| Article 3 |
The Executive Yuan shall approve cyber security responsibility level of its own and submit it to the competent authority for recordation. The agencies directly subordinate to the Executive Yuan shall, every three years, propose the cyber security responsibility levels of their own, their subordinate or supervisory government agencies, and the specific non-government agencies under their charge, and shall report the same to the competent authority for approval.<br/>Special municipality, county (city) governments shall, every three years, propose the cyber security re-sponsibility levels of their own, their subordinate or supervisory government agencies, and their gov-erned villages (townships/cities), mountain indigenous district offices of municipality, and the subordi-nate or supervisory government agencies of such governed villages (townships/cities) and mountain in-digenous district offices of special municipalities, and shall report the same to the competent authority for approval. Special municipality and county (city) councils shall, every three years, propose the cyber security responsibility levels of their own and shall report the same to the competent authority for ap-proval.<br/>The Office of the President, the National Security Council, the Legislative Yuan, the Judicial Yuan, the Examination Yuan, and the Control Yuan shall, every three years, approve the cyber security responsibil-ity levels of their own, their subordinate or supervisory government agencies, and the specific non-government agencies under their charge, and shall submit the same to the competent authority for re-cordation.<br/>Where each agency is required to change its cyber security responsibility levels due to adjustments to organizations or businesses, it shall immediately conduct the change to levels according to the proce-dures under the preceding three paragraphs; the same shall apply to the case when a new agency is estab-lished.<br/>In conducting the submission or approval of cyber security responsibility levels under Paragraph 1 and Paragraph 3, where the government agency thinks it is necessary to otherwise give the entities within the government agency or the specific non-government agency the levels that are different from those of such agency, it may determine such levels in accordance with the requirements of Article 4 to Article 10, by taking into consideration the nature of businesses of such entities. |
|