| Article 8 |
The investigation, handling and improvement report on cyber security incident under Paragraph 3 of Article 14 and Paragraph 3 of Article 18 of the Act shall include the following:<br/>1. Times of the occurrences of or the awareness of the occurrences of the incidents, the completion of damage control or recovery operations.<br/>2. The scope affected by the incidents and the damage assessment.<br/>3. The courses of damage control and recovery operations.<br/>4. The courses of incident investigations and handling operations.<br/>5. Cause analysis of the incident.<br/>6. Measures in aspects of management, technology, manpower or resources taken to prevent the reoccurrences of similar incident.<br/>7. The estimated completion schedule and the follow-up mechanism of the measures under the preceding subparagraph. |
|