Regulation 4 Security obligations of the personnel

(1) The personnel shall comply with the information security policy, and other policies, guidelines, procedures, etc. issued by the Authority from time to time.

(2) Without prejudice to any action that may be taken under the Act, personnel may be liable to action in accordance with procedures specified by the Authority for this purpose:

Provided that no such action shall be taken without giving the concerned personnel a reasonable opportunity of being heard.