|
Article 7
|
Government agencies and specific non-government agencies shall, based on the importance and sensitivity of their operations, their hierarchical levels, the type, volume, and nature of the information they hold or process, and the scale and nature of their information and communication systems, report to the competent authority for approval or recordation of their respective cyber security responsibility levels.<br/>Government agencies and specific non-government agencies shall comply with the requirements of their cyber security responsibility levels, and shall implement cyber security protection measures from the perspectives of management, technology, awareness, and training.<br/>The criteria for distinguishing cyber security responsibility levels referred to in the preceding two paragraphs, the procedures for approval or recordation, applications for changes, the items and contents of cyber security protection measures, the qualifications and allocations of dedicated personnel, and other related matters shall be prescribed by the competent authority.
|