• Font Size:
  • S
  • M
  • L

Article NO. Content

Title:

Reference Guidelines on the Protection of the Information and Communication Systems of Service Enterprises in Securities and Futures Markets  CH

Announced Date: 2024.01.09 (Articles 15 amended,English version coming soon)
Current English version amended on 2022.04.26 
Categories: Information Operations
Article Content Chapter Content Search Article No. Search Legislative History Chinese
Article 18     (System Development Life Cycle – Requirement Analysis and Design Stage)
  1. An organization shall ascertain the safety requirements (including confidentiality, availability, integrity) of the information and communication system during the stage of requirement analysis of the system.
  2. An organization shall, according to the functions and requirements of a core system, identify and perform risk analyses and assessments of threats that may impact the system. It is advisable for a non-core system to identify and perform risk analyses and assessments of threats.
  3. An organization shall reflect the results of a core system risk assessment in the items for review at the requirement stage and propose modifications to the safety requirements. It is advisable for a core system to so modify according to the risk assessment results.