The Singapore Internet Bank has also introduced appropriate risk management measures for technical risks. Penetration testing should be performed during system development and testing before a new system that provides Internet access and network connectivity is operational. Vulnerability scanning is performed at least quarterly, penetration testing (at least annually), and uses source code verification to identify and resolve issues during system development prior to system boot. System restore requires regular evaluation and updates of system recovery plans and unexpected event response procedures in response to business, system, and network changes.Banks should not arbitrarily take unverified corrective actions. Configure a recovery site outside the primary site. When will the main site be closed? Business can go further.