• Font Size:
  • S
  • M
  • L

Article NO. Content

Title:

Regulations on Audit of Implementation of Cyber Security Maintenance Plan of Specific Non-Government Agency  CH

Amended Date: 2021.08.23 
Article 6 In conducting the audit under Paragraph 1 of Article 3, the competent authority shall form an audit team composed of three to more people respectively for each audited agency, depending on the considerations under Paragraph 2 of the same article.<br/>Informing the audit team under the preceding paragraph, the competent authority shall, taking the needs of the audit into consideration, invite representatives of government agencies or experts and scholars who have professional knowledge of cyber security policies or have professional knowledge of technologies, managements, law affairs required for such audit to act as members of such team, of which the number of representatives of the government agency may not be less than one-fourth of all members.<br/>The competent authority shall sign, in writing, with members of audit teams on recusal due to interest conflicts and confidentiality obligations.<br/>If the member of audit team under Paragraph 2 has any of the following circumstances, he shall avoid himself from acting as the member of that audit team:<br/>1. He, his spouse, his relatives within the third degree, his family member, or the trustee of the property trusts of above-mentioned persons have a property or non-property interest relationship with the audited agency or the responsible person thereof.<br/>2. He, his spouse, his relatives within the third degree or his family member has employment, contract, appointment, agency or other similar relationship with the audited agency or the responsible person in the current or the past two years.<br/>3. He has served in the current or past two years to be a consultant of the audited agency and his mentoring project is related to the audit program.<br/>4. Other circumstance that may be considered that his role as a member of the audit team might affect the impartiality of the audit result.