|
Article 5
|
The cyber security responsibility levels of each agency under any of the following circumstances are Level-B.<br/>1. Its business involves the security maintenance and management of national core technology information that is donated, funded, researched, or developed by the government agency.<br/>2. Its business involves the maintenance operation of information and communication systems that are commonly used for regional or local people services or cross agencies.<br/>3. Its business involves the possession of the archives of personal information of regional or local people.<br/>4. Its business involves the maintenance operation of information and communication systems that are commonly used for the central secondary authority and its subordinate government agencies (institutions).<br/>5. It is a government agency, and its business involves matters of regional or local critical infrastructure.<br/>6. It is a critical infrastructure provider, and the central authority in charge of relevant industry, based on consideration of the number of users, market share, the area and the substitutability of its business, or the maintenance operation of critical infrastructure and services, considers that the failure of or impacts on its information and communication system might cause serious impact on social public interest, people’s morale, or the security of people’s lives, body or properties.<br/>7. It is a public regional hospital or local hospital.
|