Article NO. Content


Establishing Information Security Inspection Mechanisms for Securities Firms 

Amended Date: 2024.05.15 (Articles 1, 4, 7, 10, 12 amended,English version coming soon)
Current English version amended on 2022.12.28 
Categories: Market Supervision > Regulation of Securities Firms
11     Compliance (CC-21000, semi-annual audit)
  1. A company shall regularly (at least annually) carry out an information security audit (either internally or outsourced to a professional institution) and keep an audit log.
  2. Whether the company monitors improvement made in response to the aforementioned information security audits (including audit summaries, scope of audits, description of deficiencies, and recommendations for improvement).