsourced information system services.