| Article 21 |
The securities firm shall adopt procedures for managing information security incidents. The procedures shall at least include incident confirmation and troubleshooting mechanisms, incident reporting mechanisms, emergency response mechanisms, occasions for suspension of trading and the handling thereof, compensation measures with respect to the rights and interests of investors, and procedures for handling resumption of trading. The securities firm furthermore shall be diligent about effectively preserving a trail log and evidence and set up business continuity management mechanisms.
When there occurs any incident of irregularity in information services, or any cyber security incident, that materially affects customer rights or interests or normal operation, the securities firm shall make a preliminary notification through the Cyber Security Notification System for Securities and Futures Industry within 30 minutes after the incident takes place, and shall make a formal notification and an incident resolution notification, respectively, at the time the incident has been investigated and understood and after the handling of the incident is finished.
|
|