| Article 7 |
(Cloud service supply chain management)
- For supply chain management of cloud service outsourcing operation, the Reference Directions for Information and Communication Systems and Service Supply Chain Risk Management shall be referred to.
- If a cloud service provider is appointed to operate a natural person’s business information system involving materiality, the contract or agreement shall include the terms on migration of outsourced services to another cloud service provider or transfer back to the organization, the original cloud service provider’s obligations on system migration and data processing, and the cloud service provider’s compensation liability for service interruption.
- If the terms of the contract or agreement do not meet the requirements in the first and second paragraphs of this article, adequate evaluations shall be performed and alternatives shall be planned based on risks to ensure performance of ultimate obligations to supervise the cloud service provider.
|
|