This topic investigates the information technology security of securities companies. A securities company shall follow up the rectification of the problems found in the audit, and if the related problems fail to be rectified in time, it shall explain the reasons and submit the audit report to the Information Technology Governance Committee for deliberation. Securities companies shall properly keep audit reports for a period of not less than 20 years.