中证协最新调研，券业IT迎“大考”！

Core Insights - The China Securities Association (CSA) has initiated a three-year enhancement plan for network and information security in securities firms, requiring a comprehensive evaluation of the plan's implementation by February 15, 2024 [1][2] - The evaluation focuses on six core areas: technology governance, investment mechanisms, system architecture, research and testing, operational support, and security protection [2] Investment and Talent Input - The evaluation questionnaire sets quantitative standards for technology investment, requiring an average of at least 10% of net profit and 7% of operating revenue to be allocated to information technology from 2023 to 2025 [3] - The proportion of information security professionals must reach 3% of the total number of IT professionals, with a minimum of two individuals [3] System Architecture and Security Training - The questionnaire emphasizes the importance of system architecture and security training, requiring firms to enhance their core system construction and conduct at least one security training session annually [3] Industry Investment Trends - In 2023, 44 securities firms reported a total information technology investment of 28.11 billion yuan, with 14 firms investing over 1 billion yuan, accounting for 70.46% of total investments [4] - The trend of increasing investment is expected to continue in 2024, with 30 firms increasing their expenditures, particularly among leading firms [4] Cost Challenges and Strategic Focus - The industry faces significant cost pressures, including high expenses associated with technology and challenges in quantifying investment returns [4] - Leading firms are shifting their focus from generalized IT investments to high-frequency, business-empowering areas such as research, customer service, and risk control [5]