|
Article 10
|
The cyber security responsibility levels of agencies shall be determined in accordance with the preceding six Articles. However, where a government agency submits or approves cyber security responsibility levels under Paragraphs 1 through 3 of Article 3, it may adjust the levels of agencies after taking into account the degree of impact that the following matters would have on national security, social and public interests, the life, body, or property of the people, or the reputation of the government agency concerned:<br/>1. Where the business involves foreign affairs, national defense, homeland security, or critical infra structure, the interruption or hindrance thereof;<br/>2. Where the business involves personal information, official secrets, or other information required to be kept confidential by laws and regulations or by contract, the quantity and nature of such data, official secrets, or other information, and any unauthorized access, use, control, disclosure, damage, alteration, destruction, or other infringement thereof;<br/>3. The functions of agencies being affected, failing, or interrupted, depending on their different hierarchical levels; or <br/>4. Other specific matters relating to the provision, maintenance and operation, scale, or nature of in formation and communication systems.
|