Nevada Administrative Code
Chapter 90 - Securities
Section 90.Sec. 10 - NEW
Universal Citation: NV Admin Code 90.Sec. 10
Current through February 27, 2024
1. An investment adviser who is licensed or required to be licensed shall establish, implement, update and enforce written policies and procedures for physical security and cybersecurity which are reasonably designed to ensure the confidentiality, integrity and availability of physical and electronic records and information.
2. The policies and procedures described in subsection 1 must:
(a) Be tailored to the business model of the
investment adviser, including, without limitation:
(1) The size of the firm;
(2) The type of services provided by the
investment adviser; and
(3) The
number of locations of the investment adviser;
(b) Protect against reasonably anticipated
threats or hazards to the security or integrity of client records and
information;
(c) Ensure that the
investment adviser safeguards confidential client records and
information;
(d) Protect records
and information from any release which could result in harm or inconvenience to
a client;
(e) Develop the
organizational understanding to manage information security risks to systems,
assets, data and capabilities;
(f)
Develop and implement the appropriate safeguards to ensure the delivery of
critical infrastructure services; and
(g) Develop and implement the appropriate
activities to:
(1) Identify the occurrence of
an information security event;
(2)
Take action regarding a detected information security event; and
(3) Maintain plans for resilience and to
restore any capabilities or services that were impaired due to an information
security event.
3. The investment adviser shall:
(a) Review at least annually and modify as
needed, the policies and procedures described in subsection 1 to ensure the
adequacy of the security measures and the effectiveness of their
implementation;
(b) Keep records
relating to any review of the policies and procedures described in paragraph
(a), which must include, without limitation, a summary of any amendments made
as a result of the review; and
(c)
Maintain true, accurate and current:
(1)
Copies of the policies and procedures described in subsection 1, which must be:
(I) Maintained in hard copy; or
(II) Stored on electronic storage media that
is separate from and not dependent upon access to the computers or networks of
the investment adviser;
(2) Records documenting the compliance of the
investment adviser with this section, including, without limitation, evidence
of the annual review of the policies and procedures described in subsection 1;
and
(3) Records of any violation of
this section and any action taken as a result of the violation.
Added to NAC by Sec'y of State by R018-21A, eff. 6/2/2023
NRS 90.390, 90.750
Disclaimer: These regulations may not be the most recent version. Nevada may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
