SCHEDULE 5Systems and processes requirement
Security
10
Whether there are systems and processes—
a
for preventing unauthorised access to sensitive records and infrastructure, including those containing member information, financial details or investment information;
b
for monitoring and recording electronic and physical access to sensitive records and infrastructure;
c
for ensuring the secure transfer of physical and electronic data and the secure conduct of transactions.