• Font Size:
  • S
  • M
  • L

Article NO. Content

Title:

Reference Guidelines on the Protection of the Information and Communication Systems of Service Enterprises in Securities and Futures Markets  CH

Announced Date: 2024.01.09 (Articles 15 amended,English version coming soon)
Current English version amended on 2022.04.26 
Categories: Information Operations
Article Content Chapter Content Search Article No. Search Legislative History Chinese
Article 7     (Incident Records)
  1. An organization shall set forth the recording frequency and retention policy of the computer audit records (logs) of the information and communication system and retain such records for a minimum of three years.
  2. The information and communication system shall be equipped with the function of recording specific incidents and determine the specific information and communication incidents to record.
  3. The information and communication system shall record the various functions executed by the administrator account and re-examine on a daily basis the results of an use of the most privileged account of a core system and a core system privileged account with special functions (such as a program or software change, modification of privilege level of a parameter or configuration).
  4. An organization shall review on a regular basis the computer audit records (logs) generated by a core system. Regular reviews of non-core systems are advised.