18 PART A Introduction to HSBc`s approach to internet security Ensuring that strong security is essential for the provision of products via the Internet. With the development of technology, the various threats to businesses in this context are developing and maintaining a sufficiently secure service requires a solid global approach to address these risks. HSBC`s goal is to provide our customers with a robust, reliable and secure online environment for business. We strive to do this by introducing Best of Breed technologies, formulating proven IT policies and procedures, and devoting expert resources to their implementation and monitoring. We use industry-technical solutions to authenticate our customers` identities when connecting, to ensure that their data is transmitted safely and reliably, and that customer data is protected. We have contingency and emergency plans to ensure that service disruptions are minimized for any reason. Based on our long-standing experience as a provider of secure electronic banking systems, we also manage a control and support structure to ensure that we address all aspects of the risks associated with the online release of the transaction bank. This order is intended to describe the technical and operational characteristics of the Hang Seng HSBCnet order. This introduction describes the entire management and governance infrastructure in which all of our Internet applications are developed and managed.
Later sections of the document describe the key features of our security infrastructure. HSBC Group Policy and Standards The implementation, monitoring and regular review of policies and procedures is a cornerstone of HSBC`s approach to operational risk control. We have a comprehensive set of IT standards covering all key areas of Internet application development, launch, support and maintenance, architecture and IT facility management. In particular, safety standards and principles are defined in the group`s IT security guidelines and standards. These standards, whose overall responsibility lies with the Group`s Chief Operating Officer, are consistent with industry best practices (including ISO 17799, the international it security management standard) and relevant regulatory requirements in the markets in which we operate. The responsibility for this policy, and in particular to ensure that it continues to provide an appropriate framework for managing security risks, rests with the Head of IT Security Group. Given the rapid evolution of internet technology (and therefore the nature of security risks), the directive is constantly being reviewed. In addition, formal regular revisions and revisions of the guidelines are planned on the basis of contributions from business security experts and information technology experts from the group`s entourage. In this way, we can draw on the experience of our employees in all the important markets where we are, to ensure that the policy addresses not only global issues, but also local issues.