management arrangement for the organization of information security in accordance with the following criteria: (1) define and document information security roles and responsibilities and establish operating

information security in accordance with the following criteria: (1) define and document information security roles and responsibilities and establish operating guidelines for the personnel of the intermediary

Securities and Exchange Commission specifies the rules related to securities issuance, offer for sale of securities or undertaking of securities business, but does not specifically define the terms