Below the illustration of the process for requesting an update to the Framework. 

• Detail information supported by pros and cons about the suggested update.
• The request should first be approved by CIO before submitting to IT steering committee. 
   
• The request should be approved by Member Organization's IT steering committee.
   
• The request should be sent formally in writing to the manager 'General Department of Cyber Risk Control' via the Member Organization's CEO or managing director.
   
• 'General Department of Cyber Risk Control' will evaluate the request and informs the Member Organization.
   
• The current Framework remains applicable while the requested update is being considered, processed and if applicable is approved and processed.