JSE NETWORK SERVICE PROVIDER (NSP) POLICY DOCUMENT



Similar documents
JSE CLIENT CONNECTIVITY STANDARDS AND REQUIREMENTS DOCUMENT

JSE EQUITY MARKET. Price List

COLOCATION. The Lowest Latency Connectivity.

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10

SCHEDULE 1 SERVICE DESCRIPTION

AUSTRACLEAR REGULATIONS Guidance Note 10

GUIDANCE NOTE OUTSOURCING OF FUNCTIONS BY ENTITIES LICENSED UNDER THE PROTECTION OF INVESTORS (BAILIWICK OF GUERNSEY) LAW, 1987

Technical Standards for Information Security Measures for the Central Government Computer Systems

Electronic Payment Schemes Guidelines

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Network & Information Security Policy

ZAR Including VAT. API Service Fee R R $ Additional per Slot R R $ 2 439

KEY INFORMATION DOCUMENT

Technology Risk Management

PRINCIPLES ON OUTSOURCING OF FINANCIAL SERVICES FOR MARKET INTERMEDIARIES

Statement of Guidance: Outsourcing All Regulated Entities

MTN MPLS-VPN Service. Description of Service

7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES

Regulations on Information Systems Security. I. General Provisions

ICT SUPPORT SERVICES

Does it state the management commitment and set out the organizational approach to managing information security?

Security in Space: Intelsat Information Assurance

IT Department. Circular No.: MCX-SX/IT/2845/2015 March 30, Market datafeed provided by the Exchange to the members

OUTSOURCING POLICY

Residual risk. 3 Compliance challenges (i.e. right to examine, exit clause, privacy acy etc.)

Colocation. Scalable Solutions for a Shared IT Infrastructure. Enterprise. Colocation

Cloud Computing and Records Management

Intel Enhanced Data Security Assessment Form

BERMUDA MONETARY AUTHORITY

PROPERTY OF THE SECURITIES COMMISSION OF THE BAHAMAS

ICT SERVICE LEVEL AGREEMENT MANAGEMENT POLICY (EXTERNAL SERVICE PROVIDERS/VENDORS)

AMENDED GUIDELINE ON CALL CENTER LICENSING

3 rd Party Vendor Risk Management

CAVAN AND MONAGHAN EDUCATION AND TRAINING BOARD. Data Breach Management Policy. Adopted by Cavan and Monaghan Education Training Board

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

HIGH-LEVEL EQUITY MEMBERSHIP REQUIREMENTS

Cloud Software Services for Schools

schedule 2f additional terms for internet services

Coláiste Pobail Bheanntraí

security in the cloud White Paper Series

White Paper on Financial Institution Vendor Management

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

BUSINESS BROADBAND SERVICE

CoreSite A Carlyle Company. 70 Innerbelt Colocation Services

Third-Party Access and Management Policy

I S O I E C I N F O R M A T I O N S E C U R I T Y A U D I T T O O L

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Data Protection Breach Management Policy

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

Market Data + Services. Advanced outsourcing solutions. IT Hosting and Managed Services

APPENDIX 8 TO SCHEDULE 3.3

Official Journal of the European Communities DIRECTIVE 98/10/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 26 February 1998

FRCC NETWORK SERVICES REQUEST FOR PROPOSAL

Annex B. The Proposed Amendments AMENDMENTS TO NATIONAL INSTRUMENT MARKETPLACE OPERATION

SFC ELECTRONIC TRADING REGIME

Guidelines for Financial Institutions Outsourcing of Business Activities, Functions, and Processes Date: July 2004

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK

Session 2. The economics of Cloud Computing

Authorisation Requirements and Standards for Debt Management Firms

Cork ETB Data Breach Management Policy and Procedures

Vehicle Leasing & Fleet Management

Internet Trading Regulations Of the Karachi Stock Exchange (Guarantee) Limited

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

Injazat s Managed Services Portfolio

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Smart Meters Programme Schedule 2.5. (Security Management Plan) (CSP South version)

Evaluating Datacenter Colocation

Risk Management of Outsourced Technology Services. November 28, 2000

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Colocation. Scalable Solutions for Shared IT Infrastructure. Enterprise. Colocation

APPENDIX 8 TO SCHEDULE 3.3

Principles of Best Practice applicable to the distribution of Life Insurance Products on a Cross-border Basis within the EU or a Third Country

Consultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions

DATA CENTRE DATA CENTRE MAY 2015

The potential legal consequences of a personal data breach

How To Assess A Critical Service Provider

APPLICATION HOSTING SERVICE AGREEMENT

Transcription:

JSE NETWORK SERVICE PROVIDER (NSP) POLICY DOCUMENT September 2014 JSE Limited Reg No: 2005/022939/06 Member of the World Federation of Exchanges JSE Limited I 2014 Page 1 of 8 JSE Network Service Provider (NSP) Policy V2.0

