APRA Prudential Standard CPS 234 Information Security
Data privacy framework ISO 27001 GDPR APRA CPS234 commenced 1 July 2019 for APRA regulated entities as the new mandatory standards for information security.
This Prudential Standard aims to ensure that an APRA-regulated entity takes measures to be resilient against information security incidents (including cyberattacks) by maintaining an information security capability commensurate with information security vulnerabilities and threats. CPS 234 information security standards bring to the forefront the importance of having strong cybersecurity measures in place and being resilient against information security incidents and cyber-attacks in ensuring APRA entities maintain security capabilities and minimize the impact of information security incidents on Confidentiality, Integrity or Availability of Information Assets. This Includes Information Assets Managed by Related Parties or Third Parties. The Board of an APRA-regulated entity is ultimately responsible for ensuring that the entity maintains its information security.
What is Data Privacy Framework ISO 27001 GDPR APRA CPS234 Prudential Standard?
This Prudential Standard aims to ensure that an APRA-regulated entity takes measures to be resilient against information security incidents (including cyberattacks) by maintaining an information security capability commensurate with information security vulnerabilities and threats.