中证协最新调研!事关券商信息技术
券商中国·2026-02-05 03:31

Core Viewpoint - The China Securities Association (CSA) is conducting a survey on the implementation of information technology in securities firms, following the expiration of a three-year plan aimed at enhancing network and information security in the industry [1][2]. Group 1: Survey and Implementation - The survey involves over 70 specific tasks, including whether the average annual IT investment by securities firms is at least 10% of their average annual net profit or 7% of their average annual revenue [2]. - The CSA's "Three-Year Enhancement Plan for Network and Information Security (2023-2025)" aims to improve the security and stability of securities firms' information systems, addressing issues such as insufficient IT investment and outdated system architecture [2][3]. - The plan outlines six key areas for improvement, including governance capabilities, investment mechanisms, system architecture, testing management, operational support, and security defense systems [3]. Group 2: Evaluation of Effectiveness - The CSA has sent a letter to securities firms to assess the implementation of the enhancement plan, focusing on various dimensions such as governance, investment, architecture, security, emergency response, and compliance [4]. - The evaluation categorizes 71 tasks into "mandatory tasks" and "encouragement tasks," with over 70% being mandatory requirements that firms must complete [4]. Group 3: Investment and Talent Development - Securities firms are encouraged to ensure that their average IT investment from 2023 to 2025 is at least 10% of their average net profit or 7% of their average revenue, with a focus on adequate funding for network and information security [5][6]. - Firms are also urged to enhance their technology talent pool, aiming to increase the proportion of IT professionals to 7% of total employees, with at least 3% being information security specialists [6]. Group 4: App Security Certification - The CSA is inquiring about the number of main client-facing apps and how many have passed industry security certification, emphasizing the importance of app security and compliance with national standards [7].