• Working paper

• Audit report (findings and recommendation)

• SEC IT audit reporting template

• Reassessment of finding remediation (Optional)

What are the Deliverables?

• Ensures compliance with SEC regulatory standards and audit requirements

• Strengthens IT governance, risk management, and cyber resilience

• Supports business continuity through secure and reliable IT infrastructure

• Builds investor trust and safeguards the integrity of Thailand’s capital markets

Why It Matters?

• The SEC IT Audit outlines mandatory requirements for information technology (IT) systems used by businesses licensed by Thailand’s SEC. It ensures that these organizations implement proper IT governance, security controls, risk assessments, and audit mechanisms to safeguard business operations and information security

What is the SEC IT Audit?

IT Audit & Control Assessment (SEC IT Audit)

• Understand key technologies and data

• Identify applicable laws & regulations

• Assess risks & prioritize control

• Establish ongoing monitoring & training

How to Start?

• Organizations are increasingly leveraging technology

• Cyber threats are growing in volume and complexity

• Technology-related laws are being enforced more strictly

• Regulated businesses must meet IT governance and compliance standards

• Cybersecurity foundations drive trust and sustainable growth.

Why It Matters?

• Managing technology risk and cybersecurity helps organizations identify, assess, and mitigate risks related to their technology environment — from data breaches and system vulnerabilities to third-party risks. It also ensures alignment with regulatory requirements and international best practices, supporting business continuity, compliance, and stakeholder confidence.

What is Technology Risk & Cyber Security Management?

Technology Risk & Cyber Security Management