Table of Contents 1. Introduction... 3 2. Document Purpose... 4 3. Applicability... 5 4. Services Documentation And Agreements... 5 5. NSP Review And Approval Process... 5 6. NSP Renewal... 5 7. NSP Change Notification... 5 8. JSE NSP Committee... 6 9. NSP obligations... 6 10. NSP Policy Principles... 7 10.1. Security (Confidentiality / Integrity / Availability)... 7 10.2. Capacity Management... 7 10.3. Monitoring and support... 7 10.4. Change Management... 7 10.5. Business Continuity / Resilience / Redundancy... 7 10.6. Agreements / Legal (Obligations And Service Levels)... 7 11. Contact Information... 8 Page 2 of 8 JSE Network Service Provider (NSP) Policy V2.0

1. INTRODUCTION The Johannesburg Stock Exchange (JSE) is a licensed exchange in terms of the Financial Markets Act (FMA) and must maintain fair and orderly markets in order to ensure market integrity. The JSE recognizes that telecommunications providers are a key player in the provisioning of network connectivity to, and on behalf of, JSE clients to the JSE to enable JSE clients to subscribe to the various JSE Systems or JSE services. In order to facilitate such external connectivity to the JSE Primary Data Centre, the JSE established a Meet-Me-Room (MMR) environment on the JSE Premises. For the sake of clarity, including without limitation: NSPs who will provide only network connectivity for external JSE clients wishing to connect to the JSE, must host their networking equipment in the JSE MMR. Network monitoring and network management equipment can be hosted in the JSE MMR for management of the NSP s infrastructure or network monitoring and management on behalf of their clients. Order, Trade and any other related trading and business applications or platforms (including but not limited to Smart Order Routing, Execution Management Systems, Order Management Systems, Algorithmic applications) may not be hosted in the JSE MMR. The JSE MMR is not a Point of Presence (PoP) for providing connectivity for any other purpose than that of connectivity to JSE services or JSE Systems access. NSP s who wish to provide Time Sync Services from the Meet me Room will be allowed to install their own GPS Antenna and equipment at their own cost for an initial period of 12 month from 1 March 2015 until 29 February 2016 after which the GPS Antenna must be removed and all NSP s providing Time Sync Services will be required to make use of the JSE s GPS Antennas. Page 3 of 8 JSE Network Service Provider (NSP) Policy V2.0

2. DOCUMENT PURPOSE This policy which forms part of the Services Documentation (as defined in the JSE Network Services Provider Agreement entered into by Network Service Providers (NSPs) and the JSE Limited (NSP Agreement)), sets out the principles that NSPs need to adhere to in order to be accredited by the JSE, PRIOR to providing network services to JSE clients (Policy). A NSP is defined as a legal entity that is (i) a licensed telecommunications provider recognised by the Independent Communications Authority of South Africa (ICASA) or any international equivalent thereof, and (ii) whose core business function relates to the telecommunications industry, such as the provisioning of bandwidth and/or network connectivity services to, or on behalf of, JSE clients to enable JSE clients to subscribe to the various JSE services or JSE Systems as set out in the JSE Services Agreement (JSA), such as Client Access Network (CAN), Colocation Network (CN) and the Remote Disaster Recovery site (RDR) in Bryanston. This Policy is not intended to define a complete set of governance principles or controls but only addresses the aspects related to JSE market integrity. Good governance and control must be applied by the NSPs as well as JSE clients. There is specific guidance on effective IT Governance contained in King III, guidance from IOSCO contained in Principles on Outsourcing of Financial Services for Market Intermediaries, as well as guidance in the Electronic Communications Facilities Leasing Regulations from ICASA. Page 4 of 8 JSE Network Service Provider (NSP) Policy V2.0

3. APPLICABILITY Any NSP that intends providing network services to, and on behalf of, JSE clients must be accredited by the JSE in terms of this Policy. Application for accreditation must be done annually or as and when changes are made to the NSP solution or service. From 1 March 2015, JSE clients may only use JSE accredited NSP for the provision of network services to enable JSE clients to subscribe to the various JSE services and JSE Systems. 4. SERVICES DOCUMENTATION AND AGREEMENTS An accredited NSP will be required to sign the NSP Agreement (prior to offering any network services to, or on behalf of, any JSE clients) and meet such requirements as set out in the Services Documentation. 5. NSP REVIEW AND APPROVAL PROCESS The NSP requiring initial JSE accreditation must formally apply to the JSE by submitting an application to NSP@jse.co.za. The application must indicate with sufficient detail how the NSP will comply with the principles as set out in this Policy. Initial accreditation is valid for one year from the date of JSE accreditation. The NSP Agreement must be signed by the NSP prior to the NSP offering any network services to, or on behalf of, any JSE clients. NSP fees will be applicable for the initial JSE accreditation request as well as annually thereafter for each renewal. These fees are set out in the JSE Equity Market Price list available at this link: JSE Price List 6. NSP RENEWAL NSPs are required to renew their accreditation annually in July to ensure that the NSP is still complying with the principles as set out in this Policy as updated by the JSE from time to time. The JSE may need to adjust this Policy in line with requirements that are seen to be in the best interests of maintaining market integrity. Renewals must be submitted to NSP@jse.co.za at least one month prior to the accreditation expiry. 7. NSP CHANGE NOTIFICATION A NSP must immediately notify the JSE in writing of any changes: 7.1. made by the NSP that reduces compliance with any of the principles as set out in this Policy; and 7.2. to the list of JSE clients that the NSP is providing network services to. Changes must be submitted to NSP@jse.co.za. Page 5 of 8 JSE Network Service Provider (NSP) Policy V2.0

