• Font Size:
  • S
  • M
  • L

Article NO. Content


Regulations Governing the Establishment of Internal Control Systems by Service Enterprises in Securities and Futures Markets  CH

Amended Date: 2021.09.30 (Articles 36-2 amended,English version coming soon)
Current English version amended on 2019.03.15 
Article 10     A service enterprise that uses a computerized information processing system shall, in addition to clearly differentiating the functions and duties of information and user departments, at least include the following control procedures:
  1. Clear demarcation of the functions and duties of the information-processing department.
  2. Control of system development and program modification.
  3. Control of preparation of system documentation.
  4. Program and data access control.
  5. Data input/output control.
  6. Data processing control.
  7. File and facility security control.
  8. Control of purchase, usage, and maintenance of hardware and system software.
  9. Control of system recovery plan and testing procedures.
  10. Control of information and communications security inspection.
  11. Control of relevant procedures, if required, for disclosing and reporting public information on a website designated by the competent authority.