This Prudential Standard aims to ensure that an APRA-regulated entity takes measures to be resilient against
- information security incidents (including cyberattacks
- maintaining an information security capability
- commensurate with information security vulnerabilities and threats.
- A Robust Cyber Security Framework with corresponding controls clearly identified. Roles for Board Members, Senior Management including any Governing Bodies and Individuals with regards to Information Security must be clearly defined.