8. JSE NSP COMMITTEE A JSE NSP Committee exists consisting of JSE employees with business and technical expertise across the JSE markets and services and is responsible for, inter alia: 8.1. Review and approval of new applications; 8.2. Approval of annual renewal applications; 8.3. Review of notification of changes; 8.4. Consideration of any non-compliance to this Policy; and 8.5. Ongoing review of this Policy in accordance with changing requirements to ensure ongoing market integrity. 9. NSP OBLIGATIONS 9.1. NSP Meet-Me-Room (MMR) rental will include 2kW of power usage per rack which equates to a maximum power usage of 1488kWh for any given month. 9.2. Power will only be measured on an ad-hoc basis when required by the JSE and any additional power usage fees will be passed through to the NSP as per the JSE Price List. 9.3. Power usage fees shall be subject to any revised charges or rates as notified by the Municipality of the City of Johannesburg or the National Energy Regulator of South Africa or any other authorised body from time to time as applicable to the JSE Premises. 9.4. A NSP must provide their own rack with the following dimensions: 800 x 600 x 43U or 1000 x 600 x 43U. 9.5. A NSP is responsible for power distribution inside the rack and must connect to a 32Amp single phase caravan plug supplied under floor. 9.6. A NSP must ensure dual power distribution inside their rack for A and B power for all devices. Where a device is installed with only 1 power supply the NSP must install a static switch to ensure redundancy on the single power supply device 9.7. A NSP should ensure that they have the necessary skills to manage connectivity to the JSE s Systems and services e.g. management of multicast data. 9.8. A NSP should ensure that JSE Clients are treated fairly in relation to one another for the same service. Page 6 of 8 JSE Network Service Provider (NSP) Policy V2.0

10. NSP POLICY PRINCIPLES 10.1. SECURITY (CONFIDENTIALITY / INTEGRITY / AVAILABILITY) 10.1.1. A NSP must ensure that it protects confidential, proprietary, client and other information of the entities they provide services to, from any unauthorized disclosure to person or entities. 10.1.2. A NSP must ensure it has adequate policies and procedures in place to manage authorized staff or agents who have access to the platform infrastructure that they use to provide services to, or on behalf of, the JSE clients. 10.1.3. A NSP must ensure adequate controls are in place to preserve the integrity and availability for the services to their clients (e.g. policies and capabilities to protect against logical threats such as wire sniffing, Denial of Service attacks and hacking of the network infrastructure). 10.1.4. A NSP should clarify any network peering included within their services to, or on behalf of, JSE clients. 10.2. CAPACITY MANAGEMENT 10.2.1. A NSP must have adequate capacity to accommodate the aggregated peak bandwidth requirements of, or on behalf of, the JSE clients they provide services to. 10.3. MONITORING AND SUPPORT 10.3.1. A NSP must implement proactive monitoring capabilities with support policies and procedures that mitigate disruption to the JSE clients they provide services to. 10.3.2. A NSP must ensure that the appropriate escalation, business and technical support services are in place in order to assist JSE clients they provide services to and or the JSE with efficient problem resolution. 10.4. CHANGE MANAGEMENT 10.4.1. A formal change management process must be practiced by the NSP to ensure minimal disruption and / or no negative impact or risk to the operations of the entities that they provide services to and JSE services and JSE Systems. 10.5. BUSINESS CONTINUITY / RESILIENCE / REDUNDANCY 10.5.1. A NSP must have appropriate contingency (reduces impact in the event of a failure), and resilience (prevents failures) arrangements to ensure minimal disruption and / or negative impact to the operations of the entities they provide services to and JSE services and JSE Systems. 10.6. AGREEMENTS / LEGAL (OBLIGATIONS AND SERVICE LEVELS) 10.6.1. A NSP must provide JSE clients they provide services to with a legally binding written contract, which is appropriate to the materiality of the services provided. Page 7 of 8 JSE Network Service Provider (NSP) Policy V2.0

11. CONTACT INFORMATION JSE Limited One Exchange Square Gwen Lane, Sandown South Africa Tel: +27 11 520 7000 www.jse.co.za JSE Data Centre Manager NSP@jse.co.za Tel: +27 11 520 7440 Enquiries: Nic Cronje JSE Data Centre Manager Tel: +27 11 520 7440 Page 8 of 8 JSE Network Service Provider (NSP) Policy V2.0

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information