|
Article 12
|
After a specific non-government agency has completed reporting of a cyber security incident, the central competent authority in charge of the relevant sector shall complete its review of the incident level within the following timeframes, and may change the level based on the review results:<br/>1. Within eight hours after receipt of a report of a level 1 or level 2 cyber security incident.<br/>2. Within two hours after receipt of a report of a major cyber security incident.<br/>After completing the review under the preceding paragraph, the central competent authority in charge of the relevant sector shall, within one hour, submit the review results, the basis for the review, and other necessary information to the competent authority in the manner specified by the competent authority.<br/>Upon receipt of the information under the preceding paragraph, the competent authority may review the incident level and change it accordingly. However, where it deems it necessary, or where the central competent authority in charge of the relevant sector fails to report the review results as required, the competent authority may directly review the cyber security incident and change its level.
|