for preventing unauthorised access to sensitive records and infrastructure, including those containing member information, financial details or investment information;

for monitoring and recording electronic and physical access to sensitive records and infrastructure;

for ensuring the secure transfer of physical and electronic data and the secure conduct of transactions.